From 57737f5a031c0e944213cbc1b0f39c32cb8a7ddd Mon Sep 17 00:00:00 2001
From: gibbyb <gib@gibbyb.com>
Date: Thu, 28 Aug 2025 16:14:45 -0500
Subject: [PATCH] Last commit on template. Moving to tech tracker

---
 src/middleware.ts | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/middleware.ts b/src/middleware.ts
index 405f0cd..bac89fb 100644
--- a/src/middleware.ts
+++ b/src/middleware.ts
@@ -3,11 +3,14 @@ import {
   createRouteMatcher,
   nextjsMiddlewareRedirect,
 } from '@convex-dev/auth/nextjs/server';
+import { banSuspiciousIPs } from '@/lib/middleware/ban-suspicious-ips';
 
 const isSignInPage = createRouteMatcher(['/signin']);
 const isProtectedRoute = createRouteMatcher(['/', '/server']);
 
 export default convexAuthNextjsMiddleware(async (request, { convexAuth }) => {
+  const banResponse = banSuspiciousIPs(request);
+  if (banResponse) return banResponse;
   if (isSignInPage(request) && (await convexAuth.isAuthenticated())) {
     return nextjsMiddlewareRedirect(request, '/');
   }
@@ -19,5 +22,8 @@ export default convexAuthNextjsMiddleware(async (request, { convexAuth }) => {
 export const config = {
   // The following matcher runs middleware on all routes
   // except static assets.
-  matcher: ['/((?!.*\\..*|_next).*)', '/', '/(api|trpc)(.*)'],
+  matcher: [
+    '/((?!_next/static|_next/image|favicon.ico|monitoring-tunnel|.*\\.(?:svg|png|jpg|jpeg|gif|webp)$).*)',
+    '/((?!.*\\..*|_next).*)', '/', '/(api|trpc)(.*)'
+  ],
 };