This is a Next.js project bootstrapped with create-next-app.
Authentication uses a dual-storage strategy:
localStorage(auth_token) — used by the browser API client to attachAuthorization: Bearer <token>headers.auth_tokencookie — mirrored on login/logout so Next.js middleware can read the session on the edge withoutlocalStorage(which is unavailable in middleware).
After a successful login, api.setToken() writes to both stores. api.clearToken() removes both.
src/middleware.ts guards routes under /dashboard/* and /profile/*. Unauthenticated visitors are redirected to:
/login?redirect=/original-path
The login page reads redirect and sends the user to that path after sign-in (default: /dashboard).
These paths are reachable without a token:
//login/signup
Authenticated users who visit /login or /signup are redirected to /dashboard.
src/lib/auth/session.ts exports:
getTokenFromRequest(request)/isAuthenticatedFromRequest(request)— for middlewaresetAuthCookie()/clearAuthCookie()— client-side cookie sync
src/lib/auth/session.server.ts exports:
getToken()— async, for Server Components (cookies())isAuthenticated()
First, run the development server:
npm run dev
# or
yarn dev
# or
pnpm dev
# or
bun devOpen http://localhost:3000 with your browser to see the result.
You can start editing the page by modifying app/page.tsx. The page auto-updates as you edit the file.
This project uses next/font to automatically optimize and load Geist, a new font family for Vercel.
To learn more about Next.js, take a look at the following resources:
- Next.js Documentation - learn about Next.js features and API.
- Learn Next.js - an interactive Next.js tutorial.
You can check out the Next.js GitHub repository - your feedback and contributions are welcome!
The easiest way to deploy your Next.js app is to use the Vercel Platform from the creators of Next.js.
Check out our Next.js deployment documentation for more details.