Saleor Auth SDK integrates secure and customizable authentication and authorization into storefronts using Saleor.
Below 3kB bundle size (gzipped).
Next.js 13+ App Router is the recommended way to use the Saleor Auth SDK. It is the easiest to set up and provides the best user experience.
In order to use Saleor Auth SDK in React Server Components, the client needs to be created in the following way:
import { createSaleorAuthClient } from "@saleor/auth-sdk";
import { getNextServerCookiesStorage } from "@saleor/auth-sdk/next/server";
const getServerAuthClient = () => {
const nextServerCookiesStorage = getNextServerCookiesStorage();
return createSaleorAuthClient({
saleorApiUrl: "…",
refreshTokenStorage: nextServerCookiesStorage,
accessTokenStorage: nextServerCookiesStorage,
});
};
Logging in can be implemented via Server Actions:
<form
className="bg-white shadow-md rounded p-8"
action={async (formData) => {
"use server";
await getServerAuthClient().signIn(
{
email: formData.get("email").toString(),
password: formData.get("password").toString(),
},
{ cache: "no-store" },
);
}}
>
{/* … rest of the form … */}
</form>
Then, you can use saleorAuthClient.fetchWithAuth
directly for any queries and mutations.
For a full working example, see the Saleor Auth SDK example.
Next.js Pages Router with Apollo Client
Step-by-step video tutorial
Check the following step-by-step video guide on how to set this up.
When using Next.js (Pages Router) along with Apollo Client, there are two essential steps to setting up your application. First, you have to surround your application's root with two providers: <SaleorAuthProvider>
and <ApolloProvider>
.
<SaleorAuthProvider>
comes from our React.js-auth package, located at @saleor/auth-sdk/react
, and it needs to be set up with the Saleor auth client instance.
The <ApolloProvider>
comes from @apollo/client
and it needs the live GraphQL client instance, which is enhanced with the authenticated fetch
that comes from the Saleor auth client.
Lastly, you must run the useAuthChange
hook. This links the onSignedOut
and onSignedIn
events.
Let's look at an example:
import { AppProps } from "next/app";
import { ApolloProvider, ApolloClient, InMemoryCache, createHttpLink } from "@apollo/client";
import { createSaleorAuthClient } from "@saleor/auth-sdk";
import { SaleorAuthProvider, useAuthChange } from "@saleor/auth-sdk/react";
const saleorApiUrl = "<your Saleor API URL>";
// Saleor Client
const saleorAuthClient = createSaleorAuthClient({ saleorApiUrl });
// Apollo Client
const httpLink = createHttpLink({
uri: saleorApiUrl,
fetch: saleorAuthClient.fetchWithAuth,
});
export const apolloClient = new ApolloClient({
link: httpLink,
cache: new InMemoryCache(),
});
export default function App({ Component, pageProps }: AppProps) {
useAuthChange({
saleorApiUrl,
onSignedOut: () => apolloClient.resetStore(),
onSignedIn: () => {
apolloClient.refetchQueries({ include: "all" });
},
});
return (
<SaleorAuthProvider client={saleorAuthClient}>
<ApolloProvider client={apolloClient}>
<Component {...pageProps} />
</ApolloProvider>
</SaleorAuthProvider>
);
}
Then, in your register, login and logout forms you can use the auth methods (signIn
, signOut
, isAuthenticating
) provided by the useSaleorAuthContext()
. For example, signIn
is usually triggered when submitting the login form credentials.
import React, { FormEvent } from "react";
import { useSaleorAuthContext } from "@saleor/auth-sdk/react";
import { gql, useQuery } from "@apollo/client";
const CurrentUserDocument = gql`
query CurrentUser {
me {
id
email
firstName
lastName
avatar {
url
alt
}
}
}
`;
export default function LoginPage() {
const { signIn, signOut } = useSaleorAuthContext();
const { data: currentUser, loading } = useQuery(CurrentUserDocument);
const submitHandler = async (event: FormEvent<HTMLFormElement>) => {
event.preventDefault();
const result = await signIn({
email: "[email protected]",
password: "admin",
});
if (result.data.tokenCreate.errors) {
// handle errors
}
};
if (loading) {
return <div>Loading...</div>;
}
return (
<main>
{currentUser?.me ? (
<>
<div>Display user {JSON.stringify(currentUser)}</div>
<button className="button" onClick={() => signOut()}>
Log Out
</button>
</>
) : (
<div>
<form onSubmit={submitHandler}>
{/* You must connect your inputs to state or use a form library such as react-hook-form */}
<input type="email" name="email" placeholder="Email" />
<input type="password" name="password" placeholder="Password" />
<button className="button" type="submit">
Log In
</button>
</form>
</div>
)}
</main>
);
}
Next.js (Pages Router) with urql
When using Next.js (Pages Router) along with urql client, there are two essential steps to setting up your application. First, you have to surround your application's root with two providers: <SaleorAuthProvider>
and <Provider>
.
<SaleorAuthProvider>
comes from our React.js-auth package, located at @saleor/auth-sdk/react
, and it needs to be set up with the Saleor auth client.
The <Provider>
comes from urql
and it needs the GraphQL client instance, which is enhanced with the authenticated fetch
that comes from the Saleor auth client.
Lastly, you must run the useAuthChange
hook. This links the onSignedOut
and onSignedIn
events and is meant to refresh the GraphQL store and in-flight active GraphQL queries.
Let's look at an example:
import { AppProps } from "next/app";
import { Provider, cacheExchange, fetchExchange, ssrExchange } from "urql";
import { SaleorAuthProvider, useAuthChange } from "@saleor/auth-sdk/react";
const saleorApiUrl = "<your Saleor API URL>";
const saleorAuthClient = createSaleorAuthClient({ saleorApiUrl });
const makeUrqlClient = () =>
createClient({
url: saleorApiUrl,
fetch: saleorAuthClient.fetchWithAuth,
exchanges: [cacheExchange, fetchExchange],
});
export default function App({ Component, pageProps }: AppProps) {
// https://github.com/urql-graphql/urql/issues/297#issuecomment-504782794
const [urqlClient, setUrqlClient] = useState<Client>(makeUrqlClient());
useAuthChange({
saleorApiUrl,
onSignedOut: () => setUrqlClient(makeUrqlClient()),
onSignedIn: () => setUrqlClient(makeUrqlClient()),
});
return (
<SaleorAuthProvider client={saleorAuthClient}>
<Provider value={urqlClient}>
<Component {...pageProps} />
</Provider>
</SaleorAuthProvider>
);
}
Then, in your register, login and logout forms you can use the auth methods (signIn
, signOut
) provided by the useSaleorAuthContext()
. For example, signIn
is usually triggered when submitting the login form credentials.
import React, { FormEvent } from "react";
import { useSaleorAuthContext } from "@saleor/auth-sdk/react";
import { gql, useQuery } from "urql";
const CurrentUserDocument = gql`
query CurrentUser {
me {
id
email
firstName
lastName
avatar {
url
alt
}
}
}
`;
export default function LoginPage() {
const { signIn, signOut } = useSaleorAuthContext();
const [{ data: currentUser, fetching: loading }] = useQuery({
query: CurrentUserDocument,
pause: isAuthenticating,
});
const submitHandler = async (event: FormEvent<HTMLFormElement>) => {
event.preventDefault();
const result = await signIn({
email: "[email protected]",
password: "admin",
});
if (result.data.tokenCreate.errors) {
// handle errors
}
};
if (loading) {
return <div>Loading...</div>;
}
return (
<main>
{currentUser?.me ? (
<>
<div>Display user {JSON.stringify(currentUser)}</div>
<button className="button" onClick={() => signOut()}>
Log Out
</button>
</>
) : (
<div>
<form onSubmit={submitHandler}>
{/* You must connect your inputs to state or use a form library such as react-hook-form */}
<input type="email" name="email" placeholder="Email" />
<input type="password" name="password" placeholder="Password" />
<button className="button" type="submit">
Log In
</button>
</form>
</div>
)}
</main>
);
}
Setup _app.tsx
as described above. In your login component trigger the external auth flow using the following code:
import { useSaleorAuthContext, useSaleorExternalAuth } from "@saleor/auth-sdk/react";
import { ExternalProvider } from "@saleor/auth-sdk";
import Link from "next/link";
import { gql, useQuery } from "@apollo/client";
export default function Home() {
const {
loading: isLoadingCurrentUser,
error,
data,
} = useQuery(gql`
query CurrentUser {
me {
id
email
firstName
lastName
}
}
`);
const { authURL, loading: isLoadingExternalAuth } = useSaleorExternalAuth({
saleorApiUrl,
provider: ExternalProvider.OpenIDConnect,
redirectURL: "<your Next.js app>/api/auth/callback",
});
const { signOut } = useSaleorAuthContext();
if (isLoadingExternalAuth || isLoadingCurrentUser) {
return <div>Loading...</div>;
}
if (data?.me) {
return (
<div>
{JSON.stringify(data)}
<button onClick={() => signOut()}>Logout</button>
</div>
);
}
if (authURL) {
return (
<div>
<Link href={authURL}>Login</Link>
</div>
);
}
return <div>Something went wrong</div>;
}
You also need to define the auth callback. In pages/api/auth
create the callback.ts
with the following content:
import { ExternalProvider, SaleorExternalAuth } from "@saleor/auth-sdk";
import { createSaleorExternalAuthHandler } from "@saleor/auth-sdk/next";
const externalAuth = new SaleorExternalAuth("<your Saleor instance URL>", ExternalProvider.OpenIDConnect);
export default createSaleorExternalAuthHandler(externalAuth);
The SaleorAuthClient
class provides you with a reset password method. If the reset password mutation is successful, it will log you in automatically, just like after a regular sign-in. The onSignIn
method of useAuthChange
hook will also be triggered.
const { resetPassword } = useSaleorAuthContext();
const response = await resetPassword({
email: "[email protected]",
password: "newPassword",
token: "apiToken",
});