crush-level-web/src/proxy.ts

import { NextResponse } from "next/server";
import type { NextRequest } from "next/server";

// 需要认证的路由
const protectedRoutes = [
  "/profile",
  "/profile/account",
  "/profile/edit",
  "/create",
  "/settings",
  "/login/fields",
  "/chat",
  "/contact",
  "/vip",
  "/wallet",
  "/wallet/transactions",
  "/crushcoin",
];

// 已登录用户不应该访问的路由
const authRoutes = ["/login"];

const DEVICE_ID_COOKIE_NAME = "sd";

// 生成设备ID
function generateDeviceId(userAgent?: string): string {
  const timestamp = Date.now().toString(36);
  const randomStr = Math.random().toString(36).substring(2, 15);
  const browserInfo = userAgent ? userAgent.replace(/\s/g, "").substring(0, 10) : "server";

  return `did_${timestamp}_${randomStr}_${browserInfo}`.toLowerCase();
}

export default function middleware(request: NextRequest) {
  const { pathname } = request.nextUrl;
  // console.log('🔄 [MIDDLEWARE] 开始处理路径:', pathname)
  // console.log('🔄 [MIDDLEWARE] 请求方法:', request.method)
  // console.log('🔄 [MIDDLEWARE] User-Agent:', request.headers.get('user-agent')?.substring(0, 50))
  // console.log('🔄 [MIDDLEWARE] 请求头:', Object.fromEntries(request.headers.entries()))

  // 获取现有设备ID
  let deviceId = request.cookies.get(DEVICE_ID_COOKIE_NAME)?.value;
  let needSetCookie = false;

  if (!deviceId) {
    // 生成新的设备ID
    const userAgent = request.headers.get("user-agent") || undefined;
    deviceId = generateDeviceId(userAgent);
    needSetCookie = true;
    // console.log('🆕 [MIDDLEWARE] 生成新设备ID:', deviceId)
  } else {
    console.log("✅ [MIDDLEWARE] 获取现有设备ID:", deviceId);
  }

  // 认证逻辑
  const token = request.cookies.get("st")?.value;
  const isAuthenticated = !!token;
  const isProtectedRoute = protectedRoutes.some((route) => pathname.startsWith(route));
  const isAuthRoute = authRoutes.some(
    (route) => pathname.startsWith(route) && !pathname.startsWith("/login/fields")
  );

  // console.log('🔑 [MIDDLEWARE] 认证状态:', {
  //   isAuthenticated,
  //   pathname,
  //   isProtectedRoute,
  //   isAuthRoute,
  //   token: token ? '存在' : '不存在'
  // });

  // 如果是受保护的路由但用户未登录，重定向到登录页
  if (isProtectedRoute && !isAuthenticated) {
    console.log("🚫 [MIDDLEWARE] 重定向到登录页:", pathname);
    const loginUrl = new URL("/login", request.url);
    loginUrl.searchParams.set("redirect", pathname);
    return NextResponse.redirect(loginUrl);
  }

  // 如果已登录用户访问认证页面，重定向到首页
  if (isAuthRoute && isAuthenticated) {
    console.log("🔄 [MIDDLEWARE] 已登录用户重定向到首页:", pathname);
    return NextResponse.redirect(new URL("/", request.url));
  }

  // 在请求头中添加认证状态和设备ID，供服务端组件使用
  const requestHeaders = new Headers(request.headers);
  requestHeaders.set("x-authenticated", isAuthenticated.toString());
  requestHeaders.set("x-device-id", deviceId); // 确保设备ID被传递

  if (token) {
    requestHeaders.set("x-auth-token", token);
  }
  // 创建响应
  const response = NextResponse.next({
    request: {
      headers: requestHeaders,
    },
  });

  // 如果需要设置设备ID cookie
  if (needSetCookie) {
    response.cookies.set(DEVICE_ID_COOKIE_NAME, deviceId, {
      maxAge: 365 * 24 * 60 * 60, // 365天
      httpOnly: false,
      secure: process.env.NODE_ENV === "production",
      sameSite: "lax",
      path: "/",
    });
  }

  if (pathname.startsWith("/@")) {
    const userId = pathname.slice(2); // 去掉/@
    return NextResponse.rewrite(new URL(`/user/${userId}`, request.url));
  }

  console.log("✅ [MIDDLEWARE] 成功处理完毕:", pathname);
  return response;
}

export const config = {
  matcher: [
    // 匹配所有路径，除了静态文件和API路由
    "/((?!api|_next/static|_next/image|favicon.ico|public).*)",
  ],
};