Next.js
Authentication for Next.js app with Authgear
Last updated
Was this helpful?
Authentication for Next.js app with Authgear
Last updated
Was this helpful?
In this guide, you'll learn how to implement authentication for the application, a popular React-based framework for JavaScript, and as the OIDC provider. The source code can be found on .
You will learn the following throughout the article:
How to add user login, sign-up, and logout to Next.js Applications.
How to create a middleware to protect Next.js application pages.
In the , the Next.js app is integrated with Authgear, and the client library is used for sending authentication requests as an OpenID Connect middleware from the app to Authgear.
Before you begin, you'll need the following:
A free Authgear account. if you don't have one already.
.
Experience with framework and application development.
To use Authgear services, you’ll need to have an application set up in the Authgear . This setup allows users in Authgear to sign in to the Next.js application automatically once they are authenticated by Authgear.
After you created the Authgear app, you choose how users need to authenticate on the login page. From the Authentication tab, navigate to Login Methods, you can choose a login method from various options including, by email, mobile, or social, just using a username or the custom method you specify. For this demo, we choose the Email+Passwordless approach where our users are asked to register an account and log in by using their emails. They will receive a One-time password (OTP) to their emails and verify the code to use the app.
Since you've cloned a working repo, you don't need to follow the next section. If you'd like to understand more about what was done in the demo application, feel free to read them.
If you want to create your own application instead of using our demo project, you can create a new Next.js application by running the command below.
The create-next-app wizard will ask you a few questions on how to set up your application. Answer them accordingly.
Now, you need to create a file named exactly like [...nextauth].js in src/pages/api/auth. First, make the directory and then create a file named [...nextauth].js in that directory.
In the following code, we made a few config:
We have made id and name in the Next Auth session (under callbacks). You can also add other attributes such as email, phone_number, and preferred_username to the session as well.
To allow components to check whether the current user is logged in, change src/pages/_app.js to have your application rendered inside a <SessionProvider> context, as shown below.
Then, you change your home component located at src/pages/index.js to include the <LoginButton /> component inside <main>.
In the root directory of your project, add the file .env.local with the following environment variables:
replace with Authgear app settings values from Part1 such as Issuer, ClientId, ClientSecret.
Start the HTTP server by running the following command.
Click the "Log in" button to be taken to a page with a "Sign in with Authgear" button.
After clicking it, you should be redirected to your Authgear login screen.
After you have authenticated with a one-time password sent to your email, you'll arrive back at your Next.js application home screen, with your email address displayed and a "Log out" button.
This tutorial showed how to quickly implement an end-to-end OpenID Connect flow in Next.js with Authgear. Only simple code is needed, after which protected views are secured with built-in UI login pages.
To set up the application, navigate to the and select Applications on the left-hand navigation bar. Use the interactive selector to create a new Authgear OIDC Client application or select an existing application that represents the project you want to integrate with.
Every application in Authgear is assigned an alphanumeric, unique client ID that your application code will use to call Authgear APIs through the NextAuth.js Client in the Next.js app. Record the generated Authgear ISSUER (for example, ), CLIENT ID, CLIENT SECRET from the output. You will use these values in the next step for the client app config.
An Authorized Redirect URI of your application is the URL that Authgear will redirect to after the user has authenticated for the OpenID Connect middleware to complete the authentication process. In our case, it will be a home page for our Next.js and it will run at .
Set the following to the Authorized Redirect URIs field. If not set, users will not be returned to your application after they log in.
You have two options here. You can either clone a or build the app from scratch.
If you want to run an already working application, you can clone the demo project from this using the following command.
Either way, continue configuring the to proceed with this tutorial.
Now that you have the application running, let's implement the authentication process by using . We recommend you look also at the for the most up-to-date instructions. First, install NextAuth.js:
Next, you'll configure a for Authgear. Doing so ensures every request to the /api/auth/* path is handled by NextAuth.js.
We've added as the scope to make Authgear return all user profiles
This will make the React Hook accessible to your entire application. Now, create a component that will either render a "Log in" or "Log out" button, depending on the session state, in a src/components/login-button.jsx file.
Browse to . If the installation went successful, you should see the Login page.
Your users can sign-up and login to your application through a page hosted by Authgear, which provides them with a secure, standards-based login experience that you can customize with your own branding and various authentication methods, such as , , , with SMS/WhatsApp, and multi-factor authentication (MFA).
