manohar/tia
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tia/src/middleware.ts
Mannu 2a09c027fa feat(marketing): public homepage replacing / → /login redirect 
- Add (marketing) route group: /, /pricing, /privacy, /terms
- Add (app) route group: moves all authenticated pages, app home → /home
- Root / is now a static marketing page (zero DB imports, zero auth)
- NavAuthButton client component: shows "Open Tia →" if logged in, else "Continue with Google"
- Plausible analytics hook in marketing layout
- Auto-generated OG image via opengraph-image.tsx
- Middleware updated to allowlist marketing routes
- All /-redirects updated to /home (login, onboarding, invite, circle join)
- BottomNav home tab updated: / → /home

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-25 23:26:26 +05:30

78 lines
1.8 KiB
TypeScript
Raw Blame History

import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";
// Public routes that don't require authentication
const publicRoutes = [
"/",
"/pricing",
"/privacy",
"/terms",
"/login",
"/admin-login",
"/m",
"/invite",
"/verify",
"/api/auth/signin",
"/api/admin/auth",
"/api/onboarding",
"/api/profile",
];
// Protected API routes that need authentication
const protectedApiRoutes = [
"/api/children",
"/api/logs",
"/api/growth",
"/api/vaccinations",
"/api/medicines",
"/api/allergies",
"/api/illnesses",
"/api/visits",
"/api/family",
"/api/families",
"/api/invites",
"/api/notifications",
"/api/upload",
"/api/chat",
"/api/history",
"/api/family/members",
];
export function middleware(request: NextRequest) {
const { pathname } = request.nextUrl;
// Always allow public routes
for (const route of publicRoutes) {
if (pathname === route || pathname.startsWith(route + "/")) {
return NextResponse.next();
}
}
// Check session cookie for protected routes
const sessionToken = request.cookies.get("tia_session")?.value;
const adminSessionToken = request.cookies.get("tia_admin_session")?.value;
// Allow admin routes with admin session
if (pathname.startsWith("/api/admin") && adminSessionToken) {
return NextResponse.next();
}
// For protected API routes, require session
for (const route of protectedApiRoutes) {
if (pathname.startsWith(route)) {
if (!sessionToken && !adminSessionToken) {
return NextResponse.json({ error: "Authentication required" }, { status: 401 });
}
break;
}
}
return NextResponse.next();
}
export const config = {
matcher: [
"/api/:path*",
"/((?!_next/static|_next/image|favicon.ico).*)",
],
};
Reference in a new issue View git blame Copy permalink