Skip to content

Commit 935ecd1

Browse files
committed
fix: signout non up users
1 parent ae1d839 commit 935ecd1

1 file changed

Lines changed: 31 additions & 25 deletions

File tree

apps/web/proxy.ts

Lines changed: 31 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -4,35 +4,41 @@ import { auth } from "@repo/auth";
44
import { serverUserCaller } from "@repo/api";
55

66
export async function proxy(request: NextRequest) {
7-
const session = await auth.api.getSession({
8-
headers: await headers(),
9-
});
10-
// THIS IS NOT SECURE!
11-
// This is the recommended approach to optimistically redirect users
12-
// We recommend handling auth checks in each page/route
13-
if (!session) {
14-
return NextResponse.redirect(new URL("/sign-in", request.url));
15-
}
16-
const caller = await serverUserCaller(request);
7+
const h = await headers();
8+
const session = await auth.api.getSession({
9+
headers: h,
10+
});
11+
// THIS IS NOT SECURE!
12+
// This is the recommended approach to optimistically redirect users
13+
// We recommend handling auth checks in each page/route
14+
if (!session) {
15+
return NextResponse.redirect(new URL("/sign-in", request.url));
16+
}
17+
const caller = await serverUserCaller(request);
1718

18-
const user = await caller.user.getCurrent();
19-
const url = request.nextUrl.clone();
20-
const referer = request.headers.get("referer");
21-
if (!user) {
22-
return NextResponse.redirect(new URL("/sign-in", request.url));
23-
}
19+
const user = await caller.user.getCurrent();
20+
const url = request.nextUrl.clone();
21+
const referer = request.headers.get("referer");
22+
if (!user) {
23+
return NextResponse.redirect(new URL("/sign-in", request.url));
24+
}
2425

25-
if (url.pathname.startsWith("/admin") && user.userRole !== "admin") {
26-
if (referer) {
27-
return NextResponse.redirect(referer);
28-
} else {
29-
return NextResponse.redirect(new URL("/sign-in", request.url));
30-
}
31-
}
26+
if (!user.email.endsWith("@up.edu.ph")) {
27+
await auth.api.signOut({ headers: h });
28+
return NextResponse.redirect(new URL("/sign-in", request.url));
29+
}
3230

33-
return NextResponse.next();
31+
if (url.pathname.startsWith("/admin") && user.userRole !== "admin") {
32+
if (referer) {
33+
return NextResponse.redirect(referer);
34+
} else {
35+
return NextResponse.redirect(new URL("/sign-in", request.url));
36+
}
37+
}
38+
39+
return NextResponse.next();
3440
}
3541

3642
export const config = {
37-
matcher: ["/dashboard/:path*", "/admin/:path*"], // Specify the routes the middleware applies to
43+
matcher: ["/dashboard/:path*", "/admin/:path*"], // Specify the routes the middleware applies to
3844
};

0 commit comments

Comments
 (0)