In the docs it says: "Payload's Authentication is extremely powerful and gives you everything you need when you go to build a new app or site in a secure and responsible manner."
My question is: How do i check if a users session is valid?
Image i have an application test.com which has a route /login . If a user submits the form provided by this route its makes a post request to the payload cms endpoint /api/{user-collection}/login (hosted on cms.test.com). After that a cookies gets set in the headers if the user provided correct login credentials. So far so clear.
But: How do i check if the session is valid in upcoming requests? If a user routes to test.com/dashboard i have to somehow check in a middleware function if the session is valid but in the docs i can't find an api endpoint to do this (
https://payloadcms.com/docs/rest-api/overview#auth-operations).
Use Payload Authentication in own web app
Ah thanks. Is this endpoint designed for such a use case? I would have expected a /api/[collection-slug]/validate-session endpoint
You want the "me" endpoint
Which will return either an active session or a bad request
Yes it is
Star
Discord
online
Get dedicated engineering support directly from the Payload team.