GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → storyofams → next-password-protect

storyofams / next-password-protect

Licence: MIT license
Password protect your Next.js projects.

Programming Languages

typescript
32286 projects
javascript
184084 projects - #8 most used programming language
CSS
56736 projects
shell
77523 projects

Labels

reactauthenticationdeploymentnextjshoc

Projects that are alternatives of or similar to next-password-protect

Fusioninventory For Glpi
FusionInventory plugin for GLPI
Stars: ✭ 241 (-4.37%)
Mutual labels:  deployment
react-table-hoc-draggable-columns
ReactTable HOC for draggable columns
Stars: ✭ 27 (-89.29%)
Mutual labels:  hoc
buffalo-azure
A gobuffalo plugin for working with Azure.
Stars: ✭ 29 (-88.49%)
Mutual labels:  deployment
Provision
Digital Rebar Provision is a simple and powerful Golang executable that provides a complete API-driven DHCP/PXE/TFTP provisioning system.
Stars: ✭ 252 (+0%)
Mutual labels:  deployment
react-useragent
Higher order component to add user agent information to your react components
Stars: ✭ 13 (-94.84%)
Mutual labels:  hoc
dropship
Super simple deployment tool
Stars: ✭ 62 (-75.4%)
Mutual labels:  deployment
Gradle Cargo Plugin
Gradle plugin that provides deployment capabilities to local and remote containers via Cargo
Stars: ✭ 238 (-5.56%)
Mutual labels:  deployment
vent
Vent is a light-weight platform built to automate network collection and analysis pipelines using a flexible set of popular open source tools and technologies. Vent is python-based, extensible, leverages docker containers, and provides both an API and CLI.
Stars: ✭ 73 (-71.03%)
Mutual labels:  deployment
nextjs-redirect
HOC to redirect to any URL in NextJS both in client and server
Stars: ✭ 144 (-42.86%)
Mutual labels:  hoc
Dynatrace-OneAgent-Ansible
This Ansible role installs Dynatrace OneAgent.
Stars: ✭ 34 (-86.51%)
Mutual labels:  deployment
Ray
An open source framework that provides a simple, universal API for building distributed applications. Ray is packaged with RLlib, a scalable reinforcement learning library, and Tune, a scalable hyperparameter tuning library.
Stars: ✭ 18,547 (+7259.92%)
Mutual labels:  deployment
rrx
⚛️ Minimal React router using higher order components
Stars: ✭ 69 (-72.62%)
Mutual labels:  hoc
deployment-controller
基于Fabric8模拟Kubernetes的Deployment实现一个Controller
Stars: ✭ 60 (-76.19%)
Mutual labels:  deployment
Git Auto Deploy
Deploy your GitHub, GitLab or Bitbucket projects automatically on Git push events or web hooks
Stars: ✭ 251 (-0.4%)
Mutual labels:  deployment
akk-stack
Containerized EverQuest Emulator Server Environment
Stars: ✭ 36 (-85.71%)
Mutual labels:  deployment
Ecspresso
ecspresso is a deployment tool for Amazon ECS
Stars: ✭ 242 (-3.97%)
Mutual labels:  deployment
hoc-react-animate
Add a CSS class whenever a props change (or/and at mount)
Stars: ✭ 14 (-94.44%)
Mutual labels:  hoc
kafkaer
Template based Kafka topic/cluster/ACL management
Stars: ✭ 37 (-85.32%)
Mutual labels:  deployment
static-aws-deploy
A tool for deploying files to an AWS S3 bucket with configurable headers and invalidating AWS Cloudfront Objects.
Stars: ✭ 27 (-89.29%)
Mutual labels:  deployment
dinobuildr
A macOS deployment utility developed by Mozilla IT
Stars: ✭ 26 (-89.68%)
Mutual labels:  deployment
View All Similar Projects ➔

Instant Commerce

next-password-protect

Password protect your Next.js deployments. View demo (Password is secret)

example-with-custom-logo.mov

How it works

This library adds a password prompt to your Next.js deployment. It consists of two main parts:

  1. Two serverless API routes:
    • A login route that checks if a password is correct and sets a cookie with a JWT in case it is.
    • A check route that validates if you have the authorization cookie with a valid JWT.
  2. A HOC (Higher-Order Component) that wraps Next.js App and adds a check that validates if you are logged in. If you do, then you can view the app normally; otherwise, you are presented with a password prompt.

Important: The recommended use case for this library is in a staging or preview environment. By taking advantage of webpack's DefinePlugin, we can make sure this library is only included in certain environments, keeping the production bundle size small.

This library is NOT meant as a secure password authentication wrapper, but rather as a way to keep nosey people out.

Installation

yarn add next-password-protect
# or
npm install next-password-protect

Usage

There are 3 steps to enabling password protect: setting a global variable, adding the API routes, and adding the HOC to _app.

Step 1

In order to be able to take advantage of dead code elimination, it is recommended to add an environment variable like process.env.PASSWORD_PROTECT, and enable the library based on that variable. To set this variable, add the following to next.config.js:

module.exports = {
  env: {
    // Add any logic you want here, returning `true` to enable password protect.
    PASSWORD_PROTECT: process.env.ENVIRONMENT === 'staging',
  }
});

Step 2

Add two api routes, one with the loginHandler and one with the passwordCheckHandler api function. You can name them anything, as long as you pass the names to loginApiUrl and checkApiUrl respectively, in the next step. By default it expects /login and /passwordCheck.

import { loginHandler } from "next-password-protect";

export default loginHandler("YOUR_SECRET_PASSWORD", {
  // Options go here (optional)
  cookieName: "next-password-protect",
});
import { passwordCheckHandler } from "next-password-protect";

export default passwordCheckHandler("YOUR_SECRET_PASSWORD", {
  // Options go here (optional)
  cookieName: "next-password-protect",
});

Step 3

Add the withPasswordProtect HOC to the default export of App in pages/_app.tsx:

import { withPasswordProtect } from "next-password-protect";

// Before: export default App;
export default process.env.PASSWORD_PROTECT
  ? withPasswordProtect(App, {
    // Options go here (optional)
    loginApiUrl: "/login",
  })
  : App;

Note: make sure to specify loginApiUrl and/or checkApiUrl if the api route(s) are not default.

API

API routes handlers

loginHandler(password: string, options)

The options object can contain any of the following options:

Option Description Default value
cookieMaxAge Cookie Max-Age attribute undefined
cookieName The name of the authorization cookie 'next-password-protect'
cookieSameSite SameSite cookie attribute false
cookieSecure Secure flag on the cookie process.env.NODE_ENV === 'production'

passwordCheckHandler(password: string, options)

The options object can contain any of the following options:

Option Description Default value
cookieName The name of the authorization cookie 'next-password-protect'

Next App HOC

withPasswordProtect(App: NextApp, options)

The options object can contain any of the following options:

Option Description Default value
checkApiUrl Relative path of the api route handled by passwordCheckHandler '/api/passwordCheck'
loginApiUrl Relative path of the api route handled by loginHandler '/api/login'
loginComponent Supply your own React component to show as login prompt LoginComponent
loginComponentProps Properties object to customize the login prompt, without overriding the entire component (see below) {}
bypassProtection Bypass protection for specific routes, decided by callback with NextRouter param ({ route }) => false

The loginComponentProps object can contain any of the following options:

Option Description Default value
backUrl Show a link with this URL to go back to main website undefined
buttonBackgroundColor Login button background color '#01EDBC'
buttonColor Login button color '#111'
logo Show a logo above the prompt (img src) undefined

Advanced

Custom login component

To change the default login component, a React component can be supplied to the withPasswordProtect HOC. In order for the library to function properly, make sure your login component has password input that is validated by the the api route. You can use src/hoc/LoginComponent.tsx as a starting point.

Caveats

AMP is not yet supported, because the LoginComponent failed AMP validation. On an AMP page, nothing is rendered. This could be fixed by changing LoginComponent to valid AMP.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].