1
import { clerkMiddleware, createRouteMatcher } from '@clerk/nextjs/server';
2
import { NextResponse } from 'next/server';
4
import { authEnv } from '@/config/auth';
5
import NextAuthEdge from '@/libs/next-auth/edge';
7
import { OAUTH_AUTHORIZED } from './const/auth';
11
// include any files in the api or trpc folders that might have an extension
12
'/(api|trpc|webapi)(.*)',
23
const defaultMiddleware = () => NextResponse.next();
25
// Initialize an Edge compatible NextAuth middleware
26
const nextAuthMiddleware = NextAuthEdge.auth((req) => {
28
if (req.nextUrl.pathname === '/') return NextResponse.next();
30
// Just check if session exists
31
const session = req.auth;
33
// Check if next-auth throws errors
34
// refs: https://github.com/lobehub/lobe-chat/pull/1323
35
const isLoggedIn = !!session?.expires;
37
// Remove & amend OAuth authorized header
38
const requestHeaders = new Headers(req.headers);
39
requestHeaders.delete(OAUTH_AUTHORIZED);
40
if (isLoggedIn) requestHeaders.set(OAUTH_AUTHORIZED, 'true');
42
return NextResponse.next({
44
headers: requestHeaders,
49
const isProtectedRoute = createRouteMatcher([
55
export default authEnv.NEXT_PUBLIC_ENABLE_CLERK_AUTH
58
if (isProtectedRoute(req)) auth().protect();
61
// https://github.com/lobehub/lobe-chat/pull/3084
62
clockSkewInMs: 60 * 60 * 1000,
67
: authEnv.NEXT_PUBLIC_ENABLE_NEXT_AUTH