feat: next auth guide (#664)

wangsijie · web-flow · commit 1dcd90b0ec04 · 2024-05-21T15:33:46.000+08:00
diff --git a/docs/quick-starts/assets/next-auth-redirect-uri.png b/docs/quick-starts/assets/next-auth-redirect-uri.png
diff --git a/docs/quick-starts/framework/next-auth/README.mdx b/docs/quick-starts/framework/next-auth/README.mdx
@@ -0,0 +1,43 @@
+---
+slug: /quick-starts/next-auth
+sidebar_label: Next Auth
+sidebar_custom_props:
+  logoFilename: 'next-auth.svg'
+  description: Authentication for Next.js.
+---
+
+import FurtherReadings from '../../fragments/_further-readings.md';
+
+import ConfigProvider from './_config-provider.mdx';
+import GuideTip from './_guide-tip.mdx';
+import ScopesAndClaims from './_scopes-and-claims.mdx';
+
+# Next Auth guide
+
+This guide will show you how to integrate Logto into your Next.js application with [Next Auth](https://next-auth.js.org/).
+
+<GuideTip />
+
+## Prerequisites
+
+- A [Logto Cloud](https://cloud.logto.io) account or a self-hosted Logto (Check out the [⚡ Get started](../../../docs/tutorials/get-started/) guide to create one if you don't have).
+- A Logto traditional application created.
+- A Next.js project with Next Auth, check out the [Next Auth documentation](https://next-auth.js.org/getting-started/introduction).
+
+## Integration
+
+### Config Next Auth provider
+
+<ConfigProvider />
+
+### Checkpoint
+
+Now, you can test your application to see if the authentication works as expected.
+
+## Scopes and claims
+
+<ScopesAndClaims />
+
+## Further readings
+
+<FurtherReadings />
diff --git a/docs/quick-starts/framework/next-auth/_config-provider.mdx b/docs/quick-starts/framework/next-auth/_config-provider.mdx
@@ -0,0 +1,63 @@
+import redirectUriFigure from '../../assets/next-auth-redirect-uri.png';
+import ConfigureRedirectUri from '../../fragments/_configure-redirect-uri.mdx';
+import GetAppSecret from '../../fragments/_get-app-secret.mdx';
+import AssumingUrl from '../../fragments/_web-assuming-url.md';
+import SignInFlowSummary from '../../fragments/_web-sign-in-flow-summary.mdx';
+
+<SignInFlowSummary />
+
+<AssumingUrl />
+
+#### Configure sign-in redirect URI
+
+<ConfigureRedirectUri
+  figureSrc={redirectUriFigure}
+  redirectUri="http://localhost:3000/api/auth/callback/logto"
+/>
+
+#### Config Next Auth provider
+
+<GetAppSecret />
+
+Modify your API route config of Next Auth, if you are using Pages Router, the file is in `pages/api/auth/[...nextauth].js`, if you are using App Router, the file is in `app/api/auth/[...nextauth]/router.ts`.
+
+The following is an example of App Router:
+
+```ts
+import NextAuth from 'next-auth';
+
+const handler = NextAuth({
+  providers: [
+    {
+      id: 'logto',
+      name: 'Logto',
+      type: 'oauth',
+      // You can get the well-known URL from the Logto Application Details page,
+      // in the field "OpenID Provider configuration endpoint"
+      wellKnown: 'https://xxxx.logto.app/oidc/.well-known/openid-configuration',
+      authorization: { params: { scope: 'openid offline_access profile email' } },
+      clientId: '<logto-app-id>',
+      clientSecret: '<logto-app-secret>',
+      client: {
+        id_token_signed_response_alg: 'ES384',
+      },
+      profile(profile) {
+        // You can customize the user profile mapping here
+        return {
+          id: profile.sub,
+          name: profile.name ?? profile.username,
+          email: profile.email,
+          image: profile.picture,
+        };
+      },
+    },
+  ],
+});
+
+export { handler as GET, handler as POST };
+```
+
+1. Replace the `wellKnown` URL with your Logto application's "OpenID Provider configuration endpoint".
+2. Replace the `clientId` and `clientSecret` with your Logto application's ID and secret.
+3. Customize the `profile` function to map the user profile to the Next Auth user object, the default mapping is shown in the example.
+4. Remember to set the `id_token_signed_response_alg` to `ES384`.
diff --git a/docs/quick-starts/framework/next-auth/_guide-tip.mdx b/docs/quick-starts/framework/next-auth/_guide-tip.mdx
@@ -0,0 +1,5 @@
+:::tip
+
+- In this guide, we assume you have set up Next Auth in your Next.js project. If you haven't, check out the [Next Auth documentation](https://next-auth.js.org/getting-started/introduction) to get started.
+
+:::
diff --git a/docs/quick-starts/framework/next-auth/_scopes-and-claims-code.md b/docs/quick-starts/framework/next-auth/_scopes-and-claims-code.md
@@ -0,0 +1,13 @@
+```ts
+const handler = NextAuth({
+  providers: [
+    {
+      id: 'logto',
+      name: 'Logto',
+      // ... other options
+      authorization: { params: { scope: 'openid offline_access profile email' } },
+      // ... other options
+    },
+  ],
+});
+```
diff --git a/docs/quick-starts/framework/next-auth/_scopes-and-claims.mdx b/docs/quick-starts/framework/next-auth/_scopes-and-claims.mdx
@@ -0,0 +1,5 @@
+import ScopesAndClaims from '../../fragments/_scopes-and-claims.mdx';
+
+import ScopesAndClaimsCode from './_scopes-and-claims-code.md';
+
+<ScopesAndClaims configScopesCode={<ScopesAndClaimsCode />} />
diff --git a/static/img/logo/next-auth.svg b/static/img/logo/next-auth.svg
@@ -0,0 +1,25 @@
+<svg width="20" height="20" viewBox="0 0 20 20" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M3.71875 3.92972C5.62789 3.36733 8.45568 2.52411 9.64828 2.16812C10.0173 2.05797 10.4075 2.05711 10.7771 2.16533C11.926 2.50173 14.5984 3.28783 16.6648 3.92349C17.0828 4.05209 17.3679 4.44593 17.3575 4.88319C17.1188 14.9867 12.0196 17.4105 10.5842 17.8936C10.3388 17.9762 10.0837 17.9764 9.83802 17.8945C8.39567 17.4137 3.25421 14.9951 3.00907 4.89714C2.9983 4.45317 3.29276 4.05521 3.71875 3.92972Z" fill="#D9D9D9"/>
+<mask id="mask0_156_252" style="mask-type:alpha" maskUnits="userSpaceOnUse" x="3" y="2" width="15" height="16">
+<path d="M3.71875 3.92972C5.62789 3.36733 8.45568 2.52411 9.64828 2.16812C10.0173 2.05797 10.4075 2.05711 10.7771 2.16533C11.926 2.50173 14.5984 3.28783 16.6648 3.92349C17.0828 4.05209 17.3679 4.44593 17.3575 4.88319C17.1188 14.9867 12.0196 17.4105 10.5842 17.8936C10.3388 17.9762 10.0837 17.9764 9.83802 17.8945C8.39567 17.4137 3.25421 14.9951 3.00907 4.89714C2.9983 4.45317 3.29276 4.05521 3.71875 3.92972Z" fill="#D9D9D9"/>
+</mask>
+<g mask="url(#mask0_156_252)">
+<path d="M10.2112 9.77465L10.0986 1.71831L17.8169 3.80282L10.2112 9.77465Z" fill="url(#paint0_linear_156_252)"/>
+<path d="M10.2113 9.77465V2L2.83098 3.97183L1.81689 8.76056L5.02816 13.7746L10.2113 9.77465Z" fill="url(#paint1_linear_156_252)"/>
+<path d="M17.5915 3.97183L4.91547 13.7746V18.2254H17.4225L17.5915 3.97183Z" fill="url(#paint2_linear_156_252)"/>
+</g>
+<defs>
+<linearGradient id="paint0_linear_156_252" x1="10.2112" y1="2" x2="15.6197" y2="5.5493" gradientUnits="userSpaceOnUse">
+<stop stop-color="#19AAE8"/>
+<stop offset="1" stop-color="#1EA5F1"/>
+</linearGradient>
+<linearGradient id="paint1_linear_156_252" x1="3.05633" y1="4.14085" x2="10.2113" y2="9.66197" gradientUnits="userSpaceOnUse">
+<stop stop-color="#2BE2B8"/>
+<stop offset="1" stop-color="#19B9E3"/>
+</linearGradient>
+<linearGradient id="paint2_linear_156_252" x1="17.3098" y1="4.02817" x2="7.95772" y2="16.9859" gradientUnits="userSpaceOnUse">
+<stop stop-color="#925CDF"/>
+<stop offset="1" stop-color="#CC42E5"/>
+</linearGradient>
+</defs>
+</svg>

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +:::tip
++
 +- In this guide, we assume you have set up Next Auth in your Next.js project. If you haven't, check out the [Next Auth documentation](https://next-auth.js.org/getting-started/introduction) to get started.
++
 +:::