There are various ways to implement auth, what you have done is good, but it is only a part of the puzzle. Depending on the type of application you are building - whether the data on the page is tightly coupled with the users themselves or static data that remains same for most users, you may get away without an auth check in the in the middleware. I strongly suggest having another check in the components that render the authorized data, as does Next.js.

If you are not heavily reliant on static data, do away with the auth in the middleware, and implement a combination of a user context provider and a DAL as described in the link above.