0

What would be a proper middleware to protect the pages /admin if the user does not have a session? Is it correct the name of the file "_middleware.js" and what should I write inside that file to protect the route?

-pages
----admin
-----_middleware.js
-----index.js

_middleware.js

export { default } from "next-auth/middleware";

Gives the error:

[next-auth][error][NO_SECRET] https://next-auth.js.org/errors#no_secret

.env

 SECRET_KEY="SECRET_KEY"

NEXTAUTH_URL = "http://localhost:3000"

NEXTAUTH_SECRET_KEY="SECRET_KEY"
n9p4
  • 304
  • 8
  • 34
  • Have you had a read through https://next-auth.js.org/configuration/nextjs#middleware? – juliomalves Feb 06 '22 at 16:37
  • @juliomalves Yes, but still gives me the error that I did not have set the secret this is printed in the console [next-auth][error][NO_SECRET] https://next-auth.js.org/errors#no_secret – n9p4 Feb 06 '22 at 16:45
  • 1
    The environment variable for the secret has to be named `NEXTAUTH_SECRET`. – juliomalves Feb 06 '22 at 16:54
  • 1
    @juliomalves, I fixed that but now is redirected to sign up every time, even then I have token Redirect to this: http://localhost:3000/auth/login?callbackUrl=http://localhost:3000/admin/categories – n9p4 Feb 06 '22 at 17:01

0 Answers0