How to fetch a protected API route from server-side component

[nmcc1212]

I know this seems like a trivial question but I just can't seem to figure it out!
I have protected the API route using the method outlined here (https://next-auth.js.org/tutorials/securing-pages-and-api-routes) as can be seen below.

But I just can't figure out how to make the request, from my server side component, with the required authentication using getServerSession, it doesn't seem to have anything on the object that can be used, only user (with email and name children) and expiry as can be seen below

my authOptions if it helps

import { connectDB } from "@/lib/mongodb";
import User from "@/models/User";
import type { NextAuthOptions } from "next-auth";
import credentials from "next-auth/providers/credentials";
import bcrypt from "bcryptjs";

export const authOptions: NextAuthOptions = {
  providers: [
    credentials({
      name: "Credentials",
      id: "credentials",
      credentials: {
        email: { label: "Email", type: "text" },
        password: { label: "Password", type: "password" },
      },
      async authorize(credentials) {
        await connectDB();
        const user = await User.findOne({
          email: credentials?.email,
        }).select("+password");

        if (!user) throw new Error("CredentialsSignin");

        const passwordMatch = await bcrypt.compare(
          credentials!.password,
          user.password,
        );

        if (!passwordMatch) throw new Error("CredentialsSignin");
        return user;
      },
    }),
  ],
  session: {
    strategy: "jwt",
  },
  pages: {
    signIn: "/login",
  },
};

[nmcc1212]

Figured it out!
In the route, instead of using getServerSession() use getToken() e.g.

and pass the token as a header when doing the fetch