import createMiddleware from 'next-intl/middleware'; import { type NextRequest, NextResponse } from 'next/server'; import { routing } from './src/i18n/routing'; import { COOKIE_NAMES } from './src/lib/cookies'; import { PUBLIC_PATHS, ROUTES } from './src/constants'; const intlMiddleware = createMiddleware(routing); function isTokenAlive(token?: string): boolean { if (!token) return false; try { const payload = JSON.parse(atob(token.split('.')[1])); return typeof payload.exp === 'number' && payload.exp * 1000 > Date.now(); } catch { return false; } } export default function middleware(request: NextRequest) { const i18nResponse = intlMiddleware(request); // If next-intl is issuing a locale normalization redirect, let it through immediately if (i18nResponse.status === 307 || i18nResponse.status === 308) { return i18nResponse; } const { pathname } = request.nextUrl; // Strip the locale segment to get the actual path (e.g. /fa/login → /login) const pathWithoutLocale = '/' + pathname.split('/').slice(2).join('/'); const isPublic = PUBLIC_PATHS.some((p) => pathWithoutLocale.startsWith(p)); if (!isPublic) { const token = request.cookies.get(COOKIE_NAMES.ACCESS_TOKEN)?.value; if (!isTokenAlive(token)) { const locale = request.cookies.get('NEXT_LOCALE')?.value ?? routing.defaultLocale; return NextResponse.redirect(new URL(`/${locale}${ROUTES.LOGIN}`, request.url)); } } return i18nResponse; } export const config = { // Match all pathnames except internal Next.js paths, API routes, and static files matcher: ['/((?!_next|_vercel|api|.*\\..*).*)'], };