I want to check if the user has a valid session before fetching data
import { Client, Users } from 'node-appwrite';
export async function GET() {
const client = new Client()
.setEndpoint(process.env.NEXT_PUBLIC_APPWRITE_ENDPOINT as string)
.setProject(process.env.NEXT_PUBLIC_APPWRITE_PROJECT_ID as string)
.setKey(process.env.APPWRITE_API_KEY as string); // Securely use API key
const usersAPI = new Users(client);
try {
// Fetch the user list from Appwrite
const usersList = await usersAPI.list();
// Log the labels for each user
usersList.users.forEach((user) => {
console.log(`User: ${user.name}, Labels: `, user.labels);
});
const users = usersList.users.map((user) => ({
name: user.name || 'N/A',
email: user.email,
phone: user.phone || 'N/A',
emailVerification: user.emailVerification,
phoneVerification: user.phoneVerification,
isAdmin: user.labels.includes('admin') // Check if 'admin' label exists in labels array
}));
return NextResponse.json({ totalUsers: usersList.total, users });
} catch (error: any) {
console.error('Error fetching users:', error);
return NextResponse.json({ totalUsers: 0, users: [] }, { status: 500 });
}
}
I am trying to make some middleware that validates a users session and checkf for some custom permissions or the admin label before allowing them to proceed. Using app router in NextJs.
If you're using API key, then you have full access to everything
I think you should use .setSession in your case in order to work as the user instead of full admin server side
Recommended threads
- Facing issue with querying the database ...
I'm using python appwrite function. Error: ```appwrite.exception.AppwriteException: Invalid query: Attribute not found in schema: _createdAt``` Code: ``` resu...
- Appwrite installation not found
I am updating from 1.4.3 -> 1.5.11 My appwrite installation is at /root/appwrite I run the PowerShell version of the 'installing the new version' script from ...
- Next SSR Auth session.secret is empty us...
Hi, I have problem with auth. When I try to login/signup using OTP, at the end session.secret is empty, but looks like a whole procces passed correctly. I have ...