denshooter
c7bc0ecb1d
- Fixed authentication system (removed HTTP Basic Auth popup) - Added session-based authentication with proper logout - Updated rate limiting (20 req/s for login, 5 req/m for admin) - Created production deployment scripts and configs - Updated nginx configuration for dk0.dev domain - Added comprehensive production deployment guide - Fixed logout button functionality - Optimized for production with proper resource limits
29 lines
979 B
TypeScript
29 lines
979 B
TypeScript
import { NextResponse } from 'next/server';
|
|
import type { NextRequest } from 'next/server';
|
|
|
|
export function middleware(request: NextRequest) {
|
|
// For /manage and /editor routes, allow direct access (authentication disabled)
|
|
if (request.nextUrl.pathname.startsWith('/manage') ||
|
|
request.nextUrl.pathname.startsWith('/editor')) {
|
|
// Allow direct access without authentication
|
|
return NextResponse.next();
|
|
}
|
|
|
|
// For all other routes, continue with normal processing
|
|
return NextResponse.next();
|
|
}
|
|
|
|
export const config = {
|
|
matcher: [
|
|
/*
|
|
* Match all request paths except for the ones starting with:
|
|
* - api/email (email API routes)
|
|
* - api/health (health check)
|
|
* - _next/static (static files)
|
|
* - _next/image (image optimization files)
|
|
* - favicon.ico (favicon file)
|
|
* - api/auth (auth API routes - need to be processed)
|
|
*/
|
|
'/((?!api/email|api/health|_next/static|_next/image|favicon.ico|api/auth).*)',
|
|
],
|
|
}; |