Next.js Discord

Discord Forum

nextjs protect api route

Answered
Mike posted this in #help-forum
Open in Discord
Avatar
MikeOP
Hello, i know it in the old nextjs versions. But how i can protect a api route in the newest one? 

import { getServerSession } from "next-auth/next"
import { authOptions } from "../../auth/[...nextauth]/route";
import { NextResponse } from "next/server";

const handler = async (request) => {

    const session = await getServerSession(request, new NextResponse(), authOptions)

    if (session) {
        return Response.json({
            name: 'John Die'
         }, 
         {
           status: 200
         });
      } else {
        return Response.json({
            name: 'You are not authenticated'
         }, 
         {
           status: 401
         });
      }
}

export {handler as GET};


TypeError: res.getHeader is not a function
    at setCookie (webpack-internal:///(rsc)/./node_modules/next-auth/next/utils.js:15:47)
    at eval (webpack-internal:///(rsc)/./node_modules/next-auth/next/index.js:173:100)
    at Array.forEach (<anonymous>)
    at getServerSession (webpack-internal:///(rsc)/./node_modules/next-auth/next/index.js:173:61)
    at async handler (webpack-internal:///(rsc)/./app/api/profile/updatePassword/route.jsx:12:21)
    at async D:\MineLegends\minelegends-acp\node_modules\next\dist\compiled\next-server\app-route.runtime.dev.js:6:53238
    at async e_.execute (D:\MineLegends\minelegends-acp\node_modules\next\dist\compiled\next-server\app-route.runtime.dev.js:6:44501)
    at async e_.handle (D:\MineLegends\minelegends-acp\node_modules\next\dist\compiled\next-server\app-route.runtime.dev.js:6:54492)
    at async doRender (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\base-server.js:1372:42)
    at async cacheEntry.responseCache.get.routeKind (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\base-server.js:1594:28)
    at async DevServer.renderToResponseWithComponentsImpl (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\base-server.js:1502:28)
    at async DevServer.renderPageComponent (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\base-server.js:1919:24)
    at async DevServer.renderToResponseImpl (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\base-server.js:1957:32)
    at async DevServer.pipeImpl (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\base-server.js:915:25)
    at async NextNodeServer.handleCatchallRenderRequest (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\next-server.js:272:17)
    at async DevServer.handleRequestImpl (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\base-server.js:811:17)
    at async D:\MineLegends\minelegends-acp\node_modules\next\dist\server\dev\next-dev-server.js:339:20
    at async Span.traceAsyncFn (D:\MineLegends\minelegends-acp\node_modules\next\dist\trace\trace.js:154:20)
    at async DevServer.handleRequest (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\dev\next-dev-server.js:336:24)
    at async invokeRender (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\lib\router-server.js:174:21)
    at async handleRequest (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\lib\router-server.js:353:24)
    at async requestHandlerImpl (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\lib\router-server.js:377:13)
    at async Server.requestListener (D:\MineLegends\minelegends-acp\node_modules\next\dist\server\lib\start-server.js:141:13)
 GET /api/profile/updatePassword 500 in 279ms
Answered by linesofcode
const session = await getServerSession(nextAuthOptions);
View full answer

2 Replies

Avatar
linesofcode
const session = await getServerSession(nextAuthOptions);
Answer
Avatar
MikeOP
Thank you very much it works 🙂