@newskit-render/auth
Advanced tools
A package for the authentication of protected pages in your Next.js application. We are currently supporting Okta as a provider but there are also other options for authentication. You can see example usage with a preview article here: @newskit-render/core
Before starting, either locally or on deployed enviroments, you will need the following in your .env.local file / CircleCi Config:
https://newscorp.okta.comhttp://localhost:3000 or on some environment https://newskit-render.prod.ceng.newsuk.techopenssl rand -base64 32To get this information you need to raise a ticket with ServiceDesk for the attention of IAM and Collaboration team. You need to request they set up OKTA apps for each of your environments.
IMPORTANT For each each environment the OKTA app's sign-in and sign-out urls need to be modified:
local
sign-in - http://localhost:3000/api/auth/callback/okta
sign-out - http://localhost:300
Other environment
sign-in - {your domain / NEXTAUTH_URL}/api/auth/callback/okta
sign-out - {your domain / NEXTAUTH_URL}
The IAM and Collaboration team team need to set all this up. They also need to add you and anyone else you need as users on the apps. They will then send you the credentials OKTA_CLIENT_ID, OKTA_CLIENT_SECRET, OKTA_DOMAIN. With this you can test locally (.env.local) and once added to your CircleCi config on environments (Render is set up to pass the credentials so you just need to add them and then rebuild).
Any issues contact the newskit-render team for help.
npm install @newskit-render/auth
or
yarn add @newskit-render/auth
In your main _app.jsx/tsx:
import { SessionProvider } from '@newskit-render/auth'
Wrap all the content and pass the pageProps as a prop to the provider:
<SessionProvider pageProps={pageProps}>{Content goes here...}</SessionProvider>
Under your /pages folder create an /api folder and an /auth folder inside the latter. Inside the /auth folder create a file called [...nextauth].ts.
The path should be as follows: /pages/api/auth/[...nextauth].ts
Create the route and pass your Okta credentials:
import createAuthRoute from '@newskit-render/auth/providers'
import { NextApiRequest, NextApiResponse } from 'next'
const { OKTA_CLIENT_ID, OKTA_CLIENT_SECRET, OKTA_DOMAIN } = process.env
export default (req: NextApiRequest, res: NextApiResponse) =>
createAuthRoute(req, res, {
clientId: OKTA_CLIENT_ID,
clientSecret: OKTA_CLIENT_SECRET,
issuer: OKTA_DOMAIN,
})
Import the following in your page component:
import { PageWithAuth, getSession, signIn, signOut } from '@newskit-render/auth'
Wrap all of your page component content with PageWithAuth. It will accept onDenied and isLoading props. You can use these to show content for the user when he is not authenticated or when the content is still loading.
<PageWithAuth onDenied={accessDeniedPage} isLoading={showOnLoading}></PageWithAuth>
You can call the signIn and signOut functions to initiate or terminate the authentication for the user. When using singIn set the provider so you don't have an extra login page signIn('okta').
The last step is to get the session using the getSession hook.
Add the hook under the getServerSideProps function and then include the result as a prop inside the props that will be returned.
export async function getServerSideProps(context) {
const session = await getSession(context)
return {
props: {
...some props
session,
},
}
}
You can add some additional logic here if you want to prevent unnecessary requests or any other logic execution if the user is not authenticated:
export async function getServerSideProps(context) {
const session = await getSession(context)
if (!session) {
return {
props: {},
}
}
const { data } = await apolloClient.query({
query: GET_DATA,
})
return {
props: {
data: data,
session,
},
}
}
signOut should really be dealt with by your CMS but for testing purposes you will want a sign out button. We have added a CookieView component to the the package that only shows children if you set a cookie with the following:
document.cookie = `nextAuthShowLogOut=true; Path=/`; location.reload();
You can change the cookie name if you want.
For the full page example see preview page
To see Preview pages uses the following pattern:
{site-domain}/preview/{article-id}/version/{version-id}
FAQs
Newskit Render
The npm package @newskit-render/auth receives a total of 1,168 weekly downloads. As such, @newskit-render/auth popularity was classified as popular.
We found that @newskit-render/auth demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.
Security News
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.