This package is a plugin for NextAuth version 5 that adds a Role-Based Access Control (RBAC) authorization layer to your authentication setup. The RBAC implementation is inspired by Symfony.
To install the @aulasoftwarelibre/next-auth-firewall
package, run:
npm install @aulasoftwarelibre/next-auth-firewall
Replace the content of your auth.ts file with the following code:
import NextAuthFirewall from '@aulasoftwarelibre/next-auth-firewall'
import authConfig from '@/lib/auth/auth.config'
export const {
auth,
firewallHandler,
handlers: { GET, POST },
signIn,
signOut,
} = NextAuthFirewall(authConfig)
Update your middleware.ts file with the following code:
import NextAuthFirewall from '@aulasoftwarelibre/next-auth-firewall'
import authConfig from '@/lib/auth/auth.config'
export default NextAuthFirewall(authConfig).auth
export const config = {
matcher: [
'/((?!api|_next/static|_next/image|favicon.ico).*)',
],
}
Create a new file src/app/api/auth/firewall/route.ts and add the following code:
import { firewallHandler } from '@/lib/auth/auth'
const { POST } = firewallHandler
export { POST }
Modify your auth.config.ts file to replace the authorize callback with access control rules. Here's an example:
import type { NextAuthFirewallConfig } from '@aulasoftwarelibre/next-auth-firewall'
const authConfig = {
accessControl: [
{
path: '^/(signout|settings)',
roles: 'IS_AUTHENTICATED',
},
{
path: '^/',
roles: 'PUBLIC_ACCESS',
},
],
// ...
} as NextAuthFirewallConfig
export default authConfig
Make sure to configure the adapter as per your requirements.