https://supertokens.com/ logo
Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Powered by
nextjs session verification
s

sahas

04/03/2023, 2:19 AM
Hi, I had to integrate auth into nextjs project which I don't have much experience on. I followed all the steps in documentation and got the login and sign ups working (it was super easy, cheers). But I'm unable to get the user ID in backend API handlers. I'm seeing the NextApiRequest which is default input for back-end APIs doesn't have a session object in it. Can you please help me with an example? The documentation stops just short of using session object in backend APIs
r

rp

04/03/2023, 5:24 AM
hey @sahas
To get the session object in your backend API handlers, you need to use the 
verifySession
middleware provided by SuperTokens. Here's an example of how you can use it in a Next.js API route: 
ts
import { superTokensNextWrapper } from 'supertokens-node/nextjs'
import { verifySession } from 'supertokens-node/recipe/session/framework/express'
import supertokens from 'supertokens-node'
import { backendConfig } from '../../../config/backendConfig'

supertokens.init(backendConfig())

export default async function user(req: any, res: any) {
    // we first verify the session
    await superTokensNextWrapper(
        async (next) => {
            return await verifySession()(req, res, next)
        },
        req, res
    )
    // if it comes here, it means that the session verification was successful


    return res.json({
        note:
            'Fetch any data from your application for authenticated user after using verifySession middleware',
        userId: req.session.getUserId(),
        sessionHandle: req.session.getHandle(),
        userDataInAccessToken: req.session.getAccessTokenPayload(),
    })
}
Docs link: https://supertokens.com/docs/emailpassword/nextjs/session-verification/in-api
supertokens-bot-test-case
#support-questionsJoin Discord
Powered by