Providing authenticated access to your application
You can optionally enforce that users sign a message with their wallet during the connection process, proving that they own the connected account and allowing you to create an authenticated user session with privileged access to your application.
While it's possible to integrate with custom back-ends and message formats, RainbowKit provides first-class support for Sign-In with Ethereum and NextAuth.js.
If you haven't already, first set up your Next.js project with the official Sign-In with Ethereum boilerplate for NextAuth.js.
App component, import
RainbowKitSiweNextAuthProvider, ensuring it's nested within NextAuth's
SessionProvider so that it has access to the session.
RainbowKitSiweNextAuthProvider in place, your users will now be prompted to authenticate by signing a message once they've connected their wallet.
You can customize the SIWE message options by passing a function to the
getSiweMessageOptions prop on
This function will be called whenever a new message is created. Options returned from this function will be merged with the defaults.
You can access the session token with NextAuth's
getToken function imported from
next-auth/jwt. If the user has successfully authenticated, the session token's
sub property (the "subject" of the token, i.e. the user) will be the user's address.
You can also pass down the resolved session object from the server via
getServerSideProps so that NextAuth doesn't need to resolve it again on the client.
For more information about managing the session, you can refer to the following documentation: