wtf-shop/proxy.ts at development · devmhimran/wtf-shop · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
import { NextRequest, NextResponse } from 'next/server';
import { verifyRefreshToken } from './lib/jwt';

const SUPER_ADMIN_PATHS = [
  '/dashboard/',
  '/dashboard/products',
  '/dashboard/media-library',
  '/dashboard/promo-code',
  '/dashboard/custom-products',
  '/dashboard/orders',
  '/dashboard/customers',
  '/dashboard/users',
  '/dashboard/categories',
  '/dashboard/sub-categories',
  '/dashboard/colors',
  '/dashboard/sizes',
  '/profile',
];

const ADMIN_PATHS = [
  '/dashboard/products',
  '/dashboard/custom-products',
  '/dashboard/orders',
  '/dashboard/customers',
  '/profile',
];

const CUSTOMER_PATHS = ['/c/my-orders', '/c/profile'];
const COMMON_PATHS = ['/profile'];

export async function proxy(request: NextRequest) {
  const refreshToken = request.cookies.get('refreshToken')?.value;
  const accessToken = request.cookies.get('accessToken')?.value;
  const pathname = request.nextUrl.pathname;

  // If user is authenticated and trying to access signin page, redirect them away
  if (refreshToken && accessToken && pathname === '/signin') {
    const payload = await verifyRefreshToken(refreshToken!);

    if (payload) {
      const { role } = payload;
      const callbackUrl = request.nextUrl.searchParams.get('callbackUrl');

      // If callbackUrl exists, redirect there
      if (callbackUrl) {
        return NextResponse.redirect(new URL(callbackUrl, request.url));
      }

      // Otherwise redirect based on role
      if (role === 'CUSTOMER') {
        return NextResponse.redirect(new URL('/c/my-orders', request.url));
      } else if (role === 'ADMIN') {
        return NextResponse.redirect(
          new URL('/dashboard/products', request.url)
        );
      } else if (role === 'SUPER_ADMIN') {
        return NextResponse.redirect(new URL('/dashboard/', request.url));
      }
    }
  }

  // Allow unauthenticated access to signin page
  if (pathname === '/signin') {
    return NextResponse.next();
  }

  if (!refreshToken && !accessToken) {
    const signInUrl = new URL('/signin', request.url);
    signInUrl.searchParams.set('callbackUrl', pathname);
    return NextResponse.redirect(signInUrl);
  }

  if (!refreshToken) {
    const signInUrl = new URL('/signin', request.url);
    signInUrl.searchParams.set('callbackUrl', pathname);
    return NextResponse.redirect(signInUrl);
  }

  const payload = await verifyRefreshToken(refreshToken);

  if (!payload) {
    const signInUrl = new URL('/signin', request.url);
    signInUrl.searchParams.set('callbackUrl', pathname);
    return NextResponse.redirect(signInUrl);
  }

  const { role } = payload;
  const path = pathname;

  // Allow common paths
  if (COMMON_PATHS.some((p) => path.startsWith(p))) {
    return NextResponse.next();
  }

  /** CUSTOMER */
  if (role === 'CUSTOMER') {
    if (SUPER_ADMIN_PATHS.some((p) => path.startsWith(p))) {
      return NextResponse.redirect(new URL('/c/my-orders', request.url));
    }

    if (!CUSTOMER_PATHS.some((p) => path.startsWith(p))) {
      return NextResponse.redirect(new URL('/c/my-orders', request.url));
    }

    return NextResponse.next();
  }

  /** ADMIN */
  if (role === 'ADMIN') {
    if (CUSTOMER_PATHS.some((p) => path.startsWith(p))) {
      return NextResponse.redirect(new URL('/dashboard/products', request.url));
    }

    if (
      SUPER_ADMIN_PATHS.some((p) => path.startsWith(p)) &&
      !ADMIN_PATHS.some((p) => path.startsWith(p))
    ) {
      return NextResponse.redirect(new URL('/dashboard/products', request.url));
    }

    return NextResponse.next();
  }

  /** SUPER ADMIN */
  if (role === 'SUPER_ADMIN') {
    if (CUSTOMER_PATHS.some((p) => path.startsWith(p))) {
      return NextResponse.redirect(new URL('/dashboard/', request.url));
    }

    return NextResponse.next();
  }

  return NextResponse.next();
}

export const config = {
  matcher: ['/dashboard/:path*', '/c/:path*', '/my-profile', '/signin'],
};