# Authentication in Next.js API Routes

- ID: javascript-nextjs-api-route-authentication
- Severity: MEDIUM
- Languages: JavaScript, TypeScript
- Frameworks: nextjs

## Description

Detects API route handlers without authentication checks on protected endpoints.

## Detection Message

API route '{route}' lacks authentication - anyone can access

## Remediation

Add authentication check at the start of the route handler.
See remediation section for examples.

## Documentation

[object Object]

## Related Rules

- **Docker Build Optimization and Best Practices** [LOW]: 
- **Docker Compose Obsolete Version Field** [LOW]: 
- **Docker File Operations Best Practices** [LOW]: 
- **Invalid Port Number in EXPOSE** [ERROR]: 
- **Multiple ENTRYPOINT Instructions** [MEDIUM]: