search

awinogrodzki / next-firebase-auth-edge

Next.js Firebase Authentication for Edge and Node.js runtimes. Compatible with latest Next.js features.
https://next-firebase-auth-edge-docs.vercel.app/
MIT License
461 stars 41 forks source link

Forbid access from handleValidToken() #202

Closed alexsoyes closed 2 months ago

alexsoyes commented 2 months ago

When the user authenticates, I want to check if he is allowed to connect.

I think I am close but I am still able to access the /dashboard/page.tsx from Next14.

What do I do wrong?

handleValidToken: async ({ decodedToken: { email } }, headers) => {

      // UNSUCCESSFULL :)
      if (!email || !allowedEmails.includes(email)) {
        console.error('Unauthorized access', { email });
        return redirectToHome(request);
      }

      return NextResponse.next({
        request: {
          headers,
        },
      });
    }

Note: Already said but greeeeeat lib 🫶

awinogrodzki commented 2 months ago

Hey @alexsoyes! Thanks for reporting

Could you share your entire middleware.ts file?

alexsoyes commented 2 months ago

Hey @awinogrodzki !

I just realize did not provide the route in the config correclty, my mistake, thank you again for your lib!

export const config = {
  matcher: ['/api/login', '/api/logout', '/api/entities/:path*'],
};