LogoRobo.js

Configuration

All configuration options, environment variables, and validation for the auth plugin.

The plugin is configured via config/plugins/robojs/auth.ts. The config type is AuthPluginOptions, validated at startup with a Zod schema in strict mode. Unrecognized fields cause errors.

auth.tsAuth config

Config file example

config/plugins/robojs/auth.ts
import Discord from '@robojs/auth/providers/discord'
import EmailPassword from '@robojs/auth/providers/email-password'
import { createFlashcoreAdapter } from '@robojs/auth'
import type { AuthPluginOptions } from '@robojs/auth'

const adapter = createFlashcoreAdapter({ secret: process.env.AUTH_SECRET! })

const config: AuthPluginOptions = {
	appName: 'My App',
	adapter,
	secret: process.env.AUTH_SECRET,
	providers: [
		Discord({ clientId: process.env.DISCORD_CLIENT_ID!, clientSecret: process.env.DISCORD_CLIENT_SECRET! }),
		EmailPassword({ adapter })
	],
	session: { strategy: 'database', maxAge: 60 * 60 * 24 * 30 }
}

export default config
config/plugins/robojs/auth.js
import Discord from '@robojs/auth/providers/discord'
import EmailPassword from '@robojs/auth/providers/email-password'
import { createFlashcoreAdapter } from '@robojs/auth'

const adapter = createFlashcoreAdapter({ secret: process.env.AUTH_SECRET! })

const config = {
	appName: 'My App',
	adapter,
	secret: process.env.AUTH_SECRET,
	providers: [
		Discord({ clientId: process.env.DISCORD_CLIENT_ID!, clientSecret: process.env.DISCORD_CLIENT_SECRET! }),
		EmailPassword({ adapter })
	],
	session: { strategy: 'database', maxAge: 60 * 60 * 24 * 30 }
}

export default config

Core options

Prop

Type

Session options

Configure session strategy, lifetime, and refresh behavior via the session object.

Prop

Type

Auth.js options

Advanced hooks and customizations from Auth.js.

Prop

Type

Email options

Email delivery, templates, and triggers. See the dedicated email delivery page for details.

Prop

Type

Upstream proxy

Forward all auth routes to another Robo instance. See upstream proxy for configuration examples.

Prop

Type

Environment variables

These variables are read by the plugin during initialization.

VariablePurposeRead/Written
AUTH_SECRETJWT signing secretRead; written if resolved from config
NEXTAUTH_SECRETFallback for AUTH_SECRETRead only
AUTH_URLCanonical callback URLRead; written if resolved
NEXTAUTH_URLFallback for AUTH_URLRead only
AUTH_REDIRECT_PROXY_URLPreview deployment proxyRead; written if configured
PORTFallback port (default 3000)Read only
NODE_ENVProduction detectionRead only

Validation

The exported authPluginOptionsSchema (Zod) and normalizeAuthOptions() function enable programmatic validation.

import { authPluginOptionsSchema, normalizeAuthOptions } from '@robojs/auth'

const validated = authPluginOptionsSchema.parse(rawConfig)
const normalized = normalizeAuthOptions(rawConfig)
import { authPluginOptionsSchema, normalizeAuthOptions } from '@robojs/auth'

const validated = authPluginOptionsSchema.parse(rawConfig)
const normalized = normalizeAuthOptions(rawConfig)

Secret auto-generation

In production, a missing secret causes an error. In development, a temporary random secret is generated with a warning. Always set AUTH_SECRET for consistent sessions across restarts.

For http:// URLs, the plugin automatically sets secure=false on cookies to prevent rejection in local development.

Next steps

Quick start

Get started with a minimal setup

Email and password

Configure the built-in credential flows

Adapters

Flashcore and Prisma storage options

Upstream proxy

Share auth across Robo apps

Quick start

Get authentication running in your Robo project in minutes.

Email and password

Built-in email/password authentication with signup, password reset, email verification, and custom authorization.

On this page

Config file example
Core options
Session options
Auth.js options
Email options
Upstream proxy
Environment variables
Validation
Secret auto-generation
Cookie security
Next steps