protecting prisma API with session check

pages/api/data/prisma/[...model].ts

@@ -1,5 +1,8 @@
 import { NextApiRequest, NextApiResponse } from 'next';
 import { PrismaClient } from '@prisma/client';
+import { getServerSession } from "next-auth/next";
+import { authOptions } from "../../auth/[...nextauth]";
+
 
 const common = require('../../../../src/helpers/common');
 const logger = require('../../../../src/logger');
@@ -53,6 +56,14 @@ const generateSQL = (data, tableName) => {
     }).join("\n");
 };
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+
+    const session = await getServerSession(req, res, authOptions);
+
+    if (!session) {
+        return res.status(401).json({ error: "Unauthorized" });
+    }
+
+
     const prisma: PrismaClient = common.getPrismaClient();
     const modelArray = (req.query.model || (req.body && req.body.model)) as string[];
     let queryOptions = {};