32 lines
948 B
TypeScript
32 lines
948 B
TypeScript
import { NextResponse } from 'next/server';
|
|
import type { NextRequest } from 'next/server';
|
|
|
|
export function middleware(req: NextRequest) {
|
|
const authHeader = req.headers.get('authorization');
|
|
|
|
// Change these to your desired username and password
|
|
const USERNAME = process.env.DASHBOARD_USER;
|
|
const PASSWORD = process.env.DASHBOARD_PASS;
|
|
|
|
if (authHeader) {
|
|
const auth = authHeader.split(' ')[1];
|
|
const [user, pwd] = Buffer.from(auth, 'base64').toString().split(':');
|
|
|
|
if (user === USERNAME && pwd === PASSWORD) {
|
|
return NextResponse.next();
|
|
}
|
|
}
|
|
|
|
// If not authenticated, trigger the browser's native login popup
|
|
return new NextResponse('Authentication required', {
|
|
status: 401,
|
|
headers: {
|
|
'WWW-Authenticate': 'Basic realm="Secure Area"',
|
|
},
|
|
});
|
|
}
|
|
|
|
// Only protect the dashboard, not the static assets
|
|
export const config = {
|
|
matcher: ['/((?!_next/static|_next/image|favicon.ico).*)'],
|
|
};
|