Skip to main content

Auth.js | Pacote

  • Auth.js | Pacote

Instalar o pacote

  • npm install next-auth

Criar [...nextauth].js

  • Criar a pasta no caminho pages/api/auth/[...nextauth].js
import NextAuth from 'next-auth';
import Providers from 'next-auth/providers';

export default NextAuth({
providers: [
Providers.GitHub({
clientId: process.env.GITHUB_ID,
clientSecret: process.env.GITHUB_SECRET,
}),
],
pages: {
signIn: '/auth/signin',
},
});

Sign-in personalizado

Por padrão, o Auth.js fornece uma página de login. No entanto, você pode usar qualquer página de login personalizada para poder personalizá-la facilmente. Fizemos isso adicionando um pagesobjeto à configuração do NextAuth.

Agora, crie um arquivo para a página de login personalizada e adicione os trechos de código abaixo: pages/auth/signin.js

import { signIn } from 'next-auth/client';

const SignIn = () => {
return (
<div>
<h1>Sign In</h1>
<button onClick={() => signIn('github')}>Sign in with GitHub</button>
</div>
);
};

export default SignIn;

Proteger a página

import { useSession } from 'next-auth/client';
import { useEffect } from 'react';
import { useRouter } from 'next/router';

const ProfilePage = () => {
const [session, loading] = useSession();
const router = useRouter();

useEffect(() => {
if (!loading && !session) {
router.push('/auth/signin');
}
}, [loading, session, router]);

if (loading) {
return <p>Loading...</p>;
}

if (!session) {
return null;
}

return <div>This a protected page</div>;
};

export default ProfilePage;

Configurações e customizações

  • Providers — Você pode adicionar qualquer número de provedores, como Google, GitHub, Facebook, etc., à sua configuração NextAuth, que então fica disponível para um usuário fazer login com
  • Callbacks — Permite que você defina como deseja que a autenticação seja feita após autenticar um usuário com sucesso
  • Pages — Você pode definir a página personalizada que deseja usar para seu SignIn, SignOut e exibir mensagens de erro relacionadas à autenticação
  • Session management — Configure o comportamento da sessão. O JWT e a expiração da sessão podem ser modificados de acordo com suas necessidades
import NextAuth from 'next-auth';
import Providers from 'next-auth/providers';

export default NextAuth({
providers: [
Providers.GitHub({
clientId: process.env.GITHUB_ID,
clientSecret: process.env.GITHUB_SECRET,
}),
Providers.Google({
clientId: process.env.GOOGLE_ID,
clientSecret: process.env.GOOGLE_SECRET,
}),
],
callbacks: {
async signIn(user, account, profile) {
return true;
},
async redirect(url, baseUrl) {
return baseUrl;
},
async session(session, token) {
session.user.id = token.id;
return session;
},
async jwt(token, user, account, profile, isNewUser) {
if (user) {
token.id = user.id;
}
return token;
},
},
pages: {
signIn: '/auth/signin',
signOut: '/auth/signout',
error: '/auth/error',
},
});

Sign-out personalizado

  • Caminho: pages/auth/signout.js
import { useEffect } from 'react';
import { signOut } from 'next-auth/client';
import { useRouter } from 'next/router';

const SignOut = () => {
const router = useRouter();

useEffect(() => {
// Sign out the user and redirect to the homepage
signOut({ redirect: false }).then(() => router.push('/'));
}, [router]);

return (
<div>
<h1>Signing you out...</h1>
<p>Please wait.</p>
</div>
);
};

export default SignOut;

Auth.js vs. Passport.js, OAuth, and Firebase Authentication

FeaturePassport.jsAuth.jsAuth0Firebase Authentication
IntegrationEasy to integrate with Next.jsWorks with the majority of Node.js frameworksPlatform-independent with SDKs for many frameworks and languagesIntegrates with various platforms, including Node.js applications
PerformanceHigh performance, but implementation dependentOptimized for Next.js applicationsHigh performance, cloud-based solutionHigh performance, serverless solution
CommunityLarge community, wide adoption in Node.js ecosystemFast-growing community, particularly in Next.js ecosystem, but smaller than Passport.jsLarge and active community, extensive enterprise supportLarge community, backed by Google
Documentation/resourcesSome areas in documentation are lacking for the version transitionExtensive documentation with numerous examples and third-party tutorialsFully-featured and fully documented with API references.Comprehensive documentation with lots of community tutorials and examples
CustomizationHighly customizable with various strategiesLimited customization optionsCustomizable, but within the constraints of the Auth0 platformCustomizable, with pre-built UI components available
Session managementHas a built-in session management functionalityRequires additional middleware for session managementHas advanced JWT-based management and customization.Supports JWT-based extended token management and customization
Authentication methodsSupports authentication strategies like email/password, and OAuth providers (Google, GitHub, Facebook, etc.)Extensive support for various strategies (OAuth, OpenID, etc.)Supports authentication strategies like social, enterprise, passwordless, etc. and also supports custom databasesExtensive support for various strategies including social logins, phone auth, anonymous auth, and multi-factor authentication