Skip to main content

Auth0

OSU IT does not currently have an authentication service that can be used for the Record Books project. As a result, the project uses Auth0 as its authentication service. Auth0 is an identity and access management service that provides authentication and authorization services for web and mobile applications.

The Auth0 project is tied to the 4-H record books service email. Login information can be found in the internal service account document. To access the Auth0 dashboard, go to https://manage.auth0.com/.

The current project is using the free tier of Auth0, which provides up to 7,000 active users and unlimited logins. The free tier also includes basic support and a limited set of features. The free tier is sufficient for testing the project, but will need to be upgraded before going into production.

User Authentication

Users can sign up for an account using their email address and password. Auth0 provides login and signup forms that can be embedded in the application. Other providers, such as Google, Facebook, and GitHub, have not been enabled for the Record Books project, but could be added in the future.

Auth0 connects to the application using the Auth0 SDK and the nextjs-auth0 package. These packages handle the authentication process, including login, logout, and user profile management, and provide the hooks which allow the application to access the user's session information.

Auth0 Next.js startup guide provides a good starting point for integrating Auth0 with the Record Books project, and explains how the SDK works with Next.js.

User Data

User data created by Auth0 can be stored in a database managed by Auth0, or in a custom database. The current app is set up to use a custom MongoDB database to store user data. The database is hosted on MongoDB Atlas, a cloud-based database service that provides a fully managed database platform. Users are stored in the users collection in the recordbooks database. (See the MongoDB page for more information on the database setup.)

Manage Auth0 authentication settings for the RecordBooks app by navigating to the Auth0 dashboard-> Authentication -> Database -> RecordBooks.

Scripts

Auth0 provides a set of scripts that can be used to manage user data. These scripts can be used to customize the user registration process, validate user data, and perform other tasks. The Record Books project uses the following scripts:

  • Login: This script is used to validate the user's email and password during login.
  • Create: This script is used to create a new user in the database.
  • Get User: This script is used to retrieve user data from the database.

Manage Auth0 scripts for the RecordBooks app by navigating to the Auth0 dashboard-> Authentication -> Database -> RecordBooks -> Custom Database -> Custom Database Scripts.

API Calls

Auth0 uses an API callback route to handle authentication requests. This catch-all route is defined in the project api/auth/[...auth0]/route.js file. The route is used to handle login, logout, and user profile requests. The route is protected by the Auth0 SDK, which verifies the user's session before allowing access to the route. Since we are running most authentication logic through Auth0, this route mostly acts as a pass-through to Auth0's authentication services.