Payload CMS allows you to use middleware to control access to certain routes or pages.
Why Use Middleware?
To restrict frontend or admin page access based on authentication or roles, without manually adding logic inside every component or route.
Example
import { NextFunction, Request, Response } from 'express';
export const restrictPageAccess = (req: Request, res: Response, next: NextFunction) => {
const user = req.user;
if (!user || user.role !== 'admin') {
return res.status(403).send('Access Denied');
}
next();
};
Conclusion
Using middleware is a clean and centralized way to manage access control in Payload CMS projects.