Securing all routes that starts with: /admin/* routes with middleware.ts using Next-Auth
Hello dear helpers and fellow coders!
Im trying to find out how I can add a middleware to my
T3 Application with mostly default settings that will only allow admins to visit all routes to /admin/*. Im using session strategy.
I found this: https://next-auth.js.org/tutorials/securing-pages-and-api-routes#nextjs-middleware and this https://next-auth.js.org/configuration/nextjs#wrap-middleware, but it says that only JWTis supported.
But how can I access the session.user.role value inside my middleware? I need that to be able to check if an user is admin. Anyone have an example of how to do this?Next.js | NextAuth.js
getServerSession
Securing pages and API routes | NextAuth.js
You can easily protect client and server side rendered pages and API routes with NextAuth.js.
3 Replies