Middleware Edge Cases Skill
Purpose
Prevent regressions in request routing, auth gating, and redirect behavior.
When to Use
- •
middleware.tschanges - •New protected routes
- •Redirect or auth logic updates
Inputs
- •
middleware.ts - •List of public and protected routes
- •Expected redirect targets
Outputs
- •Edge-case checklist under
.agent/artifacts/{conversation-id}/middleware_edge_cases.md - •Minimal code changes if bugs are found
Prerequisites
- •Ability to run the app locally
- •Known auth states (authenticated vs unauthenticated)
Tools & Availability
- •Local dev server
- •Browser or curl for route checks
Methodology
- •Enumerate protected and public routes.
- •Test unauthenticated access to protected routes (expect redirect/deny).
- •Test authenticated access to protected routes (expect allow).
- •Verify no redirect loops (repeat request twice).
- •Confirm static assets and API routes are unaffected.
Verification
- • Public routes stay accessible
- • Protected routes enforce auth consistently
- • No redirect loops observed
- • Static assets and API routes unaffected
Pass/Fail: Pass only if all checks above are satisfied.
Risks & Mitigations
- •Hidden route coverage gaps → keep a route list in outputs
- •Environment-specific auth → document auth assumptions