@workos-inc/authkit-nextjs
Advanced tools
Authentication and session helpers for using WorkOS & AuthKit with Next.js
The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js.
Install the package with:
npm i @workos-inc/authkit-nextjs
or
yarn add @workos-inc/authkit-nextjs
Make sure the following values are present in your .env.local environment variables file. The client ID and API key can be found in the WorkOS dashboard, and the redirect URI can also be configured there.
WORKOS_CLIENT_ID="client_..." # retrieved from the WorkOS dashboard
WORKOS_API_KEY="sk_test_..." # retrieved from the WorkOS dashboard
WORKOS_REDIRECT_URI="http://localhost:3000/callback" # configured in the WorkOS dashboard
WORKOS_COOKIE_PASSWORD="<your password>" # generate a secure password here
WORKOS_COOKIE_PASSWORD is the private key used to encrypt the session cookie. It has to be at least 32 characters long. You can use the 1Password generator or the openssl library to generate a strong password via the command line:
openssl rand -base64 24
To use the signOut method, you'll need to set your app's homepage in your WorkOS dashboard settings under "Redirects".
WorkOS requires that you have a callback URL to redirect users back to after they've authenticated. In your Next.js app, expose an API route and add the following.
import { handleAuth } from '@workos-inc/authkit-nextjs';
export const GET = handleAuth();
Make sure this route matches the WORKOS_REDIRECT_URI variable and the configured redirect URI in your WorkOS dashboard. For instance if your redirect URI is http://localhost:3000/auth/callback then you'd put the above code in /app/auth/callback/route.ts.
You can also control the pathname the user will be sent to after signing-in by passing a returnPathname option to handleAuth like so:
export const GET = handleAuth({ returnPathname: '/dashboard' });
This library relies on Next.js middleware to provide session management for routes. Put the following in your middleware.ts file in the root of your project:
import { authkitMiddleware } from '@workos-inc/authkit-nextjs';
export default authkitMiddleware();
// Match against pages that require auth
// Leave this out if you want auth on every page in your application
export const config = { matcher: ['/admin'] };
For pages where you want to display a signed-in and signed-out view, use getUser to retrieve the user profile from WorkOS.
import Link from 'next/link';
import { getSignInUrl, getUser, signOut } from '@workos-inc/authkit-nextjs';
export default async function HomePage() {
// Retrieves the user from the session or returns `null` if no user is signed in
const { user } = await getUser();
// Get the URL to redirect the user to AuthKit to sign in
const signInUrl = await getSignInUrl();
return user ? (
<form
action={async () => {
'use server';
await signOut();
}}
>
<p>Welcome back {user?.firstName && `, ${user?.firstName}`}</p>
<button type="submit">Sign out</button>
</form>
) : (
<Link href={signInUrl}>Sign in</Link>
);
}
For pages where a signed-in user is mandatory, you can use the ensureSignedIn option:
const { user } = await getUser({ ensureSignedIn: true });
Enabling ensureSignedIn will redirect users to AuthKit if they attempt to access the page without being authenticated.
Use the signOut method to sign out the current logged in user and redirect to your app's homepage. The homepage redirect is set in your WorkOS dashboard settings under "Redirect".
Render the Impersonation component in your app so that it is clear when someone is impersonating a user.
The component will display a frame with some information about the impersonated user, as well as a button to stop impersonating.
import { Impersonation } from '@workos-inc/authkit-nextjs';
export default function App() {
return (
<div>
<Impersonation />
{/* Your app content */}
</div>
);
}
To enable debug logs, initialize the middleware with the debug flag enabled.
import { authkitMiddleware } from '@workos-inc/authkit-nextjs';
export default authkitMiddleware({ debug: true });
FAQs
Authentication and session helpers for using WorkOS & AuthKit with Next.js
We found that @workos-inc/authkit-nextjs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.
Security News
vlt introduced its new package manager and a serverless registry this week, innovating in a space where npm has stagnated.