Description
app/(auth)/login/page.tsx is a mock email/password form (admin@example.com/password) that pushes straight to /dashboard, the dashboard route group has no gate, and a repo-wide search confirms there is no middleware.ts, so every (dashboard) route is publicly reachable. Meanwhile context/WalletContext.tsx already persists connection state to localStorage and reconnects on mount. This issue introduces wallet-connection as the auth signal, establishes a session, and protects dashboard routes with middleware.
Requirements and context
- Add a Next.js
middleware.ts at the repo root that protects the (dashboard) routes and redirects unauthenticated visitors to /login, with a matcher covering the protected paths.
- Establish a session signal readable by middleware (an httpOnly cookie set after a successful wallet connect, since middleware cannot read
localStorage); update WalletContext/useWallet to set/clear it on connect/disconnect.
- Update
app/(auth)/login/page.tsx to support connecting a wallet as the primary sign-in path (it may keep the mock form behind a flag) and redirect to the originally requested route after auth.
- Non-functional: avoid client/server state drift between the cookie and persisted wallet state; clear the session on disconnect; do not expose secrets to the client; document the threat model and why a signed-message challenge is recommended as a follow-up.
- Keep
WalletProvider's existing localStorage reconnect working for UI hydration.
Acceptance criteria
Suggested execution
1. Fork the repo and create a branch — git checkout -b feature/wallet-auth-middleware.
2. Implement changes — new root middleware.ts, context/WalletContext.tsx, hooks/useWallet.hook.ts, app/(auth)/login/page.tsx.
3. Write/extend tests — Jest + React Testing Library with pnpm; unit-test the middleware decision function and the context session transitions with mocked cookies. Follow the existing Jest setup.
4. Test and commit —
pnpm install
pnpm type-check
pnpm test
pnpm build
Example commit message
feat(auth): protect dashboard routes with middleware and wallet-based session
Guidelines
- Aim for >=85% coverage on the new auth/middleware logic.
- Treat this as a security feature: document assumptions and limitations and keep the login flow accessible.
- Timeframe: 96 hours.
Description
app/(auth)/login/page.tsxis a mock email/password form (admin@example.com/password) that pushes straight to/dashboard, the dashboard route group has no gate, and a repo-wide search confirms there is nomiddleware.ts, so every(dashboard)route is publicly reachable. Meanwhilecontext/WalletContext.tsxalready persists connection state tolocalStorageand reconnects on mount. This issue introduces wallet-connection as the auth signal, establishes a session, and protects dashboard routes with middleware.Requirements and context
middleware.tsat the repo root that protects the(dashboard)routes and redirects unauthenticated visitors to/login, with amatchercovering the protected paths.localStorage); updateWalletContext/useWalletto set/clear it on connect/disconnect.app/(auth)/login/page.tsxto support connecting a wallet as the primary sign-in path (it may keep the mock form behind a flag) and redirect to the originally requested route after auth.WalletProvider's existinglocalStoragereconnect working for UI hydration.Acceptance criteria
middleware.tsredirects unauthenticated users away from(dashboard)routes to/login./loginoffers wallet connect as the primary sign-in and supports post-login redirect.Suggested execution
1. Fork the repo and create a branch —
git checkout -b feature/wallet-auth-middleware.2. Implement changes — new root
middleware.ts,context/WalletContext.tsx,hooks/useWallet.hook.ts,app/(auth)/login/page.tsx.3. Write/extend tests — Jest + React Testing Library with pnpm; unit-test the middleware decision function and the context session transitions with mocked cookies. Follow the existing Jest setup.
4. Test and commit —
pnpm install pnpm type-check pnpm test pnpm buildExample commit message
Guidelines