andrei/biblical-guide.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fb4959a55083cd44e31970957a106ee19641be0b
biblical-guide.com/middleware.ts
Andrei 39b6899315 Complete admin dashboard implementation with comprehensive features 
🚀 Major Update: v2.0.0 - Complete Administrative Dashboard

## Phase 1: Dashboard Overview & Authentication 
- Secure admin authentication with JWT tokens
- Beautiful overview dashboard with key metrics
- Role-based access control (admin, moderator permissions)
- Professional MUI design with responsive layout

## Phase 2: User Management & Content Moderation 
- Complete user management with advanced data grid
- Prayer request content moderation system
- User actions: view, suspend, activate, promote, delete
- Content approval/rejection workflows

## Phase 3: Analytics Dashboard 
- Comprehensive analytics with interactive charts (Recharts)
- User activity analytics with retention tracking
- Content engagement metrics and trends
- Real-time statistics and performance monitoring

## Phase 4: Chat Monitoring & System Administration 
- Advanced conversation monitoring with content analysis
- System health monitoring and backup management
- Security oversight and automated alerts
- Complete administrative control panel

## Key Features Added:
 **32 new API endpoints** for complete admin functionality
 **Material-UI DataGrid** with advanced filtering and pagination
 **Interactive Charts** using Recharts library
 **Real-time Monitoring** with auto-refresh capabilities
 **System Health Dashboard** with performance metrics
 **Database Backup System** with automated scheduling
 **Content Filtering** with automated moderation alerts
 **Role-based Permissions** with granular access control
 **Professional UI/UX** with consistent MUI design
 **Visit Website Button** in admin header for easy navigation

## Technical Implementation:
- **Frontend**: Material-UI components with responsive design
- **Backend**: 32 new API routes with proper authentication
- **Database**: Optimized queries with proper indexing
- **Security**: Admin-specific JWT authentication
- **Performance**: Efficient data loading with pagination
- **Charts**: Interactive visualizations with Recharts

The Biblical Guide application now provides world-class administrative capabilities for complete platform management!

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-23 12:01:34 +00:00

89 lines
3.0 KiB
TypeScript
Raw Blame History

import { NextResponse } from 'next/server'
import type { NextRequest } from 'next/server'
import createIntlMiddleware from 'next-intl/middleware'
import { locales } from './i18n'
// Internationalization configuration
const intlMiddleware = createIntlMiddleware({
locales: [...locales],
defaultLocale: 'en',
localePrefix: 'always'
})
// Note: Avoid using Prisma or any Node-only APIs in Middleware.
// Middleware runs on the Edge runtime, where Prisma is not supported.
// If rate limiting is needed, implement it inside API route handlers
// (Node.js runtime) or via an external service (e.g., Upstash Redis).
export async function middleware(request: NextRequest) {
// Skip admin routes from internationalization
if (request.nextUrl.pathname.startsWith('/admin')) {
return NextResponse.next()
}
// Handle internationalization for non-API routes
if (!request.nextUrl.pathname.startsWith('/api')) {
return intlMiddleware(request)
}
// Skip API rate limiting here to stay Edge-safe
// Security headers for all responses
const response = NextResponse.next()
// Security headers
response.headers.set('X-Content-Type-Options', 'nosniff')
response.headers.set('X-Frame-Options', 'DENY')
response.headers.set('X-XSS-Protection', '1; mode=block')
response.headers.set('Referrer-Policy', 'origin-when-cross-origin')
response.headers.set('Permissions-Policy', 'camera=(), microphone=(), geolocation=()')
// CSRF protection for state-changing operations
if (['POST', 'PUT', 'DELETE', 'PATCH'].includes(request.method)) {
const origin = request.headers.get('origin')
const host = request.headers.get('host')
if (origin && host && !origin.endsWith(host)) {
return new NextResponse('Forbidden', { status: 403 })
}
}
// Authentication: perform only lightweight checks in Middleware (Edge).
// Defer full JWT verification to API route handlers (Node runtime).
const protectedPaths = ['/dashboard', '/profile', '/settings']
const isProtectedPath = protectedPaths.some(path =>
request.nextUrl.pathname.startsWith(path)
)
if (isProtectedPath) {
const token = request.cookies.get('authToken')?.value ||
request.headers.get('authorization')?.replace('Bearer ', '')
if (!token) {
// Extract locale from pathname for redirect
const locale = request.nextUrl.pathname.split('/')[1]
const isValidLocale = ['ro', 'en'].includes(locale)
const redirectLocale = isValidLocale ? locale : 'en'
return NextResponse.redirect(new URL(`/${redirectLocale}/auth/login`, request.url))
}
}
return response
}
export const config = {
matcher: [
// Match all pathnames except for
// - api routes
// - admin routes
// - _next (Next.js internals)
// - _vercel
// - static files (images, etc.)
// - favicon.ico, robots.txt, sitemap.xml
'/((?!api|admin|_next|_vercel|.*\\..*|favicon.ico|robots.txt|sitemap.xml).*)',
// Match internationalized pathnames
'/(ro|en)/:path*'
],
}
Reference in New Issue View Git Blame Copy Permalink