T3 Authentication (middleware vs client-side)
Multiple questions:
1. Is there a reason why T3 is set up with Database session authentication, which doesn't allow for middleware usage?
2. What are the benefits of using database sessions instead of JWT sessions?
-ie. You can see all users that are logged in and you can can terminate sessions on command if needed.
3. I asked a question on StackOverflow about how to protect certain page url routes and someone responded by saying to use middleware.
Are there any other ways to protect page url routes?
Ie:
Allow all-auth-users access to (but not public users access to): /account/userid
Allow only logged in session user access to: /account/userid/actions
Or is blocking access to page routes less of a concern since your API's will have server-side logic that protects any queries from going through.
1. Is there a reason why T3 is set up with Database session authentication, which doesn't allow for middleware usage?
2. What are the benefits of using database sessions instead of JWT sessions?
-ie. You can see all users that are logged in and you can can terminate sessions on command if needed.
3. I asked a question on StackOverflow about how to protect certain page url routes and someone responded by saying to use middleware.
Are there any other ways to protect page url routes?
Ie:
Allow all-auth-users access to (but not public users access to): /account/userid
Allow only logged in session user access to: /account/userid/actions
Or is blocking access to page routes less of a concern since your API's will have server-side logic that protects any queries from going through.
Similar Threads
Was this page helpful?
