This example shows how you can use @auth0/nextjs-auth
to easily add authentication support to your Next.js application. It tries to cover a few topics:
- Signing in
- Signing out
- Loading the user on the server side and adding it as part of SSR (
pages/advanced/ssr-profile.js
) - Loading the user on the client side and using fast/cached SSR pages (
pages/index.js
) - API Routes which can load the current user (
pages/api/me.js
) - Using hooks to make the user available throughout the application (
lib/user.js
)
Read more: https://auth0.com/blog/ultimate-guide-nextjs-authentication-auth0/
Execute create-next-app
with npm or Yarn to bootstrap the example:
npx create-next-app --example auth0 auth0-app
# or
yarn create next-app --example auth0 auth0-app
- Go to the Auth0 dashboard and create a new application of type Regular Web Applications and make sure to configure the following
- Go to the settings page of the application
- Configure the following settings:
- Allowed Callback URLs: Should be set to
http://localhost:3000/api/callback
when testing locally or typically tohttps://myapp.com/api/callback
when deploying your application. - Allowed Logout URLs: Should be set to
http://localhost:3000/
when testing locally or typically tohttps://myapp.com/
when deploying your application.
- Save the settings
To connect the app with Auth0, you'll need to add the settings from your Auth0 application as environment variables
Copy the .env.local.example
file in this directory to .env.local
(which will be ignored by Git):
cp .env.local.example .env.local
Then, open .env.local
and add the missing environment variables:
NEXT_PUBLIC_AUTH0_DOMAIN
- Can be found in the Auth0 dashboard undersettings
.NEXT_PUBLIC_AUTH0_CLIENT_ID
- Can be found in the Auth0 dashboard undersettings
.AUTH0_CLIENT_SECRET
- Can be found in the Auth0 dashboard undersettings
.NEXT_PUBLIC_REDIRECT_URI
- The url where Auth0 redirects back to, make sure a consistent url is used here.NEXT_PUBLIC_POST_LOGOUT_REDIRECT_URI
- Where to redirect after logging outSESSION_COOKIE_SECRET
- A unique secret used to encrypt the cookies, has to be at least 32 characters. You can use this generator to generate a value.SESSION_COOKIE_LIFETIME
- How long a session lasts in seconds. The default is 2 hours.
You can deploy this app to the cloud with Vercel (Documentation).
To deploy your local project to Vercel, push it to GitHub/GitLab/Bitbucket and import to Vercel.
Important: When you import your project on Vercel, make sure to click on Environment Variables and set them to match your .env.local
file.