From b80a881700bca40422183f304bcb181a4188dd1f Mon Sep 17 00:00:00 2001
From: Ethen1264 <jxorhks86909763@gmail.com>
Date: Wed, 15 Jan 2025 17:50:50 +0900
Subject: [PATCH] =?UTF-8?q?=E2=9C=A8Add:=20private=20url?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/middleware.ts | 65 ++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 56 insertions(+), 9 deletions(-)

diff --git a/src/middleware.ts b/src/middleware.ts
index 948cd9f..ee571ca 100644
--- a/src/middleware.ts
+++ b/src/middleware.ts
@@ -1,16 +1,25 @@
 import { NextResponse } from 'next/server';
 import type { NextRequest } from 'next/server';
 
-export function middleware(request: NextRequest) {
-  const accessToken = request.cookies.get('accessToken');
+const MANAGE_RESTRICTED_PATHS = [
+  /^\/signIn$/,
+  /^\/signUp$/,
+  /^\/application\/.+\/(STANDARD|TRAINEE)$/,
+];
 
-  const requestHeaders = new Headers(request.headers);
+const USER_RESTRICTED_PATHS = [
+  /^\/admin$/,
+  /^\/create-exhibition$/,
+  /^\/expo-manage\/.+$/,
+  /^\/name-tag\/.+$/,
+  /^\/sms\/.+\/(STANDARD|TRAINEE)$/,
+  /^\/program(\/.*)?$/,
+];
 
-  if (accessToken) {
-    requestHeaders.set('role', 'manage');
-  } else {
-    requestHeaders.set('role', 'user');
-  }
+function handleApiRole(request: NextRequest): NextResponse {
+  const requestHeaders = new Headers(request.headers);
+  const role = request.cookies.get('accessToken') ? 'manage' : 'user';
+  requestHeaders.set('role', role);
 
   return NextResponse.next({
     request: {
@@ -19,6 +28,44 @@ export function middleware(request: NextRequest) {
   });
 }
 
+function isPathMatch(pathname: string, patterns: RegExp[]): boolean {
+  return patterns.some((pattern) => pattern.test(pathname));
+}
+
+export function middleware(request: NextRequest) {
+  const { pathname } = request.nextUrl;
+
+  if (pathname === '/api/role') {
+    return handleApiRole(request);
+  }
+
+  const accessToken = request.cookies.get('accessToken');
+
+  if (!accessToken && isPathMatch(pathname, USER_RESTRICTED_PATHS)) {
+    return NextResponse.redirect(new URL('/', request.url));
+  }
+
+  if (accessToken && isPathMatch(pathname, MANAGE_RESTRICTED_PATHS)) {
+    return NextResponse.redirect(new URL('/', request.url));
+  }
+
+  return NextResponse.next();
+}
+
 export const config = {
-  matcher: ['/api/role'],
+  matcher: [
+    '/api/role',
+    '/signIn',
+    '/signUp',
+    '/admin',
+    '/create-exhibition',
+    '/expo-manage/:path*',
+    '/name-tag/:path*',
+    '/sms/:path*/STANDARD',
+    '/sms/:path*/TRAINEE',
+    '/program/:path*',
+    '/program/detail/:path*',
+    '/application/:path*/STANDARD',
+    '/application/:path*/TRAINEE',
+  ],
 };