Fix middleware matcher basePath issue, always show logout button
All checks were successful
Deploy to Server / deploy (push) Successful in 1m10s
All checks were successful
Deploy to Server / deploy (push) Successful in 1m10s
Next.js prepends basePath to matcher patterns, so patterns must not include /admin prefix. Logout button now always visible in sidebar. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Peter Meier
@@ -226,41 +226,21 @@ export function Sidebar({ locale, mobileOpen = false, onClose }: SidebarProps) {
|
||||
</div>
|
||||
</nav>
|
||||
<div className="mt-2 border-t border-accent-200/50 pt-2">
|
||||
{!mounted ? (
|
||||
<Link
|
||||
href="/login"
|
||||
onClick={onClose}
|
||||
className={`${navLinkClass} w-full text-left text-gray-700 no-underline hover:bg-accent-100/80 hover:text-gray-900 ${pathname === "/login" ? "bg-accent-200/70 font-medium text-gray-900" : ""}`}
|
||||
>
|
||||
<Icon icon="mdi:login" className="size-4" aria-hidden />
|
||||
{t("login")}
|
||||
</Link>
|
||||
) : hasStoredKey ? (
|
||||
<button
|
||||
type="button"
|
||||
onClick={async () => {
|
||||
clearSession();
|
||||
setLogoutVersion((v) => v + 1);
|
||||
onClose?.();
|
||||
await fetch("/admin/api/auth/logout", { method: "POST" });
|
||||
router.push("/login");
|
||||
router.refresh();
|
||||
}}
|
||||
className={`${navLinkClass} w-full text-left text-gray-700 hover:bg-accent-100/80 hover:text-gray-900`}
|
||||
>
|
||||
<Icon icon="mdi:logout" className="size-4" aria-hidden />
|
||||
{t("logout")}
|
||||
</button>
|
||||
) : !hasEnvKey ? (
|
||||
<Link
|
||||
href="/login"
|
||||
onClick={onClose}
|
||||
className={`${navLinkClass} w-full text-left text-gray-700 no-underline hover:bg-accent-100/80 hover:text-gray-900 ${pathname === "/login" ? "bg-accent-200/70 font-medium text-gray-900" : ""}`}
|
||||
>
|
||||
<Icon icon="mdi:login" className="size-4" aria-hidden />
|
||||
{t("login")}
|
||||
</Link>
|
||||
) : null}
|
||||
<button
|
||||
type="button"
|
||||
onClick={async () => {
|
||||
clearSession();
|
||||
setLogoutVersion((v) => v + 1);
|
||||
onClose?.();
|
||||
await fetch("/admin/api/auth/logout", { method: "POST" });
|
||||
router.push("/login");
|
||||
router.refresh();
|
||||
}}
|
||||
className={`${navLinkClass} w-full text-left text-gray-700 hover:bg-accent-100/80 hover:text-gray-900`}
|
||||
>
|
||||
<Icon icon="mdi:logout" className="size-4" aria-hidden />
|
||||
{t("logout")}
|
||||
</button>
|
||||
</div>
|
||||
<LocaleSwitcher locale={locale} />
|
||||
</aside>
|
||||
|
||||
@@ -3,15 +3,7 @@ import type { NextRequest } from "next/server";
|
||||
import { getIronSession } from "iron-session";
|
||||
import { sessionOptions, type SessionData } from "@/lib/session";
|
||||
|
||||
const PUBLIC_PREFIXES = ["/admin/login", "/admin/api/auth"];
|
||||
|
||||
export async function middleware(request: NextRequest) {
|
||||
const { pathname } = request.nextUrl;
|
||||
|
||||
if (PUBLIC_PREFIXES.some((p) => pathname.startsWith(p))) {
|
||||
return NextResponse.next();
|
||||
}
|
||||
|
||||
const response = NextResponse.next();
|
||||
const session = await getIronSession<SessionData>(request, response, sessionOptions);
|
||||
|
||||
@@ -23,6 +15,11 @@ export async function middleware(request: NextRequest) {
|
||||
return response;
|
||||
}
|
||||
|
||||
// Next.js prepends basePath (/admin) to these patterns automatically.
|
||||
// "/" matches /admin, "/((?!login|api/auth|_next|favicon.ico).+)" matches /admin/content/... etc.
|
||||
export const config = {
|
||||
matcher: ["/admin", "/admin/((?!_next|favicon.ico).*)"],
|
||||
matcher: [
|
||||
"/",
|
||||
"/((?!login|api/auth|_next|favicon.ico).+)",
|
||||
],
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user