Add hasNot to redirects

[corysimmons]

Describe the feature you'd like to request

I'd love to be able to redirect people to a login page if hasNot: someAuthCookieKey...

has exists.

Describe the solution you'd like

Add a hasNot or just allow full-blown regex matching instead of only being able to match after xyz.

Describe alternatives you've considered

You can redirect from within the app, but I'm always torn about whether I should use next.config.js to do redirects or just manually do them from within the app. It feels like the next.config.js approach is better/faster, but running into weird things like this make me want to delete it and just roll everything from within components. :(

From googling this seems like a pretty common request where people are just like "It's not available. 🤷‍♂️" and it also seems pretty easy to add.

[balazsorban44]

Hi, Middleware might give you much more flexibility. https://nextjs.org/docs/middleware

Auth libraries like NextAuth.js can also wrap this for you, and make the configuration a single line in some cases: https://next-auth.js.org/configuration/nextjs#middleware

// Lock down your entire page
// pages/_middleware.js
export { default } from "next-auth/middleware"

//or
// Lock down your /admin/* pages, requiring a special role
// pages/admin/_middleware.js
import { withAuth } from "next-auth/middleware"

export default withAuth({
  callbacks: {
    authorized: ({ token }) => token?.role === "admin"
  }
})

[corysimmons]

Thank you, that is cleaner, but I'm still curious why hasNot (or just regex) isn't available in next.config.js redirect rules, but has is.

[laugharn]

#24650 I started this request for similar reasons. And while I might still take advantage of this if it existed, I largely agree with their reasoning for moving to middleware. I use has but I've never been thrilled with what I've written in my config, and feel like I have to put in a lot of work that would be easier with code than configuration. Caveat: I hate writing regex by hand.

[corysimmons]

Yeah, I think middleware-only, and trying to deprecate next.config.js redirects, is probably the right approach. I'll lean into it. Thanks.

---

Update: Middleware worked fine until it kept crashing my Vercel.com deployment with some EDGE_FUNC_INVOCATION error. After googling it appears middleware is still in beta.. 🤦 Back to the old clientside redirects.