middleware publicPaths is not configurable, middleware always does an auth check

[Thinkscape]

Prerequisites

• [X] I have searched the repository’s issues and Kinde community to ensure my issue isn’t a duplicate
• [X] I have checked the latest version of the library to replicate my issue
• [X] I have read the contributing guidelines
• [X] I agree to the terms within the code of conduct

Describe the issue

We're missing the ability to set public paths for the middleware to ignore.

According to next.js design, multiple middleware are meant to be chained/nested, however currently adding the Kinde middleware to a next.js project will trigger auth check on all paths whenever middleware runs (per matcher: setting)

Because most projects have protected and public paths, we desperately need a way to set public paths for Kinde to ignore auth for - i.e. the req.kindeAuth would be optional, but lack of cookie or invalid token must not cause a redirect to login page. matcher is not the way to do it, because the project might have other chained middleware that DO want to run on those paths (in other words, matcher disables/enables all middleware, while we need to prevent just Kinde redirect in certain paths).

Here's the hard-coded value: https://github.com/kinde-oss/kinde-auth-nextjs/blob/main/src/authMiddleware/authMiddleware.js#L39

Here's how clerk middleware exposes this in publicPaths: https://clerk.com/docs/references/nextjs/auth-middleware#options

Library URL

https://github.com/kinde-oss/kinde-auth-nextjs/

Library version

2.1.15

Operating system(s)

macOS

Operating system version(s)

n/a

Further environment details

next.js 14.1.3

Reproducible test case URL

No response

Additional information

No response

[peterphanouvong]

Hi @Thinkscape thank you for raising this, sounds like you'd like a way to configure the publicPaths? If so I'll make a PR for it and try to fix it up for you.

[peterphanouvong]

136 Should do it!

[DanielRivers]

@Thinkscape closing this now as it has been resolved