pontus/pontus-front
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

should respect __Secure, filter admin through middleware

Browse source
This commit is contained in:
Aidan 2025-07-07 20:35:15 -04:00
parent 0043a5bf3c
commit b399af74e4
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
middleware.ts
View file

@ -1,6 +1,6 @@
import { NextRequest, NextResponse } from 'next/server'; import { NextRequest, NextResponse } from 'next/server';
const protectedRoutes = ['/dashboard']; const protectedRoutes = ['/dashboard', '/admin'];
export async function middleware(request: NextRequest) { export async function middleware(request: NextRequest) {
const { pathname } = request.nextUrl; const { pathname } = request.nextUrl;
@ -13,7 +13,7 @@ export async function middleware(request: NextRequest) {
return NextResponse.next(); return NextResponse.next();
} }
const sessionToken = request.cookies.get('better-auth.session_token')?.value; const sessionToken = request.cookies.get('better-auth.session_token')?.value || request.cookies.get('__Secure-better-auth.session_token')?.value;
if (!sessionToken) { if (!sessionToken) {
const loginUrl = new URL('/login', request.url); const loginUrl = new URL('/login', request.url);