Restricted routes verify with getInitialProps and from client side with proxy /api

[karesh]

When user login, we set http only cookie with jwt from api server (in private network)

when user making request from client side (Eg: /api with client axios instance) we proxy request and attach token to header and send to api server. (like we do in SPA application)

    server.use('/api', proxyMiddleware());

    proxyReqOptDecorator: function(proxyReqOpts, srcReq) {
                proxyReqOpts.headers['x-auth'] = srcReq.cookies['x-auth'] ? srcReq.cookies['x-auth']: 'none';
                return proxyReqOpts;
            }

But we have some restricted routes and we wanted to validate at the server side.
In api server we have verify end point that will validate the token and respond user info.

In order to validate protected end point from server side we decided to attach cookie from request.
(we can get cookie if we add domain)

    static async getInitialProps(ctx) {
        try{
            const { req } = ctx;
            const token = req.cookies['x-auth']; // attach this cookie to server axios instance
            const res = await axios.get('http:/api-server/verify');
        }catch (e) {
        }
    }

My Question is, This way of doing it correct way? or any other better approach ?

Thanks.