alpe78
alpe78
PostsComments
BABetter Auth
Created by alpe78 on 5/7/2025 in #help
Middleware not working?
Hi all, i guess i have a very common use case. but as i am new to better auth maybe you can give me some hints. Stack T3 Stack with better-auth, drizzle, trpc. Usecase: my app is a "backendonly" app which means that only the loginform is shown to the public. next is: my users can have 2 different roles "user" and "admin" any user has to login before he can see something. - /page.tsx => Loginform - /user/page.tsx => Protected Userpage - /admin/page.tsx => Protected Adminpage now the i tried to use a middleware to protect those routes: middleware.ts 
// middleware.ts
import { NextResponse } from 'next/server';
import type { NextRequest } from 'next/server';
import { auth } from '@/lib/auth';

export async function middleware(request: NextRequest) {
  console.log("MIDDLEWARE STARTS")
  const session = await auth.api.getSession({ headers: request.headers });
  console.log(session);
  const { pathname } = request.nextUrl;
  console.log(pathname);
  
  if (!session) {
    // not logged in redirect to /
    return NextResponse.redirect(new URL('/', request.url));
  }
  console.log("ROLLE: ", session.user.role)
  if (pathname.startsWith('/admin') && session.user.role !== 'admin') {
    return NextResponse.redirect(new URL('/user', request.url));
  }

  if (pathname.startsWith('/user') && session.user.role !== 'user') {
    return NextResponse.redirect(new URL('/admin', request.url));
  }
  return NextResponse.next();
}

export const config = {
  matcher: ['/admin/:path*', '/user/:path*'],
};
// middleware.ts
import { NextResponse } from 'next/server';
import type { NextRequest } from 'next/server';
import { auth } from '@/lib/auth';

export async function middleware(request: NextRequest) {
  console.log("MIDDLEWARE STARTS")
  const session = await auth.api.getSession({ headers: request.headers });
  console.log(session);
  const { pathname } = request.nextUrl;
  console.log(pathname);
  
  if (!session) {
    // not logged in redirect to /
    return NextResponse.redirect(new URL('/', request.url));
  }
  console.log("ROLLE: ", session.user.role)
  if (pathname.startsWith('/admin') && session.user.role !== 'admin') {
    return NextResponse.redirect(new URL('/user', request.url));
  }

  if (pathname.startsWith('/user') && session.user.role !== 'user') {
    return NextResponse.redirect(new URL('/admin', request.url));
  }
  return NextResponse.next();
}

export const config = {
  matcher: ['/admin/:path*', '/user/:path*'],
};
but i get this error when im logged in: 
ERROR [Better Auth]: INTERNAL_SERVER_ERROR Error: The edge runtime does not support Node.js 'perf_hooks' module.
 ⨯ [Error [APIError]: Failed to get session]
 GET /admin 404
ERROR [Better Auth]: INTERNAL_SERVER_ERROR Error: The edge runtime does not support Node.js 'perf_hooks' module.
 ⨯ [Error [APIError]: Failed to get session]
 GET /admin 404
i already tried as well to add the runtime, but i get another error so im thinking that it is not the preferrable way to protect routes. can you give me some hints how to solve or implement such usecases. is it better to write or use plugins?
9 replies