Skip to content

Instantly share code, notes, and snippets.

@candidosales
Created January 14, 2025 00:04
Show Gist options
  • Save candidosales/4f862a49f56928824ffecf0524c94760 to your computer and use it in GitHub Desktop.
Save candidosales/4f862a49f56928824ffecf0524c94760 to your computer and use it in GitHub Desktop.
Payload CMS Middleware + Clerk
import { NextResponse } from 'next/server'
import type { NextRequest } from 'next/server'
import { verifyToken } from '@clerk/backend'
interface JwtPayload {
exp: number;
fva?: [number, number] | undefined;
iat: number;
iss: string;
nbf: number;
sid: string;
sub: string;
}
// This function can be marked `async` if using `await` inside
export async function middleware(request: NextRequest) {
const clerkToken = request.headers.get('x-clerk-session-token');
if (clerkToken) {
verifyClerkToken(clerkToken)
}
return NextResponse.next();
}
export const config = {
matcher: '/api/diagnosis/:function*',
}
// Reference: https://clerk.com/docs/references/backend/verify-token#parameters
const tokenIsValid = (payload: JwtPayload): boolean => {
return payload.exp && payload.iat && payload.iss && payload.nbf && payload.sid && payload.sub ? true : false;
}
// Only runs if the header contains `x-clerk-session-token`
const verifyClerkToken = async (clerkToken: string) => {
let resultToken = undefined;
try {
resultToken = await verifyToken(clerkToken, {
jwtKey: process.env.CLERK_JWT_KEY,
})
} catch (error) {
return Response.json({
"status": 401,
"clerkError": true,
"errors": [
{
"code": "unexpected_error",
"message": "Unexpected error.",
"longMessage": "Unexpected error.",
}
]
}, { status: 401 })
}
if (!tokenIsValid(resultToken)) {
return Response.json({
"status": 401,
"clerkError": true,
"errors": [
{
"code": "token_invalid",
"message": "Token invalid. User must sign in.",
"longMessage": "Token invalid. User must sign in.",
}
]
}, { status: 401 })
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment