Add initial Portal version

src/middleware.ts

@@ -0,0 +1,43 @@
+import createIntlMiddleware from "next-intl/middleware";
+import { auth } from "@/lib/auth";
+import { NextResponse } from "next/server";
+import type { NextRequest } from "next/server";
+import { routing } from "@/i18n/routing";
+
+const intlMiddleware = createIntlMiddleware(routing);
+
+const publicPaths = ["/login", "/api/auth"];
+
+function isPublicPath(pathname: string): boolean {
+  // Strip locale prefix for comparison
+  const stripped = pathname.replace(/^\/(de|fr|it|en)/, "") || "/";
+  return (
+    publicPaths.some((p) => stripped === p || stripped.startsWith(`${p}/`)) ||
+    pathname.startsWith("/api/auth")
+  );
+}
+
+export default async function middleware(request: NextRequest) {
+  const { pathname } = request.nextUrl;
+
+  // NextAuth API routes pass through directly
+  if (pathname.startsWith("/api/auth")) {
+    return NextResponse.next();
+  }
+
+  // Auth guard for protected paths
+  if (!isPublicPath(pathname)) {
+    const session = await auth();
+    if (!session) {
+      const loginUrl = new URL("/login", request.url);
+      loginUrl.searchParams.set("callbackUrl", pathname);
+      return NextResponse.redirect(loginUrl);
+    }
+  }
+
+  return intlMiddleware(request);
+}
+
+export const config = {
+  matcher: ["/((?!_next|favicon.ico|api/auth).*)"],
+};