makearmy/makearmy-app
1
0
Fork 0
Code Issues 11 Pull requests Projects Releases Packages Wiki Activity Actions

account management upgrades

Browse source
This commit is contained in:
makearmy 2025-09-30 19:35:27 -04:00
parent 94de501a49
commit 86fdd403b0
8 changed files with 439 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

22
middleware.ts
View file

@ -18,10 +18,7 @@ import { NextResponse, NextRequest } from "next/server";
/** Directus base (used to remotely validate the token after restarts). */
const DIRECTUS =
(process.env.NEXT_PUBLIC_API_BASE_URL || process.env.DIRECTUS_URL || "").replace(
/\/$/,
""
);
(process.env.NEXT_PUBLIC_API_BASE_URL || process.env.DIRECTUS_URL || "").replace(/\/$/, "");
/** Helper: does the path start with any prefix in a list? */
function startsWithAny(pathname: string, prefixes: string[]) {
@ -33,8 +30,7 @@ import { NextResponse, NextRequest } from "next/server";
const dest = new URL(req.url);
dest.pathname = mapped.pathname;
if (mapped.query) {
for (const [k, v] of Object.entries(mapped.query))
dest.searchParams.set(k, v);
for (const [k, v] of Object.entries(mapped.query)) dest.searchParams.set(k, v);
}
return dest.href === req.url;
}
@ -44,9 +40,7 @@ import { NextResponse, NextRequest } from "next/server";
try {
const [, payload] = token.split(".");
if (!payload) return null;
const json = JSON.parse(
atob(payload.replace(/-/g, "+").replace(/_/g, "/"))
);
const json = JSON.parse(atob(payload.replace(/-/g, "+").replace(/_/g, "/")));
return typeof json.exp === "number" ? json.exp : null;
} catch {
return null;
@ -81,8 +75,7 @@ import { NextResponse, NextRequest } from "next/server";
if (mapped && !isSameUrl(req, mapped)) {
url.pathname = mapped.pathname;
if (mapped.query) {
for (const [k, v] of Object.entries(mapped.query))
url.searchParams.set(k, v);
for (const [k, v] of Object.entries(mapped.query)) url.searchParams.set(k, v);
}
return NextResponse.redirect(url);
}
@ -95,8 +88,7 @@ import { NextResponse, NextRequest } from "next/server";
// Allow explicit reauth flow even if a (possibly stale) token cookie exists
const forceAuth =
isAuthRoute &&
(url.searchParams.get("reauth") === "1" ||
url.searchParams.get("force") === "1");
(url.searchParams.get("reauth") === "1" || url.searchParams.get("force") === "1");
// If unauthenticated and the route is protected, send to sign-in (with next + reauth)
if (!token && isProtected) {
@ -248,7 +240,5 @@ import { NextResponse, NextRequest } from "next/server";
}
export const config = {
matcher: [
"/((?!_next/static|_next/image|favicon.ico|robots.txt|sitemap.xml|images|static).*)",
],
matcher: ["/((?!_next/static|_next/image|favicon.ico|robots.txt|sitemap.xml|images|static).*)"],
};