task-b complate

This commit is contained in:
phaichayon
2026-06-11 16:55:45 +07:00
parent 7a390cf0df
commit 67545d9295
135 changed files with 3295 additions and 6385 deletions

View File

@@ -1,48 +1,29 @@
import { auth } from "@/auth";
import { NextResponse } from "next/server";
import { auth } from '@/auth';
import { NextResponse } from 'next/server';
const protectedApiPrefixes = [
"/api/products",
"/api/organizations",
"/api/users",
];
const superAdminOnlyRoutes = ["/dashboard/workspaces"];
const organizationAdminRoutes = [
"/dashboard/users",
"/dashboard/workspaces/team",
];
const protectedApiPrefixes = ['/api/products', '/api/organizations', '/api/users'];
const superAdminOnlyRoutes = ['/dashboard/workspaces'];
const organizationAdminRoutes = ['/dashboard/users', '/dashboard/workspaces/team'];
export default auth((req) => {
const pathname = req.nextUrl.pathname;
const isCanonicalCrmRoute =
pathname === "/dashboard" || pathname.startsWith("/dashboard/crm");
// if (!isCanonicalCrmRoute && pathname.startsWith("/dashboard")) {
// const redirectedPath = pathname.replace("/dashboard", "/example/dashboard");
// return NextResponse.redirect(new URL(redirectedPath, req.nextUrl.origin));
// }
const isDashboardRoute = pathname.startsWith("/dashboard");
const isProtectedApiRoute = protectedApiPrefixes.some((prefix) =>
pathname.startsWith(prefix),
);
const isDashboardRoute = pathname.startsWith('/dashboard');
const isProtectedApiRoute = protectedApiPrefixes.some((prefix) => pathname.startsWith(prefix));
const user = req.auth?.user;
const isSignedIn = !!user;
const isSuperAdmin = user?.systemRole === "super_admin";
const isSuperAdmin = user?.systemRole === 'super_admin';
const isOrganizationAdmin =
isSuperAdmin ||
(user?.activeOrganizationId &&
(user.activeMembershipRole === "admin" ||
user.activePermissions?.includes("users:manage")));
(user.activeMembershipRole === 'admin' || user.activePermissions?.includes('users:manage')));
if (!isSignedIn && (isDashboardRoute || isProtectedApiRoute)) {
if (isProtectedApiRoute) {
return NextResponse.json({ message: "Unauthorized" }, { status: 401 });
return NextResponse.json({ message: 'Unauthorized' }, { status: 401 });
}
const signInUrl = new URL("/auth/sign-in", req.nextUrl.origin);
signInUrl.searchParams.set("callbackUrl", pathname);
const signInUrl = new URL('/auth/sign-in', req.nextUrl.origin);
signInUrl.searchParams.set('callbackUrl', pathname);
return NextResponse.redirect(signInUrl);
}
@@ -51,7 +32,7 @@ export default auth((req) => {
superAdminOnlyRoutes.some((prefix) => pathname.startsWith(prefix)) &&
!isSuperAdmin
) {
return NextResponse.redirect(new URL("/dashboard", req.nextUrl.origin));
return NextResponse.redirect(new URL('/dashboard', req.nextUrl.origin));
}
if (
@@ -59,7 +40,7 @@ export default auth((req) => {
organizationAdminRoutes.some((prefix) => pathname.startsWith(prefix)) &&
!isOrganizationAdmin
) {
return NextResponse.redirect(new URL("/dashboard", req.nextUrl.origin));
return NextResponse.redirect(new URL('/dashboard', req.nextUrl.origin));
}
return NextResponse.next();
@@ -67,7 +48,7 @@ export default auth((req) => {
export const config = {
matcher: [
"/((?!_next|[^?]*\\.(?:html?|css|js(?!on)|jpe?g|webp|png|gif|svg|ttf|woff2?|ico|csv|docx?|xlsx?|zip|webmanifest)).*)",
"/(api|trpc)(.*)",
],
'/((?!_next|[^?]*\\.(?:html?|css|js(?!on)|jpe?g|webp|png|gif|svg|ttf|woff2?|ico|csv|docx?|xlsx?|zip|webmanifest)).*)',
'/(api|trpc)(.*)'
]
};