unauthorized() in Server Components, unauthorized.tsx files, protecting Server Functions.
Next.js provides unauthorized() for handling authorization in Server Components.
import { unauthorized } from 'next/navigation';
export default function DashboardPage() {
if (!canManagePosts()) {
unauthorized();
}
return <Dashboard />;
}From app/dashboard/unauthorized.tsx:
export default function Unauthorized() {
return (
<Card className="text-center">
<CardTitle>Unauthorized</CardTitle>
<CardDescriptionAlways check authorization in actions too:
export async function deletePost(slug: string) {
if (!canManagePosts()) throw new Error('Unauthorized');
await prisma.post.delete