Authentication

Auth0, JWT, Firebase setup

Mantis includes four authentication methods JSON Web Token (JWT), Firebase, Auth0, AWS and Supabasefor its users. Users can change it as per their needs.

JWT Authentication is set by default

How does it work?

Only authenticated users can access dashboard pages. If a user is not authenticated, the user is redirected to the login page.

We used two guards GuestGuard and AuthGuard. Guards have been configured in src\utils\route-guard\ folder.

In the src/layout/App.tsx, we have specified auth provider JWTProvider like,

src/App.tsx

import { JWTProvider as AuthProvider } from 'contexts/JWTContext';

App component wraps with the <JWTProvider>

src/App.tsx

<ThemeCustomization>
  ...
  <AuthProvider>
    <Routes />
    <Snackbar />
  </AuthProvider>
  ...
</ThemeCustomization>

Using <JWTProvider>, we can use the context directly by importing useContext from React and specifying the context JWTContext or we can use the custom hook useAuth from src/hooks/useAuth.js

Auth Configuration:

All configurations related to authentication are stored in config.ts. Those configs are like APIKey to connect the authentication server, project ID, etc.

Mantis has a dummy/test config to make authentication work. Users have to change API and secret as per their project needs. One must not use those provided keys in their live environment.

.env

## Firebase - Google Auth 
VITE_APP_FIREBASE_API_KEY=
VITE_APP_FIREBASE_AUTH_DOMAIN=
VITE_APP_FIREBASE_PROJECT_ID=
VITE_APP_FIREBASE_STORAGE_BUCKET=
VITE_APP_FIREBASE_MESSAGING_SENDER_ID=
VITE_APP_FIREBASE_APP_ID=
VITE_APP_FIREBASE_MEASUREMENT_ID=

## AWS
VITE_APP_AWS_POOL_ID=
VITE_APP_AWS_APP_CLIENT_ID=

## Auth0
VITE_APP_AUTH0_CLIENT_ID=
VITE_APP_AUTH0_DOMAIN=

## SupaBase
VITE_SUPABASE_URL=
VITE_SUPABASE_ANON_KEY=

The theme provides working an example for Login and Register only. Other flow like reset password, verification have to make it workable by the user himself.

How does it work?

Only authenticated users can access dashboard pages. If a user is not authenticated, the user is redirected to the login page.

We used two guards GuestGuard and AuthGuard. Guards have been configured in src\utils\route-guard\ folder.

In the src/layout/App.jsx, we have specified auth provider JWTProvider like,

src/App.jsx

import { JWTProvider as AuthProvider } from 'contexts/JWTContext';

App component wraps with the <JWTProvider>

src/App.jsx

<ThemeCustomization>
  ...
  <AuthProvider>
    <Routes />
    <Snackbar />
  </AuthProvider>
  ...
</ThemeCustomization>

Using <JWTProvider>, we can use the context directly by importing useContext from React and specifying the context JWTContext or we can use the custom hook useAuth from src/hooks/useAuth.js

Auth Configuration:

All configurations related to authentication are stored in config.js. Those configs are like APIKey to connect the authentication server, project ID, etc.

Mantis has a dummy/test config to make authentication work. Users have to change API and secret as per their project needs. One must not use those provided keys in their live environment.

.env

## Firebase - Google Auth 
VITE_APP_FIREBASE_API_KEY=
VITE_APP_FIREBASE_AUTH_DOMAIN=
VITE_APP_FIREBASE_PROJECT_ID=
VITE_APP_FIREBASE_STORAGE_BUCKET=
VITE_APP_FIREBASE_MESSAGING_SENDER_ID=
VITE_APP_FIREBASE_APP_ID=
VITE_APP_FIREBASE_MEASUREMENT_ID=

## AWS
VITE_APP_AWS_POOL_ID=
VITE_APP_AWS_APP_CLIENT_ID=

## Auth0
VITE_APP_AUTH0_CLIENT_ID=
VITE_APP_AUTH0_DOMAIN=

## SupaBase
VITE_SUPABASE_URL=
VITE_SUPABASE_ANON_KEY=

The theme provides working an example for Login and Register only. Other flow like reset password, verification have to make it workable by the user himself.

How does it work?

Only authenticated users can access dashboard pages. If a user is not authenticated, the user is redirected to the login page.

We used two guards GuestGuard and AuthGuard. Guards have been configured in src\utils\route-guard\ folder.

In the src/app/ProviderWrapper.tsx, we have specified auth provider SessionProvider like,

src/app/ProviderWrapper.tsx

import { SessionProvider } from 'next-auth/react';

Auth Configuration:

All configurations related to authentication are stored in config.ts. Those configs are like APIKey to connect the authentication server, project ID, etc.

Mantis has a dummy/test config to make authentication work. Users have to change API and secret as per their project needs. One must not use those provided keys in their live environment.

.env

## Auth0
NEXT_PUBLIC_AUTH0_CLIENT_ID=
NEXT_PUBLIC_AUTH0_CLIENT_SECRET=
NEXT_PUBLIC_AUTH0_DOMAIN=

## Cognito
NEXT_PUBLIC_COGNITO_CLIENT_ID=
NEXT_PUBLIC_COGNITO_CLIENT_SECRET=
NEXT_PUBLIC_COGNITO_REGION=
NEXT_PUBLIC_COGNITO_POOL_ID=
NEXT_PUBLIC_COGNITO_DOMAIN=

## JWT
## for 1 day - 86400 = 1* 24 * 60 * 60
NEXT_PUBLIC_JWT_TIMEOUT=
NEXT_PUBLIC_JWT_SECRET=

The theme provides working an example for Login and Register only. Other flow like reset password, verification have to make it workable by the user himself.

How does it work?

Only authenticated users can access dashboard pages. If a user is not authenticated, the user is redirected to the login page.

We used two guards GuestGuard and AuthGuard. Guards have been configured in src\utils\route-guard\ folder.

In the src/app/ProviderWrapper.tsx, we have specified auth provider SessionProvider like,

src/app/ProviderWrapper.jsx

import { SessionProvider } from 'next-auth/react';

Auth Configuration:

All configurations related to authentication are stored in config.ts. Those configs are like APIKey to connect the authentication server, project ID, etc.

Mantis has a dummy/test config to make authentication work. Users have to change API and secret as per their project needs. One must not use those provided keys in their live environment.

.env

## Auth0
NEXT_PUBLIC_AUTH0_CLIENT_ID=
NEXT_PUBLIC_AUTH0_CLIENT_SECRET=
NEXT_PUBLIC_AUTH0_DOMAIN=

## Cognito
NEXT_PUBLIC_COGNITO_CLIENT_ID=
NEXT_PUBLIC_COGNITO_CLIENT_SECRET=
NEXT_PUBLIC_COGNITO_REGION=
NEXT_PUBLIC_COGNITO_POOL_ID=
NEXT_PUBLIC_COGNITO_DOMAIN=

## JWT
## for 1 day - 86400 = 1* 24 * 60 * 60
NEXT_PUBLIC_JWT_TIMEOUT=
NEXT_PUBLIC_JWT_SECRET=

The theme provides working an example for Login and Register only. Other flow like reset password, verification have to make it workable by the user himself.

Authentication

How does it work?

Auth Configuration:

How does it work?

Auth Configuration:

How does it work?

Auth Configuration:

How does it work?

Auth Configuration:

Switching between Authentication methods

JWT to Auth0

JWT to Firebase JWT

JWT to AWS Cognito

JWT to Supabase