Reputation: 2138
How to protect specific route in next-auth
I'm building a simple client app with react and next-auth.
I want to protect only one route /secret and the rest of routes are all publicly accessible.
The top level of app is wrapped with SessionProvider:
import { SessionProvider } from "next-auth/react"
export default function MyApp({
Component,
pageProps: { session, ...pageProps },
}) {
return (
<SessionProvider session={session}>
<Component {...pageProps} />
</SessionProvider>
)
}
And I understood I can use useSession to check if user is signed in.
But I wonder how to protect one specific route: /secret. If I wrap only <Secret /> component with <SessionProvider>, I won't be able to access session from Secret component. Then how can I do that..?
Upvotes: 0
Views: 1722
Answers (1)
Reputation: 4033
You can use NextAuth's middleware, create a middleware.js file in your root directory (on previous Next.js versions, you had to create a _middleware.js file inside your pages folder) and add this:
export { default } from "next-auth/middleware"
export const config = { matcher: ["/your-secured-route"] }
If you don't add a config, then all routes will be protected by default.
Upvotes: 3
Related Questions
- How to protect routes in Next.js next-auth?
- Route guards in Next.js + react
- React + NextJS - Protected routes
- How to protect multiple routes from unauthorized access in Next.js using next-auth
- Next.js How to protect my website routes to authenticated users with NextAuth
- Protect Routes/Pages with NextJs
- Secure an API route without credentials
- Next.js client side protected routes without server side rendering
- How can I protect multiple Next.js API routes in next-auth
- Protecting routes with getServerSideProps