Protect Your API - Next Auth Middleware

preview_player
Показать описание

In this video, we will look at how we can protect our API made with next js using middleware or to be specific next auth middleware.

Previous Video:
Next Auth Sign in With Credentials:

Other Next JS Related Videos

Social Media Links
  1. Full Stack Niraj
Рекомендации по теме
Protect Your API 0:08:05

Protect Your API - Next Auth Middleware

Next.js Tutorial - 0:04:11

Next.js Tutorial - 75 - Securing API Routes

5 JavaScript API 0:12:49

5 JavaScript API Key Mistakes (and how to fix them)

Protect Your API 0:41:40

Protect Your API With Rate Limiting | Full Guide (2024)

Next.js Protected API 0:15:00

Next.js Protected API Routes (with NextAuth)

NextJS 13 API 0:15:05

NextJS 13 API Routes: Better Than Expected!

Understanding The Fundamentals 0:09:41

Understanding The Fundamentals of API Security | How APIs are Attacked and How to Secure Them

How to Secure 0:00:45

How to Secure Your API Keys the Right Way

NestJS Middleware and 0:14:32

NestJS Middleware and Guards: A Deep Dive ( Day 11)

Developers, Secure your 0:18:04

Developers, Secure your API | Pynt

Securing Your APIs 0:31:36

Securing Your APIs with OAuth 2.0 - API Days

How to HIDE 0:04:27

How to HIDE Your API Keys in Python Projects

Your API Keys 0:09:26

Your API Keys are NOT SAFE in a native app 🤬

Hide an API 0:16:04

Hide an API Key | JavaScript Tutorial

Hide API Key 0:02:49

Hide API Key in client side on Firebase or other applications

Securing API Servers 1:09:44

Securing API Servers Course

Secure your API 0:24:31

Secure your API Gateway with Lambda Authorizer | Step by Step AWS Tutorial

How to Create 0:08:42

How to Create a Secure REST API with Node.js and Express

How to Hide 0:10:13

How to Hide & Protect API Keys in Your Android App (Reverse Engineering)

React Security - 0:02:07

React Security - Add an API Proxy

REST API Mistakes 0:11:58

REST API Mistakes Every Junior Developer should Avoid | clean-code

Learning Next.js 13 5:04:56

Learning Next.js 13 Beta - Part 4 - Secure API | Deploy to Vercel / MongoDB Atlas - Travel Log

RESTful APIs in 0:11:20

RESTful APIs in 100 Seconds // Build an API from Scratch with Node.js Express

How to hide 0:24:45

How to hide your API keys SAFELY when using React

Комментарии
Автор

Some of you have this concern, when you use ['/admin'] for matcher config. only the /admin is going to be private not all admin routes like /admin/posts. You can use ["/admin/:path*"] to restrict all of the admin path.

fsniraj
Автор

Simple, Easy to Understand,

Thank for so much Niraj for this video

faruksardar
Автор

AMAZING!! Simple, fast and understandable explanation

markkkkk
Автор

goddamn bro you are awesome !! you will go big soon <3 The voiceover is magic too 👍

ingolesubodh
Автор

Your next auth tutorials have been helpful and very straight forward, thanks.

wazzadev
Автор

Very clean and simple explanation. Thank You

BuntyWP
Автор

Very nice, just everything I was looking for.

vladsvyrydonov
Автор

This approach only works for JWT tokens at the moment, next-auth middleware dos not support session based auth.

Iacapuca
Автор

Thanks for the video. One question though, how could you use withAuth for multiple cases on middleware routes? After NextJS removed support for multiple middleware files, withAuth looks like pretty useless. Creating a standard NextJS middleware function and catching session and then applying rules is a better idea, am I right?

mertdr
Автор

Yes a fix,
Especially for a client website

tomyyoung
Автор

Can you declare matchers so that it matches all routes except /login?

antoniuneacsu
Автор

how you know that if authorized function returns true then the middleware gets triggered, I tested it with "return true" in the callback and it didn't fired the middleware

thebocksters
Автор

when deployed on vercel middleware is broken it just redirect to signin even i try login and successfully loggedin it do not consider protected routes of nextauth and always redirect to signin when i access them

himanshu
Автор

Hi. if the "pages" folder is nested in the "src" folder, which is located along with the middleware file in the root of the project, will the middleware work?

evgeniy
Автор

Hie Niraj great tut once again. I have a question. I have two tables a users and workspaces table linked by a one to many relationship. I would like to implement an onboarding experience whereby after the user is signed in I would like to check if that user has a workspace linked to his/her user account if not then redirect to the page where you can create the workspace. I'm failing to figure out how I can implement that in the middleware. I'm using postgre and prisma adapter by the way.

SSango-hksm
Автор

How do you get your VSCode to show the param definitions on hover for the jwt callback at 6:22? Having something like this in my ide would make my life much easier.

cdromance
Автор

how to change the redirect url when we try to access secured page without being authenticated

vatsalcodes
Автор

do one video of how to connect with an api and fetch users in login

Prathamesh-on
Автор

I'm running into the issues where role doesn't seem to exist in the (params.user?.role) callback function of [...nextauth].ts. I added it in the list of returns for a user but it still doesn't seem to exist. Has anyone else run into this issue?

rh
Автор

Hey Niraj, is it possible to user a matcher that works on dynamic pages that use a slug? Please help me with a solution if you know how to, Thanks!

deathdefier