2025-12-14 18:57:56 +01:00
|
|
|
import { type NextRequest, NextResponse } from "next/server";
|
2026-01-14 14:51:43 +01:00
|
|
|
import type { ProxyFn } from "~/proxy";
|
2025-12-14 18:57:56 +01:00
|
|
|
import { TOKEN_CONFIG } from "~/server/auth/configs";
|
|
|
|
|
import { verifyToken } from "~/server/auth/jwt";
|
|
|
|
|
|
2026-01-14 14:51:43 +01:00
|
|
|
export const pswChangeProxy: ProxyFn = async (req: NextRequest) => {
|
2025-12-14 18:57:56 +01:00
|
|
|
if (req.nextUrl.pathname === "/auth/aggiorna-password") {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const accessToken = req.cookies.get(
|
|
|
|
|
TOKEN_CONFIG.ACCESS_TOKEN_COOKIE_NAME,
|
|
|
|
|
)?.value;
|
|
|
|
|
|
|
|
|
|
if (!accessToken) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-09 11:09:25 +02:00
|
|
|
const { expired, session } = await verifyToken(accessToken);
|
|
|
|
|
if (!session || expired) {
|
2025-12-14 18:57:56 +01:00
|
|
|
return;
|
|
|
|
|
}
|
2026-04-09 11:09:25 +02:00
|
|
|
if (session.mustChangePassword) {
|
2025-12-14 18:57:56 +01:00
|
|
|
return NextResponse.redirect(
|
|
|
|
|
new URL("/auth/aggiorna-password", req.nextUrl),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
};
|