'%3e%3cpath%20d='M60.1045%204.8978C55.5792%202.8214%2050.7265%201.2916%2045.6527%200.41542C45.5603%200.39851%2045.468%200.440769%2045.4204%200.525289C44.7963%201.6353%2044.105%203.0834%2043.6209%204.2216C38.1637%203.4046%2032.7345%203.4046%2027.3892%204.2216C26.905%203.0581%2026.1886%201.6353%2025.5617%200.525289C25.5141%200.443589%2025.4218%200.40133%2025.3294%200.41542C20.2584%201.2888%2015.4057%202.8186%2010.8776%204.8978C10.8384%204.9147%2010.8048%204.9429%2010.7825%204.9795C1.57795%2018.7309%20-0.943561%2032.1443%200.293408%2045.3914C0.299005%2045.4562%200.335386%2045.5182%200.385761%2045.5576C6.45866%2050.0174%2012.3413%2052.7249%2018.1147%2054.5195C18.2071%2054.5477%2018.305%2054.5139%2018.3638%2054.4378C19.7295%2052.5728%2020.9469%2050.6063%2021.9907%2048.5383C22.0523%2048.4172%2021.9935%2048.2735%2021.8676%2048.2256C19.9366%2047.4931%2018.0979%2046.6%2016.3292%2045.5858C16.1893%2045.5041%2016.1781%2045.304%2016.3068%2045.2082C16.679%2044.9293%2017.0513%2044.6391%2017.4067%2044.3461C17.471%2044.2926%2017.5606%2044.2813%2017.6362%2044.3151C29.2558%2049.6202%2041.8354%2049.6202%2053.3179%2044.3151C53.3935%2044.2785%2053.4831%2044.2898%2053.5502%2044.3433C53.9057%2044.6363%2054.2779%2044.9293%2054.6529%2045.2082C54.7816%2045.304%2054.7732%2045.5041%2054.6333%2045.5858C52.8646%2046.6197%2051.0259%2047.4931%2049.0921%2048.2228C48.9662%2048.2707%2048.9102%2048.4172%2048.9718%2048.5383C50.038%2050.6034%2051.2554%2052.5699%2052.5959%2054.435C52.6519%2054.5139%2052.7526%2054.5477%2052.845%2054.5195C58.6464%2052.7249%2064.529%2050.0174%2070.6019%2045.5576C70.6551%2045.5182%2070.6887%2045.459%2070.6943%2045.3942C72.1747%2030.0791%2068.2147%2016.7757%2060.1968%204.9823C60.1772%204.9429%2060.1437%204.9147%2060.1045%204.8978ZM23.7259%2037.3253C20.2276%2037.3253%2017.3451%2034.1136%2017.3451%2030.1693C17.3451%2026.225%2020.1717%2023.0133%2023.7259%2023.0133C27.308%2023.0133%2030.1626%2026.2532%2030.1066%2030.1693C30.1066%2034.1136%2027.28%2037.3253%2023.7259%2037.3253ZM47.3178%2037.3253C43.8196%2037.3253%2040.9371%2034.1136%2040.9371%2030.1693C40.9371%2026.225%2043.7636%2023.0133%2047.3178%2023.0133C50.9%2023.0133%2053.7545%2026.2532%2053.6986%2030.1693C53.6986%2034.1136%2050.9%2037.3253%2047.3178%2037.3253Z'%20fill='%235865F2'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0'%3e%3crect%20width='71'%20height='55'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
'%20clip-path='url(%23clipPath1075)'%3e%3cg%20transform='matrix(2.6042,0,0,2.6042,789.58,466.67)'%3e%3cpath%20d='m12%202c5.523%200%2010%204.477%2010%2010s-4.477%2010-10%2010-10-4.477-10-10h2c0%204.418%203.582%208%208%208s8-3.582%208-8-3.582-8-8-8c-2.464%200-4.668%201.114-6.135%202.865l2.135%202.135h-6v-6l2.447%202.446c1.833-2.11%204.537-3.446%207.553-3.446zm1%205v4.585l3.243%203.243-1.415%201.415-3.828-3.83v-5.413z'/%3e%3c/g%3e%3c/g%3e%3c/svg%3e){kind=small}
Authentication
To make information about the authenticated user available to your pages and UI components, you usually define pageContext.user at renderPage():
// Vike server middleware
app.get('*', async (req, res) => {
// Authentication middlewares (e.g. Passport.js and Grant) provide information about the
// logged-in user at req.user
const user = req.user
/* Or when using a third-party authentication provider (e.g. Auth0):
const user = await authProviderApi.getUser(req.headers)
*/
const pageContextInit = {
urlOriginal: req.url,
// Make the user object available at pageContext.user
user
}
const result = await renderPage(pageContextInit)
/* ... */
})You can then access pageContext.user from any UI component using usePageContext().
You can pass any custom
pageContextproperty torenderPage(), see API >pageContext> Custom.
In principle, you can use Vike with any authentication tool such as:
Login flow
By using guard() with throw redirect() or throw render() you can:
- Implement login flows.
- Protect private pages from unprivileged access.
// /pages/admin/+guard.js
import { render, redirect } from 'vike/abort'
export const guard = (pageContext) => {
const { user } = pageContext
if (user === null) {
// Render the login page while preserving the URL. (This is novel technique
// which we explain down below.)
throw render('/login')
/* The more traditional way, redirect the user:
throw redirect('/login')
*/
}
if (user.role !== 'admin') {
// Render the error page and show message to the user
throw render(403, 'Only admins are allowed to access this page.')
}
}Using
render('/login')instead ofredirect('/login')allows the URL to be preserved during the entire login flow:
- Unauthenticated user goes to URL
/adminand sees the login page. (URL is/admin.)- User fills the sign-in form and successfully logs in. (URL is still
/admin.)- Reload the page, the user now sees the admin page. (URL is still
/admin.)See example.
You can also define a guard() hook that applies to multiple pages:
// /pages/+guard.js
// This guard() hook applies to all pages: the file is located at /pages/+guard.js
// and therefore applies to all /pages/**/+Page.js
import { render } from 'vike/abort'
export const guard = (pageContext) => {
if (!pageContext.user) {
throw render('/login')
}
}