Nextjs 12 is released with a new feature called Middlewares. It allows us to run code before a request is completed. We can use this feature for protected routes.
Setting up
You can follow this repo for a simple setup.
Then create a new folder that groups all protected routes and create a _middleware.ts file. For example, I have named the folder user since it's all user personalized routes.
pages
│ _app.tsx
| index.tsx
│ ....
└───user
│ │ _middleware.ts
│ │ dashboard.tsx
│ │ settings.tsx
Add this code:
import jwt from "@tsndr/cloudflare-worker-jwt";
import { NextRequest, NextResponse } from "next/server";
/**
* Verifies the user's JWT token and returns the payload if
* it's valid or a response if it's not.
*/
export async function middleware(request: NextRequest) {
const token = request.cookies["sb:token"]; //'sb:token' is the default cookie name
if (!token || !(await jwt.verify(token, process.env.SUPABASE_JWT_SECRET!))) {
return NextResponse.redirect("/login", 302); // If a user is not authenticated (either no token was send, or the token is invalid) redirect the user to the homepage where they will be presented with a log-in screen
}
return NextResponse.next(); // continue the middleware chain https://nextjs.org/docs/api-reference/next/server#nextresponse
}
This code checks if the cookies set by supabase is valid.
And now dashboard, settingspages require authentication now without adding any code in them, or wrapping in HOC. 🎉
Top comments (0)