fix(next): migrate admin middleware to proxy convention

apps/admin/src/proxy.ts

@@ -0,0 +1,46 @@
+import { type NextRequest, NextResponse } from "next/server"
+
+import {
+  canAccessRoute,
+  getRequiredPermission,
+  isPublicRoute,
+  resolveRoleFromRequest,
+} from "@/lib/access"
+
+export function proxy(request: NextRequest) {
+  const { pathname } = request.nextUrl
+
+  if (isPublicRoute(pathname)) {
+    return NextResponse.next()
+  }
+
+  const role = resolveRoleFromRequest(request)
+
+  if (!role) {
+    const loginUrl = request.nextUrl.clone()
+    loginUrl.pathname = "/login"
+    loginUrl.searchParams.set("next", pathname)
+
+    return NextResponse.redirect(loginUrl)
+  }
+
+  if (!canAccessRoute(role, pathname)) {
+    const unauthorizedUrl = request.nextUrl.clone()
+    unauthorizedUrl.pathname = "/unauthorized"
+
+    const required = getRequiredPermission(pathname)
+    unauthorizedUrl.searchParams.set("required", required.permission)
+    unauthorizedUrl.searchParams.set("scope", required.scope)
+
+    return NextResponse.redirect(unauthorizedUrl)
+  }
+
+  const response = NextResponse.next()
+  response.headers.set("x-cms-role", role)
+
+  return response
+}
+
+export const config = {
+  matcher: ["/((?!_next/static|_next/image|favicon.ico).*)"],
+}