-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmiddleware.ts
More file actions
65 lines (60 loc) · 2.13 KB
/
Copy pathmiddleware.ts
File metadata and controls
65 lines (60 loc) · 2.13 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
/**
* Next.js Middleware - Global Request Interceptor
*
* This middleware runs on every request to the application (except static assets).
* Integrates Auth0 authentication to protect routes and manage user sessions.
*
* Features:
* - Enforces authentication on protected routes
* - Handles Auth0 session validation
* - Gracefully recovers from invalid/expired sessions
* - Clears corrupted session cookies (JWE errors)
*
* Protected Routes:
* - All routes except: /_next/static, /_next/image, /favicon.ico, /sitemap.xml, /robots.txt
*
* @see https://nextjs.org/docs/app/building-your-application/routing/middleware
* @module middleware
*/
import { NextRequest, NextResponse } from 'next/server';
import { auth0 } from './lib/auth0';
/**
* Global middleware function that handles authentication for all routes
*
* Wraps Auth0 middleware with error handling to gracefully recover from
* session corruption or authentication errors.
*
* Error Handling:
* - JWE errors (corrupted session): Clears session cookie and allows request
* - Other errors: Re-throws to be handled by Next.js error boundaries
*
* @param request - Incoming Next.js request object
* @returns NextResponse with authentication headers or redirect to login
*/
export async function middleware(request: NextRequest) {
try {
return await auth0.middleware(request);
} catch (error) {
console.error('Auth middleware error:', error);
// Only handle session errors, not auth flow errors
if (error instanceof Error && error.message.includes('JWE')) {
// If there's an invalid session cookie, clear it and continue
const response = NextResponse.next();
response.cookies.delete('appSession');
return response;
}
// Re-throw other errors (like auth flow errors)
throw error;
}
}
export const config = {
matcher: [
/*
* Match all request paths except for the ones starting with:
* - _next/static (static files)
* - _next/image (image optimization files)
* - favicon.ico, sitemap.xml, robots.txt (metadata files)
*/
'/((?!_next/static|_next/image|favicon.ico|sitemap.xml|robots.txt).*)',
],
};