Supabase Middleware public and private route
import { createServerClient } from '@supabase/ssr';
import { NextResponse, type NextRequest } from 'next/server';
export async function updateSession(request: NextRequest) {
try {
let supabaseResponse = NextResponse.next({
request,
});
const supabase = createServerClient(
process.env.NEXT_PUBLIC_SUPABASE_URL!,
process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
{
cookies: {
getAll() {
return request.cookies.getAll();
},
setAll(cookiesToSet) {
cookiesToSet.forEach(({ name, value, options }) =>
request.cookies.set(name, value)
);
supabaseResponse = NextResponse.next({
request,
});
cookiesToSet.forEach(({ name, value, options }) =>
supabaseResponse.cookies.set(name, value, options)
);
},
},
}
);
// automatically invoked token refresh in supabase.
const user = await supabase.auth.getUser();
const protectedRoutes = ['/home', '/profile', '/analytics', '/wallet'];
// Redirect unauthenticated users trying to access protected routes to "/signin"
if (protectedRoutes.includes(request.nextUrl.pathname) && user.error) {
return NextResponse.redirect(new URL('/signin', request.url));
}
const publicRoutes = ['/', '/signin', '/signup'];
// Redirect authenticated users from public routes to "/home"
if (publicRoutes.includes(request.nextUrl.pathname) && !user.error) {
return NextResponse.redirect(new URL('/home', request.url));
}
return supabaseResponse;
} catch (error) {
return NextResponse.next({
request: {
headers: request.headers,
},
});
}
}