Introduction
This tutorial demonstrates how to create a NextJS application that allows users to log in using their Web3 wallets. After Web3 wallet authentication, the next-auth library creates a session cookie with an encrypted JWT (JWE) stored inside. It contains session info (such as an address, signed message, and expiration time) in the user’s browser. It’s a secure way to store users’ info without a database, and it’s impossible to read/modify the JWT without a secret key. Once the user is logged in, they will be able to visit a page that displays all their user data. You can find the repository with the final code here.You can find the final dapp with implemented style on our GitHub.
Prerequisites
- Create a Moralis account.
- Install and set up Visual Studio.
- Create your NextJS dapp (you can create it using create-next-app or follow the NextJS dapp tutorial).
Install the Required Dependencies
- Install
moralisand@moralisweb3/next(if not installed) andnext-authdependencies:
npm2yarn
- To implement authentication using a Web3 wallet (e.g., MetaMask), we need to use a Web3 library. For the tutorial, we will use wagmi. So, install the
wagmidependency:
npm2yarn
- Add new environment variables in your
.env.localfile in the app root:
- APP_DOMAIN: RFC 4501 DNS authority that is requesting the signing.
- MORALIS_API_KEY: You can get it here.
- NEXTAUTH_URL: Your app address. In the development stage, use
http://localhost:3000. - NEXTAUTH_SECRET: Used for encrypting JWT tokens of users. You can put any value here or generate it on
https://generate-secret.now.sh/32. Here’s an.env.localexample:
.env.local
Wrapping App with WagmiConfig and SessionProvider
- Create the
pages/_app.jsxfile. We need to wrap our pages withWagmiConfig(docs) andSessionProvider(docs):
NextJS uses the
App component to initialize pages. You can override it and control the page initialization. Check out the NextJS docs.Configure Next-Auth and MoralisNextAuth
- Create a new file,
pages/api/auth/[...nextauth].js, with the following content:
- Tab
- Tab
Javascript
- Add an authenticating config to the
pages/api/moralis/[...moralis].ts:
Create Sign-In Page
- Create a new page file,
pages/signin.jsx, with the following content:
- Let’s create a button for enabling our Web3 provider and
console.logusers’ information:
- Extend the
handleAuthfunctionality for callinguseSignMessage()hook:
Secure Authentication after Signing and Verifying the Signed Message
- Return to the
pages/signin.jsxfile. Let’s add thenext-authauthentication:
Showing the User Profile
- Let’s create a user page,
pages/user.jsx, with the following content:
Testing the MetaMask Wallet Connector
Visithttp://localhost:3000/signin to test the authentication.
- Click on the
Authenticate via Metamaskbutton: - Connect the MetaMask wallet
- Sign the message
- After successful authentication, you will be redirected to the
/userpage - Visit
http://localhost:3000/userto test the user session functionality:
- When a user authenticates, we show the user’s info on the page.
- When a user is not authenticated, we redirect to the
/signinpage. - When a user is authenticated, we show the user’s info on the page, even refreshing after the page.

