duckil_plm/fems-app/src/middleware.tsx

// src/middleware.ts
import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";
import { decodeToken, hasPermission, hasAnyPermission } from "@/lib/jwt";

export function middleware(request: NextRequest) {
  const token = request.cookies.get("token")?.value;

  // Public routes
  if (
    request.nextUrl.pathname === "/" ||
    request.nextUrl.pathname === "/login"
  ) {
    return NextResponse.next();
  }

  // 비인증 사용자는 렌딩 페이지로
  if (!token) {
    return NextResponse.redirect(new URL("/", request.url));
  }

  // 토큰 디코딩
  const tokenData = decodeToken(token);
  if (!tokenData) {
    return NextResponse.redirect(new URL("/", request.url));
  }

  // 권한 기반 라우팅 보호
  if (request.nextUrl.pathname.startsWith("/admin")) {
    // admin 페이지 접근을 위해서는 admin:access 권한이나 특정 role이 필요
    const hasAdminAccess =
      hasPermission(tokenData, "admin:access") ||
      ["super_admin", "company_admin"].includes(tokenData.role);

    if (!hasAdminAccess) {
      return NextResponse.redirect(new URL("/dashboard/overview", request.url));
    }
  }

  // 사용자 관리 페이지
  if (request.nextUrl.pathname.startsWith("/users")) {
    const hasUserManageAccess = hasAnyPermission(tokenData, [
      "users:manage",
      "users:view",
    ]);

    if (!hasUserManageAccess) {
      return NextResponse.redirect(new URL("/dashboard/overview", request.url));
    }
  }

  // 부서 관리 페이지
  if (request.nextUrl.pathname.startsWith("/departments")) {
    const hasDepartmentAccess = hasAnyPermission(tokenData, [
      "departments:manage",
      "departments:view",
    ]);

    if (!hasDepartmentAccess) {
      return NextResponse.redirect(new URL("/dashboard/overview", request.url));
    }
  }

  // 응답 헤더에 사용자 권한 정보 추가 (옵션)
  const response = NextResponse.next();
  response.headers.set(
    "X-User-Permissions",
    JSON.stringify(tokenData.permissions)
  );
  response.headers.set("X-User-Role", tokenData.role);

  return response;
}

export const config = {
  matcher: ["/((?!api|_next/static|_next/image|favicon.ico).*)"],
};
auto commit 2024-11-02 18:01:31 +09:00			`// src/middleware.ts`
			`import { NextResponse } from "next/server";`
			`import type { NextRequest } from "next/server";`
auto commit 2024-11-09 08:58:47 +09:00			`import { decodeToken, hasPermission, hasAnyPermission } from "@/lib/jwt";`
auto commit 2024-11-02 18:01:31 +09:00
			`export function middleware(request: NextRequest) {`
			`const token = request.cookies.get("token")?.value;`

auto commit 2024-11-09 08:58:47 +09:00			`// Public routes`
			`if (`
			`request.nextUrl.pathname === "/" \|\|`
			`request.nextUrl.pathname === "/login"`
			`) {`
			`return NextResponse.next();`
			`}`

11 2024-11-10 06:34:32 +09:00			`// 비인증 사용자는 렌딩 페이지로`
auto commit 2024-11-09 08:58:47 +09:00			`if (!token) {`
auto commit 2024-11-04 17:51:38 +09:00			`return NextResponse.redirect(new URL("/", request.url));`
auto commit 2024-11-02 18:01:31 +09:00			`}`

auto commit 2024-11-09 08:58:47 +09:00			`// 토큰 디코딩`
			`const tokenData = decodeToken(token);`
			`if (!tokenData) {`
			`return NextResponse.redirect(new URL("/", request.url));`
			`}`

			`// 권한 기반 라우팅 보호`
auto commit 2024-11-02 18:01:31 +09:00			`if (request.nextUrl.pathname.startsWith("/admin")) {`
auto commit 2024-11-09 08:58:47 +09:00			`// admin 페이지 접근을 위해서는 admin:access 권한이나 특정 role이 필요`
			`const hasAdminAccess =`
			`hasPermission(tokenData, "admin:access") \|\|`
			`["super_admin", "company_admin"].includes(tokenData.role);`

			`if (!hasAdminAccess) {`
			`return NextResponse.redirect(new URL("/dashboard/overview", request.url));`
			`}`
			`}`

			`// 사용자 관리 페이지`
			`if (request.nextUrl.pathname.startsWith("/users")) {`
			`const hasUserManageAccess = hasAnyPermission(tokenData, [`
			`"users:manage",`
			`"users:view",`
			`]);`

			`if (!hasUserManageAccess) {`
			`return NextResponse.redirect(new URL("/dashboard/overview", request.url));`
			`}`
			`}`

			`// 부서 관리 페이지`
			`if (request.nextUrl.pathname.startsWith("/departments")) {`
			`const hasDepartmentAccess = hasAnyPermission(tokenData, [`
			`"departments:manage",`
			`"departments:view",`
			`]);`

			`if (!hasDepartmentAccess) {`
auto commit 2024-11-02 18:01:31 +09:00			`return NextResponse.redirect(new URL("/dashboard/overview", request.url));`
			`}`
			`}`

auto commit 2024-11-09 08:58:47 +09:00			`// 응답 헤더에 사용자 권한 정보 추가 (옵션)`
			`const response = NextResponse.next();`
			`response.headers.set(`
			`"X-User-Permissions",`
			`JSON.stringify(tokenData.permissions)`
			`);`
			`response.headers.set("X-User-Role", tokenData.role);`

			`return response;`
auto commit 2024-11-02 18:01:31 +09:00			`}`

			`export const config = {`
			`matcher: ["/((?!api\|_next/static\|_next/image\|favicon.ico).*)"],`
			`};`
No results found.