1 00:00:00,000 --> 00:00:04,000 So let's use verifyAuth to protect pages. 2 00:00:04,000 --> 00:00:06,000 And here in this basic demo app, 3 00:00:06,000 --> 00:00:09,000 I have just one page that should be protected. 4 00:00:09,000 --> 00:00:13,000 But of course you could now use this verifyAuth function 5 00:00:13,000 --> 00:00:16,000 in any page, or in any API route, 6 00:00:16,000 --> 00:00:19,000 whatever it is that needs to be protected. 7 00:00:20,000 --> 00:00:23,000 So here it's that training page, 8 00:00:23,000 --> 00:00:28,000 where I will call verifyAuth before I do anything else. 9 00:00:30,000 --> 00:00:32,000 Because I don't wanna fetch training data 10 00:00:32,000 --> 00:00:34,000 if the user is not logged in. 11 00:00:34,000 --> 00:00:36,000 So that's the first thing I'll call. 12 00:00:37,000 --> 00:00:41,000 Now we need to await this because that returns a promise, 13 00:00:41,000 --> 00:00:42,000 and as you learned, 14 00:00:42,000 --> 00:00:45,000 we'll get back an object here from verifyAuth, 15 00:00:47,000 --> 00:00:52,000 a result object, which has a user key and a session key. 16 00:00:52,000 --> 00:00:56,000 Though both user and session may be null 17 00:00:56,000 --> 00:00:59,000 if we did not find a valid session for the user. 18 00:01:01,000 --> 00:01:05,000 So here we can check if not result.user, 19 00:01:05,000 --> 00:01:09,000 so if that result object contains no user data, 20 00:01:09,000 --> 00:01:10,000 in which case we know 21 00:01:10,000 --> 00:01:14,000 that the request is coming from an unauthenticated user. 22 00:01:15,000 --> 00:01:16,000 And in that case, 23 00:01:16,000 --> 00:01:20,000 I wanna return here and not execute any other code. 24 00:01:20,000 --> 00:01:22,000 I don't wanna fetch training data, 25 00:01:22,000 --> 00:01:25,000 I don't wanna render and send back that page. 26 00:01:25,000 --> 00:01:29,000 Instead, I want to redirect the user 27 00:01:29,000 --> 00:01:32,000 and send them to a different page. 28 00:01:32,000 --> 00:01:34,000 We can do that with help of the redirect function 29 00:01:34,000 --> 00:01:36,000 provided by next navigation. 30 00:01:38,000 --> 00:01:41,000 And I wanna send the user to the starting page here 31 00:01:41,000 --> 00:01:45,000 in this case, so that they can't visit this page. 32 00:01:45,000 --> 00:01:47,000 Whenever they try, if they're not logged in, 33 00:01:47,000 --> 00:01:50,000 they will be sent back to the starting page. 34 00:01:51,000 --> 00:01:56,000 Now keep in mind, here, in my case, I did log in before. 35 00:01:56,000 --> 00:01:59,000 So if I save everything and I go back 36 00:01:59,000 --> 00:02:03,000 and I reload that training page, that works. 37 00:02:03,000 --> 00:02:06,000 Here, if I click that reload icon, 38 00:02:06,000 --> 00:02:11,000 I can visit this page as often as I want. 39 00:02:11,000 --> 00:02:13,000 But that will now change if I delete 40 00:02:13,000 --> 00:02:15,000 that authentication cookie. 41 00:02:15,000 --> 00:02:18,000 So if I go to the application tab and the dev tools 42 00:02:18,000 --> 00:02:23,000 and there I select this cookie, if I delete it, 43 00:02:24,000 --> 00:02:27,000 and I then try to reload, you see, 44 00:02:27,000 --> 00:02:30,000 I'm redirected back to that starting page. 45 00:02:30,000 --> 00:02:33,000 Because no valid authentication cookie 46 00:02:33,000 --> 00:02:36,000 was attached to the request. 47 00:02:36,000 --> 00:02:38,000 And that's the offer. 48 00:02:38,000 --> 00:02:40,000 What we actually want to do automatically, 49 00:02:40,000 --> 00:02:42,000 if the user clicks a logout button, 50 00:02:42,000 --> 00:02:47,000 which we don't have on this page yet, we'll add one soon. 51 00:02:47,000 --> 00:02:48,000 But before we do that, 52 00:02:48,000 --> 00:02:52,000 I wanna make sure that we can actually log in 53 00:02:52,000 --> 00:02:56,000 because thus far, we only support user creation, 54 00:02:56,000 --> 00:02:58,000 and that's of course not all we need. 55 00:02:58,000 --> 00:03:00,000 Instead, I also wanna allow users 56 00:03:00,000 --> 00:03:03,000 to log in with existing accounts, 57 00:03:03,000 --> 00:03:05,000 and that's what we'll do next.