hi folks, can someone help me understand the backe...
# general
hi folks, can someone help me understand the backend auth a bit? I was following the docs https://supertokens.com/docs/thirdpartyemailpassword/nextjs/setting-up-backend and got confused around authenticating the APIs. do I need to create my APIs insider 'auth'?
Hey! So the frontend requires to call APIs for the auth to work. APIs like sign in, sign up, send password reset email etc... Our backend SDK exposes these APIs via the
function and they are to be exposed in
route. For example, the sign in API is
, the sign up API is
. So in this step, you are creating a file that will handle all
requests and pass the request to our middleware function which will detect the path and method and handle the API accordingly. \
oh, I see. so this has nothing to do with general API level authentication? I'm using nextjs, so now I need to write some middleware where I'll check the session and then allow the access? is my understanding correct?
We already have a middleware for that
it's called
thank you very very much