import { auth } from "@/lib/auth"; import { NextResponse } from "next/server"; export default auth((req) => { const { nextUrl } = req; const isLoggedIn = !!req.auth; const isAdminRoute = nextUrl.pathname.startsWith("/admin"); const isLoginPage = nextUrl.pathname === "/admin/login"; // Only the admin login page is public. Everything else under /admin // requires a NextAuth session. if (isAdminRoute && !isLoggedIn && !isLoginPage) { return NextResponse.redirect(new URL("/admin/login", nextUrl)); } if (isLoggedIn && isLoginPage) { return NextResponse.redirect(new URL("/admin/dashboard", nextUrl)); } return NextResponse.next(); }); export const config = { matcher: ["/admin/:path*"], };