Quick Tutorial: Setting Up NextAuth.js
Table of Content
NextAuth.js is a powerful authentication library for Next.js applications. It provides a simple and secure way to handle authentication.
NextAuth.js Features
- Built-in Providers:
- Support for popular providers like Google, Facebook, Twitter, GitHub, and more.
- Custom provider options for flexibility.
- JWT (JSON Web Tokens):
- Secure token-based authentication.
- Optional database sessions.
- Secure by Default:
- CSRF protection.
- Secure cookies.
- HTTPS support.
- Database Support:
- Compatible with multiple databases (e.g., MySQL, PostgreSQL, MongoDB, etc.).
- Prisma adapter for database management.
- Session Management:
- Server-side and client-side session management.
- Configurable session lifetimes.
- Callbacks:
- Customizable callback functions for control over sign-in, session, and JWT behavior.
- Theming:
- Customizable sign-in pages and styles.
- Multi-Factor Authentication (MFA):
- Support for MFA implementations.
- Internationalization (i18n):
- Support for multiple languages and custom translations.
- Flexible Configuration:
- Granular control over authentication and session behavior.
- Environment variable support for secure configuration.
- API Routes:
- Built-in API routes for authentication actions.
- Extensible API endpoints.
- Community and Documentation:
- Comprehensive documentation.
- Active community support.
NextAuth.js offers a powerful and flexible authentication solution for Next.js applications, catering to a wide range of use cases and security requirements.
Here's a straightforward guide to get you started.
Setting Up NextAuth.js for Beginners
NextAuth.js simplifies authentication for Next.js apps. Here’s how to set it up quickly.
Step 1: Install Dependencies
Run the following command to install NextAuth.js and its dependencies:
npm install next-auth @next-auth/prisma-adapter
Step 2: Configure NextAuth.js
Create [...nextauth].js in pages/api/auth and add your configuration:
// pages/api/auth/[...nextauth].js
import NextAuth from 'next-auth';
import Providers from 'next-auth/providers';
export default NextAuth({
providers: [
Providers.Google({
clientId: process.env.GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
}),
],
database: process.env.DATABASE_URL,
});
Step 3: Set Environment Variables
Create a .env file in your project's root directory and add:
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
DATABASE_URL=your-database-url
Step 4: Protect Pages
Use the useSession hook to protect your pages:
// pages/protected.js
import { useSession, signIn, signOut } from 'next-auth/client';
export default function ProtectedPage() {
const [session, loading] = useSession();
if (loading) return <p>Loading...</p>;
if (!session) {
return (
<>
<p>You are not signed in</p>
<button onClick={signIn}>Sign in</button>
</>
);
}
return (
<>
<p>Welcome, {session.user.name}</p>
<button onClick={signOut}>Sign out</button>
</>
);
}
Step 5: Wrap Your App
In _app.js, wrap your app with the Provider:
// pages/_app.js
import { Provider } from 'next-auth/client';
export default function App({ Component, pageProps }) {
return (
<Provider session={pageProps.session}>
<Component {...pageProps} />
</Provider>
);
}
Final Step: Start Your App
Run your app:
npm run dev
Your Next.js app now has basic authentication with NextAuth.js. For more details, check out the NextAuth.js documentation.
