Saleor Auth SDK
Saleor Auth SDK integrates secure and customizable authentication and authorization into storefronts using Saleor.
Below 3kB bundle size (gzipped).
Usage
Next.js App Router
Next.js 13+ App Router is the recommended way to use the Saleor Auth SDK. It is the easiest to set up and provides the best user experience.
In order to use Saleor Auth SDK in React Server Components, the client needs to be created in the following way:
import { createSaleorAuthClient } from "@saleor/auth-sdk";
import { getNextServerCookiesStorage } from "@saleor/auth-sdk/next/server";
const nextServerCookiesStorage = getNextServerCookiesStorage();
const saleorAuthClient = createSaleorAuthClient({
saleorApiUrl: "…",
refreshTokenStorage: nextServerCookiesStorage,
accessTokenStorage: nextServerCookiesStorage,
});Logging in can be implemented via Server Actions:
<form
className="bg-white shadow-md rounded p-8"
action={async (formData) => {
"use server";
await saleorAuthClient.signIn(
{
email: formData.get("email").toString(),
password: formData.get("password").toString(),
},
{ cache: "no-store" },
);
}}
>
{/* … rest of the form … */}
</form>Then, you can use saleorAuthClient.fetchWithAuth directly for any queries and mutations.
For a full working example see the Saleor Auth SDK example.
Next.js Pages Router with Apollo Client
Step-by-step video tutorial
Check the following step-by-step video guide on how to set this up.
When using Next.js (Pages Router) along with Apollo Client, there are two essential steps to setting up your application. First, you have to surround your application's root with two providers: <SaleorAuthProvider> and <ApolloProvider>.
<SaleorAuthProvider> comes from our React.js-auth package, located at @saleor/auth-sdk/react, and it needs to be set up with the Saleor auth client instance.
The <ApolloProvider> comes from @apollo/client and it needs the live GraphQL client instance, which is enhanced with the authenticated fetch that comes from the Saleor auth client.
Lastly, you must run the useAuthChange hook. This links the onSignedOut and onSignedIn events.
Let's look at an example:
import { AppProps } from "next/app";
import { ApolloProvider, ApolloClient, InMemoryCache, createHttpLink } from "@apollo/client";
import { createSaleorAuthClient } from "@saleor/auth-sdk";
import { SaleorAuthProvider, useAuthChange } from "@saleor/auth-sdk/react";
const saleorApiUrl = "<your Saleor API URL>";
// Saleor Client
const saleorAuthClient = createSaleorAuthClient({ saleorApiUrl });
// Apollo Client
const httpLink = createHttpLink({
uri: saleorApiUrl,
fetch: saleorAuthClient.fetchWithAuth,
});
export const apolloClient = new ApolloClient({
link: httpLink,
cache: new InMemoryCache(),
});
export default function App({ Component, pageProps }: AppProps) {
useAuthChange({
saleorApiUrl,
onSignedOut: () => apolloClient.resetStore(),
onSignedIn: () => {
apolloClient.refetchQueries({ include: "all" });
},
});
return (
<SaleorAuthProvider client={saleorAuthClient}>
<ApolloProvider client={apolloClient}>
<Component {...pageProps} />
</ApolloProvider>
</SaleorAuthProvider>
);
}Then, in your register, login and logout forms you can use the auth methods (signIn, signOut, isAuthenticating) provided by the useSaleorAuthContext(). For example, signIn is usually triggered when submitting the login form credentials.
import React, { FormEvent } from "react";
import { useSaleorAuthContext } from "@saleor/auth-sdk/react";
import { gql, useQuery } from "@apollo/client";
const CurrentUserDocument = gql`
query CurrentUser {
me {
id
email
firstName
lastName
avatar {
url
alt
}
}
}
`;
export default function LoginPage() {
const { signIn, signOut } = useSaleorAuthContext();
const { data: currentUser, loading } = useQuery(CurrentUserDocument);
const submitHandler = async (event: FormEvent<HTMLFormElement>) => {
event.preventDefault();
const result = await signIn({
email: "admin@example.com",
password: "admin",
});
if (result.data.tokenCreate.errors) {
// handle errors
}
};
if (loading) {
return <div>Loading...</div>;
}
return (
<main>
{currentUser?.me ? (
<>
<div>Display user {JSON.stringify(currentUser)}</div>
<button className="button" onClick={() => signOut()}>
Log Out
</button>
</>
) : (
<div>
<form onSubmit={submitHandler}>
{/* You must connect your inputs to state or use a form library such as react-hook-form */}
<input type="email" name="email" placeholder="Email" />
<input type="password" name="password" placeholder="Password" />
<button className="button" type="submit">
Log In
</button>
</form>
</div>
)}
</main>
);
}Next.js (Pages Router) with urql
When using Next.js (Pages Router) along with urql client, there are two essential steps to setting up your application. First, you have to surround your application's root with two providers: <SaleorAuthProvider> and <Provider>.
<SaleorAuthProvider> comes from our React.js-auth package, located at @saleor/auth-sdk/react, and it needs to be set up with the Saleor auth client.
The <Provider> comes from urql and it needs the GraphQL client instance, which is enhanced with the authenticated fetch that comes from the Saleor auth client.
Lastly, you must run the useAuthChange hook. This links the onSignedOut and onSignedIn events and is meant to refresh the GraphQL store and in-flight active GraphQL queries.
Let's look at an example:
import { AppProps } from "next/app";
import { Provider, cacheExchange, fetchExchange, ssrExchange } from "urql";
import { SaleorAuthProvider, useAuthChange } from "@saleor/auth-sdk/react";
const saleorApiUrl = "<your Saleor API URL>";
const saleorAuthClient = createSaleorAuthClient({ saleorApiUrl });
const makeUrqlClient = () =>
createClient({
url: saleorApiUrl,
fetch: saleorAuthClient.fetchWithAuth,
exchanges: [cacheExchange, fetchExchange],
});
export default function App({ Component, pageProps }: AppProps) {
// https://github.com/urql-graphql/urql/issues/297#issuecomment-504782794
const [urqlClient, setUrqlClient] = useState<Client>(makeUrqlClient());
useAuthChange({
saleorApiUrl,
onSignedOut: () => setUrqlClient(makeUrqlClient()),
onSignedIn: () => setUrqlClient(makeUrqlClient()),
});
return (
<SaleorAuthProvider client={saleorAuthClient}>
<Provider value={urqlClient}>
<Component {...pageProps} />
</Provider>
</SaleorAuthProvider>
);
}Then, in your register, login and logout forms you can use the auth methods (signIn, signOut) provided by the useSaleorAuthContext(). For example, signIn is usually triggered when submitting the login form credentials.
import React, { FormEvent } from "react";
import { useSaleorAuthContext } from "@saleor/auth-sdk/react";
import { gql, useQuery } from "urql";
const CurrentUserDocument = gql`
query CurrentUser {
me {
id
email
firstName
lastName
avatar {
url
alt
}
}
}
`;
export default function LoginPage() {
const { signIn, signOut } = useSaleorAuthContext();
const [{ data: currentUser, fetching: loading }] = useQuery({
query: CurrentUserDocument,
pause: isAuthenticating,
});
const submitHandler = async (event: FormEvent<HTMLFormElement>) => {
event.preventDefault();
const result = await signIn({
email: "admin@example.com",
password: "admin",
});
if (result.data.tokenCreate.errors) {
// handle errors
}
};
if (loading) {
return <div>Loading...</div>;
}
return (
<main>
{currentUser?.me ? (
<>
<div>Display user {JSON.stringify(currentUser)}</div>
<button className="button" onClick={() => signOut()}>
Log Out
</button>
</>
) : (
<div>
<form onSubmit={submitHandler}>
{/* You must connect your inputs to state or use a form library such as react-hook-form */}
<input type="email" name="email" placeholder="Email" />
<input type="password" name="password" placeholder="Password" />
<button className="button" type="submit">
Log In
</button>
</form>
</div>
)}
</main>
);
}Next.js (Pages Router) with OpenID Connect
Setup _app.tsx as described above. In your login component trigger the external auth flow using the following code:
import { useSaleorAuthContext, useSaleorExternalAuth } from "@saleor/auth-sdk/react";
import { ExternalProvider } from "@saleor/auth-sdk";
import Link from "next/link";
import { gql, useQuery } from "@apollo/client";
export default function Home() {
const {
loading: isLoadingCurrentUser,
error,
data,
} = useQuery(gql`
query CurrentUser {
me {
id
email
firstName
lastName
}
}
`);
const { authURL, loading: isLoadingExternalAuth } = useSaleorExternalAuth({
saleorApiUrl,
provider: ExternalProvider.OpenIDConnect,
redirectURL: "<your Next.js app>/api/auth/callback",
});
const { signOut } = useSaleorAuthContext();
if (isLoadingExternalAuth || isLoadingCurrentUser) {
return <div>Loading...</div>;
}
if (data?.me) {
return (
<div>
{JSON.stringify(data)}
<button onClick={() => signOut()}>Logout</button>
</div>
);
}
if (authURL) {
return (
<div>
<Link href={authURL}>Login</Link>
</div>
);
}
return <div>Something went wrong</div>;
}You also need to define the auth callback. In pages/api/auth create the callback.ts with the following content:
import { ExternalProvider, SaleorExternalAuth } from "@saleor/auth-sdk";
import { createSaleorExternalAuthHandler } from "@saleor/auth-sdk/next";
const externalAuth = new SaleorExternalAuth("<your Saleor instance URL>", ExternalProvider.OpenIDConnect);
export default createSaleorExternalAuthHandler(externalAuth);FAQ
How do I reset password?
The SaleorAuthClient class provides you with a reset password method. If the reset password mutation is successful, it will log you in automatically, just like after a regular sign-in. The onSignIn method of useAuthChange hook will also be triggered.
const { resetPassword } = useSaleorAuthContext();
const response = await resetPassword({
email: "example@mail.com",
password: "newPassword",
token: "apiToken",
});