Private APIs

API endpoints in our SaaS boilerplate can be created by adding a route.ts file inside the src/app/api directory. The file path determine the exact endpoint.

For example, src/app/api/testing/route.ts matches <your_domain>/api/testing.

You can ensure that only authenticated users can access an API by checking if a session exists.

import { auth } from "@/libs/auth";

export async function POST(request: Request) {
    const session = await auth();

    if (session) {
        . . .
    }
}