Here, we will track our daily progress and any notes we find useful for our project.

<hr>


## **Day1**

<hr>

- **Date**: 2025-06-26

Started the nextjs project with command `npx create-next-app@latest`.

Set up the project structure.


## **Day2**

<hr>

- **Date**: 2025-06-27

Before starting to work on the project, we will explore our project design to understand the UI better.

After looking at the design, we identify the components needed, bases pages that we need, number of routes that we need to create. This way are able to divide the UI into smaller components and pages, much needed for reusability and maintainability.

- NavBar remains the static component, which will be used in all pages.

- Then header and footer will be used in all pages, but the content will change based on the page.

Altogether we will have 2 layouts i.e. for the `auth` and `main` pages because the NavBar is not needed in the `auth` pages.

We will use the `(root)` routing provided by Next.js, which allows us to create a folder structure that maps directly to the URL structure of our application.

The `(root)` folder will contain the main layout and the NavBar component, which will be used across all pages.

and, the `(auth)` folder will contain the authentication pages, such as login and signup.

Inside the `(auth)` route group, we have `sign-in` folder, which will contain the `page.tsx` file for the sign-in page.

**Create the Components Folder Outside the App Directory**

### **Working with Layout in the Auth Route**

The `layout.tsx` file in the `(auth)` folder will be used to define the layout for the authentication pages. This layout will include the header and footer components, which will be used in all authentication pages.

At the top we will load the `NavBar` component, which will be used in all pages.

and just below that we will load all the children components for that route.

By default, the `layout.tsx` top level component will be the parent of all the pages in the `app` directory, and it will be used to define the layout for all pages in the application.

So, based on the change in route, the `layout.tsx` file will be used to render the appropriate layout for the page.

To access the `auth` route, we will use the URL `/auth`, which will render the `layout.tsx` file in the `(auth)` folder.

### **Navbar.tsx Component**

Will have logo, then user profile icon.

For the user profile icon, we use the conditional rendering to show the user profile icon if the user is logged in, otherwise we will show the login button.

The user data will be fetched from the server using the `getServerSession` function from the `next-auth` package.

The `getServerSession` function will be used to get the user session data from the server, which will be used to determine if the user is logged in or not.

We use the `figure` element when we've to use image and a button together, like in the case of the user profile icon.

**Note**

All the `css` styles will be written in the `globals.css` file, which will be imported in the `layout.tsx` file.

It is due to global css and taiwind css classes that we are able to style the components without writing any additional css files.

UI Layout for flex and everything has been written in the `globals.css` file.

Now we are done with the `NavBar` component.

### **Working with the layout.tsx in the `(root)` Route**

The `layout.tsx` file in the `(root)` folder will be used to define the main layout of the application. This layout will include the `NavBar` component, which will be used in all pages.

And below the `NavBar` component, we will load the `children` components, which will be used to render the content of the page.

The `children` components will be the pages that are defined in the `(root)` folder, such as the `page.tsx` file.

This `page.tsx` file will be used to define the main content of the application, such as the welcome message and any other content that we want to display on the main page.

### **Working with the page.tsx in the `(root)` Route**

The `page.tsx` file in the `(root)` folder will be used to define the main page of the application. This page will include the main content of the application, such as the welcome message and any other content that we want to display on the main page.

Here, we will use the `main` tag to wrap the main content of the page, which will be used to define the main content of the application.

The max-width of the main content will be set to `1440px`, so that content is centered on the page. Class used is `wrapper page` the `page` is for the column flex layout and `wrapper` is for the max-width of the content.

### **For the http://192.168.1.79:3000/ URL**

When we access the URL `http://192.168.1.79:3000/`, the `layout.tsx` file in the `(root)` folder will be used to render the main layout of the application, which will include the `NavBar` component and the `main` content of the page as `children` props in the `layout.tsx` file.

Then this `layout.tsx` will be passed as `Component` to the top level `layout.tsx` file in the `app` directory, which will be used to render the main layout of the application.

**Header.tsx Component**

It is the component that we will use to display the header of the page. It will include the title and any other content that we want to display in the header.

As this is to be used as resuable component, we will need to accept different props to render different content in the header.

This component is dynamic, and we will pass the `title`, `subHeader`, and `userImg` props to render the content of the header.

**DropdownList.tsx Component**

This component will be used to display the dropdown list of options when the user clicks on the user profile icon.

The `DropdownList` component will be a simple component that will display the list of options in a dropdown format. It is toggled by the user profile icon click.

We will need to create a state variable to keep track of whether the dropdown is open or not, and we will use the `useState` hook to manage this state.


## **Profile Dynamic Route**

The `profile` dynamic route will be used to display the user profile page. This page will include the user profile information, such as the user name, email, and any other information that we want to display in the user profile.

**Route**

`192.168.1.79:3000/profile/[id]`

<hr>

For this, we will create a new folder inside the `(root)` route group called `profile`, and inside this folder, we will create a new folder called `[id]`, which will be used to define the dynamic route for the user profile page.

Inside the `[id]` folder, we will create a new file called `page.tsx`, which will be used to define the user profile page.

### **How will the User be Routed to the Profile Page?**

When the user clicks on the user profile icon in the `NavBar`, we will redirect the user to the profile page using the `router.push` method from the `next/navigation` package.

Therefore, we need to add route to the `NavBar` component, which will be used to redirect the user to the profile page.

Note,

`Route` change is done on the `Client` side using the `useRouter` hook from the `next/navigation` package.

Therefore, we will need to make NavBar a `Client Render` component by adding the `"use client"` directive at the top of the file.

Also, for `Client Components`, we will use `useRouter` hook from the `next/navigation` package to handle the route change. But,

For `Server Components`, we will use the `Link` component from the `next/link` package to handle the route change.

### **Capture the User ID from the URL**

Since, on click of the user profile icon, we will redirect the user to the profile page with the user ID in the URL, we will need to capture the user ID from the URL i.e. `192.168.1.79:3000/profile/[id]`.

We'll accept the `params` prop in the `page.tsx` file, which will be used to capture the user ID from the URL.

But, it needs to be `async` function, and use `await` to fetch the capture the user ID from the URL.

<hr>


## **Video Cards**

<hr>

On the home page, we will display random video cards.

But, on the profile page, we will display the videos that are associated with the user.

The goal is to create a Reusable VideoCard component that can be used in both places.

**Props**

As it will be a reusable component, we need to define the props that it will accept.

Such as:

- `title`: The title of the video

- `description`: A brief description of the video

- `thumbnail`: The URL of the video's thumbnail image

- `videoId`: The unique identifier for the video

- `userId`: The unique identifier for the user who uploaded the video

- `createdAt`: The date and time when the video was uploaded

- `views`: The number of times the video has been viewed

### **For the Home Page**

We will import the Video Card component in the `page.tsx` of the `(root)` directory.

Below Welcome to Loom Clone we will display random video cards.

**constants/index.ts**

We will create a `dummyCard` array of objects that represent the video cards and loop through it to display each video card.

### **For Profile Page**

We will display the videos that are associated with the user.

We will use the same `VideoCard` component and pass the relevant props to it.

**Note**

Clicking on any video to redirect to `/video/[id]` page. We will create a dynamic route for the video page.


## **Video Route Page**

As we click on any video card, we will be redirected to the video route page.

The route will be `/video/[id]` where `[id]` is the unique identifier for the video.

### **How Does the Routing Works**

**Current Folder Structure**

```text
.
├── app
│   ├── (root)
│   │   ├── profile
│   │   │   ├── [id]
│   │   │   │   ├── page.tsx
│   │   ├── video
│   │   │   ├── [id]
│   │   │   │   ├── page.tsx
│   │   ├── layout.tsx
│   │   ├── page.tsx
│   ├── layout.tsx
│   ├── global.css

```

So, whenever we request for `video/[id]`, the `page.tsx` file inside the `[id]` folder will be passed as child component to the `layout.tsx` file of the `(root)` folder.

Then this, `layout.tsx` will be passed as child component to the `layout.tsx` of the `app` folder.


<hr>
<hr>
<hr>
<hr>


Till now, we've implemented the `Home` and `Profile` pages. Now, we will work on `Authentication Page`.


### **Authentication Page**

We will create `(auth)` route group to handle all authentication-related routes. Inside the `(auth)` folder, we will create `page.tsx` file.

The authentication page will handle user login and registration.

<hr>

We will use the `BetterAuth` library to implement authentication. This library provides a simple and secure way to manage user sessions and protect routes.

**Before we move to `BetterAuth` configuration, let's get the `Google Cloud Console` credentials.**

Once, the `GCP` credentials are obtained, we can proceed with the `BetterAuth` configuration.

But,

**First Let's Configure Database so that we can store user information once the user is authenticated from `OAuth`.**

## **Database Configuration**

We will use `Xata` as our database solution. `Xata` is a serverless database that provides a simple API for managing data.

### **What is Xata?**

`Xata` is a serverless database that provides a simple API for managing data. It is designed to be easy to use and scalable, making it a great choice for modern web applications.

It helps develop with `PostgreSQL` compatibility, allowing developers to use familiar SQL queries.

[Link](https://lite.xata.io/)

### **What is BetterAuth?**

`BetterAuth` is a modern authentication library for React applications. It provides a set of hooks and components to easily add authentication to your app, including support for social login, email/password login, and more.

[Link](https://www.better-auth.com/)

[Installation](https://www.better-auth.com/docs/installation)

`npm install better-auth`

Then, set up the `.env` file with your authentication credentials.

<hr>


<hr>
<hr>
<hr>
<hr>


## **DataBase Configuration**

We are using `Xata` as our database solution. `Xata` is a serverless database that provides a simple API for managing data.

### **Config Details**

`DbName`: jsm_snapcast

Then include all the necessary environment variables in your `.env` file.

`ORM` : `Drizzle ORM` SQL

### **Connect with `Drizzle ORM` in `TypeScript`**

We will need to install the `Drizzle ORM` package to connect with the `Xata` database.

But, we are not using `Drizzle with node-postgres` because `node-postgres` is not yet supported in `Edge Runtime` with the stable release of the current `NextJs` version.

Our application will have `Middleware` that means it runs on `Edge Runtime`. Therefore, libraries likes `node-postgres` won't work because they need `TCP` sockets which does not exists in the `Edge` runtime.

So, if we want to use `node-postgres`, we need to switch to `next canary` which supports `Nextjs` middleware.

Therefore,

We will use `Xata Adapter` that uses `HTTP` to connect with the `Xata` database.

### **Xata Installation**

To install the `Xata` adapter, run the following command:

**Install Xata CLI**

```bash
sudo npm install -g @xata.io/cli // Install Xata CLI globally
```

**Xata Auth**

```bash
toni-birat@tonibirat:/media/toni-birat/New Volume/screen_recording_full_stack$ xata auth login
(node:71447) Warning: Closing file descriptor 21 on garbage collection
(Use `node --trace-warnings ...` to show where the warning was created)
(node:71447) [DEP0137] DeprecationWarning: Closing a FileHandle object on garbage collection is deprecated. Please close FileHandle objects explicitly using FileHandle.prototype.close(). In the future, an error will be thrown if a file descriptor is closed during garbage collection.
✔ Do you want to use an existing API key or create a new API key? › Use an existing API key
✔ Existing API key: … ************************************
i Checking access to the API...
✔ All set! you can now start using xata
```

We can choose to use existing API or create a new one using the Xata CLI.

This will create a `.xata` directory in your project root with the necessary configuration files.

**Initialization**

```bash
toni-birat@tonibirat:/media/toni-birat/New Volume/screen_recording_full_stack$ xata init
🦋 Initializing project... We will ask you some questions.

You have a single workspace, using it by default: Birat-Gautam-s-workspace-tf45ml
✔ Select a database or create a new one › jsm_snapcast
? Generate code and types from your Xata database › - Use arrow-keys. Return to submit.
✔ Generate code and types from your Xata database › TypeScript
✔ Choose the output path for the generated code … src/xata.ts

Setting up Xata...

Created Xata config: .xatarc

 ›   Warning: Your .env file already contains XATA_API_KEY
 ›   key. skipping...

i Running npm install --save @xata.io/client@next

added 1 package, and audited 433 packages in 5s

170 packages are looking for funding
  run `npm fund` for details

1 low severity vulnerability

To address all issues, run:
  npm audit fix

Run `npm audit` for details.


Successfully pulled 1 migrations from main branch
Generated Xata code to ./src/xata.ts

✔ Project setup with Xata 🦋

i Setup tables and columns at https://app.xata.io/workspaces/Birat-Gautam-s-workspace-tf45ml/dbs/jsm_snapcast:us-east-1

i Use xata pull main to regenerate code and types from your Xata database
```

This will create the necessary configuration files for the Xata database.

Let's us choose an existing Database or create a new one.

This will create a `src/xata.ts` and `.xatarc` file with the necessary code and types for the Xata database.

### **Configuring xata.ts File**

By default, the `xata.ts` file will contain the necessary code to connect to your Xata database and perform CRUD operations.

We will need to customize the way to add the `API Key` and remove unnecessary imports such as `tables`.

We just need to export the `DatabaseSchema` type from the `xata.ts` file.

We will provide the API Key in the `defaultOptions` object with `process.env.XATA_API_KEY`.

We will provide branch as well i.e. `branch: 'main'`.

**xata.ts**

It should be on the `root` level of your project.

```ts
// Generated by Xata Codegen 0.30.1. Please do not edit.
import { buildClient } from "@xata.io/client";
import type { BaseClientOptions } from "@xata.io/client";
import { apiKey } from "better-auth/plugins";

export type DatabaseSchema = {};

const DatabaseClient = buildClient();

const defaultOptions = {
  databaseURL:
    "https://Birat-Gautam-s-workspace-tf45ml.us-east-1.xata.sh/db/jsm_snapcast",
  apiKey: process.env.XATA_API_KEY,
  branch: "main",
};

export class XataClient extends DatabaseClient<DatabaseSchema> {
  constructor(options?: BaseClientOptions) {
    super({ ...defaultOptions, ...options });
  }
}

let instance: XataClient | undefined = undefined;

export const getXataClient = () => {
  if (instance) return instance;

  instance = new XataClient();
  return instance;
};
```


## **Connecting with Drizzle ORM**

We will use `Drizzle ORM` to connect with the `Xata` database.

[Link](https://orm.drizzle.team/)

[SetUp_Drizzle_With_Xata](https://orm.drizzle.team/docs/get-started) : Click get started with `Xata` and follow the steps.

<hr>

### **What is ORM?**

`ORM` stands for `Object-Relational Mapping`. It is a programming technique used to convert data between incompatible type systems in object-oriented programming languages. In simpler terms, it allows developers to interact with a database using the programming language's native objects, rather than writing raw SQL queries.

### **Drizzle ORM**

It is an `ORM` for `TypeScript` that provides a simple and intuitive API for working with databases.

It is `ORM` specifically for `serverless` databases i.e. `PostgreSQL`, `MySQL`, `SQLite`, etc.

### **Installation of Drizzle ORM**

To install `Drizzle ORM`, you can use `npm` or `yarn`. Run one of the following commands in your terminal:

```bash
npm install drizzle-orm
```

Next, we'll need to install `Drizzle Kit` that will create the `SQL` migrations. It is a command line tool.

```bash
npm install -D drizzle-kit // For Development
```

Next, we will need `Postgres` package to talk to the `PostgreSQL` database.

```bash
npm install pg
```

Now, we'll create `db.ts` file inside `drizzle/` folder.

In this file, we will write the Config to connect `Drizzle` and `Xata`.

```ts
import { drizzle } from "drizzle-orm/node-postgres";
import { Pool } from "pg"; // For PostgreSQL

const pool = new Pool({
  connectionString: process.env.DATABASE_URL,
});

export const db = drizzle(pool);
```

In the above code, we are importing the `Pool` class from the `pg` module and creating a new instance of it with the connection string from the environment variables.

Then pass the connection pool to the `drizzle` function to create a database connection.

<hr>

Now, we will create `Schema` for our database. The `schema.ts` file is also created inside `drizzle/` folder.

Here, we'll add the `Authentication` schema that will be auto generated by `BetterAuth`.

Now, will need to create `drizzle` config file `drizzle.config.ts` inside the root folder.

Here will need to load the `environment` variables to setup the configuration. For that we will need the `dotenv` package.

```bash
npm install dotenv
```

Then,

```ts
// drizzle.config.ts

import { config } from "dotenv";
import { defineConfig } from "drizzle-kit";

config({ path: "./.env" }); // Load the Envs from the .env file

export default defineConfig({
  schema: "./drizzle/schema.ts", // Schema Path
  out: "./drizzle/migrations", // Output Migration Path
  dialect: "postgresql", // Database Type
  dbCredentials: {
    url: process.env.DATABASE_URL_POSTGRES!, // Config loads with dotenv packagae
  },
});
```

In the `drizzle.config.ts` file, we will export the configuration using `defineConfig` from `drizzle-kit`.

This `export` will be an `object` that contains all the necessary configuration options for `Drizzle ORM` to connect to the `PostgreSQL` database.

<hr>

Finally,

We'll have to setup `BetterAuth`, Create a folder named `lib` in the root directory. Inside, this folder create a file named `auth.ts`.

Here we will connect `Drizzle`,`BetterAuth` and the Database i.e. `Xata`.

```ts
import { db } from "@/drizzle/db";
import { betterAuth } from "better-auth";
import { drizzleAdapter } from "better-auth/adapters/drizzle";

export const auth = betterAuth({
  database: drizzleAdapter(db, { provider: "pg" }),
});
```

Here, we export the `auth` object which contains the configuration for `BetterAuth` that composes the `Drizzle` ORM with the `Xata` database.

**Now,**

We will need to execute the `better-auth/cli` to generate a schema file which includes `username`, `session`, and `account` verification schema that is needed for authentication.

```bash
npx @better-auth/cli generate
```

This will generate `auth.schema.ts` file in the root directory.

Copy the content of `auth.schema.ts` file to the `schema.ts` file inside the `drizzle/` folder.

```ts
import {
  pgTable,
  text,
  timestamp,
  boolean,
  integer,
} from "drizzle-orm/pg-core";

export const user = pgTable("user", {
  id: text("id").primaryKey(),
  name: text("name").notNull(),
  email: text("email").notNull().unique(),
  emailVerified: boolean("email_verified")
    .$defaultFn(() => false)
    .notNull(),
  image: text("image"),
  createdAt: timestamp("created_at")
    .$defaultFn(() => /* @__PURE__ */ new Date())
    .notNull(),
  updatedAt: timestamp("updated_at")
    .$defaultFn(() => /* @__PURE__ */ new Date())
    .notNull(),
});

export const session = pgTable("session", {
  id: text("id").primaryKey(),
  expiresAt: timestamp("expires_at").notNull(),
  token: text("token").notNull().unique(),
  createdAt: timestamp("created_at").notNull(),
  updatedAt: timestamp("updated_at").notNull(),
  ipAddress: text("ip_address"),
  userAgent: text("user_agent"),
  userId: text("user_id")
    .notNull()
    .references(() => user.id, { onDelete: "cascade" }),
});

export const account = pgTable("account", {
  id: text("id").primaryKey(),
  accountId: text("account_id").notNull(),
  providerId: text("provider_id").notNull(),
  userId: text("user_id")
    .notNull()
    .references(() => user.id, { onDelete: "cascade" }),
  accessToken: text("access_token"),
  refreshToken: text("refresh_token"),
  idToken: text("id_token"),
  accessTokenExpiresAt: timestamp("access_token_expires_at"),
  refreshTokenExpiresAt: timestamp("refresh_token_expires_at"),
  scope: text("scope"),
  password: text("password"),
  createdAt: timestamp("created_at").notNull(),
  updatedAt: timestamp("updated_at").notNull(),
});

export const verification = pgTable("verification", {
  id: text("id").primaryKey(),
  identifier: text("identifier").notNull(),
  value: text("value").notNull(),
  expiresAt: timestamp("expires_at").notNull(),
  createdAt: timestamp("created_at").$defaultFn(
    () => /* @__PURE__ */ new Date()
  ),
  updatedAt: timestamp("updated_at").$defaultFn(
    () => /* @__PURE__ */ new Date()
  ),
});

export const schema = {
  user,
  session,
  account,
  verification,
};
```

<hr>

Once our `schema` for the `BetterAuth` is ready, we can use it to create the necessary tables in the database.

```bash
npx drizzle-kit push
```

This command will apply the schema changes to the database i.e. `xata`, creating the `user`, `session`, `account`, and `verification` tables as defined in the `schema.ts` file.

<hr>

Now, let's add the `schema`, `socialProviders`, and `betterAuth` of the `auth.ts` file.

```ts
//auth.ts

import { db } from "@/drizzle/db"; // Database
import { betterAuth } from "better-auth";
import { drizzleAdapter } from "better-auth/adapters/drizzle";
import { schema } from "@/drizzle/schema";
import { nextCookies } from "better-auth/next-js";

export const auth = betterAuth({
  database: drizzleAdapter(db, { provider: "pg", schema }),
  socialProviders: {
    google: {
      clientId: process.env.BETTER_AUTH_GOOGLE_CLIENT_ID!,
      clientSecret: process.env.BETTER_AUTH_GOOGLE_CLIENT_SECRET!,
    },
  },
  plugins: [nextCookies()],
  baseURL: process.env.NEXT_PUBLIC_BASE_URL,
});
```

The above code configures the `BetterAuth` instance with the necessary database adapter, social provider credentials, and other options like cookies and base URL.

Here,

`drizzleAdapter(db, …)`: tells `Better Auth` to persist all auth data through `Drizzle`.

`socialProviders`: Better Auth will generate the Google login flow for you (redirect → consent → callback). On successful callback, Better Auth will:

- Create or link a user,

- Store the OAuth account in your schema’s accounts table,

- Create a session (usually cookie-based),

- Return you to your app with the user signed in.

`plugins: [nextCookies()],`: A plugin that makes Better Auth read/write cookies via Next.js’s `cookies()` API—crucial for App Router/SSR/Edge compatibility.

`baseURL: process.env.NEXT_PUBLIC_BASE_URL,`: The base URL for your application, used by Better Auth for redirects and other purposes.

<hr>
<hr>

Now, we will need to create `Auth Client` for our application.

The `Auth Client` will be responsible for handling user authentication and authorization using the `BetterAuth` library.

```ts
// lib/auth-client.ts

import { auth } from "@/lib/auth";
import { createAuthClient } from "better-auth/react";
export const authClient = createAuthClient({
  baseURL: process.env.NEXT_PUBLIC_BASE_URL!,
});
```

Then we will need to create `API Route` for our authentication client. For that we will create `api/auth` folder within `app` folder. Then inside the `auth/[..all]` folder, we will create a file named `route.ts`.

Here, `auth/[...all]` is a catch-all route that will match all requests to the `auth` endpoint.

The `route.ts` file in `Next.Js` is used to define the API routes for our application. In this case, we will use it to handle authentication requests.

`route.ts` will expose the authentication endpoints for our application.

```ts
// app/api/auth/route.ts

import { auth } from "@/lib/auth";
import { toNextJsHandler } from "better-auth/next-js";

export const { GET, POST } = toNextJsHandler(auth.handler);
```

In the above code,

- We import the `auth` instance from our `lib/auth.ts` file.

- We use the `toNextJsHandler` function from the `better-auth/next-js` package to convert the `auth.handler` into Next.js compatible GET and POST handlers.

- Finally, we export these handlers for use in our API routes.

<hr>
<hr>

After all these setup now we've to setup the login functionality in the **`sign-in`** page.


## **Login Functionality**

We will use `onClick` event handler to trigger the login process when the user clicks the login button.

Since, we're using `onClick` the component should be a `client` i.e. `use client`;

<hr>

### **SignIn.tsx**

First create an `async` Event Handler Function i.e. `handleSignIn`.

```ts
"use client";

import Link from "next/link";
import React from "react";
import Image from "next/image";
import { authClient } from "@/lib/auth-client";

const page = () => {
  const handleSignIn = async () => {
    return await authClient.signIn.social({ provider: "google" });
  };

  return (
    <main className="sign-in">
      <aside className="google-sign-in">
        <button onClick={handleSignIn}>
          <Image
            src="/assets/icons/google.svg"
            alt="google"
            width={22}
            height={22}
          ></Image>
          <span>Sign in With Google</span>
        </button>
      </aside>
    </main>
  );
};

export default page;
```

In the above code,

The `handleSignIn` function is an asynchronous function that calls the `signIn.social` method from the `authClient` with the Google provider. When the user clicks the "Sign in With Google" button, this function is triggered, initiating the sign-in process.

<hr>
<hr>


Till now we have implemented the login functionality using Google OAuth. The user can click the "Sign in With Google" button, which triggers the `handleSignIn` function, initiating the sign-in process.

But if we try to access the `Dashboard` page even without signing in it is possible, which should not happen. The user `Dashboard` should be only accessible when the user is `Authenticated` and should `Redirect` to the sign-in page if not authenticated.

For that we can create a `Middleware` that checks the user's authentication status before allowing access to the `Dashboard` page.

<hr>

## **Middleware**

**Let's Understand the Middleware in Depth**

`Middleware` in general is a function that runs before a request is completed. It can be used to modify the request, response, or even end the request-response cycle.

In the context of Next.js, `middleware` can be used to protect certain routes, ensuring that only authenticated users can access them.

### **How to Create Middleware in Next.js**

In the root directory of your Next.js project, create a file named `middleware.ts`. `Next.js` will automatically use this file as middleware for all routes.

```tsx
// middleware.ts

import { NextRequest, NextResponse } from "next/server";
import { auth } from "./lib/auth";
import { headers } from "next/headers";

// Middelware Function
export async function middleware(request: NextRequest, response: NextResponse) {
  // Try to access the session
  const session = await auth.api.getSession({
    headers: await headers(),
  });

  // No Session
  if (!session) {
    // Redirect to Sign-in page from the current URL
    return NextResponse.redirect(new URL("/sign-in", request.url));
  }

  // Else, continue with what it was supposed to do
  return NextResponse.next();
}

// Middleware Routes
export const config = {
  // ReGex for Routes that we want the middleware to be applied
  matcher: ["/((?!api|_next/static|_next/image|favicon.ico|sign-in|assets).*)"],
};
```

In the above code,

```ts
auth.api.getSession({
  headers: await headers(),
});
```

we are trying to retrieve the user's session information from the authentication API. We need to pass `headers` from the request to the API to get the correct session information.

Then in the `config` we specify the routes that we want the middleware to be applied to using a regular expression matcher. In our case we've applied the middleware to any request that is for the `API`, `static files`, or the `sign-in` page.
