feat: V2 microservices stack — backend services, gateway, JWT auth
Add full V2 architecture: identity, content, studio (.NET 10) and file, render, notification, gateway (Go) services with vendored deps, plus DB migrations, event/API contracts, and an init-db script. Wire the Next.js frontend to the gateway: server-side JWT auth routes (login/register/refresh/logout/me), gateway fetch helper, and session/ cookie/jwt helpers under src/lib. Containerize the stack via docker-compose.v2.yml and per-service Dockerfiles. Base images resolve through a Nexus mirror (Docker Hub) and MCR directly; npm/NuGet pull from Nexus groups. Self-host fonts via next/font/local to avoid Google Fonts (geo-blocked). Add CI workflow and ignore .env.v2, *.stackdump, and .NET bin/obj. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
soroush.asadi
+23
-16
@@ -1,31 +1,38 @@
|
||||
import { type NextRequest } from "next/server";
|
||||
import { type NextRequest, NextResponse } from "next/server";
|
||||
import createIntlMiddleware from "next-intl/middleware";
|
||||
|
||||
import { routing } from "@/i18n/routing";
|
||||
import { updateSession } from "@/lib/supabase/middleware";
|
||||
import { ACCESS_TOKEN_COOKIE } from "@/lib/auth/constants";
|
||||
import { decodeJwt, isJwtExpired } from "@/lib/auth/jwt";
|
||||
|
||||
const handleI18n = createIntlMiddleware(routing);
|
||||
|
||||
export async function middleware(request: NextRequest) {
|
||||
// 1. Run i18n locale detection / redirect
|
||||
const i18nResponse = handleI18n(request);
|
||||
// Routes that require an authenticated Identity session (optionally /en/-prefixed).
|
||||
const PROTECTED = /^\/(?:en\/)?(?:dashboard|studio)(?:\/|$)/;
|
||||
|
||||
// If next-intl redirected (e.g. to add /en/ prefix), honour it immediately
|
||||
if (i18nResponse.status !== 200 || i18nResponse.headers.has("location")) {
|
||||
export async function middleware(request: NextRequest) {
|
||||
// 1. Locale detection / redirect (next-intl)
|
||||
const i18nResponse = handleI18n(request);
|
||||
if (
|
||||
i18nResponse.status !== 200 ||
|
||||
i18nResponse.headers.has("location")
|
||||
) {
|
||||
return i18nResponse;
|
||||
}
|
||||
|
||||
// 2. Run Supabase session refresh on the (possibly rewritten) request
|
||||
const supabaseResponse = await updateSession(request);
|
||||
|
||||
// Carry over any locale cookies/headers set by next-intl
|
||||
i18nResponse.headers.forEach((value, key) => {
|
||||
if (!supabaseResponse.headers.has(key)) {
|
||||
supabaseResponse.headers.set(key, value);
|
||||
// 2. Auth guard for protected sections
|
||||
const { pathname } = request.nextUrl;
|
||||
if (PROTECTED.test(pathname)) {
|
||||
const token = request.cookies.get(ACCESS_TOKEN_COOKIE)?.value;
|
||||
if (!token || isJwtExpired(decodeJwt(token))) {
|
||||
const url = request.nextUrl.clone();
|
||||
url.pathname = pathname.startsWith("/en") ? "/en/auth" : "/auth";
|
||||
url.searchParams.set("next", pathname);
|
||||
return NextResponse.redirect(url);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
return supabaseResponse;
|
||||
return i18nResponse;
|
||||
}
|
||||
|
||||
export const config = {
|
||||
|
||||
Reference in New Issue
Block a user