Skip to main content

Introduction

This tutorial demonstrates how to create a NextJS application that allows users to log in using their Web3 wallets. After Web3 wallet authentication, the next-auth library creates a session cookie with an encrypted JWT (JWE) stored inside. It contains session info (such as an address, signed message, and expiration time) in the user’s browser. It’s a secure way to store users’ info without a database, and it’s impossible to read/modify the JWT without a secret key. Once the user is logged in, they will be able to visit a page that displays all their user data. You can find the repository with the final code here.
You can find the final dapp with implemented style on our GitHub.

Prerequisites

  1. Create a Moralis account.
  2. Install and set up Visual Studio.
  3. Create your NextJS dapp (you can create it using create-next-app or follow the NextJS dapp tutorial).

Install the Required Dependencies

  1. Install moralis and @moralisweb3/next (if not installed) and next-authdependencies:
npm2yarn
  1. To implement authentication using a Web3 wallet (e.g., MetaMask), we need to use a Web3 library. For the tutorial, we will use wagmi. So, install the wagmi dependency:
npm2yarn
  1. Add new environment variables in your .env.local file in the app root:
  • APP_DOMAIN: RFC 4501 DNS authority that is requesting the signing.
  • MORALIS_API_KEY: You can get it here.
  • NEXTAUTH_URL: Your app address. In the development stage, use http://localhost:3000.
  • NEXTAUTH_SECRET: Used for encrypting JWT tokens of users. You can put any value here or generate it on https://generate-secret.now.sh/32. Here’s an .env.local example:
.env.local
Keep your NEXTAUTH_SECRET value in secret to prevent security problems.

Every time you modify the .env.local file, you need to restart your dapp.

Wrapping App with WagmiConfig and SessionProvider

  1. Create the pages/_app.jsx file. We need to wrap our pages with WagmiConfig (docs) and SessionProvider (docs):
NextJS uses the App component to initialize pages. You can override it and control the page initialization. Check out the NextJS docs.

Configure Next-Auth and MoralisNextAuth

  1. Create a new file, pages/api/auth/[...nextauth].js, with the following content:
Javascript
  1. Add an authenticating config to the pages/api/moralis/[...moralis].ts:

Create Sign-In Page

  1. Create a new page file, pages/signin.jsx, with the following content:
  1. Let’s create a button for enabling our Web3 provider and console.log users’ information:
  1. Extend the handleAuth functionality for calling useSignMessage() hook:

Secure Authentication after Signing and Verifying the Signed Message

  1. Return to the pages/signin.jsx file. Let’s add the next-auth authentication:

Showing the User Profile

  1. Let’s create a user page, pages/user.jsx, with the following content:

Testing the MetaMask Wallet Connector

Visit http://localhost:3000/signin to test the authentication.
  1. Click on the Authenticate via Metamask button:
  2. Connect the MetaMask wallet
  3. Sign the message
  4. After successful authentication, you will be redirected to the /user page
  5. Visit http://localhost:3000/user to test the user session functionality: