48 lines
1.3 KiB
TypeScript
48 lines
1.3 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server';
|
|
|
|
const config = {
|
|
matcher: [
|
|
/*
|
|
* Match all paths except for:
|
|
* 1. /api routes
|
|
* 2. /_next (Next.js internals)
|
|
* 3. /_static (inside /public)
|
|
* 4. all root files inside /public (e.g. /favicon.ico)
|
|
*/
|
|
'/((?!api/|_next/|_static/|_vercel|[\\w-]+\\.\\w+).*)',
|
|
],
|
|
};
|
|
|
|
export default async function middleware(req: NextRequest) {
|
|
const url = req.nextUrl;
|
|
const response = NextResponse.next();
|
|
|
|
// Simple cookie cleanup on logout or signin error
|
|
const isLogout = url.pathname === '/loggedout' || url.pathname === '/signout';
|
|
const isSigninError = url.pathname === '/signin' && url.searchParams.has('error');
|
|
|
|
if (isLogout || isSigninError) {
|
|
// Clear all auth-related cookies when logging out or on error
|
|
const authCookies = [
|
|
'next-auth.session-token',
|
|
'next-auth.csrf-token',
|
|
'next-auth.callback-url',
|
|
'__Secure-next-auth.session-token',
|
|
'__Host-next-auth.csrf-token',
|
|
'KEYCLOAK_SESSION',
|
|
'KEYCLOAK_IDENTITY',
|
|
'KC_RESTART',
|
|
'JSESSIONID',
|
|
'AUTH_SESSION_ID',
|
|
'AUTH_SESSION_ID_LEGACY'
|
|
];
|
|
|
|
authCookies.forEach(name => {
|
|
response.cookies.delete(name);
|
|
});
|
|
}
|
|
|
|
return response;
|
|
}
|
|
|
|
export { config };
|