feat: add authentication and SIWE/NextAuth support (rainbow-me#636)

Author: markdalgleish

.changeset/gentle-mayflies-fetch.md

@@ -0,0 +1,5 @@
+---
+'@rainbow-me/rainbowkit-siwe-next-auth': minor
+---
+
+Initial release.

.changeset/great-mangos-hammer.md

@@ -0,0 +1,51 @@
+---
+'@rainbow-me/rainbowkit': minor
+---
+
+Added support for authentication.
+
+RainbowKit now provides first-class support for [Sign-In with Ethereum](https://login.xyz) and [NextAuth.js](https://next-auth.js.org) via the `@rainbow-me/rainbowkit-siwe-next-auth` package, as well as lower-level APIs for integrating with custom back-ends and message formats.
+
+For more information on how to integrate this feature into your application, check out the full [RainbowKit authentication guide.](https://www.rainbowkit.com/docs/authentication)
+
+**Migration guide for custom ConnectButton implementations**
+
+If you're using `ConnectButton.Custom` and want to make use of authentication, you'll want to update the logic in your render prop to use the new `authenticationStatus` property, which is either `"loading"` (during initial page load), `"unauthenticated"` or `"authenticated"`.
+
+For example, if you wanted to display the "Connect Wallet" state when the user has connected their wallet but haven't authenticated, you can calculate the state in the following way:
+
+```tsx
+<ConnectButton.Custom>
+  {({
+    account,
+    chain,
+    openAccountModal,
+    openChainModal,
+    openConnectModal,
+    authenticationStatus,
+    mounted,
+  }) => {
+    const ready = mounted && authenticationStatus !== 'loading';
+    const connected =
+      ready &&
+      account &&
+      chain &&
+      (!authenticationStatus || authenticationStatus === 'authenticated');
+
+    return (
+      <div
+        {...(!ready && {
+          'aria-hidden': true,
+          'style': {
+            opacity: 0,
+          },
+        })}
+      >
+        {/* etc... */}
+      </div>
+    );
+  }}
+</ConnectButton.Custom>
+```
+
+For a more complete example and API documentation, check out the [custom ConnectButton documentation.](https://www.rainbowkit.com/docs/custom-connect-button)

README.md

@@ -44,6 +44,8 @@ The following examples are provided in the [examples](./examples/) folder of thi
 - `with-next`
 - `with-next-custom-button`
 - `with-next-mint-nft`
+- `with-next-siwe-next-auth`
+- `with-next-siwe-iron-session`
 - `with-remix`
 
 ### Running examples

examples/with-next-siwe-iron-session/.env.local.example

@@ -0,0 +1,3 @@
+NEXT_IRON_PASSWORD= # Mac/Linux: `openssl rand -hex 32` or go to https://generate-secret.now.sh/32
+
+NEXT_PUBLIC_ENABLE_TESTNETS=false

examples/with-next-siwe-iron-session/.eslintrc.json

@@ -0,0 +1,3 @@
+{
+  "extends": "next/core-web-vitals"
+}

examples/with-next-siwe-iron-session/.gitignore

@@ -0,0 +1,38 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+
+# testing
+/coverage
+
+# next.js
+/.next/
+/out/
+
+# production
+/build
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+.pnpm-debug.log*
+
+# local env files
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+# vercel
+.vercel
+
+# typescript
+*.tsbuildinfo

examples/with-next-siwe-iron-session/README.md

@@ -0,0 +1,30 @@
+This is a [Next.js](https://nextjs.org/) project bootstrapped with [`create-next-app`](https://github.com/vercel/next.js/tree/canary/packages/create-next-app).
+
+## Getting Started
+
+First, run the development server:
+
+```bash
+npm run dev
+# or
+yarn dev
+```
+
+Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
+
+You can start editing the page by modifying `pages/index.tsx`. The page auto-updates as you edit the file.
+
+## Learn More
+
+To learn more about Next.js, take a look at the following resources:
+
+- [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js features and API.
+- [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.
+
+You can check out [the Next.js GitHub repository](https://github.com/vercel/next.js/) - your feedback and contributions are welcome!
+
+## Deploy on Vercel
+
+The easiest way to deploy your Next.js app is to use the [Vercel Platform](https://vercel.com/new?utm_medium=default-template&filter=next.js&utm_source=create-next-app&utm_campaign=create-next-app-readme) from the creators of Next.js.
+
+Check out our [Next.js deployment documentation](https://nextjs.org/docs/deployment) for more details.

examples/with-next-siwe-iron-session/lib/iron.ts

@@ -0,0 +1,9 @@
+import { IronSessionOptions } from 'iron-session';
+
+export const ironOptions: IronSessionOptions = {
+  cookieName: 'siwe',
+  cookieOptions: {
+    secure: process.env.NODE_ENV === 'production',
+  },
+  password: process.env.NEXT_IRON_PASSWORD as string,
+};

examples/with-next-siwe-iron-session/next-env.d.ts

@@ -0,0 +1,5 @@
+/// <reference types="next" />
+/// <reference types="next/image-types/global" />
+
+// NOTE: This file should not be edited
+// see https://nextjs.org/docs/basic-features/typescript for more information.

examples/with-next-siwe-iron-session/next.config.js

@@ -0,0 +1,6 @@
+/** @type {import('next').NextConfig} */
+const nextConfig = {
+  reactStrictMode: true,
+};
+
+module.exports = nextConfig;

examples/with-next-siwe-iron-session/package.json

@@ -0,0 +1,28 @@
+{
+  "name": "with-next-siwe-iron-session",
+  "private": true,
+  "version": "0.0.0",
+  "scripts": {
+    "dev": "next dev",
+    "build": "next build",
+    "start": "next start",
+    "lint": "next lint"
+  },
+  "dependencies": {
+    "@rainbow-me/rainbowkit": "workspace:*",
+    "ethers": "^5.0.0",
+    "iron-session": "^6.1.3",
+    "next": "^12.1.6",
+    "react": "^18.1.0",
+    "react-dom": "^18.1.0",
+    "siwe": "^1.1.6",
+    "wagmi": "^0.6.0"
+  },
+  "devDependencies": {
+    "@types/node": "^17.0.35",
+    "@types/react": "^18.0.9",
+    "eslint": "^8.15.0",
+    "eslint-config-next": "^12.1.6",
+    "typescript": "^4.7.2"
+  }
+}

examples/with-next-siwe-iron-session/pages/_app.tsx

@@ -0,0 +1,164 @@
+// This example is based on the wagmi SIWE tutorial
+// https://wagmi.sh/examples/sign-in-with-ethereum
+import '../styles/global.css';
+import '@rainbow-me/rainbowkit/styles.css';
+import type { AppProps } from 'next/app';
+import {
+  RainbowKitProvider,
+  getDefaultWallets,
+  connectorsForWallets,
+  wallet,
+  createAuthenticationAdapter,
+  RainbowKitAuthenticationProvider,
+  AuthenticationStatus,
+} from '@rainbow-me/rainbowkit';
+import { chain, configureChains, createClient, WagmiConfig } from 'wagmi';
+import { alchemyProvider } from 'wagmi/providers/alchemy';
+import { publicProvider } from 'wagmi/providers/public';
+import { SiweMessage } from 'siwe';
+import { useEffect, useMemo, useRef, useState } from 'react';
+
+const { chains, provider, webSocketProvider } = configureChains(
+  [
+    chain.mainnet,
+    chain.polygon,
+    chain.optimism,
+    chain.arbitrum,
+    ...(process.env.NEXT_PUBLIC_ENABLE_TESTNETS === 'true'
+      ? [chain.goerli, chain.kovan, chain.rinkeby, chain.ropsten]
+      : []),
+  ],
+  [
+    alchemyProvider({ apiKey: '_gg7wSSi0KMBsdKnGVfHDueq6xMB9EkC' }),
+    publicProvider(),
+  ]
+);
+
+const { wallets } = getDefaultWallets({
+  appName: 'RainbowKit demo',
+  chains,
+});
+
+const demoAppInfo = {
+  appName: 'Rainbowkit Demo',
+};
+
+const connectors = connectorsForWallets([
+  ...wallets,
+  {
+    groupName: 'Other',
+    wallets: [
+      wallet.argent({ chains }),
+      wallet.trust({ chains }),
+      wallet.ledger({ chains }),
+    ],
+  },
+]);
+
+const wagmiClient = createClient({
+  autoConnect: true,
+  connectors,
+  provider,
+  webSocketProvider,
+});
+
+export default function App({ Component, pageProps }: AppProps) {
+  const fetchingStatusRef = useRef(false);
+  const verifyingRef = useRef(false);
+  const [authStatus, setAuthStatus] = useState<AuthenticationStatus>('loading');
+
+  // Fetch user when:
+  useEffect(() => {
+    const fetchStatus = async () => {
+      if (fetchingStatusRef.current || verifyingRef.current) {
+        return;
+      }
+
+      fetchingStatusRef.current = true;
+
+      try {
+        const response = await fetch('/api/me');
+        const json = await response.json();
+        setAuthStatus(json.address ? 'authenticated' : 'unauthenticated');
+      } catch (_error) {
+        setAuthStatus('unauthenticated');
+      } finally {
+        fetchingStatusRef.current = false;
+      }
+    };
+
+    // 1. page loads
+    fetchStatus();
+
+    // 2. window is focused (in case user logs out of another window)
+    window.addEventListener('focus', fetchStatus);
+    return () => window.removeEventListener('focus', fetchStatus);
+  }, []);
+
+  const authAdapter = useMemo(() => {
+    return createAuthenticationAdapter({
+      getNonce: async () => {
+        const response = await fetch('/api/nonce');
+        return await response.text();
+      },
+
+      createMessage: ({ nonce, address, chainId }) => {
+        return new SiweMessage({
+          domain: window.location.host,
+          address,
+          statement: 'Sign in with Ethereum to the app.',
+          uri: window.location.origin,
+          version: '1',
+          chainId,
+          nonce,
+        });
+      },
+
+      getMessageBody: ({ message }) => {
+        return message.prepareMessage();
+      },
+
+      verify: async ({ message, signature }) => {
+        verifyingRef.current = true;
+
+        try {
+          const response = await fetch('/api/verify', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ message, signature }),
+          });
+
+          const authenticated = Boolean(response.ok);
+
+          if (authenticated) {
+            setAuthStatus(authenticated ? 'authenticated' : 'unauthenticated');
+          }
+
+          return authenticated;
+        } catch (error) {
+          return false;
+        } finally {
+          verifyingRef.current = false;
+        }
+      },
+
+      signOut: async () => {
+        setAuthStatus('unauthenticated');
+        await fetch('/api/logout');
+      },
+    });
+  }, []);
+
+  return (
+    <WagmiConfig client={wagmiClient}>
+      <RainbowKitAuthenticationProvider
+        adapter={authAdapter}
+        status={authStatus}
+      >
+        <RainbowKitProvider appInfo={demoAppInfo} chains={chains}>
+          <Component {...pageProps} />
+        </RainbowKitProvider>
+      </RainbowKitAuthenticationProvider>
+    </WagmiConfig>
+  );
+}

examples/with-next-siwe-iron-session/pages/api/logout.ts

@@ -0,0 +1,18 @@
+import { withIronSessionApiRoute } from 'iron-session/next';
+import { NextApiRequest, NextApiResponse } from 'next';
+import { ironOptions } from './../../lib/iron';
+
+const handler = async (req: NextApiRequest, res: NextApiResponse) => {
+  const { method } = req;
+  switch (method) {
+    case 'GET':
+      req.session.destroy();
+      res.send({ ok: true });
+      break;
+    default:
+      res.setHeader('Allow', ['GET']);
+      res.status(405).end(`Method ${method} Not Allowed`);
+  }
+};
+
+export default withIronSessionApiRoute(handler, ironOptions);

examples/with-next-siwe-iron-session/pages/api/me.ts

@@ -0,0 +1,17 @@
+import { withIronSessionApiRoute } from 'iron-session/next';
+import { NextApiRequest, NextApiResponse } from 'next';
+import { ironOptions } from './../../lib/iron';
+
+const handler = async (req: NextApiRequest, res: NextApiResponse) => {
+  const { method } = req;
+  switch (method) {
+    case 'GET':
+      res.send({ address: req.session.siwe?.address });
+      break;
+    default:
+      res.setHeader('Allow', ['GET']);
+      res.status(405).end(`Method ${method} Not Allowed`);
+  }
+};
+
+export default withIronSessionApiRoute(handler, ironOptions);