The documentation for pocketbase is not as clear as it could be about how to check for an authenticated user when using the pb_hooks
It turns out that it is really simple
Docs :
https://pocketbase.io/docs/js-routing/#sending-request-to-custom-routes-using-the-sdks
https://pocketbase.io/jsvm/functions/_apis.requireAdminOrRecordAuth.html
Example :
// main.pb.js
// This is a simple GET route, that is protected
routerAdd("GET", "/private", (c) => {
const data = {
message : "This can only be accessed if you are logged in"
}
return c.json(200, data)
// Adding the $apis.requireAdminOrRecordAuth() argument, ensures the route is protected unless the user is logged in.
}, $apis.requireAdminOrRecordAuth());
// This is a simple GET route, that is public
routerAdd("GET", "/public", (c) => {
const data = {
message : "This can be be accessed by public"
}
return c.json(200, data)
});
Then simply call the route using the pocketbase
//
let fetchData = async () => {
let resp = await pocketBaseClient.pb.send("/private", {
});
console.log(resp)
}