Implementiere i18n für Frontend, Admin und Datenbank

2025-11-28 15:36:06 +01:00
parent 9df9a808bf
commit 771d0d06f3
37 changed files with 3717 additions and 560 deletions
--- a/middleware.ts
+++ b/middleware.ts
@@ -1,32 +1,30 @@
-import { NextResponse } from 'next/server';
+import createMiddleware from 'next-intl/middleware';
 import type { NextRequest } from 'next/server';

-export function middleware(request: NextRequest) {
-    const response = NextResponse.next();
+const i18nMiddleware = createMiddleware({
+    locales: ['de', 'en'],
+    defaultLocale: 'de',
+    // Wir nutzen überall Locale-Präfixe (`/de`, `/en`)
+    localePrefix: 'always'
+});

-    // Security Headers
+export default function middleware(request: NextRequest) {
+    // 1. i18n-Routing
+    const response = i18nMiddleware(request);
+
+    // 2. Security-Header ergänzen
    const headers = response.headers;

-    // Prevent clickjacking
    headers.set('X-Frame-Options', 'SAMEORIGIN');
-
-    // XSS Protection (legacy but still useful)
    headers.set('X-XSS-Protection', '1; mode=block');
-
-    // Prevent MIME type sniffing
    headers.set('X-Content-Type-Options', 'nosniff');
-
-    // Referrer Policy
    headers.set('Referrer-Policy', 'strict-origin-when-cross-origin');
-
-    // Permissions Policy (restrict features)
    headers.set('Permissions-Policy', 'camera=(), microphone=(), geolocation=()');

-    // Content Security Policy
    const csp = [
        "default-src 'self'",
-        "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://plausible.elpatron.me", // Next.js requires unsafe-inline/eval
-        "style-src 'self' 'unsafe-inline'", // Allow inline styles
+        "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://plausible.elpatron.me",
+        "style-src 'self' 'unsafe-inline'",
        "img-src 'self' data: blob:",
        "font-src 'self' data:",
        "connect-src 'self' https://openrouter.ai https://gotify.example.com https://plausible.elpatron.me",
@@ -38,15 +36,8 @@ export function middleware(request: NextRequest) {
    return response;
 }

-// Apply middleware to all routes
 export const config = {
-    matcher: [
-        /*
-         * Match all request paths except for the ones starting with:
-         * - _next/static (static files)
-         * - _next/image (image optimization files)
-         * - favicon.ico (favicon file)
-         */
-        '/((?!_next/static|_next/image|favicon.ico).*)',
-    ],
+    // Empfohlener Matcher aus der next-intl Doku:
+    // alle Routen außer _next, API und statischen Dateien
+    matcher: ['/((?!api|_next|.*\\..*).*)']
 };