JWT Authentication
With Vercel's Edge Middleware we're able to authenticate users before they hit your app.
Authentication is managed with a JWT saved under the user-token
cookie.
If you visit /protected if will redirect you here if you aren't authenticated. Click the button below to authenticate and be able to see the page:
API routes are also behind authentication, if the token is missing the route /api/protected will respond with:
{"error":{"message":"authentication required"}}
With proper authentication the response is:
{"success":true}
The HTTP status code would be 401
and 200
respectively.