Cursor Prompt: Set Up Next.js Middleware

When to Use This Prompt

Use this when you need authentication protection, rate limiting, or security headers across your entire app.

The Prompt

Create Next.js middleware for this application:

1. Authentication check:
   - Verify JWT/session token on protected routes
   - Redirect unauthenticated users to /login
   - Allow public routes: /, /login, /signup, /api/auth/*, /api/public/*

2. Rate limiting:
   - Limit API routes to 100 requests per minute per IP
   - Return 429 Too Many Requests when exceeded
   - Use in-memory store (or Redis if available)

3. Security headers:
   - Add CSP, HSTS, X-Frame-Options headers
   - Block clickjacking and XSS

4. Geo-based routing (optional):
   - Detect country from request headers
   - Set locale cookie based on location

Create the middleware.ts file at the project root.

What to Customize

Adjust the protected/public route patterns to match your app structure. Remove rate limiting if not needed.

Expected Output

A middleware.ts file with authentication checks, rate limiting, and security headers. One file, ~100 lines.

Cursor Review Prompt Generator →