42 lines
1.1 KiB
TypeScript
42 lines
1.1 KiB
TypeScript
import { clerkMiddleware, createRouteMatcher } from '@clerk/nextjs/server'
|
|
|
|
// Define public routes that don't require authentication
|
|
const isPublicRoute = createRouteMatcher([
|
|
'/',
|
|
'/sign-in(.*)',
|
|
'/sign-up(.*)',
|
|
'/api/public(.*)',
|
|
'/api/config(.*)',
|
|
'/api/templates(.*)',
|
|
'/api/mcp(.*)',
|
|
'/api/test-mcp-connection(.*)',
|
|
])
|
|
|
|
// Define API routes that require API key authentication (bypass Clerk auth)
|
|
const isApiKeyRoute = createRouteMatcher([
|
|
'/api/workflows/:workflowId/execute',
|
|
'/api/workflows/:workflowId/execute-stream',
|
|
'/api/workflows/:workflowId/resume',
|
|
])
|
|
|
|
export default clerkMiddleware(async (auth, request) => {
|
|
// API key routes bypass Clerk auth (will be validated in the route handler)
|
|
if (isApiKeyRoute(request)) {
|
|
return
|
|
}
|
|
|
|
// Protect all routes except public ones
|
|
if (!isPublicRoute(request)) {
|
|
await auth.protect()
|
|
}
|
|
})
|
|
|
|
export const config = {
|
|
matcher: [
|
|
// Skip Next.js internals and static files
|
|
'/((?!_next|[^?]*\.(?:html?|css|js(?!on)|jpe?g|webp|png|gif|svg|ttf|woff2?|ico|csv|docx?|xlsx?|zip|webmanifest)).*)',
|
|
// Always run for API routes
|
|
'/(api|trpc)(.*)',
|
|
],
|
|
}
|