Protected Endpoints
Sometimes you may need to restrict access to a page to authenticated users only.
NextAuth is offering a very simple solution with Sessions:
import { getServerSession } from "next-auth/next";
...
export async function DELETE( request, { params }) {
const session = await getServerSession(authOptions);
if (!session || !session.user?.email) {
return new Response("Unauthorized", {
status: 401,
statusText: "Unauthorized",
});
}
...
}
Last updated