BA
Better Auth•2mo ago
kijkte

Admin protected routes middleware

Hi all, I was wondering if someone has an example of what a middleware would look like if i only want users with admin role to be able to access my /admin/:path routes
Solution:
```import { betterFetch } from "@better-fetch/fetch"; import { NextResponse, type NextRequest } from "next/server"; import type { Session } from "@/lib/auth"; const authRoutes = ["/sign-in", "/sign-up"];...
Jump to solution
2 Replies
kijkte
kijkteOP•2mo ago
nvm i figured it out
Solution
kijkte
kijkte•2mo ago
import { betterFetch } from "@better-fetch/fetch";
import { NextResponse, type NextRequest } from "next/server";
import type { Session } from "@/lib/auth";

const authRoutes = ["/sign-in", "/sign-up"];
const passwordRoutes = ["/reset-password", "/forgot-password"];
const adminRoutes = ["/admin"];

export default async function authMiddleware(request: NextRequest) {
    const pathName = request.nextUrl.pathname;
    const isAuthRoute = authRoutes.includes(pathName);
    const isPasswordRoute = passwordRoutes.includes(pathName);
    const isAdminRoute = adminRoutes.includes(pathName);

    const { data: session } = await betterFetch<Session>(
        "/api/auth/get-session",
        {
            baseURL: process.env.BETTER_AUTH_URL,
            headers: {
                cookie: request.headers.get("cookie") || "",
            },
        },
    );

    if (!session) {
        if (isAuthRoute || isPasswordRoute) {
            return NextResponse.next();
        }
        return NextResponse.redirect(new URL("/sign-in", request.url));
    }

    if (isAuthRoute || isPasswordRoute) {
        return NextResponse.redirect(new URL("/", request.url));
    }

    if (isAdminRoute && session.user.role !== "admin") {
        return NextResponse.redirect(new URL("/", request.url));
    }

    return NextResponse.next();
}

export const config = {
    matcher: ['/((?!api|_next/static|_next/image|.*\\.png$).*)'],
};
import { betterFetch } from "@better-fetch/fetch";
import { NextResponse, type NextRequest } from "next/server";
import type { Session } from "@/lib/auth";

const authRoutes = ["/sign-in", "/sign-up"];
const passwordRoutes = ["/reset-password", "/forgot-password"];
const adminRoutes = ["/admin"];

export default async function authMiddleware(request: NextRequest) {
    const pathName = request.nextUrl.pathname;
    const isAuthRoute = authRoutes.includes(pathName);
    const isPasswordRoute = passwordRoutes.includes(pathName);
    const isAdminRoute = adminRoutes.includes(pathName);

    const { data: session } = await betterFetch<Session>(
        "/api/auth/get-session",
        {
            baseURL: process.env.BETTER_AUTH_URL,
            headers: {
                cookie: request.headers.get("cookie") || "",
            },
        },
    );

    if (!session) {
        if (isAuthRoute || isPasswordRoute) {
            return NextResponse.next();
        }
        return NextResponse.redirect(new URL("/sign-in", request.url));
    }

    if (isAuthRoute || isPasswordRoute) {
        return NextResponse.redirect(new URL("/", request.url));
    }

    if (isAdminRoute && session.user.role !== "admin") {
        return NextResponse.redirect(new URL("/", request.url));
    }

    return NextResponse.next();
}

export const config = {
    matcher: ['/((?!api|_next/static|_next/image|.*\\.png$).*)'],
};
if someone is wondering the same 🙂

Did you find this page helpful?