Redirecting unauthenticated users with Protected Routes in the Next.js 13 App Directory

Показать описание

In this video, Jon Meyers show how to configure Server Components to use cookie-based Auth, making the user's session available before the first SSR render. This means we can implement Protected Routes that are only available to signed in users! 🚀

Additionally, he configures Middleware to automatically refresh expired access tokens, before loading our application routes.

00:00 Introduction
00:19 Why you need Protected Routes
00:41 Adding a page for Unauthenticated users
01:28 Redirect authenticated users to landing page
02:41 Protecting the landing page route from unauthenticated users
03:14 Add personalisation for users with a custom welcome message
03:46 Explanation of session expiration bug
04:37 Configuring Middleware to refresh expired sessions
05:36 Next up: Server-side Mutations with Server Actions

👇 Learn more about Supabase 👇

Supabase

Рекомендации по теме

Комментарии

auth is sooo important... this series is the best on planet... love you guys ❤

streamocu

@Supabase @JonMeyers Currently NextJS throws the error "DynamicServerError: Dynamic server usage: cookies" when you try to do this unless a) you do it on a page or layout, and b) you include the line "export const dynamic = 'force-dynamic';" in your page/layout file. I'm not entirely clear as to why this is happening, but it's made it much more complicated to call "supabase.auth.getUser()" from within my server-rendered <Navbar />

TeaganAtwater

You are amazing thanks man - was stuck on this weird issue but this video helped 🙏

rgm

This was an amazing 5 minutes. Wonderful explanation from Jon. Please continue to produce amazing content such as this one.

toomanyarguments

Love the tutorial! Precise and straight to the point. More videos on subscriptions and functions with supabase will be appreciated

emenikedaniel

This is such a bad way of implementing protected routes. Doing it this way, you would have to write repetitive code to check the authentication status. Use middleware or context provider instead.

madhavkummara

How would you implement the middleware using the @supabase/ssr package? As far as I can tell, there is no createMiddlewareClient() function in the ssr package

camilogonzalez

Does anyone know which VS Code theme is being used here?

silkodyssey

What browser you were using just curious

loribryant

Is it possible to immediately redirect the user to a login page once he opens the page? I want to make sure that he is either sent to the /dashboard route if he's logged in, or /login route if he's not.

tomasburian

is there any video how to reset pass cause i cant redirect to page update-password

basics-school

Okay, been following the whole course but how do you access UUID in your code (or otherwise append it to 'todos' in the db). Triggers aren't working for me :(

AltcoinAnalysis

when i deploy to vercel, my builld fails unless I add `export const dynamic - 'force-dynamic'; I assume this is as a result of the cookies? Would love to see a vid explaining this behaviour...

davebenjamin

You shouldn't refresh an expired session. You should only refresh when it's not expired to extend the expirey. You are basically allowing a session to always be valid which is bad security practice

jasongallavin

Kind of off-topic: but which browser are you using on 01:10?

victor.santos

I'm getting an error implementing this. Basically in Next.js pages router, I implemented middleware such that for protected routes, I automatically redirect users in the middleware. But this approach means that I need to add the redirect logic to every page where I want to redirect. It seems more repetative code here

AnindoSarker

Why not using the middleware for that ?

Grahfx

yes please do a google auth sign in and sign out.

appstuff

For me, the cookie doesn't do anything. I can log in fine, but if I try to getSession, it just returns null. I can see the cookie in devtools. Really not having much luck with nextjs app routes.

nageldev

Yeah... Which fields does a user (authenticated from some social login) has?

artu-hnrq

Redirecting unauthenticated users with Protected Routes in the Next.js 13 App Directory

Redirecting unauthenticated users with Protected Routes in the Next.js 13 App Directory

Redirecting Logged in Users

How to create Protected Routes and Authentication with React Router V6 2023

Protected Routes In Under 5 Minutes: Next.js

Better Protected Route Redirects

Next.js App Router Authentication (Sessions, Cookies, JWTs)

How to implement Protective Route in React. Redirect users to login page if not logged-in.

The Right Way to do Auth with the Next.js App Router - UPDATED

Customize Laravel Auth Redirect: From Login to Register

The Right Way to do Auth with the Next.js App Router!

Next.js 13 New App Directory: Authentication with Next-Auth | Next Auth | Client Component

Next.js Role-Based User Authorization & Access Control | Next Auth Protected Routes

Adding protected routes in Next (Next-Auth and getServerSideProps)

Lesson 17 - Blockstack + React - Redirect unauthenticated users

React Native Authentication Workflow

🔥 Private Routes in React JS | Managing Login pages | blogging application using React JS | Hindi

Middleware with Next.js 14 — Course part 12

Flutter Getx Middleware | Redirect User to Different Screens or Routes

Next.js 13 jwt authentication protected routes httpOnly cookie with App Directory

Protected Route in React JS | Latest Version : V6 | React Router in Tamil | Tamil Skillhub

Angular Router Guards for Firebase Users

MERN Authentication Tutorial #14 - Protecting API Routes

9. RBAC - How to redirect user back after login to the requested route.

Add Middleware to Routes in Next JS | Protected Routes Using Middleware in Next JS