chore: import upstream snapshot with attribution
This commit is contained in:
@@ -0,0 +1,41 @@
|
||||
import { clerkMiddleware, createRouteMatcher } from '@clerk/nextjs/server'
|
||||
|
||||
// Define public routes that don't require authentication
|
||||
const isPublicRoute = createRouteMatcher([
|
||||
'/',
|
||||
'/sign-in(.*)',
|
||||
'/sign-up(.*)',
|
||||
'/api/public(.*)',
|
||||
'/api/config(.*)',
|
||||
'/api/templates(.*)',
|
||||
'/api/mcp(.*)',
|
||||
'/api/test-mcp-connection(.*)',
|
||||
])
|
||||
|
||||
// Define API routes that require API key authentication (bypass Clerk auth)
|
||||
const isApiKeyRoute = createRouteMatcher([
|
||||
'/api/workflows/:workflowId/execute',
|
||||
'/api/workflows/:workflowId/execute-stream',
|
||||
'/api/workflows/:workflowId/resume',
|
||||
])
|
||||
|
||||
export default clerkMiddleware(async (auth, request) => {
|
||||
// API key routes bypass Clerk auth (will be validated in the route handler)
|
||||
if (isApiKeyRoute(request)) {
|
||||
return
|
||||
}
|
||||
|
||||
// Protect all routes except public ones
|
||||
if (!isPublicRoute(request)) {
|
||||
await auth.protect()
|
||||
}
|
||||
})
|
||||
|
||||
export const config = {
|
||||
matcher: [
|
||||
// Skip Next.js internals and static files
|
||||
'/((?!_next|[^?]*\.(?:html?|css|js(?!on)|jpe?g|webp|png|gif|svg|ttf|woff2?|ico|csv|docx?|xlsx?|zip|webmanifest)).*)',
|
||||
// Always run for API routes
|
||||
'/(api|trpc)(.*)',
|
||||
],
|
||||
}
|
||||
Reference in New Issue
Block a user