Auth in Middleware, Or How I Learned to Stop Worrying and Love the Edge

The article discusses two approaches for user authentication in web applications - route-level and middleware-level authentication. Route-level authentication involves checking if a user is logged in within each page's logic, while middleware-level authentication checks this before the request reaches the main application logic. Both methods have their pros and cons, with middleware-level being more suitable for large applications with many routes requiring different authorization levels. However, the most secure approach is validating access at the data level to ensure both authentication (AuthN) and authorization (AuthZ). The choice between route-level or middleware-level authentication ultimately depends on the application's architecture and the developer's preference.