feat: add sitemap, robots.txt, and authentication middleware for SEO and routing control

itsshiva78 · itsshiva78 · commit b080eb840206 · 2026-04-23T20:44:58.000+05:30
diff --git a/src/app/robots.ts b/src/app/robots.ts
@@ -5,7 +5,7 @@ export default function robots(): MetadataRoute.Robots {
     rules: {
       userAgent: '*',
       allow: '/',
-      disallow: ['/dashboard', '/api/', '/_next/', '/private/'],
+      disallow: ['/dashboard', '/api/', '/_next/', '/private/', '/sign-in', '/sign-up', '/verify'],
     },
     sitemap: 'https://www.whispers-within.in/sitemap.xml',
   }
diff --git a/src/app/sitemap.ts b/src/app/sitemap.ts
@@ -67,12 +67,8 @@ export default async function sitemap(): Promise<MetadataRoute.Sitemap> {
       changeFrequency: 'monthly',
       priority: 0.7,
     },
-    {
-      url: `${baseUrl}/confessions`,
-      lastModified: new Date(),
-      changeFrequency: 'daily',
-      priority: 0.8,
-    },
+    // NOTE: /confessions is excluded from sitemap because its layout sets
+    // robots: { index: false }. Including it here would send conflicting signals.
     {
       url: `${baseUrl}/privacy`,
       lastModified: new Date(),
diff --git a/src/middleware.ts b/src/middleware.ts
@@ -1,17 +1,18 @@
 import { NextRequest, NextResponse } from 'next/server';
 import { getToken } from 'next-auth/jwt';
-export { default } from 'next-auth/middleware';
 
 export const config = {
-  matcher: ['/dashboard/:path*', '/sign-in', '/sign-up', '/', '/verify/:path*'],
+  // Only match routes that genuinely need auth checks.
+  // Public pages (/, /about, /blog, /faq, /contact, /confessions, /privacy, /terms, /u/*)
+  // must NOT be in this list — Googlebot needs to crawl them without redirects.
+  matcher: ['/dashboard/:path*', '/sign-in', '/sign-up', '/verify/:path*'],
 };
 
 export async function middleware(request: NextRequest) {
   const token = await getToken({ req: request });
   const url = request.nextUrl;
 
-  // Redirect to dashboard if the user is already authenticated
-  // and trying to access sign-in, sign-up, or home page
+  // Redirect authenticated users away from auth pages to dashboard
   if (
     token &&
     (url.pathname.startsWith('/sign-in') ||
@@ -21,6 +22,7 @@ export async function middleware(request: NextRequest) {
     return NextResponse.redirect(new URL('/dashboard', request.url));
   }
 
+  // Redirect unauthenticated users away from dashboard to sign-in
   if (!token && url.pathname.startsWith('/dashboard')) {
     return NextResponse.redirect(new URL('/sign-in', request.url));
   }

Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@ export default function robots(): MetadataRoute.Robots {`
`5`	`5`	`rules: {`
`6`	`6`	`userAgent: '*',`
`7`	`7`	`allow: '/',`
`8`		`- disallow: ['/dashboard', '/api/', '/_next/', '/private/'],`
	`8`	`+ disallow: ['/dashboard', '/api/', '/_next/', '/private/', '/sign-in', '/sign-up', '/verify'],`
`9`	`9`	`},`
`10`	`10`	`sitemap: 'https://www.whispers-within.in/sitemap.xml',`
`11`	`11`	`}`