Protected Endpoints

Sometimes you may need to restrict access to a page to authenticated users only.

NextAuth is offering a very simple solution with Sessions:

import { getServerSession } from "next-auth/next";

...

export async function DELETE( request, { params }) {
  const session = await getServerSession(authOptions);
  if (!session || !session.user?.email) {
    return new Response("Unauthorized", {
      status: 401,
      statusText: "Unauthorized",
    });
  }
  ...
}

PreviousAPI NextBlog

Last updated 5 months ago