Protect
Conditional rendering based on authentication, roles, and permissions.
The <Protect> component gates content behind authentication, role checks, or SpiceDB permission checks. Combine role and permission — both must pass when both are set.
Installation
pnpm add @wocha/ui @wocha/reactOr scaffold with the CLI
npx @wocha/cli init --framework nextjsBasic usage
Props
| Prop | Type | Default | Description |
|---|---|---|---|
permission | PermissionCheck | — | Permission check — requires authenticated user with allowed permission |
role | string | — | Role name — user must have matching role claim |
fallback | ReactNode | — | Rendered when unauthenticated or unauthorised |
children | ReactNode | — | Content rendered when authorised |
PermissionCheck
Examples
useProtectState hook
For imperative checks in custom components:
Framework notes
Permission checks require apiUrl on your provider. Works in React and Next.js client components.
Related
- Show — declarative
whenprop alternative - @wocha/testing — mock provider for component tests