Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
remix-auth-auth0
Advanced tools
The Auth0 strategy is used to authenticate users against an Auth0 account. It extends the OAuth2Strategy.
Readme
The Auth0 strategy is used to authenticate users against an Auth0 account. It extends the OAuth2Strategy.
Runtime | Has Support |
---|---|
Node.js | ✅ |
Cloudflare | ✅ |
Follow the steps on the Auth0 documentation to create a tenant and get a client ID, client secret and domain.
// app/utils/auth.server.ts
import { Authenticator } from "remix-auth";
import { Auth0Strategy } from "remix-auth-auth0";
// Create an instance of the authenticator, pass a generic with what your
// strategies will return and will be stored in the session
export const authenticator = new Authenticator<User>(sessionStorage);
let auth0Strategy = new Auth0Strategy(
{
callbackURL: "https://example.com/auth/auth0/callback",
clientID: "YOUR_AUTH0_CLIENT_ID",
clientSecret: "YOUR_AUTH0_CLIENT_SECRET",
domain: "YOUR_TENANT.us.auth0.com",
},
async ({ accessToken, refreshToken, extraParams, profile }) => {
// Get the user data from your DB or API using the tokens and profile
return User.findOrCreate({ email: profile.emails[0].value });
}
);
authenticator.use(auth0Strategy);
// app/routes/login.tsx
export default function Login() {
return (
<Form action="/auth/auth0" method="post">
<button>Login with Auth0</button>
</Form>
);
}
// app/routes/auth/auth0.tsx
import type { ActionArgs } from "@remix-run/node";
import { authenticator } from "~/utils/auth.server";
export let loader = () => redirect("/login");
export let action = ({ request }: ActionArgs) => {
return authenticator.authenticate("auth0", request);
};
// app/routes/auth/auth0/callback.tsx
import type { LoaderArgs } from "@remix-run/node";
import { authenticator } from "~/utils/auth.server";
export let loader = ({ request }: LoaderArgs) => {
return authenticator.authenticate("auth0", request, {
successRedirect: "/dashboard",
failureRedirect: "/login",
});
};
// app/routes/auth/logout.ts
import type { ActionArgs } from "@remix-run/node";
import { redirect } from "@remix-run/node";
import { destroySession, getSession } from "~/utils/auth.server";
export const action = async ({ request }: ActionArgs) => {
const session = await getSession(request.headers.get("Cookie"));
const logoutURL = new URL(process.env.AUTH0_LOGOUT_URL); // i.e https://YOUR_TENANT.us.auth0.com/v2/logout
logoutURL.searchParams.set("client_id", process.env.AUTH0_CLIENT_ID);
logoutURL.searchParams.set("returnTo", process.env.AUTH0_RETURN_TO_URL);
return redirect(logoutURL.toString(), {
headers: {
"Set-Cookie": await destroySession(session),
},
});
};
// app/routes/register.tsx
export default function Register() {
return (
<Form action="/auth/auth0?screen_hint=signup" method="post">
<button>Register with Auth0</button>
</Form>
);
}
// https://auth0.com/docs/authenticate/login/auth0-universal-login/new-experience#signup
FAQs
The Auth0 strategy is used to authenticate users against an Auth0 account. It extends the OAuth2Strategy.
The npm package remix-auth-auth0 receives a total of 17,135 weekly downloads. As such, remix-auth-auth0 popularity was classified as popular.
We found that remix-auth-auth0 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.