← Go Back

bohoauth

Simple password protection for your Next.js application.

View on GitHub

Boho auth provides a simple way to password protect pages in your Next.js application. It has only one dependency, jose.

Installation

npm install bohoauth

Usage

  1. Create a boho.ts file in the lib folder of your Next.js application:

    import { bohoAuth } from "bohoauth";

export const boho = bohoAuth({
  password: process.env.BOHO_PASSWORD!,
  secret: process.env.BOHO_SECRET!,
  expiresIn: "1h",
  middleware: {
    loginPath: "/login",
    protectedPaths: ["/protected"],
    redirectPath: "/protected",
  },
});

  2. Create a route handler app/api/login/route.ts:

    import { boho } from "@/lib/boho";

export const { POST } = boho.handlers;

  3. Add the middleware to your Next.js application:

    import { boho } from "@/lib/boho";

export default boho.middleware;

  4. Finally, add a form to your login page that will submit to the /api/login route.

Configuration Options

  • password: The password to use for authentication. Uses BOHO_PASSWORD env variable if not provided.
  • secret: The secret for JWT signing. Uses BOHO_SECRET env variable if not provided.
  • expiresIn: Token expiration time. Defaults to "1h".
  • middleware.loginPath: Path to redirect unauthenticated users.
  • middleware.protectedPaths: Array of paths to protect.
  • middleware.redirectPath: Path to redirect after successful login.

Contributing

Contributions are welcome! Please open an issue or submit a pull request.