From the course: Master React 19 and Next.js 16 with Hands-On Projects and Real-World Applications
Join today to access over 25,200 courses taught by industry experts.
Next.js 16 middleware: Restrict admin page
From the course: Master React 19 and Next.js 16 with Hands-On Projects and Real-World Applications
Next.js 16 middleware: Restrict admin page
Hello and welcome! In this session, I'm going to guide you through using Next.js middleware to protect a specific admin-only page in your application. The goal is to ensure that only users who are both logged in and have administrative privileges can access sensitive routes. We will build a piece of middleware that inspects incoming requests, checks the user's authentication status using NextAuth.js and then verifies their authorization by checking for an admin flag in their session token. This is a fundamental security practice for any application with different user roles. Let's scroll down just above our last return statement inside the proxy function. Okay, let's add the main structure for our admin route check. I am adding a new if statement that checks our isAdminRoute boolean. As you'll recall, this variable becomes true if the user is trying to access a path that starts with anything in our admin paths array, like debug.db. By placing this if block here, I am creating a…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
(Locked)
Introduction to Next.js and project setup15m 30s
-
(Locked)
File-based routing and navigation5m 57s
-
(Locked)
Layouts vs. old custom app component9m 9s
-
(Locked)
Nested layout3m 59s
-
(Locked)
Next.js 16: SSR / ISR / SSG16m 41s
-
(Locked)
Client components and server components9m 54s
-
(Locked)
Passing data from server to client components6m 37s
-
(Locked)
Interleaving server and client components11m 40s
-
(Locked)
Context providers19m 22s
-
(Locked)
Third-party components16m 7s
-
(Locked)
Next.js 16 API routes and fullstack features30m 28s
-
(Locked)
Using a database in Next.js (fullstack data persistence)11m 40s
-
(Locked)
Server-sent events in Next.js (SSE)20m 59s
-
(Locked)
Database relationships (users + messages)17m 42s
-
(Locked)
Building a functional contact form31m 13s
-
(Locked)
Server actions, a powerful Next.js feature11m 27s
-
(Locked)
Add metadata to client and server components9m 24s
-
(Locked)
Build a database viewer19m 30s
-
(Locked)
Build a courses table and seed it with courses data8m 43s
-
(Locked)
Switching from API to database data + image optimization17m 34s
-
(Locked)
Next.js params15m 40s
-
(Locked)
Authentication: Users table creation and seeding15m 47s
-
(Locked)
Authentication: Configuration with JWT26m 35s
-
(Locked)
Authentication: Building an auth-aware navigation bar20m 6s
-
(Locked)
Authentication: Login27m 13s
-
(Locked)
Authentication: Signup28m 9s
-
(Locked)
Authentication: Email verification11m 54s
-
(Locked)
Authentication: Restrict pages6m 51s
-
(Locked)
Authentication: Password reset37m 43s
-
(Locked)
Authentication: Google login16m 52s
-
(Locked)
Authentication: GitHub login5m 54s
-
(Locked)
Adding foreign keys for course in messages9m 34s
-
(Locked)
Add Zod validation to message form9m 4s
-
(Locked)
Restrict chat rooms to a single course13m 46s
-
(Locked)
Using ErrorBoundary and Suspense for safe component rendering10m 28s
-
(Locked)
Pull messages using a server action10m 21s
-
(Locked)
Implementing pagination for message history15m 35s
-
(Locked)
Include user and course when posting a message14m 36s
-
(Locked)
Broadcast new message to connected users12m 17s
-
(Locked)
Optimistically delete a message and notify all users in real time19m 29s
-
(Locked)
Optimistically edit a message and notify all users in real time21m 19s
-
(Locked)
Next.js 16 middleware: Restrict protected route13m 22s
-
(Locked)
Next.js 16 middleware: Restrict admin page7m 33s
-
(Locked)