Secure Middleware Pattern for Edge-Level Authentication

Snippet

Secure Middleware Pattern for Edge-Level Authentication

Using Middleware for authentication allows you to intercept requests before they even reach your page logic. Running this on the Edge provides a fast, centralized security layer that prevents unauthorized access to protected routes.

snippet.js
javascript
import { NextResponse } from 'next/server';
import type { NextRequest } from 'next/request';
import { verifyToken } from '@/lib/auth';
 
export async function middleware(request: NextRequest) {
  const token = request.cookies.get('session')?.value;
  const verified = token && (await verifyToken(token));
 
  if (!verified && request.nextUrl.pathname.startsWith('/admin')) {
    return NextResponse.redirect(new URL('/login', request.url));
  }
 
  return NextResponse.next();
}

nextjs

Breakdown

const token = request.cookies.get('session')?.value;

Retrieves the session token directly from the request headers at the Edge.

return NextResponse.redirect(...);

Immediately reroutes unauthenticated users, saving server resources.

Previous snippet Next snippet

More Expert JavaScript exercises →

From your library

Secure Middleware Pattern for Edge-Level Authentication

Related