NORY-16: check if session exists in middleware (authentication)

2024-11-30 20:35:41 +01:00 · 2024-11-30 20:35:41 +01:00 · 71df52446c
commit 71df52446c
parent 531f0453e7
1 changed files with 34 additions and 0 deletions
--- a/authentication/src/middleware.ts
+++ b/authentication/src/middleware.ts
@ -0,0 +1,34 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { getFrontendApi } from '@/ory/sdk/hydra';
+import { cookies } from 'next/headers';
+
+export async function middleware(request: NextRequest) {
+
+    const api = await getFrontendApi();
+    const cookie = await cookies();
+
+    const session = await api
+        .toSession({ cookie: 'ory_kratos_session=' + cookie.get('ory_kratos_session')?.value })
+        .then((response) => response.data)
+        .catch(() => null);
+
+    if (!session && !request.nextUrl.pathname.startsWith('/flow')) {
+
+        console.log('NO SESSION');
+
+        const url = request.nextUrl.host +
+            '/flow/login?return_to=' +
+            request.nextUrl.host +
+            request.nextUrl.pathname;
+
+        console.log('REDIRECT TO', url);
+
+        return NextResponse.redirect(url);
+    }
+
+    return NextResponse.next();
+}
+
+export const config = {
+    matcher: '/((?!api|_next/static|_next/image|favicon.png|sitemap.xml|robots.txt).*)',
+};