Authentication
Dieser Inhalt ist noch nicht in deiner Sprache verfügbar.
Authentication and authorization are two security processes that manage access to your website or app. Authentication verifies a visitor’s identity, while authorization grants access to protected areas and resources.
Authentication allows you to customize areas of your site for logged-in individuals and provides the greatest protection for personal or private information. Authentication libraries (e.g. Lucia Auth, Auth.js) provide utilities for multiple authentication methods such as email sign-in and OAuth providers.
Lucia
Section titled LuciaLucia is a framework-agnostic, session-based authentication library with great Astro support.
Installation
Section titled InstallationInstall Lucia using the package manager of your choice.
npm install luciapnpm add luciayarn add luciaConfiguration
Section titled ConfigurationUse Lucia’s “Getting started in Astro” guide to initialize Lucia with an adapter and set up a database to store users and sessions.
Usage
Section titled UsageNext Steps
Section titled Next StepsAuth.js
Section titled Auth.jsAuth.js is a framework agnostic solution for authentication. A community framework adapter auth-astro is available for Astro.
Installation
Section titled InstallationUse the astro add command for your preferred package manager to add the auth-astro integration.
npx astro add auth-astropnpm astro add auth-astroyarn astro add auth-astroManual installation
Section titled Manual installationTo install auth-astro manually, install the required package for your package manager:
npm install auth-astro @auth/core@^0.18.6pnpm add auth-astro @auth/core@^0.18.6yarn add auth-astro @auth/core@^0.18.6Then, apply the integration to your astro.config.* file using the integrations property:
import { defineConfig } from 'astro/config';import auth from 'auth-astro';
export default defineConfig({ // ... integrations: [auth()],});Configuration
Section titled ConfigurationCreate an auth.config.mjs file in your project’s root directory. Add any auth providers or methods you wish to support, along with any environment variables they require.
import GitHub from '@auth/core/providers/github';import { defineConfig } from 'auth-astro';
export default defineConfig({ providers: [ GitHub({ clientId: import.meta.env.GITHUB_CLIENT_ID, clientSecret: import.meta.env.GITHUB_CLIENT_SECRET, }), ],});Create a .env file in the root of your project if it does not already exist. Add the following two environment variables. AUTH_SECRET should be a private string with a minimum of 32 characters.
AUTH_TRUST_HOST=trueAUTH_SECRET=<my-auth-secret>Usage
Section titled UsageYou can add sign-in and sign-out buttons using the auth-astro/client module in a script tag or client-side framework component.
---import Layout from 'src/layouts/Base.astro';---<Layout> <button id="login">Login</button> <button id="logout">Logout</button>
<script> const { signIn, signOut } = await import("auth-astro/client") document.querySelector("#login").onclick = () => signIn("github") document.querySelector("#logout").onclick = () => signOut() </script></Layout>You can fetch the user’s session using the getSession method.
---import Layout from 'src/layouts/Base.astro';import { getSession } from 'auth-astro/server';
const session = await getSession(Astro.request);---<Layout> { session ? ( <p>Welcome {session.user?.name}</p> ) : ( <p>Not logged in</p> ) }</Layout>