0.0.1 • Published 3 years ago

@ory/integration-react v0.0.1

Weekly downloads
-
License
-
Repository
-
Last release
3 years ago

Add Auth, 2FA, User Management, WebAuthn to Your ReactJS / NextJS / Vercel App

Reading this guide you will implement a ReactJS application with a page which shows if the user is logged in or not, a page using an API endpoint which is protected, login, registration, account settings, account verification (e.g. email, phone, activate account), account verification (e.g. reset password), using the NextJS framework and deploy it to Vercel. You can see this app in action at

auth-login-nextjs-vercel-ory.app

What is special about this application is that no session management, cookies, or backend is needed! To implement the logic for login, registration, account recovery, session management, MFA we will be relying on the Open Source project Ory Kratos which is also available as a managed cloud service at Ory Cloud.

We chose NextJS and Vercel as the framework to keep boilerplate low and offer a fast deployment option. Of course, this style of integration works with all ReactJS apps! We also have options

To avoid the complexity of setting up routing and state management and in the hopes of making this example easy to consume, we have chosen NextJS as the framework.

Start Hacking

Per default this project is using the Ory Cloud Playground. This allows you to just clone the repository and bring it live with:

npm i
npm run dev

Next head over to http://localhost:3000/ to see the app in action with login, registration - a working user management!

You can even deploy it immediately to Vercel with:

npx vercel --prod

Follow allong in the next chapters to learn how to connect your own Open Source Ory Kratos installation or Ory Cloud Project.

Running Ory Kratos on Ory Cloud

Get started by signing up for an Ory Cloud account and creating your first Ory Cloud Project. Then get the Project's SDK Configuration and set it in your environment and start the process:

npm i
export NEXT_PUBLIC_ORY_SDK_URL=https://...
npm run dev

Per default, this project is using our playground. One NextJS API route is using the Ory Kratos / Ory Cloud Admin API to load the user's identity, which is why you can optionally set up an Ory Personal Access Token as well:

npm i
export NEXT_PUBLIC_ORY_SDK_URL=https://...
export ORY_ACCESS_TOKEN=...
npm run dev

Next head over to http://localhost:3000/ to see the app in action with login, registration - a working user management!

Additional Configuration

To get everything to work smoothly, we recommend setting the appropriate UI endpoints in your Ory Cloud Project under the "User Interface" menu item. If you are developing locally on port 3000 this would be:

  • Login UI: http://localhost:3000/login
  • Registration UI: http://localhost:3000/registration
  • Settings UI: http://localhost:3000/settings
  • Verification UI: http://localhost:3000/verification
  • Recovery UI: http://localhost:3000/recovery
  • Error UI: http://localhost:3000/error

Ory Cloud Project User Interface Configuration

Also, ensure to set up your redirects correctly, so you end up at the right endpoint after you have signed up or signed in!

Ory Cloud Project User Interface Configuration

We are setting these values to ensure that all flows (e.g. clicking on that password reset link) end up at your application. If you deploy to production, set these values to your production URL!

Deploy on Vercel with Ory Cloud

The easiest way to deploy your Next.js + Ory Cloud app is to use the Vercel Platform from the creators of Next.js.

If you have never deployed on Vercel, check out the Next.js deployment documentation for more details.

Deploying the app is easy. Ensure that your build works by running

npm run build

Then, set up your Vercel account and create a new app. You will need to configure your Ory Cloud Project SDK URL and Ory Personal Access Token (optional) as environment variables for your app:

Add Ory Cloud Personal Access Token to Vercel

Next all you need to do is to run the deploy command:

npx vercel deploy --prod

This also works with Vercel PR Preview!

Deploy Ory Kratos Yourself

Of course, this application also integrates with Open Source Ory Kratos! Instead of setting up the NEXT_PUBLIC_NEXT_PUBLIC_ORY_SDK_URL you will need to set the environment variable NEXT_PUBLIC_ORY_KRATOS_PUBLIC to your Ory Kratos public API!

If you are running the Ory Kratos Quickstart the correct value is:

export NEXT_PUBLIC_ORY_KRATOS_PUBLIC=http://localhost:4433

CORS

Please be aware that you need to add the port where your NextJS is running to the list of allowed CORS origins. You also need to allow some headers.

If you are running

serve:
  public:
    cors:
      enabled: true
      allowed_origins:
        - http://localhost:3000
      allowed_headers:
        - Authorization
        - Content-Type
        - X-Session-Token

Deploy to Production

Ory Kratos can be deployed almost anywhere (VM, Docker, Kubernetes, Baremetal, Raspberry PI). One challenge is to ensure that Ory Kratos' Public API and your NextJS + Vercel app run on the same top level domain (e.g. example.org and kratos.example.org). You will probably need to add a custom CNAME domain to your Vercel deployment to make this work.

Next you need to set environment variables in your Vercel deployment:

NEXT_PUBLIC_ORY_KRATOS_PUBLIC=https://kratos.example.org

If you intend to access Ory Kratos' Admin API you will need a more sophisticated deployment option:

  • Deploy your app and Ory Kratos in Kubernetes with our Helm Charts and set up the correct routing;
  • Run both parts on the same VM and connect to the Ory Kratos Admin API via a socket or by only listening on localhost.

For more guides and deployment options, please head over to the Ory Kratos documentation.

CORS & Cookies

Again, you will need to set up CORS and this time also some cookie settings:

cookies:
  domain: example.org
  path: /
  same_site: Lax

serve:
  public:
    cors:
      enabled: true
      allowed_origins:
        - https://example.org
        - https://some-other.example.org
      allowed_headers:
        - Authorization
        - Content-Type
        - X-Session-Token

Start From Scratch

To start from scratch, initialize the NextJS App

npx create-next-app --ts

With Ory Cloud

To make things easy install the Ory Cloud SDK and the Ory Cloud Integration package. The Ory Cloud SDK is used to interact with Ory Cloud's APIs. The Ory Cloud Integration package contains code to easily connect apps to Ory's APIs and make cookies and other features work out of the box:

npm i --save @ory/client @ory/integrations

Add a new file under pages/api/.ory/[...paths].ts with the following contents:

https://github.com/ory/react-nextjs-example/blob/init-example/pages/api/.ory/%5B...paths%5D.ts

Setting up the SDK is easy:

https://github.com/ory/react-nextjs-example/blob/init-example/pkg/sdk/cloud.ts

Running Ory Kratos Yourself

If you use Open Source Ory Kratos you only need to install @ory/kratos-client to interface with Ory Kratos' APIs. Please be aware that Ory Kratos and your NextJS app must run on the same domain name! Be aware that 127.0.0.1 and localhost are different domain names!

npm i --save @ory/kratos-client

Setting up the SDK is easy:

https://github.com/ory/react-nextjs-example/blob/init-example/pkg/sdk/open-source.ts

Rendering Login, Registration, ... Forms

You can install

@ory/client@ory/integrations@ory/kratos-client@ory/themesclassnamesnextreactreact-domstyled-componentstypescript
@infinitebrahmanuniverse/nolb-_ory@everything-registry/sub-chunk-695@zalastax/nolb-_ory
0.0.1

3 years ago

0.0.0

3 years ago