Some of you have this concern, when you use ['/admin'] for matcher config. only the /admin is going to be private not all admin routes like /admin/posts. You can use ["/admin/:path*"] to restrict all of the admin path.

AMAZING!! Simple, fast and understandable explanation

Your next auth tutorials have been helpful and very straight forward, thanks.

Very nice, just everything I was looking for.

How do you get your VSCode to show the param definitions on hover for the jwt callback at 6:22? Having something like this in my ide would make my life much easier.

Can you declare matchers so that it matches all routes except /login?

Simple, Easy to Understand, Thank for so much Niraj for this video

This approach only works for JWT tokens at the moment, next-auth middleware dos not support session based auth.

Very clean and simple explanation. Thank You

goddamn bro you are awesome !! you will go big soon

how you know that if authorized function returns true then the middleware gets triggered, I tested it with "return true" in the callback and it didn't fired the middleware

when deployed on vercel middleware is broken it just redirect to signin even i try login and successfully loggedin it do not consider protected routes of nextauth and always redirect to signin when i access them

Thanks for the video. One question though, how could you use withAuth for multiple cases on middleware routes? After NextJS removed support for multiple middleware files, withAuth looks like pretty useless. Creating a standard NextJS middleware function and catching session and then applying rules is a better idea, am I right?

how to change the redirect url when we try to access secured page without being authenticated

Hey Niraj, is it possible to user a matcher that works on dynamic pages that use a slug? Please help me with a solution if you know how to, Thanks!

I have added this to export const config = { matcher: ["/shop/portal/:path*"] }. But, when I try to access/shop/portal I get "TypeError: Class extends value undefined is not a constructor or null". Can anybody help?

how do you authenticate users if they want to login with gmail or github for example?

Possible to further the next episode with Prisma mongo?

I'm running into the issues where role doesn't seem to exist in the (params.user?.role) callback function of [...nextauth].ts. I added it in the list of returns for a user but it still doesn't seem to exist. Has anyone else run into this issue?

Thx for awesome tutorial sir. My problem is that i added exactly these two lines on my middleware.js on root folder export { default } from "next-auth/middleware" export const config = { matcher: ["/", "/admin/privilages/dashboard"] } and i can still visit these pages..... its like middleware doesnt woek at all. any idea why. ty in advance!

Awesome video, man! many thanks :)

Hi. if the "pages" folder is nested in the "src" folder, which is located along with the middleware file in the root of the project, will the middleware work?

I'm using Rails devise-jwt as my backend, and I'm trying to figure out how to take the JWT created by my backend and use it in my Next client...

Thanks for the simplified explanation. At 6:46 can we add more user roles and redirect to different routes?

Hie Niraj great tut once again. I have a question. I have two tables a users and workspaces table linked by a one to many relationship. I would like to implement an onboarding experience whereby after the user is signed in I would like to check if that user has a workspace linked to his/her user account if not then redirect to the page where you can create the workspace. I'm failing to figure out how I can implement that in the middleware. I'm using postgre and prisma adapter by the way.

But i can still go to /signup page or /signin page, how to prevent from visiting this routes when being authenticated?

in this example, no matter which page you go to, if you are an admin, the url will be rewritten to admin page. In other words, no matter which page you go to, it will always show the admin page?

I have a question, what if you want to make some routes admin protected and others basic user protected routes?

the jwt callback is not working for me the roles is there when i console log the params object but not in the response after signing in

Yes a fix, Especially for a client website

do one video of how to connect with an api and fetch users in login

2 days looking for solution thank you

Hi. Is there any way to prevent user not to go admin pages and also prevent admin for go to user pages. I don't wanna make folder for each user and check startwith [ if(url.startwith('/admin')) ] the example given in google. Please help if you can. I'm new to nextjs.

Wow, great video

Hi, please implement with next js 13

thanks

why among indians pronouncing "sh" correctly is a huge issue?

"Go to hell" 😂