Question 285287 in Javascript Question posted in
A very good W3school tutorial can be found here.

Javascript – How to get a session object in the server side in next.js 14?

I’m using the version of next.js 14 with its app routing feature and NextAuth.

I’m looking to secure the API but I’m getting a null object when using the getServerSession( authOptions ) method when requesting a protected endpoint with Postman at http://localhost:3000/api/user/clotdcsk0001kvjmg8bvbkxy7.

I tried passing a Bearer Token in the Authorization part of the request, which is the next-auth.session-token cookie, this makes posible to pass the middleware protection and hit the endpoint, but I’m not able to get the session object inside the GET method for custom logic.

Here is my /api/user/[id]/route.ts file.

export async function GET ( req : NextRequest, ds : DynamicSegment ) {

   const session = await getServerSession( options )

   console.log(session) //prints null
   
   // Custom logic to handle the request...
  
}

If I use the same approach of using the getServerSession method in a page.tsx file to get the session object it works fine (via the explorer). What I’m missing to make possible work with a session object when requesting from Postman?

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I found out that the cookie of the next-auth.session-token should be passed in the request, when calling from the browser or postman.

    let response = await fetch(`/api/users/${userId}`, {
  method: "GET",
  headers: { 
    "Content-Type": "application/json",
    "Cookie": `next-auth.session-token=${sessionToken};path=/;expires=Session`    
  },
   cache: 'no-store',
});

    Where sessionToken is the cookie value fetched from

    page.tsx

    import { cookies } from 'next/headers'
   
   // ...
   
   // Get sessionToken object
   const cookieStore = cookies()
   let sessionTokenCookie = cookieStore.get('next-auth.session-token')
   let sessionToken = sessionTokenCookie.value;

  2. 0

    you can try this

    // Next auth
export const handler = NextAuth(authOptions);
export { handler as GET, handler as POST };

// page.js 
import { authOptions } from "../api/auth/[...nextauth]/route";

const session = await getServerSession(authOptions);
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search