The present example explains how to setup an httpOnly cookie auth flow with Next.js and Fauna, using Apollo Server and react-query/graphql-request on the client.
These are some of the features that this setup provides:
- The auth flow lives inside the Fauna dashboard with the help of User Defined Functions (UDFs) and User Defined Roles (UDRs). UDFs and UDRs are one flexible medium offered in Fauna by which you can implement business logic and Attribute-based Access Control (ABAC) to any document, function and index in the database.
- A GraphQL server using schema stitching.
- This is helpful because it provides the maximum possible flexibility in terms of API integration through GraphQL, given that Fauna doesn't support Apollo Federation yet.
- In other words, by using schema stitching we can extend our GraphQL endpoint to connect with other APIs or basically run any arbitrary code in-between Fauna requests (similar to a proxy).
- This is specially useful if you don't want to have several API endpoints and want to manage everything through GraphQL.
- The example also provides a series of scripts that can be executed with a single command, that help you manage your database quickly on a day to day basis, from pushing a newly created schema, generating new keys, updating your functions or even creating a whole new database from scratch. This is incredibly useful when getting started in order to fasten things up.
- An httpOnly cookie based auth flow.
- Token validation on refresh and window focus with
react-query. This is useful because it keeps the auth state changes in sync with the client, for example if the user token dissapears on the DB (for any reason), it logs out the user in any other client automatically.
This is an advanced example that assumes a lot of concepts, and it strives to provide the most ample bed from which you can get started with both FaunaDB and Next.js. If you are looking for a simpler approach which doesn't include GraphQL, UDFs or User Defined Roles, and only handles a cookie based authentication plus token validation, be sure to check out the example with-cookie-auth-fauna.
https://with-graphql-faunadb-cookie-auth.now.sh/
Execute create-next-app with npm or Yarn to bootstrap the example:
npx create-next-app --example with-cookie-auth-fauna-apollo-server with-cookie-auth-fauna-apollo-server-app
# or
yarn create next-app --example with-cookie-auth-fauna-apollo-server with-cookie-auth-fauna-apollo-server-appDownload the example:
curl https://codeload.github.com/vercel/next.js/tar.gz/canary | tar -xz --strip=2 next.js-canary/examples/with-cookie-auth-fauna-apollo-server
cd with-cookie-auth-fauna-apollo-serverInstall it and run:
npm install
npm run dev
# or
yarn
yarn devDeploy it to the cloud with Vercel (Documentation).
- Create an account on Fauna
- In the FaunaDB Console, click "New Database". Name it whatever you like and click "Save".
- Now go to "Security" and click "New Key". Let's create an "Admin" key, name it whatever you want.
- Copy the newly created "Admin" key and create an
.env.localfile. Paste the key along the nameFAUNADB_ADMIN_SECRET. - On you console, while positioned on the root folder, execute:
node -e 'require("./scripts/setup.js").full()'
This will create all the roles, functions and lastly a public key necessary to connect to the DB securely.
- Copy the last line of the previous command into the
.env.localfile. - (Optional) Delete the admin key both from the FaunaDB Console and the
.env.localfile. - Run
yarn && yarn dev
You can deploy this app to the cloud with Vercel (Documentation).
To deploy your local project to Vercel, push it to GitHub/GitLab/Bitbucket and import to Vercel.
Important: When you import your project on Vercel, make sure to click on Environment Variables and set them to match your .env.local file.