so i put it like this?

this fixes it but what about this

the dot excludes the middleware file for somereason

Why would you put a dot there?

i just tested it and it worked it stopped my issue but i do not know why it works

Because the matcher defines what routes your middleware is being ran on. If the user is not authenticated, they will be sent to /login. Since you didn't exclude that route in your middleware, your middleware will again check if the user is authenticated and if not, they will send them to /login again over and over again

yes i get it but i mean the dot solution

.

that also stops the infinite loop but why o.o

also i would like not to exclude the login page

Because in RegEx, the dot matches everything so it will exclude every single route and therefore not run the middleware on anything (since you are using ?! aka a "negative lookahead")

if the user if autheticated should be redirected to the homepage

okei i see

Then check what path the user is on in your middleware

return NextResponse.redirect('/homepage'); tells me it has to be absolute path

is that normal

Oh, yeah

Forgot that

Add your env variable

The one you also use to redirect to login

why nexturl

does that mean its the redirect url

could it not just be .url

Next.js

hh

.url is just the full URL as a string I think. Since the request is of type NextRequest, which expands the normal Request type, it basically just added the nextUrl property

honestly the adding the login thing in the matcher feels like not the solution i try to explain why

regardless of which page i am i want this middleware to run including the login page

reason why is because i would like also protect the login page from being accessed if the user already is authenticated

.

i think i tried it but ill retry

wait

You maybe put it in the wrong place

And don't forget to add your env variable for the full URL

If you want, you can also just post the code here so that I or others can check

it works but

there is 2 console.logs

when i login

That's not where you put it XD

What you are doing rn is redirecting the user to the login, when they are logged in and trying to access the login

yea i just realised

You basically keep that

And add what I sent you above your check it the user is not authorized

Oh and to the other check you also add a check if they are on the login page because that was your original issue

So if (response.status === 401 && !request.nextUrl.pathname.startsWith('/login'))

anyways it crashes ill take a break to have a clear mind

This is still missing in your check if your user is unauthorized

Or you sent the wrong screenshot

yea wrong

wrong screenshot haha

No

i did add what you said only thing i changed was the 200

Delete the top part

On the bottom you have the check for 401

You just add the check fi the user is on the login route there

so delete first if statement

and keep second and third

i did that

and it did not work

Yeah

Because the last one is missing the login route check

It just needs a && !request.nextUrl.pathname.startsWith('/login')

not trying to be rude, but you can copy and paste this into chatGTP and get the answer 🤩

Yes, this looks fine

its sent by Robot God

tried chatgpt did not solve it

wow really, ive done the same thing and it was great

paste the solution here lets see

its the end of the day ill get back to it later smt still not working anyways atleast i am in the good path

If you tell us how it's not working, we can maybe help you

ill update this post later

okei after breathing a bit

this fixes it only question i wonder is why does it run twice the middleware

if i got to the /dashboard it only consoles logs once

same with login

Once for login and then once for dashboard after redirecting

but if i

i am already in the login page

so that the first console log

when i click that i get 2 more console logs

Ok, got it. What does the login button do?

good question xD

wait

this so thats maybe why xD

the refresh thing i forgot about it

why is this client side tho

could i not make it server?

Kind of

o there is another console.log

omg.........

but still it logs 2 times

the button for login makes somehow that behaviour

You can put a console.log(request.url) into your middleware to see exactly what routes are triggering it

Btw, have you ever looked into [NextAuth](https://www.npmjs.com/package/next-auth)?

looks like i get feed 2 docs when i refresh so thats maybe why

Nope

yea nextauth does not save sessions in database if i use credentials method

router.refresh does not really refresh the whole page which is why you keep your previous data

it was commented after i saw it

but still the 2 logs

maybe it has smt to do with npm run dev

.

It's probably your POST request to login and then your dashboard

Why do you need session strategy?

cuz i would like to invalidate sessions

if i ban a user or i want to log out a user from a device

jwt u cant

Makes sense. You can however implement your own logic to use database sessions or invalidate JWTs (as in blacklisting them)

now this is interesting

i think its because of this

the router thing pushes to the dashboard and because of that the middleware check again finds out that is auth an retriggers a redirect

so maybe i should check for this condition as well if it comes from a redirect or smt like that right?