SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Hi supertokens, I was wondering about the best ways of protecting frontend routes on a nextJS app. I see there are methods one can call on `Session` that is imported from `supertokens-auth-react/recipe/session` or use the hook `useSessionContext()` to get `.loading` and `.doesSessionexist` props. Our app will require authentication based on roles, as we plan to have multiple groups of routes with different authorization. For this I see one can use `.validateClaims` on `Session`. **Basically, is there any functional difference between using the import and the hook? Which one is better?** If we make API calls to a second backend that requires accessToken for verification, should we use `.getAccessToken()` on `Session` or extract it from the hook?

The above all relies on clientside, but say we want to move role based auth check in a server component, how would that work? I see there's a helper function to get session on server in the docs. **Am I right in thinking that if I retrieve this session on  the server, I can perform the same role+permission checks in a server component as above?** 

Would appreciate guidance on this. Thank you!