import { Steps, Callout } from "nextra/components" import { Code } from "@/components/Code"
### Installing Auth.jsStart by installing the appropriate package for your framework.
```bash npm2yarn
npm install next-auth@beta
```
</Code.Next>
<Code.Svelte>
```bash npm2yarn
npm install @auth/sveltekit
```
</Code.Svelte>
<Code.Express>
```bash npm2yarn
npm install @auth/express
```
</Code.Express>
<Code.Fastify>
```bash npm2yarn
npm install @auth/fastify
```
</Code.Fastify>
The only environment variable that is mandatory is the AUTH_SECRET. This is a random value used by the library to encrypt tokens and email
verification hashes. (See Deployment to learn more). You can generate one via running:
npx auth secretAlternatively, you can use the following openssl command, which should be available on all Linux / Mac OS X systems.
openssl rand -base64 33Then add it to your .env.local file:
AUTH_SECRET=secretNext, create the Auth.js config file and object. This is where you can control the behaviour of the library and specify custom authentication logic, adapters, etc. We recommend all frameworks to create an auth.ts file in the project. In this file we'll pass in all the options to the framework specific initalization function and then export the route handler(s), signin and signout methods, and more.
- Start by creating a new
auth.ts file at the root of your app with the following content.
import NextAuth from "next-auth"
export const { handlers, signIn, signOut, auth } = NextAuth({
providers: [],
})
- Add an Route Handler under
/app/api/auth/[...nextauth]/route.ts.
This file must be an App Router Route Handler, however, the rest of your app
can stay under `page/` if you'd like.
import { handlers } from "@/auth" // Referring to the auth.ts we just created
export const { GET, POST } = handlers
- Add optional Middleware to keep the session alive, this will update the session expiry every time its called.
export { auth as middleware } from "@/auth"
</Code.Next>
<Code.Svelte>
- Start by creating a new
auth.ts file in your src/ directory with the following content.
import { SvelteKitAuth } from "@auth/sveltekit"
export const { handle } = SvelteKitAuth({
providers: [],
})
- Re-export the
handle method in SvelteKit's src/hooks.server.ts file.
export { handle } from "./auth"
- That handle function adds an
auth() method onto our event.locals, which is available in any +layout.server.ts or +page.server.ts file. Therefore, we can access the session in our load function like this.
import type { LayoutServerLoad } from "./$types"
export const load: LayoutServerLoad = async (event) => {
const session = await event.locals.auth()
return {
session,
}
}
</Code.Svelte>
<Code.Express>
- Start by importing
ExpressAuth and adding the handler to the auth route.
import { ExpressAuth } from "@auth/express"
import express from "express"
const app = express()
// If your app is served through a proxy
// trust the proxy to allow us to read the `X-Forwarded-*` headers
app.set("trust proxy", true)
app.use("/auth/*", ExpressAuth({ providers: [] }))
Note this creates the Auth.js API, but does not yet protect resources. Continue on to protecting resources for more details.
</Code.Express>
<Code.Fastify>
- Start by importing
FastifyAuth registering it to your auth API route.
import { FastifyAuth } from "@auth/fastify"
import Fastify from "fastify"
// If your app is served through a proxy
// trust the proxy to allow us to read the `X-Forwarded-*` headers
const fastify = Fastify({ trustProxy: true })
fastify.register(FastifyAuth({ providers: [] }), { prefix: "/auth" })
Note this creates the Auth.js API, but does not yet protect resources. Continue on to protecting resources for more details.
</Code.Fastify>
With that, the basic setup is complete! Next we'll setup the first authentication methods and fill out that providers array.