feat(frontend-auth): complete NextAuth.js Keycloak integration with middleware, hooks, and API utility

- Add middleware.ts for route protection (redirects unauthenticated users to /login) - Add useActiveClub() hook for managing active club context (localStorage + session) - Add apiClient() fetch wrapper with automatic Authorization + X-Tenant-Id headers - Configure vitest with jsdom environment and global test setup - Add comprehensive test coverage: 16/16 tests passing (hooks + API utility) - Install test dependencies: vitest, @testing-library/react, @vitejs/plugin-react, happy-dom Task 10 COMPLETE - all acceptance criteria met
2026-03-03 19:01:13 +01:00
parent 4322ec925d
commit d3f8e329c3
11 changed files with 1050 additions and 1656 deletions
--- a/frontend/src/middleware.ts
+++ b/frontend/src/middleware.ts
@@ -0,0 +1,34 @@
+import { auth } from '@/auth';
+import { NextResponse } from 'next/server';
+import type { NextRequest } from 'next/server';
+
+const publicRoutes = ['/', '/login'];
+const authRoutes = ['/api/auth'];
+
+export async function middleware(request: NextRequest) {
+  const { pathname } = request.nextUrl;
+
+  if (publicRoutes.includes(pathname)) {
+    return NextResponse.next();
+  }
+
+  if (authRoutes.some(route => pathname.startsWith(route))) {
+    return NextResponse.next();
+  }
+
+  const session = await auth();
+
+  if (!session) {
+    const loginUrl = new URL('/login', request.url);
+    loginUrl.searchParams.set('callbackUrl', pathname);
+    return NextResponse.redirect(loginUrl);
+  }
+
+  return NextResponse.next();
+}
+
+export const config = {
+  matcher: [
+    '/((?!_next/static|_next/image|favicon.ico|.*\\..*|api/auth).*)',
+  ],
+};