SDK
Next.js SDK
@authon/nextjs — 全栈 Next.js 集成,包含路由中间件、服务端组件辅助函数和完整的 React SDK。
npm: @authon/nextjsNext.js 14+App Router
安装
bash
npm install @authon/nextjs环境变量
将您的 Authon API 密钥添加到 .env.local. 可公开密钥可安全暴露给浏览器;私密密钥仅保留在服务器端。
.env.local
NEXT_PUBLIC_AUTHON_PUBLISHABLE_KEY=pk_live_your_publishable_key
AUTHON_SECRET_KEY=sk_live_your_secret_key在 Layout 中使用 AuthonProvider
将AuthonProvider 添加到根布局,使所有客户端组件都能访问认证上下文。
app/layout.tsx
import type { Metadata } from "next";
import { AuthonProvider } from "@authon/nextjs";
export const metadata: Metadata = {
title: "My App",
};
export default function RootLayout({
children,
}: {
children: React.ReactNode;
}) {
return (
<html lang="en">
<body>
<AuthonProvider
publishableKey={process.env.NEXT_PUBLIC_AUTHON_PUBLISHABLE_KEY!}
>
{children}
</AuthonProvider>
</body>
</html>
);
}中间件
使用authonMiddleware 在边缘保护路由。对非公开路由的未认证请求将自动重定向到您的登录页面。
middleware.ts
import { authonMiddleware } from "@authon/nextjs";
export default authonMiddleware({
// Routes that do NOT require authentication
publicRoutes: ["/", "/about", "/pricing", "/sign-in", "/sign-up"],
// Where to redirect unauthenticated users (default: /sign-in)
signInUrl: "/sign-in",
});
export const config = {
// Apply middleware to all routes except Next.js internals and static files
matcher: ["/((?!_next/static|_next/image|favicon.ico|.*\.png$).*)"],
};服务端组件
使用来自 @authon/nextjs/server.
auth()
返回包含用户 ID 和令牌获取器的会话元数据。轻量级 — 不获取完整用户对象。
app/api/orders/route.ts
import { auth } from "@authon/nextjs/server";
import { NextResponse } from "next/server";
export async function GET() {
const { userId, getToken } = await auth();
if (!userId) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const token = getToken();
// Use token to call external APIs on behalf of the user
const orders = await fetchOrders(userId, token);
return NextResponse.json({ orders });
}currentUser()
获取并返回完整的 AuthonUser 对象。在服务端组件中需要用户资料数据时使用。
app/dashboard/page.tsx
import { currentUser } from "@authon/nextjs/server";
import { redirect } from "next/navigation";
export default async function DashboardPage() {
const user = await currentUser();
// Redirect if not signed in
if (!user) {
redirect("/sign-in");
}
return (
<main>
<h1>Welcome back, {user.displayName ?? user.email}!</h1>
<p>Account created: {new Date(user.createdAt).toLocaleDateString()}</p>
<p>Sign-in count: {user.signInCount}</p>
</main>
);
}客户端 Hooks 与组件
所有 React SDK 的 Hooks 和组件均可在客户端组件中使用。从 @authon/nextjs导入(重新导出了@authon/react中的所有内容)。
components/Header.tsx
"use client";
import Link from "next/link";
import { SignedIn, SignedOut, UserButton, useAuthon } from "@authon/nextjs";
export function Header() {
const { openSignIn } = useAuthon();
return (
<header className="flex items-center justify-between p-4 border-b">
<Link href="/">My App</Link>
<div className="flex items-center gap-3">
<SignedIn>
<Link href="/dashboard">Dashboard</Link>
<UserButton />
</SignedIn>
<SignedOut>
<button onClick={() => openSignIn()} className="btn-primary">
Sign in
</button>
</SignedOut>
</div>
</header>
);
}API 路由保护
通过auth():
app/api/profile/route.ts
import { auth } from "@authon/nextjs/server";
import { currentUser } from "@authon/nextjs/server";
import { NextResponse } from "next/server";
export async function GET() {
const { userId } = await auth();
if (!userId) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const user = await currentUser();
return NextResponse.json({ user });
}
export async function PATCH(request: Request) {
const { userId } = await auth();
if (!userId) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
}
const body = await request.json();
// Update user profile...
return NextResponse.json({ success: true });
}登录 / 注册页面
使用内嵌弹窗组件创建专用的登录和注册页面:
app/sign-in/page.tsx
import { SignIn } from "@authon/nextjs";
export default function SignInPage() {
return (
<div className="flex min-h-screen items-center justify-center bg-slate-950">
<SignIn mode="embedded" />
</div>
);
}app/sign-up/page.tsx
import { SignUp } from "@authon/nextjs";
export default function SignUpPage() {
return (
<div className="flex min-h-screen items-center justify-center bg-slate-950">
<SignUp mode="embedded" />
</div>
);
}