/packages/auth
) for auth so you can use the same auth-options and share the auth share across all your apps.
Auth is powered by Next-Auth or Auth.js.
Authentication with TS-Rest and Next-Auth (Auth.js) is implemented by utizing the JWT tokens that Next-Auth manages.
- Since Next-Auth has no way to get the this token on the frontend, we implement a route in our NextJS app called
/token
.
-
On the backend, this header is read and the object is written to the
Request
asauth
. - We can include any information like User Roles, Dates of Birth etc. to this object by tweaking the auth options of Next-Auth. For example:
This adds the
user.role
and user.uid
to the auth object (Provided that
exists in the database).