Optional state: { Validate additional claims
// pages/api/auth/[auth0].js
import { handleAuth, handleCallback } from '@auth0/nextjs-auth0';
const afterCallback = (req, res, session, state) => {
if (session.user.isAdmin) {
return session;
} else {
res.status(401).end('User is not admin');
}
};
export default handleAuth({
async callback(req, res) {
try {
await handleCallback(req, res, { afterCallback });
} catch (error) {
res.status(error.status || 500).end();
}
}
});
Modify the session after login
// pages/api/auth/[auth0].js
import { handleAuth, handleCallback } from '@auth0/nextjs-auth0';
const afterCallback = (req, res, session, state) => {
session.user.customProperty = 'foo';
delete session.refreshToken;
return session;
};
export default handleAuth({
async callback(req, res) {
try {
await handleCallback(req, res, { afterCallback });
} catch (error) {
res.status(error.status || 500).end();
}
}
});
Redirect successful login based on claim
// pages/api/auth/[auth0].js
import { handleAuth, handleCallback } from '@auth0/nextjs-auth0';
const afterCallback = (req, res, session, state) => {
if (!session.user.isAdmin) {
res.setHeader('Location', '/admin');
}
return session;
};
export default handleAuth({
async callback(req, res) {
try {
await handleCallback(req, res, { afterCallback });
} catch (error) {
res.status(error.status || 500).end(error.message);
}
}
});
HandlerError
Use this function for validating additional claims on the user's ID token or adding removing items from the session after login.