Authentication
Providing authenticated access to your application
You can optionally enforce that users sign a message with their wallet during the connection process, proving that they own the connected account and allowing you to create an authenticated user session with privileged access to your application.
While it's possible to integrate with custom back-ends and message formats, RainbowKit provides first-class support for Sign-In with Ethereum and NextAuth.js.
If you haven't already, first set up your Next.js project with the official Sign-In with Ethereum boilerplate for NextAuth.js.
Install the @rainbow-me/rainbowkit-siwe-next-auth
package.
In your App
component, import RainbowKitSiweNextAuthProvider
.
Wrap RainbowKitProvider
with RainbowKitSiweNextAuthProvider
, ensuring it's nested within NextAuth's SessionProvider
so that it has access to the session.
With RainbowKitSiweNextAuthProvider
in place, your users will now be prompted to authenticate by signing a message once they've connected their wallet.
You can customize the SIWE message options by passing a function to the getSiweMessageOptions
prop on RainbowKitSiweNextAuthProvider
.
This function will be called whenever a new message is created. Options returned from this function will be merged with the defaults.
You can access the session token with NextAuth's getToken
function imported from next-auth/jwt
. If the user has successfully authenticated, the session token's sub
property (the "subject" of the token, i.e. the user) will be the user's address.
You can also pass down the resolved session object from the server via getServerSideProps
so that NextAuth doesn't need to resolve it again on the client.
For example:
For more information about managing the session, you can refer to the following documentation: