import { NextResponse } from 'next/server'; import type { NextRequest } from 'next/server'; export function middleware(request: NextRequest) { const response = NextResponse.next(); // Add pathname to headers for layout detection response.headers.set('x-pathname', request.nextUrl.pathname); // CORS handling const origin = request.headers.get('origin'); if (process.env.NODE_ENV === 'development') { response.headers.set('Access-Control-Allow-Origin', '*'); response.headers.set('Access-Control-Allow-Methods', 'GET, POST, OPTIONS'); response.headers.set('Access-Control-Allow-Headers', 'Content-Type, Authorization'); return response; } const allowedOrigins = process.env.ALLOWED_ORIGINS?.split(',') || []; if (origin && allowedOrigins.includes(origin)) { response.headers.set('Access-Control-Allow-Origin', origin); response.headers.set('Access-Control-Allow-Methods', 'GET, POST, OPTIONS'); response.headers.set('Access-Control-Allow-Headers', 'Content-Type, Authorization'); } return response; } export const config = { matcher: [ '/api/:path*', '/((?!_next/static|_next/image|favicon.ico).*)', ], };