Correct way to get 'access_token' / user session in server components
Hi,
I setup role-based access control according to the RBAC docs.
The custom auth hook is including the user role in the access token JWT.
My project is using NextJS with React server components. Supabase-js is setup according to the docs as well.
I can access and decode the JWT with 'jwt-decode' on the client like outlined in the docs.
What would be the correct way to access the access_token or user session in a React server component?
The docs state that using is unsafe on the server.
Should I store the JWT in a separate cookie once the user signs in and decode with the JWT secret on the server?
My use case is protecting certain routes based on the user role in a layout file.
Thanks!
I setup role-based access control according to the RBAC docs.
The custom auth hook is including the user role in the access token JWT.
My project is using NextJS with React server components. Supabase-js is setup according to the docs as well.
I can access and decode the JWT with 'jwt-decode' on the client like outlined in the docs.
What would be the correct way to access the access_token or user session in a React server component?
The docs state that using is unsafe on the server.
Should I store the JWT in a separate cookie once the user signs in and decode with the JWT secret on the server?
My use case is protecting certain routes based on the user role in a layout file.
Thanks!
Use Auth Hooks to add custom claims for managing role-based access control.
