yo-next-auth/middleware.ts

import { NextURL } from 'next/dist/server/web/next-url'
import NextAuth from 'next-auth'
import { NextRequest, NextResponse } from 'next/server'
import { defaultLocale, locales } from '@/config/locales'
import authConfig from '@/auth.config'
import { apiAuthPrefixRegEx, AUTH_LOGIN_URL, authRoutesRegEx, DEFAULT_LOGIN_REDIRECT, publicRoutes } from '@/config/routes'
import { testPathnameRegex } from '@/lib/utils'
import { createI18nMiddleware } from 'next-international/middleware'
import { CSP } from '@/lib/CSP'

interface AppRouteHandlerFnContext {
  params?: Record<string, string | string[]>;
}

const I18nMiddleware = createI18nMiddleware({
  locales, defaultLocale, urlMappingStrategy: 'rewriteDefault',
})

const { auth } = NextAuth(authConfig)

export const middleware = (request: NextRequest, event: AppRouteHandlerFnContext): NextResponse | null => {

  return auth((request): any => {
    //const csp = new CSP(request, process.env.NODE_ENV === 'production')
    const csp = new CSP(request, false)
    const { nextUrl }: { nextUrl: NextURL } = request

    if (nextUrl.pathname.match(apiAuthPrefixRegEx)) {
      return csp.next()
    }

    const isLoggedIn: boolean = !!request.auth
    const isPublicRoute: boolean = testPathnameRegex(publicRoutes, nextUrl.pathname)
    const isAuthRoute: boolean = testPathnameRegex(authRoutesRegEx, nextUrl.pathname)

    if (isAuthRoute) {
      if (isLoggedIn) {
        return NextResponse.redirect(new URL(DEFAULT_LOGIN_REDIRECT, nextUrl))
      }
      return csp.next(I18nMiddleware)
    }

    if (!isLoggedIn && !isPublicRoute) {
      return NextResponse.redirect(new URL(AUTH_LOGIN_URL, nextUrl))
    }

    return csp.next(I18nMiddleware)

  })(request, event) as NextResponse
}

export const config = {
  matcher: [
    '/((?!.+\\.[\\w]+$|_next|_next/image|_next/static|favicon.ico|robots.txt).*)',
    '/',
    '/(api|trpc)(.*)',
  ],
}