Verify Session
Use "supertokens.middleware"
Route::middleware("supertokens.middleware")
- All APIs that require a valid session must use this middleware.
- CSRF protection will be applied to all non-GET and non-OPTIONS APIs automatically. If you want to disable this for a particular API, then use
"supertokens.middleware:false". - If successful, it will create a session object that can be accessed via
$request->supertokens. - This uses the
getSession()function.
Example
Route::middleware("supertokens.middleware")->post('/like-comment', function (Illuminate\Http\Request $request) {
$session = $request->supertokens;
return $session->getUserId();
});