makearmy-app/middleware.ts

// middleware.ts
import { NextResponse, NextRequest } from "next/server";

const PUBLIC_PATHS = new Set<string>([
    "/auth/sign-in",
    "/auth/sign-up",
]);

export function middleware(req: NextRequest) {
    const url = req.nextUrl.clone();
    const { pathname } = url;

    // ── 1) Legacy → Portal mapping (runs before auth gating)
    const mapped = legacyMap(pathname);
    if (mapped) {
        url.pathname = mapped.pathname;
        // keep existing query, add/override provided params (e.g., ?t=fiber)
        if (mapped.query) {
            for (const [k, v] of Object.entries(mapped.query)) {
                url.searchParams.set(k, v);
            }
        }
        return NextResponse.redirect(url);
    }

    // ── 2) Auth gating
    const token = req.cookies.get("ma_at")?.value ?? "";
    const isAuthRoute = pathname.startsWith("/auth/");

    // Authed users on any /auth/* route → /portal
    if (token && isAuthRoute) {
        url.pathname = "/portal";
        url.search = "";
        return NextResponse.redirect(url);
    }

    // Unauthed users on protected paths → sign-in (no ?next=)
    if (!token && !isPublicPath(pathname)) {
        url.pathname = "/auth/sign-in";
        url.search = "";
        return NextResponse.redirect(url);
    }

    return NextResponse.next();
}

type MapResult = { pathname: string; query?: Record<string, string> };

function legacyMap(pathname: string): MapResult | null {
    switch (pathname) {
        // Laser settings (old links)
        case "/fiber-settings":
            return { pathname: "/portal/laser-settings", query: { t: "fiber" } };
        case "/uv-settings":
            return { pathname: "/portal/laser-settings", query: { t: "uv" } };
        case "/co2-galvo-settings":
            return { pathname: "/portal/laser-settings", query: { t: "co2-galvo" } };
        case "/co2-gantry-settings":
            return { pathname: "/portal/laser-settings", query: { t: "co2-gantry" } };

            // Materials (both legacy structures)
        case "/materials":
            return { pathname: "/portal/materials", query: { t: "materials" } };
        case "/materials/materials":
            return { pathname: "/portal/materials", query: { t: "materials" } };
        case "/materials/materials-coatings":
            return { pathname: "/portal/materials", query: { t: "materials-coatings" } };
        case "/materials-coatings":
            return { pathname: "/portal/materials", query: { t: "materials-coatings" } };

            // Lasers / Projects / Rigs (legacy)
        case "/lasers":
            return { pathname: "/portal/laser-sources" };
        case "/projects":
            return { pathname: "/portal/projects" };
        case "/my/rigs":
            return { pathname: "/portal/rigs", query: { t: "my" } };

        default:
            return null;
    }
}

function isPublicPath(pathname: string): boolean {
    if (PUBLIC_PATHS.has(pathname)) return true;

    // Static assets / internals
    if (
        pathname.startsWith("/_next/") ||
        pathname.startsWith("/static/") ||
        pathname.startsWith("/images/") ||
        pathname === "/favicon.ico" ||
        pathname === "/robots.txt" ||
        pathname === "/sitemap.xml"
    ) return true;

    // API routes aren't gated here; each route should enforce auth as needed
    if (pathname.startsWith("/api/")) return true;

    // Everything else is protected
    return false;
}

export const config = {
    matcher: [
        "/((?!_next/static|_next/image|favicon.ico|robots.txt|sitemap.xml|images|static).*)",
    ],
};
layout and middleware fix 2025-09-26 15:19:19 -04:00			`// middleware.ts`
built user portal behind auth 2025-09-27 14:30:16 -04:00			`import { NextResponse, NextRequest } from "next/server";`
added user rig submission, logout \| initial 2025-09-26 14:18:24 -04:00
built user portal behind auth 2025-09-27 14:30:16 -04:00			`const PUBLIC_PATHS = new Set<string>([`
			`"/auth/sign-in",`
			`"/auth/sign-up",`
			`]);`
added user rig submission, logout \| initial 2025-09-26 14:18:24 -04:00
built user portal behind auth 2025-09-27 14:30:16 -04:00			`export function middleware(req: NextRequest) {`
middleware update for redirects 2025-09-27 15:37:05 -04:00			`const url = req.nextUrl.clone();`
			`const { pathname } = url;`

			`// ── 1) Legacy → Portal mapping (runs before auth gating)`
			`const mapped = legacyMap(pathname);`
			`if (mapped) {`
			`url.pathname = mapped.pathname;`
			`// keep existing query, add/override provided params (e.g., ?t=fiber)`
			`if (mapped.query) {`
			`for (const [k, v] of Object.entries(mapped.query)) {`
			`url.searchParams.set(k, v);`
			`}`
			`}`
			`return NextResponse.redirect(url);`
			`}`

			`// ── 2) Auth gating`
built user portal behind auth 2025-09-27 14:30:16 -04:00			`const token = req.cookies.get("ma_at")?.value ?? "";`
middleware update for redirects 2025-09-27 15:37:05 -04:00			`const isAuthRoute = pathname.startsWith("/auth/");`
added user rig submission, logout \| initial 2025-09-26 14:18:24 -04:00
middleware update for redirects 2025-09-27 15:37:05 -04:00			`// Authed users on any /auth/* route → /portal`
built user portal behind auth 2025-09-27 14:30:16 -04:00			`if (token && isAuthRoute) {`
			`url.pathname = "/portal";`
			`url.search = "";`
			`return NextResponse.redirect(url);`
auth-cookies build error fix 2025-09-26 15:34:24 -04:00			`}`

middleware update for redirects 2025-09-27 15:37:05 -04:00			`// Unauthed users on protected paths → sign-in (no ?next=)`
auth redirect updated for portal 2025-09-27 14:41:56 -04:00			`if (!token && !isPublicPath(pathname)) {`
built user portal behind auth 2025-09-27 14:30:16 -04:00			`url.pathname = "/auth/sign-in";`
middleware update for redirects 2025-09-27 15:37:05 -04:00			`url.search = "";`
built user portal behind auth 2025-09-27 14:30:16 -04:00			`return NextResponse.redirect(url);`
auth-cookies build error fix 2025-09-26 15:34:24 -04:00			`}`

			`return NextResponse.next();`
			`}`

middleware update for redirects 2025-09-27 15:37:05 -04:00			`type MapResult = { pathname: string; query?: Record<string, string> };`

			`function legacyMap(pathname: string): MapResult \| null {`
			`switch (pathname) {`
			`// Laser settings (old links)`
			`case "/fiber-settings":`
			`return { pathname: "/portal/laser-settings", query: { t: "fiber" } };`
			`case "/uv-settings":`
			`return { pathname: "/portal/laser-settings", query: { t: "uv" } };`
			`case "/co2-galvo-settings":`
			`return { pathname: "/portal/laser-settings", query: { t: "co2-galvo" } };`
			`case "/co2-gantry-settings":`
			`return { pathname: "/portal/laser-settings", query: { t: "co2-gantry" } };`

			`// Materials (both legacy structures)`
			`case "/materials":`
			`return { pathname: "/portal/materials", query: { t: "materials" } };`
			`case "/materials/materials":`
			`return { pathname: "/portal/materials", query: { t: "materials" } };`
			`case "/materials/materials-coatings":`
			`return { pathname: "/portal/materials", query: { t: "materials-coatings" } };`
			`case "/materials-coatings":`
			`return { pathname: "/portal/materials", query: { t: "materials-coatings" } };`

			`// Lasers / Projects / Rigs (legacy)`
			`case "/lasers":`
			`return { pathname: "/portal/laser-sources" };`
			`case "/projects":`
			`return { pathname: "/portal/projects" };`
			`case "/my/rigs":`
			`return { pathname: "/portal/rigs", query: { t: "my" } };`

			`default:`
			`return null;`
			`}`
			`}`

built user portal behind auth 2025-09-27 14:30:16 -04:00			`function isPublicPath(pathname: string): boolean {`
			`if (PUBLIC_PATHS.has(pathname)) return true;`

auth redirect updated for portal 2025-09-27 14:41:56 -04:00			`// Static assets / internals`
built user portal behind auth 2025-09-27 14:30:16 -04:00			`if (`
			`pathname.startsWith("/_next/") \|\|`
			`pathname.startsWith("/static/") \|\|`
			`pathname.startsWith("/images/") \|\|`
			`pathname === "/favicon.ico" \|\|`
			`pathname === "/robots.txt" \|\|`
			`pathname === "/sitemap.xml"`
			`) return true;`

auth redirect updated for portal 2025-09-27 14:41:56 -04:00			`// API routes aren't gated here; each route should enforce auth as needed`
built user portal behind auth 2025-09-27 14:30:16 -04:00			`if (pathname.startsWith("/api/")) return true;`

			`// Everything else is protected`
			`return false;`
			`}`

auth-cookies build error fix 2025-09-26 15:34:24 -04:00			`export const config = {`
built user portal behind auth 2025-09-27 14:30:16 -04:00			`matcher: [`
			`"/((?!_next/static\|_next/image\|favicon.ico\|robots.txt\|sitemap.xml\|images\|static).*)",`
			`],`
auth-cookies build error fix 2025-09-26 15:34:24 -04:00			`};`