plain jetty
I'm using my nest.js backend to my next.js frontend I already implemented the jwt authentication sending the token on the cookie, how can I handle the unauthorization on my protected pages, like this example of next.js middleware what approach can I use?
chrome violet
I'm using my nest.js backend to my next.js frontend I already implemented the `j...
nest has guards to protect a route
plain jetty
nest has [guards](https://docs.nestjs.com/guards) to protect a route
I mean on the frontend routes, what is the best approach, like getting a session from the backend then check on the frontend if there's no session redirect to login?
light harbor
You haven't properly set up your tokens (note it is plural). If you are using tokens, you should be setting two tokens, an access token and a refresh token. The refresh token acts like a session token. If you try to refresh the access token (via the refresh token) and get a 401 instead (because the refresh token is also expired/ invalid), then your frontend should redirect to the login page.
Or, if you stick to just the one token and use it as a session token (which isn't advisable), then when the one token is expired/ invalid, you also send out a 401 HTTP error and your frontend should redirect to the login page.
chrome violet
I mean on the frontend routes, what is the best approach, like getting a session...
oh that, i would add something like a /me route that returns the logged in user
and throw a 404 or something if not loggeed in
on the front end do a simple check if you got the user back or a error
chrome violet
I mean on the frontend routes, what is the best approach, like getting a session...
ps: the new season of "Mushoku Tensei" started, just saying