I am currently developing a web application using NextJs (13.1.1). On the other side, an external backend has been provided to me, in order to be able to connect (username/password), and get an access token, a refresh token (and its expiration, but not in a cookie) in response body, in order to be able to use the different routes of this backend. I then created my own system to refresh my access token (with a react context), and a component to protect my pages that need authentication, but some pages, because of my guard system can take several seconds to load, which offers a bad user experience in my opinion.
I tried to learn more about the next-auth package. I saw that there was a credentials provider, which allowed to connect with a username/password, but I'm not sure if I can automatically regenerate my access token, and protect more efficiently the pages that need authentication, because if i'm understanding well, next-auth use cookie strategy.
So my question is, considering my project, is next-auth a viable solution, and does it allow me to do the same thing I already do, but in a more optimized way?
thanks
You can store your JWT tokens in the next-auth session if they are sent in the response body.
Here is an example of how you can achieve this using the Credentials provider and how to access data stored in the session from the client side.
You can also find here how to protect pages that require authentification.