chore: update comment on middleware conditional use of auth

2024-03-28 06:48:56 +01:00
parent 4a64ea8e2e
commit f2fc73d2dc
1 changed files with 17 additions and 7 deletions
--- a/middleware.ts
+++ b/middleware.ts
@@ -83,16 +83,26 @@ export async function middleware(request: NextRequest) {
  const isProtectedRoute = protectedRoutes.includes(nextUrl.pathname)
  if (isProtectedRoute) {
    /**
-     * AppRouteHandlerFnContext is the context that is passed to the handler as the
-     * second argument.
+     * AppRouteHandlerFnContext is the context that is passed to the handler as
+     * the second argument. This is only done for Route handlers (route.js) and
+     * not for middleware.
     *
-     * type AppRouteHandlerFnContext = {
-     *  params?: Record<string, string | string[]>
-     * }
+     * Auth.js uses the same pattern for both Route handlers and Middleware,
+     * the auth()-wrapper:
     *
-     * We don't need it so just pass an empty object
+     *   auth((req) => { ... })
+     *
+     * But there is a difference between middleware and route handlers, route
+     * handlers get passed a context which middleware do not get. Using the
+     * same function for both works runtime because second argument is just
+     * undefined for middleware and Auth.js handles this properly. But fails in
+     * typings as the second argument doesn't exist for middleware.
+     *
+     * https://github.com/nextauthjs/next-auth/blob/3c035ec62f2f21d7cab65504ba83fb1a9a13be01/packages/next-auth/src/lib/index.ts#L265
+     * https://authjs.dev/reference/nextjs
     */
-    return authedMiddleware(request, {})
+    // @ts-expect-error: see above
+    return authedMiddleware(request)
  } else {
    return publiceMiddleware(request)
  }