ninzamax
KKinde
•Created by ninzamax on 4/12/2025 in #💻┃support
Frequent logouts
@Yoshify Does it have something to do with intermittent logouts, I am experimenting by removing await refreshTokens() now
10 replies
KKinde
•Created by ninzamax on 4/12/2025 in #💻┃support
Frequent logouts
Something like this:
import { NextRequest, NextResponse } from "next/server";
import { getKindeServerSession } from "@kinde-oss/kinde-auth-nextjs/server";
import { RoleEnum } from "@prisma/client";
import { LOGIN_API } from "@/endpoint/endpoint";
export async function middleware(request: NextRequest) {
const { refreshTokens, getUser, getRoles } = getKindeServerSession();
await refreshTokens();
const user = await getUser();
if (!user) {
// return new NextResponse("Unauthorized", { status: 401 });
return NextResponse.redirect(new URL(LOGIN_API, request.url));
}
if (request.nextUrl.pathname.startsWith("/admin/")) {
const roles = await getRoles();
const allowedRoles = [
RoleEnum.ADMIN.toLocaleLowerCase(),
RoleEnum.SUPER_ADMIN.toLocaleLowerCase(),
];
const hasRequiredRole = roles?.some((role) =>
allowedRoles.includes(role.key)
);
const hasSuperAdminRole = roles?.some(
(role) => role.key.toLowerCase() === RoleEnum.SUPER_ADMIN.toLowerCase()
);
if (request.url.includes("admin/accounts")) {
if (!hasSuperAdminRole) {
return new NextResponse("Forbidden", { status: 403 });
}
}
if (!hasRequiredRole) {
return new NextResponse("Forbidden", { status: 403 });
}
}
return NextResponse.next();
}
export const config = {
matcher: ["/admin/:path*", "/api/openAI/:path*", "/user-settings"],
};
import { NextRequest, NextResponse } from "next/server";
import { getKindeServerSession } from "@kinde-oss/kinde-auth-nextjs/server";
import { RoleEnum } from "@prisma/client";
import { LOGIN_API } from "@/endpoint/endpoint";
export async function middleware(request: NextRequest) {
const { refreshTokens, getUser, getRoles } = getKindeServerSession();
await refreshTokens();
const user = await getUser();
if (!user) {
// return new NextResponse("Unauthorized", { status: 401 });
return NextResponse.redirect(new URL(LOGIN_API, request.url));
}
if (request.nextUrl.pathname.startsWith("/admin/")) {
const roles = await getRoles();
const allowedRoles = [
RoleEnum.ADMIN.toLocaleLowerCase(),
RoleEnum.SUPER_ADMIN.toLocaleLowerCase(),
];
const hasRequiredRole = roles?.some((role) =>
allowedRoles.includes(role.key)
);
const hasSuperAdminRole = roles?.some(
(role) => role.key.toLowerCase() === RoleEnum.SUPER_ADMIN.toLowerCase()
);
if (request.url.includes("admin/accounts")) {
if (!hasSuperAdminRole) {
return new NextResponse("Forbidden", { status: 403 });
}
}
if (!hasRequiredRole) {
return new NextResponse("Forbidden", { status: 403 });
}
}
return NextResponse.next();
}
export const config = {
matcher: ["/admin/:path*", "/api/openAI/:path*", "/user-settings"],
};
10 replies