import { NextRequest, NextResponse } from 'next/server'; export function proxy(request: NextRequest) { const { pathname } = request.nextUrl; // 从 Cookie 中检查用户的登录状态 const hasAccessToken = request.cookies.has("access_token"); if (pathname === "/welcome" || pathname === "/login") { return NextResponse.next(); } // 如果用户访问的是根路径 "/" if (pathname === "/") { if (hasAccessToken) { // 已登录:保持在 "/",但 Next.js 内部会去渲染 app/(dashboard)/page.tsx return NextResponse.next(); } else { // 未登录:重写(Rewrite)到 welcome 宣传页 return NextResponse.rewrite(new URL('/welcome', request.url)); } } // 保护受信任的内部路由,如果未登录用户尝试直接敲浏览器地址访问内部页面,直接拦住并踢回登录页 const isDashboardRoute = pathname.startsWith('/roleplay') || pathname.startsWith('/settings') || pathname.startsWith('/messages'); if (isDashboardRoute && !hasAccessToken) { return NextResponse.redirect(new URL('/login', request.url)); } return NextResponse.next(); } // 配置中间件的匹配路径,排除静态文件和 API export const config = { matcher: [ '/((?!api|_next/static|_next/image|favicon.ico|.*\\.svg$).*)', ], };