@@ -4,35 +4,41 @@ import { auth } from "@repo/auth";
44import { serverUserCaller } from "@repo/api" ;
55
66export async function proxy ( request : NextRequest ) {
7- const session = await auth . api . getSession ( {
8- headers : await headers ( ) ,
9- } ) ;
10- // THIS IS NOT SECURE!
11- // This is the recommended approach to optimistically redirect users
12- // We recommend handling auth checks in each page/route
13- if ( ! session ) {
14- return NextResponse . redirect ( new URL ( "/sign-in" , request . url ) ) ;
15- }
16- const caller = await serverUserCaller ( request ) ;
7+ const h = await headers ( ) ;
8+ const session = await auth . api . getSession ( {
9+ headers : h ,
10+ } ) ;
11+ // THIS IS NOT SECURE!
12+ // This is the recommended approach to optimistically redirect users
13+ // We recommend handling auth checks in each page/route
14+ if ( ! session ) {
15+ return NextResponse . redirect ( new URL ( "/sign-in" , request . url ) ) ;
16+ }
17+ const caller = await serverUserCaller ( request ) ;
1718
18- const user = await caller . user . getCurrent ( ) ;
19- const url = request . nextUrl . clone ( ) ;
20- const referer = request . headers . get ( "referer" ) ;
21- if ( ! user ) {
22- return NextResponse . redirect ( new URL ( "/sign-in" , request . url ) ) ;
23- }
19+ const user = await caller . user . getCurrent ( ) ;
20+ const url = request . nextUrl . clone ( ) ;
21+ const referer = request . headers . get ( "referer" ) ;
22+ if ( ! user ) {
23+ return NextResponse . redirect ( new URL ( "/sign-in" , request . url ) ) ;
24+ }
2425
25- if ( url . pathname . startsWith ( "/admin" ) && user . userRole !== "admin" ) {
26- if ( referer ) {
27- return NextResponse . redirect ( referer ) ;
28- } else {
29- return NextResponse . redirect ( new URL ( "/sign-in" , request . url ) ) ;
30- }
31- }
26+ if ( ! user . email . endsWith ( "@up.edu.ph" ) ) {
27+ await auth . api . signOut ( { headers : h } ) ;
28+ return NextResponse . redirect ( new URL ( "/sign-in" , request . url ) ) ;
29+ }
3230
33- return NextResponse . next ( ) ;
31+ if ( url . pathname . startsWith ( "/admin" ) && user . userRole !== "admin" ) {
32+ if ( referer ) {
33+ return NextResponse . redirect ( referer ) ;
34+ } else {
35+ return NextResponse . redirect ( new URL ( "/sign-in" , request . url ) ) ;
36+ }
37+ }
38+
39+ return NextResponse . next ( ) ;
3440}
3541
3642export const config = {
37- matcher : [ "/dashboard/:path*" , "/admin/:path*" ] , // Specify the routes the middleware applies to
43+ matcher : [ "/dashboard/:path*" , "/admin/:path*" ] , // Specify the routes the middleware applies to
3844} ;
0 commit comments