import { createServerClient } from "@supabase/ssr"; import { NextResponse, type NextRequest } from "next/server"; import { PUBLIC_AUTH_PAGES, AUTH_ROUTES, RECOVERY_COOKIE_NAME, } from "@/features/auth/constants"; /** * 서버 사이드 인증 상태를 관리하고 보호된 라우트를 처리합니다. */ export async function updateSession(request: NextRequest) { let supabaseResponse = NextResponse.next({ request }); const supabase = createServerClient( process.env.NEXT_PUBLIC_SUPABASE_URL!, process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!, { cookies: { getAll() { return request.cookies.getAll(); }, setAll(cookiesToSet) { cookiesToSet.forEach(({ name, value }) => request.cookies.set(name, value), ); supabaseResponse = NextResponse.next({ request }); cookiesToSet.forEach(({ name, value, options }) => supabaseResponse.cookies.set(name, value, options), ); }, }, }, ); const { data: { user }, } = await supabase.auth.getUser(); const { pathname } = request.nextUrl; const recoveryCookie = request.cookies.get(RECOVERY_COOKIE_NAME)?.value; if (recoveryCookie && !user) { const response = NextResponse.redirect( new URL(AUTH_ROUTES.LOGIN, request.url), ); response.cookies.delete(RECOVERY_COOKIE_NAME); return response; } const isRecoveryRoute = pathname.startsWith(AUTH_ROUTES.RESET_PASSWORD) || pathname.startsWith(AUTH_ROUTES.AUTH_CONFIRM); if (recoveryCookie && !isRecoveryRoute) { return NextResponse.redirect( new URL(AUTH_ROUTES.RESET_PASSWORD, request.url), ); } const isAuthPage = PUBLIC_AUTH_PAGES.some((page) => pathname.startsWith(page), ); if (!user && !isAuthPage) { return NextResponse.redirect(new URL(AUTH_ROUTES.LOGIN, request.url)); } if ( user && isAuthPage && pathname !== AUTH_ROUTES.RESET_PASSWORD && !recoveryCookie ) { return NextResponse.redirect(new URL(AUTH_ROUTES.HOME, request.url)); } return supabaseResponse; }