From 1f70940dce160a32ddde456961d7b7fd0b1aed9b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Reinhard=20X=2E=20F=C3=BCrst?= <rexfue@gmail.com>
Date: Mon, 1 Jun 2026 16:02:42 +0200
Subject: [PATCH] =?UTF-8?q?fix:=20Middleware=20aktiviert=20=E2=80=94=20pro?=
 =?UTF-8?q?xy.ts=20=E2=86=92=20middleware.ts?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

proxy.ts wurde nie als Next.js-Middleware erkannt (falscher Dateiname,
falscher Exportname). Die mustChangePassword-Weiterleitung und der
Login-Guard liefen daher nie. Zusätzlich Fallback-Secret entfernt.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 proxy.ts => middleware.ts | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
 rename proxy.ts => middleware.ts (89%)

diff --git a/proxy.ts b/middleware.ts
similarity index 89%
rename from proxy.ts
rename to middleware.ts
index fcc7722..3cbef69 100644
--- a/proxy.ts
+++ b/middleware.ts
@@ -3,10 +3,11 @@ import type { NextRequest } from 'next/server';
 import { jwtVerify } from 'jose';
 
 const SESSION_COOKIE_NAME = 'logbuch_session';
-const secretKey = process.env.AUTH_SECRET || 'logbuch-secret-change-in-production';
+const secretKey = process.env.AUTH_SECRET;
+if (!secretKey) throw new Error('AUTH_SECRET Umgebungsvariable ist nicht gesetzt!');
 const key = new TextEncoder().encode(secretKey);
 
-export async function proxy(request: NextRequest) {
+export async function middleware(request: NextRequest) {
   const { pathname } = request.nextUrl;
 
   if (pathname.startsWith('/login') || pathname.startsWith('/_next') || pathname.startsWith('/favicon')) {