diff --git a/apps/admin/app/(main)/layout.tsx b/apps/admin/app/(main)/layout.tsx index 6e1fa79..ff188af 100644 --- a/apps/admin/app/(main)/layout.tsx +++ b/apps/admin/app/(main)/layout.tsx @@ -74,7 +74,7 @@ export default function MainLayout({ children }: { children: React.ReactNode })
Logo diff --git a/apps/admin/app/login/page.tsx b/apps/admin/app/login/page.tsx index 8a822dd..c7195cd 100644 --- a/apps/admin/app/login/page.tsx +++ b/apps/admin/app/login/page.tsx @@ -18,7 +18,7 @@ export default async function Page() {
{/* Animated logo */} - Logo + Logo

Placement Portal Admin

Sign in to manage placements and students

Empower your journey. Shape the future.

diff --git a/apps/admin/middleware.ts b/apps/admin/middleware.ts index 2c6edd9..bfa750d 100644 --- a/apps/admin/middleware.ts +++ b/apps/admin/middleware.ts @@ -1,21 +1,42 @@ +// apps/admin/middleware.ts import { auth } from '@/auth'; import { NextResponse, NextRequest } from 'next/server'; +import path from 'path'; export default auth((req: NextRequest) => { - if (!req.auth) { - return NextResponse.redirect(new URL('/login', req.url)); - } + const { pathname } = req.nextUrl; + // console.log('admin middleware requested path:', pathname); - if (req.auth.user?.role === 'ADMIN') { + const bypassRegex = /^\/(api|_next\/static|_next\/image|favicon\.ico|login|signup|admin-static).*$/; + + // console.log("Bypass regex test:", bypassRegex.test(pathname)); + + if (bypassRegex.test(pathname)) { + // console.log("Bypassing admin middleware for path:", pathname); return NextResponse.next(); } - // Otherwise, redirect to the student app. - const studentUrl = process.env.STUDENT_URL ?? 'http://localhost:3000'; + if (!req.auth) { + // admin login page should be under /admin/login so we stay on the same origin + return NextResponse.redirect(new URL('/admin/login', req.url)); + } + // console.log("ROLE: ", req.auth.user?.role) + if (req.auth.user?.role !== 'ADMIN') { + // Non-admins must go back to the student app at / + return NextResponse.redirect(new URL('/', req.url)); + } - return NextResponse.redirect(new URL(studentUrl, req.url)); + return NextResponse.next(); }); -export const config = { - matcher: ['/((?!api|_next/static|_next/image|favicon.ico|login).*)'], -}; +// export const config = { +// // only run admin middleware for /admin and its subpaths +// matcher: ['/admin/:path*'], +// }; + +// export const config = { +// matcher: [ +// // run for everything except api, _next static/image, favicon, login, signup +// '/((?!api|_next/static|_next/image|favicon.ico|login|signup).*)', +// ], +// }; diff --git a/apps/admin/next.config.mjs b/apps/admin/next.config.mjs index 0f9b693..5590850 100644 --- a/apps/admin/next.config.mjs +++ b/apps/admin/next.config.mjs @@ -7,6 +7,8 @@ const nextConfig = { transpilePackages: ['@workspace/ui', '@workspace/db'], output: 'standalone', outputFileTracingRoot: path.join(__dirname, '../../'), + assetPrefix: '/admin-static', + basePath: '/admin', }; export default nextConfig; diff --git a/apps/student/middleware.ts b/apps/student/middleware.ts index 836e69c..dc650b7 100644 --- a/apps/student/middleware.ts +++ b/apps/student/middleware.ts @@ -1,25 +1,39 @@ +// apps/student/middleware.ts import { auth } from '@/auth'; import { NextResponse, NextRequest } from 'next/server'; export default auth((req: NextRequest) => { + const { pathname } = req.nextUrl; + // console.log('student middleware requested path:', pathname); + + // If not authenticated -> login (student side) if (!req.auth) { return NextResponse.redirect(new URL('/login', req.url)); } - if (req.auth.user?.role === 'USER') { - if (!req.auth.user?.completedProfile && !req.nextUrl.pathname.startsWith('/signup')) { - const signupUrl = process.env.STUDENT_PROFILE_URL ?? 'http://localhost:3000/signup'; - return NextResponse.redirect(new URL(signupUrl, req.url)); - } + const role = req.auth.user?.role; + // If user is an ADMIN, prefer sending them to the admin area on the same origin + if (role === 'ADMIN') { + return NextResponse.redirect(new URL('/admin', req.url)); + } + + // Normal student flow + if (role === 'USER') { + if (!req.auth.user?.completedProfile && !pathname.startsWith('/signup')) { + return NextResponse.redirect(new URL('/signup', req.url)); + } return NextResponse.next(); } - const adminUrl = process.env.ADMIN_URL ?? 'http://localhost:3001'; - - return NextResponse.redirect(new URL(adminUrl, req.url)); + // Fallback + return NextResponse.redirect(new URL('/login', req.url)); }); +// IMPORTANT: exclude /admin from this matcher so student middleware never runs for /admin export const config = { - matcher: ['/((?!api|_next/static|_next/image|favicon.ico|login).*)'], + matcher: [ + // run for everything except api, _next static/image, favicon, login, signup, or admin + '/((?!api|_next/static|_next/image|favicon.ico|login|signup|admin).*)', + ], }; diff --git a/apps/student/next.config.mjs b/apps/student/next.config.mjs index 0f9b693..1a8e760 100644 --- a/apps/student/next.config.mjs +++ b/apps/student/next.config.mjs @@ -7,6 +7,22 @@ const nextConfig = { transpilePackages: ['@workspace/ui', '@workspace/db'], output: 'standalone', outputFileTracingRoot: path.join(__dirname, '../../'), + async rewrites() { + return [ + { + source: '/admin', + destination: `${process.env.ADMIN_DOMAIN}/admin`, + }, + { + source: '/admin/:path+', + destination: `${process.env.ADMIN_DOMAIN}/admin/:path+`, + }, + { + source: '/admin-static/:path+', + destination: `${process.env.ADMIN_DOMAIN}/admin-static/:path+`, + } + ]; +} }; export default nextConfig;