Auth and protected pages
Hello guys i have a question, im currently building a saas project with nextjs , supabase .Im using the ssr client, middleware , server architecture to authenticate the user, and i am wondering if i need to use
in every page because even if i dont use it i cant access the pages since there is the redirect to login with middleware but is this safe? because i think it only checks for the session it doesnt actually check if the user is authenticated,
also, if i want to hide my navbar if the user is not authenticated do i need to do the auth.getUser() again? wont that do 1 extra auth call in every page call?
const supabase = await createClient();
const { data, error } = await supabase.auth.getUser();
if (error || !data?.user) {
redirect("/login");
}in every page because even if i dont use it i cant access the pages since there is the redirect to login with middleware but is this safe? because i think it only checks for the session it doesnt actually check if the user is authenticated,
also, if i want to hide my navbar if the user is not authenticated do i need to do the auth.getUser() again? wont that do 1 extra auth call in every page call?
