Files
2026-07-13 12:37:47 +08:00

42 lines
1.1 KiB
TypeScript

import { clerkMiddleware, createRouteMatcher } from '@clerk/nextjs/server'
// Define public routes that don't require authentication
const isPublicRoute = createRouteMatcher([
'/',
'/sign-in(.*)',
'/sign-up(.*)',
'/api/public(.*)',
'/api/config(.*)',
'/api/templates(.*)',
'/api/mcp(.*)',
'/api/test-mcp-connection(.*)',
])
// Define API routes that require API key authentication (bypass Clerk auth)
const isApiKeyRoute = createRouteMatcher([
'/api/workflows/:workflowId/execute',
'/api/workflows/:workflowId/execute-stream',
'/api/workflows/:workflowId/resume',
])
export default clerkMiddleware(async (auth, request) => {
// API key routes bypass Clerk auth (will be validated in the route handler)
if (isApiKeyRoute(request)) {
return
}
// Protect all routes except public ones
if (!isPublicRoute(request)) {
await auth.protect()
}
})
export const config = {
matcher: [
// Skip Next.js internals and static files
'/((?!_next|[^?]*\.(?:html?|css|js(?!on)|jpe?g|webp|png|gif|svg|ttf|woff2?|ico|csv|docx?|xlsx?|zip|webmanifest)).*)',
// Always run for API routes
'/(api|trpc)(.*)',
],
}