o24ui-auth
v4.0.1
Published
Authentication utilities for EMI Portal applications using NextAuth v5
Maintainers
optimal24Readme
@emi-portal/auth
Authentication utilities and NextAuth v5 configuration for EMI Portal.
Features
- NextAuth v5 configuration helpers
- JWT token utilities (decode, expiration check)
- Cookie and localStorage management
- Auth guards and permission checks
- Device fingerprint generation
- TypeScript support
Installation
{
"dependencies": {
"@emi-portal/auth": "*"
}
}Usage
NextAuth Configuration
// src/auth.ts
import { createAuthConfig } from '@emi-portal/auth/config';
import NextAuth from 'next-auth';
const authConfig = createAuthConfig({
loginEndpoint: '/api/login',
async authorize(credentials) {
// Your login logic
const response = await fetch('/api/login', {
method: 'POST',
body: JSON.stringify(credentials),
});
if (response.ok) {
return await response.json();
}
return null;
},
});
export const { handlers, auth, signIn, signOut } = NextAuth(authConfig);Auth Utilities
import {
isTokenExpired,
setAuthToken,
getAuthToken,
clearAuthData,
generateDeviceFingerprint
} from '@emi-portal/auth/utils';
// Check token expiration
if (isTokenExpired(token)) {
// Handle token refresh
}
// Store token
setAuthToken(token, 7); // expires in 7 days
// Get token
const token = getAuthToken();
// Clear all auth data
clearAuthData();
// Generate device fingerprint
const fingerprint = generateDeviceFingerprint();Auth Guards (Server Components)
import { requireAuth, requireRole, requirePermission } from '@emi-portal/auth/guards';
import { auth } from '@/auth';
export default async function ProtectedPage() {
const session = await auth();
// Redirect if not authenticated
requireAuth(session);
// Redirect if user doesn't have admin role
requireRole(session, 'admin');
// Redirect if user doesn't have permission
requirePermission(session, 'users.manage');
return <div>Protected Content</div>;
}Architecture
Based on the EMI Portal authentication pattern:
- NextAuth v5 with JWT strategy
- Credentials provider for username/password auth
- Session stored in JWT with user data
- Token management via cookies and localStorage
- Auth guards for server-side protection