Auth.js

Auth.js allows developers to setup authentication flow to your web app. It supports wide range of authentication providers and can easily be integrated with any Node.js framework.

Usage

You can add Auth.js easily by using the following Qwik starter script:

npm run qwik add auth

This command will add new packages:

@auth/core
@builder.io/qwik-city

and create a new file named plugin@auth.ts with default configuration:

src/routes/plugin@auth.ts

import { serverAuth$ } from '@builder.io/qwik-auth';
import GitHub from '@auth/core/providers/github';
import type { Provider } from '@auth/core/providers';
 
export const { onRequest, useAuthSession, useAuthSignin, useAuthSignout } = serverAuth$(
  ({ env }) => ({
    secret: env.get("AUTH_SECRET"),
    trustHost: true,
    providers: [
      GitHub({
        clientId: env.get("GITHUB_ID"),
        clientSecret: env.get("GITHUB_SECRET"),
      }),
    ] as Provider[],
  })
);

Since, Qwik uses Vite therefore we will follow Vite Env variables & modes.

Now, let's create .env.local file to store secrets

.env.local

GITHUB_ID=
GITHUB_SECRET=
AUTH_SECRET=

Follow the GitHub OAuth Guide to get your GitHub Client ID, GitHub Client Secrets and generate AUTH_SECRET using openssl rand -base64 32 or Secret Generator.

Now, we are done with the Auth.js setup. We will have the following routes

/api/auth/session: current logged user info.
/api/auth/signin: this provides all Auth Providers.
/api/auth/signout: for signing out.
/api/auth/csrf: generate a csrf token.
/api/auth/error: default error page.
/api/auth/providers: get list of all the providers.

Checkout Auth.js for more detail documentation.

Contributors

Thanks to all the contributors who have helped make this documentation better!