84 lines
2.4 KiB
TypeScript
84 lines
2.4 KiB
TypeScript
import NextAuth from "next-auth";
|
|
import authConfig from "./auth.config";
|
|
|
|
import {
|
|
DEFAULT_LOGIN_REDIRECT,
|
|
DEFAULT_PROTECTED_REDIRECT,
|
|
ROUTE_ROLES,
|
|
apiAuthPrefix,
|
|
apiPublicRoutes,
|
|
authRoutes,
|
|
publicRoutes,
|
|
} from "@/routes";
|
|
import { NextResponse } from "next/server";
|
|
import { cookies, type UnsafeUnwrappedCookies } from "next/headers";
|
|
import { startCronJobs } from "./lib/cron-scheduler";
|
|
|
|
const { auth } = NextAuth(authConfig);
|
|
|
|
let cronJobsStarted = false;
|
|
|
|
export default auth((req) => {
|
|
const { nextUrl } = req;
|
|
const isLoggedIn = !!req.auth;
|
|
const userRole = req.auth?.user.role;
|
|
|
|
// Mulai cron jobs hanya sekali saat server pertama kali diinisialisasi
|
|
// if (!cronJobsStarted) {
|
|
// console.log("Initializing cron jobs...");
|
|
|
|
// startCronJobs();
|
|
// cronJobsStarted = true; // Tandai cron sudah dijalankan
|
|
// }
|
|
|
|
const isApiAuthRoute = nextUrl.pathname.startsWith(apiAuthPrefix);
|
|
const isApiPublicRoute = apiPublicRoutes.includes(nextUrl.pathname);
|
|
const isPublicRoute = publicRoutes.includes(nextUrl.pathname);
|
|
const isAuthRoute = authRoutes.includes(nextUrl.pathname);
|
|
|
|
// Role-Based-Access Control
|
|
// const routeRoles = userRole ? ROUTE_ROLES[userRole] : undefined;
|
|
|
|
// if (routeRoles?.length && !routeRoles.includes(nextUrl.pathname)) {
|
|
// return NextResponse.redirect(new URL(DEFAULT_PROTECTED_REDIRECT, nextUrl));
|
|
// }
|
|
|
|
if (isApiAuthRoute || isApiPublicRoute) {
|
|
const response = NextResponse.next();
|
|
|
|
// Example of setting CSRF token in the cookie
|
|
// Set CSRF token (you can replace this logic with actual CSRF token generation)
|
|
|
|
// Tambahkan Header CORS
|
|
response.headers.set("Access-Control-Allow-Origin", "*"); // Gunakan domain spesifik untuk keamanan
|
|
response.headers.set(
|
|
"Access-Control-Allow-Methods",
|
|
"GET, POST, PATCH, OPTIONS"
|
|
);
|
|
response.headers.set(
|
|
"Access-Control-Allow-Headers",
|
|
"Content-Type, Authorization, X-Requested-With"
|
|
);
|
|
response.headers.set("Access-Control-Allow-Credentials", "true");
|
|
|
|
return response;
|
|
}
|
|
|
|
// if (isAuthRoute) {
|
|
// if (isLoggedIn) {
|
|
// return NextResponse.redirect(new URL(DEFAULT_LOGIN_REDIRECT, nextUrl));
|
|
// }
|
|
// return;
|
|
// }
|
|
|
|
// if (!isLoggedIn && !isPublicRoute) {
|
|
// return NextResponse.redirect(new URL(DEFAULT_PROTECTED_REDIRECT, nextUrl));
|
|
// }
|
|
|
|
return;
|
|
});
|
|
|
|
export const config = {
|
|
matcher: ["/((?!.*\\..*|_next).*)", "/", "/(api|trpc)(.*)"],
|
|
};
|