ShipNext

Add A Protected Page

Add a page that requires a logged-in user.

Protected pages belong under the authenticated route group. The protected layout should read the current session and redirect unauthenticated users, so ordinary Dashboard pages do not need to repeat the same check.

Create the page route

For example:

app/(protected)/dashboard/reports/page.tsx

The page can fetch server data directly:

export default async function ReportsPage() {
  return <h1>Reports</h1>;
}

Read session when the page needs user data

import { getSession } from "@/modules/auth/server";
import { notFound } from "next/navigation";

export default async function ReportsPage() {
  const session = await getSession();
  if (!session?.user) notFound();

  return <div>{session.user.email}</div>;
}

For admin pages, check session.user.role === "admin" or use the project's admin helper.

Add a sidebar entry

Dashboard navigation usually lives in a sidebar component. Add a button or link with the route path:

<SidebarNavButton href="/dashboard/reports">
  {t("reports")}
</SidebarNavButton>

Add translations and metadata

Dashboard copy usually belongs in:

src/i18n/messages/en/dashboard.json
src/i18n/messages/zh/dashboard.json

Protected pages should normally be noindex.

If you change auth route paths in config/website.ts, also check the redirect used by the protected layout.

Add A Static Page

Add a public page, SEO metadata, translations, and navigation entries.

Add A Protected API

Create a Route Handler that requires a logged-in user or admin permissions.

On this page

Create the page routeRead session when the page needs user dataAdd a sidebar entryAdd translations and metadata