Private APIs

API endpoints in our SaaS boilerplate can be created by adding a route.ts file inside the src/app/api directory. The file path determine the exact endpoint URL.

For example, src/app/api/testing/route.ts matches <your_domain>/api/testing.

You can ensure that only authenticated users can access an API by checking if a session exists.

tsx

import { auth } from "@/libs/auth";
 
export async function POST(request: Request) {
  const session = await auth();
 
  if (session) {
    // . . .
  }
}

We have included an example private API at src/app/api/private/route.ts.