About this guide
This development guide walks you through everything you need to do to build a high-quality React app integrated with Auth0. Check out the tasks below to get started. To save time, you can also use our boilerplate, which gives you a complete React codebase with all of these tasks done for you. Okay, let's dive in!
Tasks
Setup your React app
Setup a React app usingnpx create-react-app
and routing using React Router. There are many ways you can structure your app, but a common setup is to have anApp
component that defines top-level routes, with each route component imported from the/pages
directory. The rest of your components should be located in your/components
directory. You can then run your app locally with thenpm run start
command.Setup a Node (Express.js) server
This stack requires server logic, so we'll be setting up a Node (Express.js) server that we can query from our React front-end. We suggest defining your Express.js routes in a file located at/api/index.js
and then creating a file for each route handler in the/api
directory. Next make sure all requests to/api/*
get routed to your Express server port by defining a proxy in yourpackage.json
. Lastly, run your server with thenode api
command in a new terminal window.Extend the Auth0 library
Create a file that wraps theauth0-js
library and abstracts away the storage and retrieval of the user's access token. Auth functions, such asauth0.signupAndAuthorize()
andauth0.client.login()
, should store the access token in memory or local storage after executing. Add a function calledgetCurrentUser()
that fetches the current user by passing the stored access token toauth0.client.userInfo()
. Our auth logic in subsequent tasks can call this function to get the current user.Create an Auth0 AuthProvider and useAuth hook
Create anAuthProvider
component that fetches the current user from Auth0, subscribes to changes, stores the user in state, and then makes all this data available to child components usingContext.Provider
. Make sure to update yourApp
component so thatAuthProvider
wraps all your pages. You'll then create auseAuth
hook that reads the user withuseContext
and returns its value. This will enable any component to calluseAuth
to get the current user and re-render when it changes.Create a Protect pages with an Auth0 requireAuth HOC
requireAuth
higher order component for pages that should only be viewable by authenticated users. It should call youruseAuth
hook internally to get the current user, show a loading indicator while waiting on the response, and then either render the page or redirect to/signin
depending on whether the user is authenticated.Build your authentication UI
Create an authentication UI using your component library of choice and Auth0 functions. You'll want routes for user sign-up, sign-in, forgot password, and change password. Make sure you properly validate inputs and display any errors returned by Auth0. You may also want to use a library, such as React Hook Form, for managing form state.Link user to analytics session
You can connect Google Analytics sessions to the current authenticated user with the User ID feature. This allows you to see what your users are doing across sessions and devices. You'll need to update youruseAuth
hook to set theuser_id
property whenever the user changes.Enable Auth0 email and password updating
To allow users to update their email and password you'll need to setup an API endpoint. Create an Express.js route at/api/auth-user
that uses theauth0
library and callsAuth0.ManagementClient.updateUser()
to change this info. Make sure thatAuth0.ManagementClient
is instantiated with the credentials for a "Machine to Machine" app, instead of your client-side app credentials. You can then create anupdateUser
function in the Auth0 wrapper you previously setup that makes a request to this endpoint.In order to support social login via OAuth you'll need to setup an Auth0 callback page and specify it's path as the Create an Auth0 callback page
redirectUri
value when callingauth0.popup.authorize()
. This page should use theauth0-js
library and callauth0.popup.callback()
on load. This is what enables your app to get the authentication results after the OAuth flow has completed.
Get the code
You can get the code for this guide with our React and Auth0 Boilerplate. You'll get a complete React codebase with Auth0 integration, all the tasks listed above done for you, and a responsive multi-page template. It should save you about two weeks of development time.
127 downloads today