Hi there,
I am trying to secure my next.js app by following this great tutorial here
and specifically the “Securing Next.js Applications with Passport” section.
I have a /login endpoint as explained in the tutorial and it redirects me to the auth0 login page as expected.
I login successfully and then I try to hit the endpoint described below.
if (req.isAuthenticated()) return next();
res.sendStatus(401);
}
router.get("/api/test", ensureAuthenticated, (req, res) => {
res.send({ message: "Thanks!", 'auth': req.isAuthenticated() });
});
Not sure what I am doing wrong but I would expect to
- ensureAuthenticated to block me out or
- to get {auth: true}
On the contrary, nothing of those happen and the response I get is
{"message":"Thanks!","auth":false}
which is not expected as I have setup the passport strategy.
Any ideas appreciated.