Authentication
This content is not available in your language yet.
Authentication and authorization are two security processes that manage access to your website or app. Authentication verifies a visitor’s identity, while authorization grants access to protected areas and resources.
Authentication allows you to customize areas of your site for logged-in individuals and provides the greatest protection for personal or private information. Authentication libraries (e.g. Lucia Auth, Auth.js) provide utilities for multiple authentication methods such as email sign-in and OAuth providers.
There is no official authentication solution for Astro, but you can find community “auth” integrations in the integrations directory.
Lucia
Section titled LuciaLucia is a framework-agnostic, session-based authentication library with great Astro support.
Installation
Section titled InstallationInstall Lucia using the package manager of your choice.
Configuration
Section titled ConfigurationUse Lucia’s “Getting started in Astro” guide to initialize Lucia with an adapter and set up a database to store users and sessions.
Usage
Section titled UsageFollow one of Lucia’s complete Astro tutorials to add username and password authentication or GitHub OAuth to your Astro project.
Next Steps
Section titled Next StepsAuth.js
Section titled Auth.jsAuth.js is a framework agnostic solution for authentication. A community framework adapter auth-astro
is available for Astro.
Installation
Section titled InstallationUse the astro add
command for your preferred package manager to add the auth-astro
integration.
Manual installation
Section titled Manual installationTo install auth-astro
manually, install the required package for your package manager:
Then, apply the integration to your astro.config.*
file using the integrations
property:
Configuration
Section titled ConfigurationCreate an auth.config.mjs
file in your project’s root directory. Add any auth providers or methods you wish to support, along with any environment variables they require.
Create a .env
file in the root of your project if it does not already exist. Add the following two environment variables. AUTH_SECRET
should be a private string with a minimum of 32 characters.
Usage
Section titled UsageYou can add sign-in and sign-out buttons using the auth-astro/client
module in a script tag or client-side framework component.
You can fetch the user’s session using the getSession
method.