DBC Provider for using login.bib.dk with nextJS
login-nextjs is a provider for the next-auth library, that can be used to setup authentication for nextJS applications through login.bib.dk.
This plugin works with next-auth v4. Check out the migration guide, if you import directly from next-auth in your project.
By default this plugin will use JWT to store the session. The JWT is stored as a cookie, so
there is no need for a database.
npm i @dbcdk/login-nextjs
- NEXTAUTH_SECRET
A secret that next-auth will use to encrypt JWT's
For generating the key you can use the following CLI npm install -g node-jose-tools,
and then run jose newkey -s 512 -t oct -a HS512, which will print out a json string to copy
- NEXTAUTH_URL
The canonical url of your site. For instance https://example.com.
To add NextAuth.js to a project create a file called [...nextauth].js in pages/api/auth.
``javascript
/**
* @file
* pages/api/[...nextauth].js
/
import NextAuth from "next-auth";
import {adgangsplatformen, callbacks} from "@dbcdk/login-nextjs";
import CONFIG from "../config";
const options = {
providers: [
adgangsplatformen({
clientId: CONFIG.clientId,
clientSecret: CONFIG.clientSecret,
}),
],
callbacks: {
...callbacks,
},
};
export default (req, res) => NextAuth(req, res, options);
`
If your application requires anonymous session, for instance if you need to call FBI-API
without a user is logged in, you can import NextAuth (a wrapper around the original NextAuth) like this:
`javascript`
import {NextAuth} from "@dbcdk/login-nextjs";
adgangspaltformen is the provider function using login.bib.dk with next through next-auth and requires a ClientId and clientSecret
The provider automatically uses a CULR ID (from login.bib.dk it is called uniqueId) as profile ID. If another ID should be used or further validation is needed a custom profile function can be used:
`javascript`
adgangsplatformen({
clientId: CONFIG.clientId,
clientSecret: CONFIG.clientSecret,
profile: ({id, profile}) => {
//custom logic here
return {id: 'some-valid-id'}
}
}),
callbacks contains next-auth specific callbacks that will expose the token recieved from login.bib.dk and redirect to login.bib.dk/logout at logout (See the specific implementation here).
For more information about callbacks see https://next-auth.js.org/configuration/callbacks
The client library exposes three functions signIn, signOut and destroy. signIn and signOut are wrappers around next-auth's signIn and signOut functions. destroy can be called to clear all session cookies. This will trigger a fetch for a new fresh anonymous token. Logic for handling broken sessions should be custom implemented in the application.
`javascript
import {signIn} from "@dbcdk/login-nextjs/client";
export default () => (
);
`
`javascript
import {signOut} from "@dbcdk/login-nextjs/client";
export default () => ;
`
`javascript
import {destroy} from "@dbcdk/login-nextjs/client";
export default () => {
// Validate session
if(...){
// Session is broken
destroy()
}
};
`
If you need to access the session inside an API route, you should use getServerSession
`javascript
import {getServerSession} from "@dbcdk/login-nextjs/server";
export default async (req, res) => {
const session = await getServerSession(req, res);
...
}
`
If you want to use special FBI-API test users, you need to set the testUserProvider
in the file [...nextauth].js.
`javascript`
providers: [
...,
testUserProvider({
clientId: "...",
clientSecret: "...",
fbiApiUrl: "...",
}),
To enable/disable test users in a browser, you must call the function
from somewhere in your webapp, for instance like:
`javascript
import { enableFbiApiTestUsers } from "@dbcdk/login-nextjs/client";
...
...
`
npm run test`