Auth.js
Authentication for the web.
Open Source. Full Stack. Own Your Data.
Easy
- Built in support for popular services
(Google, Facebook, Auth0, Apple…) - Use with OAuth 2+ & OpenID Connect providers
- Built in email / passwordless / magic link
- Use with any username / password store
Flexible
- Runtime agnostic, runs anywhere!
Vercel Edge Functions, Serverless… - Use with any modern framework!
Next.js, SvelteKit… - Bring Your Own Database - or none!
MySQL, Postgres, MSSQL, MongoDB… - Choose database sessions or JWT
Secure
- Signed, prefixed, server-only cookies
- Built-in CSRF protection
- JWT with JWS / JWE / JWK
- Tab syncing, auto-revalidation, keepalives
- Doesn't rely on client side JavaScript
Add authentication in minutes!
Next.js /pages/api/auth/[...nextauth].js
import NextAuth from 'next-auth'
import GitHub from 'next-auth/providers/github'
import Facebook from 'next-auth/providers/facebook'
import Google from 'next-auth/providers/google'
export default NextAuth({
providers: [
GitHub({
clientId: process.env.GITHUB_ID,
clientSecret: process.env.GITHUB_SECRET
}),
Facebook({
clientId: process.env.FACEBOOK_ID,
clientSecret: process.env.FACEBOOK_SECRET
}),
Google({
clientId: process.env.GOOGLE_ID,
clientSecret: process.env.GOOGLE_SECRET
})
]
})
SvelteKit /hooks.server.ts
import SvelteKitAuth from "@auth/sveltekit"
import GitHub from '@auth/core/providers/github'
import Facebook from '@auth/core/providers/facebook'
import Google from '@auth/core/providers/google'
import {
GITHUB_ID,
GITHUB_SECRET,
FACEBOOK_ID,
FACEBOOK_SECRET,
GOOGLE_ID,
GOOGLE_SECRET
} from "$env/static/private"
export const handle = SvelteKitAuth({
providers: [
GitHub({ clientId: GITHUB_ID, clientSecret: GITHUB_SECRET }),
Facebook({ clientId: FACEBOOK_ID, clientSecret: FACEBOOK_SECRET }),
Google({ clientId: GOOGLE_ID, clientSecret: GOOGLE_SECRET })
],
})
NextAuth.js is an open source community project.