~20 min · auth gate, geo, A/B testing
Session cookie read. Sign-out user 를 protected path 에서 redirect, sign-in user 를 /login 에서 redirect.
Vercel 이 country / region / city 가진 request.geo 노출. 첫 hit 에 locale-specific path 로 redirect.
첫 visit 에 variant 고르는 cookie 설정. 후속 request 가 cookie read 하고 그에 맞게 route. Bucket 이 server state 없이 navigation 너머로 살아남음.
Security header, request ID, downstream code 가 read 가능한 feature-flag header 추가.
import { NextRequest, NextResponse } from 'next/server';
export function proxy(request: NextRequest) {
const session = request.cookies.get('session');
const isAuth = request.nextUrl.pathname.startsWith('/login');
const isProtected = request.nextUrl.pathname.startsWith('/app');
if (isProtected && !session) {
return NextResponse.redirect(new URL('/login', request.url));
}
if (isAuth && session) {
return NextResponse.redirect(new URL('/app', request.url));
}
return NextResponse.next();
}export function proxy(request: NextRequest) {
const country = request.geo?.country ?? 'US';
if (country === 'KR' && !request.nextUrl.pathname.startsWith('/ko')) {
return NextResponse.redirect(new URL('/ko' + request.nextUrl.pathname, request.url));
}
return NextResponse.next();
}export function proxy(request: NextRequest) {
const bucket = request.cookies.get('ab')?.value;
const res = NextResponse.next();
if (!bucket) {
res.cookies.set('ab', Math.random() < 0.5 ? 'A' : 'B', {
maxAge: 60 * 60 * 24 * 30,
httpOnly: true,
});
}
return res;
}proxy.ts 에 동작 셋 추가: auth gate, security header injection (예: CSP), A/B cookie. 각각 curl 로 검증.아직 댓글이 없어요. 첫 댓글을 남겨보세요.