Simplify your stack and build anything. Or everything.
Build tomorrow’s web with a modern solution you truly own.
Code-based nature means you can build on top of it to power anything.
It’s time to take back your content infrastructure.

Use Payload Authentication in own web app

default discord avatar
sanslet3 months ago
1

In the docs it says: "Payload's Authentication is extremely powerful and gives you everything you need when you go to build a new app or site in a secure and responsible manner."



My question is: How do i check if a users session is valid?



Image i have an application test.com which has a route /login . If a user submits the form provided by this route its makes a post request to the payload cms endpoint /api/{user-collection}/login (hosted on cms.test.com). After that a cookies gets set in the headers if the user provided correct login credentials. So far so clear.



But: How do i check if the session is valid in upcoming requests? If a user routes to test.com/dashboard i have to somehow check in a middleware function if the session is valid but in the docs i can't find an api endpoint to do this (

https://payloadcms.com/docs/rest-api/overview#auth-operations

).



Use Payload Authentication in own web app



Ah thanks. Is this endpoint designed for such a use case? I would have expected a /api/[collection-slug]/validate-session endpoint

Star on GitHub

Star

Chat on Discord

Discord

online

Can't find what you're looking for?

Get dedicated engineering support directly from the Payload team.