Verify Session

Use "supertokens.middleware"

Route::middleware("supertokens.middleware")

• All APIs that require a valid session must use this middleware.
• CSRF protection will be applied to all non-GET and non-OPTIONS APIs automatically. If you want to disable this for a particular API, then use "supertokens.middleware:false".
• If successful, it will create a session object that can be accessed via $request->supertokens.
• This uses the getSession() function.

Example

Route::middleware("supertokens.middleware")->post('/like-comment', function (Illuminate\Http\Request $request) {
    $session = $request->supertokens;
    return $session->getUserId();
});