Web Studio is here! An enhanced experience to make it easier to create, preview, and collaborate on your website contentLearn More
Auth0 is an easy to implement, adaptable authentication and authorization platform. Use Auth0 to allow users to sign up, login, and access protected Content or Pages on your Agility CMS powered website or application.
To get started with Auth0, sign up for a Free Account.
Next, you'll want to create an application by heading to Applications > Create Application.
Give you application a name and select the application type.
There are many ways to use Auth0 in your Applications and Websites. For this example, we will be creating a powered by Next.js and Agility CMS paired with Auth0's `@auth0/nextjs-auth0` NPM package.
Once you've created your application head to Settings and take note of your Domain, Client ID, and Client Secret as we'll need to use this in our application later.
Scroll down the page to Application URIs. Fill out the following for the Callback URL's and Logout URL's.
Feel free to look through and update the other Application Properties as needed. Once you're done, click Save.
We'll want to add authentication to an Agility CMS powered website. Sign up for a Free Agility CMS Account. Once you have an account, you'll be able to select a starter and create an Instance.
For this example, we'll be using the Next.js Blog Starter Template.
Getting Started with Agility CMS
We may want to set up Protected Pages in Agility that only grants users who have access to an account visibility to that Page.
To add a Page in Agility, head to Pages and click the New Page Button.
Select a Page Template and give your Page a Title.
Add a Rich Text Area Page Module with some top secret information.
Make sure to save your changes.
To make this Page Protected, heat to the Settings of the Page and enable the Secure Page on Website toggle.
Make sure to save your changes.
The last step is to add Authentication within our Agility CMS powered website.
As mentioned previously, we will be using the Agility CMS Next.js Blog Starter Template as the boilerplate for our Authentication implementation.
The Next.js Starter (agilitycms.com)
Once you have a copy of the Agility CMS Next.js Blog Starter running locally on you're machine, add the @auth0/nextjs-auth0
package as a dependency.
yarn add @auth0/nextjs-auth0
Remember those Auth0 credentials we asked you to save earlier? You'll want to include them as Environment Variables in your .env.local
file.
AUTH0_SECRET=
AUTH0_BASE_URL=
AUTH0_ISSUER_BASE_URL=
AUTH0_CLIENT_ID=
AUTH0_CLIENT_SECRET=
To retrieve your Auth0 Secret, you can run the following code snippet in the command line:
openssl rand -hex 32
This will return long secret value used to encrypt the session cookie.
Next you'll want to add the Dynamic API Route. Inside the pages/api
directory, create the file auth/[...auth0].js
. Import in that file the handleAuth
method from the SDK, and export the result of calling it.
This creates the following routes:
# The route used to perform login with Auth0.
/api/auth/login
# The route used to log the user out.
/api/auth/logout
# The route Auth0 will redirect the user to after a successful login.
/api/auth/callback
# The route to fetch the user profile from.
/api/auth/me
On the frontend side, the SDK uses React Context to manage the authentication state of your users. To make that state available to all your pages, you need to override the App component and wrap its inner component with a UserProvider. Add the following to the /pages/_app.js
file:
import { UserProvider } from "@auth0/nextjs-auth0";
import "../styles/globals.css";
function MyApp({ Component, pageProps }) {
return (
<UserProvider>
<Component {...pageProps} />
</UserProvider>
);
}
export default MyApp;
In the /components/Layout.js
file, add the following code above the initial return statement:
import { withPageAuthRequired } from "@auth0/nextjs-auth0/dist/frontend";
...
const Protected = withPageAuthRequired(function ({ user }) {
return (
<>
<SEO
title={sitemapNode?.title}
description={page.seo.metaDescription}
keywords={page.seo.metaKeywords}
metaHTML={page.seo.metaHTML}
/>
<div id="site-wrapper">
{isPreview && <LoadingWidget message="Loading Preview Mode" />}
{!isPreview && (
<div id="site">
<PreviewBar {...props} />
<div className="flex flex-col min-h-screen">
<SiteHeader {...props} />
<main className="flex-grow">
<AgilityPageTemplate {...props} />
</main>
<SiteFooter {...props} />
</div>
</div>
)}
</div>
</>
);
});
if (props.page.securePage) {
return <Protected />;
}
...
This code will return the Protected Page if the page has been flagged as secured in Agility CMS, otherwise it will return the regular page.
If you try to access the Protected Page, it will now redirect you to login.
Once you authenticate, you'll be able to see the Protected Pages Content!!