This module is used for creating jwt based auth in your next js application
To set SECRET_AUTH (consumed by jasonwebtoken). please set environmental variable SECRET_AUTH
To set Cookie encryption set enviromnetal Variable JWT_ALGO_256_ENCRYPT_KEY || crypto.randomBytes(16).toString("hex") JWT_ALGO_256_IV_KEY || crypto.randomBytes(8).toString("hex")
To check the implimentation of the module please check from example/test folder from out github repo
This has following API end points
jwtSign This is for sign in
IsPageLogged This is passed in getServerSideProps method with resolved promise on valied jasonwebtoken of signin else reject promise
validateUser This is used to check the user for subesuqent protected routes
jwtTokenCreate With this one can create new token for other uses in your application appilcatoin
Login route example of login route in next
Protected route This is closer for routes of api allowing roles as string of array passed and route function as argument see code below
logout This sets token of signin "" thus user is logged out
jwtverify Helper function to check jsonwebtoken
in you api routes
import {jwtSign} from "jwt-next-auth"
const route = async(req, res) => {
try {
let result = await jwtSign(req.body, req , res).then(res=>res);
res.status(200).json({mes : result})
} catch (error) {
export default route;
in your page
import Head from 'next/head'
import {IsPageLogged} from "jwt-next-auth"
export default function Home(props) {
return (
<h1>{props.pageLogged ? "Page is logged" : "Page is not logged"}</h1>
// your code of page goes here
export async function getServerSideProps(ctx) {
try {
const result = await IsPageLogged(ctx.req, ctx.res).then(result=>result)
return {
props: {pageLogged : true}, // will be passed to the page component as props
} catch (error) {
return { props: {pageLogged : false} };
in your api route
import {validateUser} from "jwt-next-auth"
const route = async(req, res)=>{
try {
await validateUser(req, res).then(r=>r)
} catch (error) {
export default route
In your route
import {jwtTokenCreate} from "jwt-next-auth"
const route = async(req, res)=>{
try {
let token = await jwtTokenCreate(req.body, 7).then(r=>r)
} catch (error) {
export default route;
import {jwtSign} from "jwt-next-auth"
const route = async(req, res) => {
try {
let payload = req.body;
//write code check from data base usernam and pasword
// then add role property for the payload most ofetn dervied from database
payload.role = "admin"// real world application this comes from database of users
let result = await jwtSign(payload, req , res).then(res=>res);
res.status(200).json({mes : result})
} catch (error) {
// this routes are inside api folder of pages of next js app
import { protectedRouteMaster} from "jwt-next-auth"
const route = async(req, res, body, auth) => {
try {
console.log("body", body)//access body requet
console.log("auth", auth)//access auth body from here
res.status(200).json({mes:"varied user"})
} catch (error) {
//array of strings second arguments it extrcts the role of payload set durring the login route see above
export default protectedRouteMaster(route, ["admin", "editor"])
in your route
import {logout} from "jwt-next-auth"
const route = (req, res)=>{
try {
logout(req, res)
res.status(200).json({mes: "logged out"})
} catch (error) {
export default route
in you api routes async method