denshooter/portfolio
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9f305d3e7841734e6bda9d74d48f019c0c43db33
portfolio/middleware.ts
denshooter be01ee2adb 🔧 Enhance Middleware and Admin Features 
 Updated Middleware Logic:
- Enhanced admin route protection with Basic Auth for legacy routes and session-based auth for `/manage` and `/editor`.

 Improved Admin Panel Styles:
- Added glassmorphism styles for admin components to enhance UI aesthetics.

 Refined Rate Limiting:
- Adjusted rate limits for admin dashboard requests to allow more generous access.

 Introduced Analytics Reset API:
- Added a new endpoint for resetting analytics data with rate limiting and admin authentication.

🎯 Overall Improvements:
- Strengthened security and user experience for admin functionalities.
- Enhanced visual design for better usability.
- Streamlined analytics management processes.
2025-09-09 19:50:52 +02:00

65 lines
2.2 KiB
TypeScript
Raw Blame History

import { NextResponse } from 'next/server';
import type { NextRequest } from 'next/server';
export function middleware(request: NextRequest) {
// Protect admin routes with Basic Auth (legacy routes)
if (request.nextUrl.pathname.startsWith('/admin') ||
request.nextUrl.pathname.startsWith('/dashboard') ||
request.nextUrl.pathname.startsWith('/control')) {
const authHeader = request.headers.get('authorization');
const basicAuth = process.env.ADMIN_BASIC_AUTH;
if (!basicAuth) {
return new NextResponse('Admin access not configured', { status: 500 });
}
if (!authHeader || !authHeader.startsWith('Basic ')) {
return new NextResponse('Authentication required', {
status: 401,
headers: {
'WWW-Authenticate': 'Basic realm="Admin Area"',
},
});
}
const credentials = authHeader.split(' ')[1];
const [username, password] = Buffer.from(credentials, 'base64').toString().split(':');
const [expectedUsername, expectedPassword] = basicAuth.split(':');
if (username !== expectedUsername || password !== expectedPassword) {
return new NextResponse('Invalid credentials', {
status: 401,
headers: {
'WWW-Authenticate': 'Basic realm="Admin Area"',
},
});
}
}
// For /manage and /editor routes, let them handle their own session-based auth
// These routes will redirect to login if not authenticated
if (request.nextUrl.pathname.startsWith('/manage') ||
request.nextUrl.pathname.startsWith('/editor')) {
// Let the page handle authentication via session tokens
return NextResponse.next();
}
// For all other routes, continue with normal processing
return NextResponse.next();
}
export const config = {
matcher: [
/*
* Match all request paths except for the ones starting with:
* - api/email (email API routes)
* - api/health (health check)
* - _next/static (static files)
* - _next/image (image optimization files)
* - favicon.ico (favicon file)
* - api/auth (auth API routes - need to be processed)
*/
'/((?!api/email|api/health|_next/static|_next/image|favicon.ico|api/auth).*)',
],
};
Reference in New Issue View Git Blame Copy Permalink