Getting started
Framework and runtime specific versions of this guide are also available.
Install Lucia using your package manager of your choice.
npm i lucia
pnpm add lucia
yarn add lucia
Initialize Lucia#
Import lucia()
from lucia
and initialize it in its own module (file). Export auth
and its type as Auth
. We also need to provide an adapter
but since it’ll be specific to the database you’re using, we’ll cover that later.
// lucia.ts
import { lucia } from "lucia";
// expect error (see next section)
export const auth = lucia({
env: "DEV" // "PROD" if deployed to HTTPS
});
export type Auth = typeof auth;
Middleware#
Middleware allows Lucia to read the request and response since these are different across frameworks and runtime. See a full list of middleware.
Node.js#
Use the Node.js middleware if you’re using Node.js’ IncomingMessage
and OutgoingMessage
.
import { lucia } from "lucia";
import { node } from "lucia/middleware";
export const auth = lucia({
env: "DEV", // "PROD" if deployed to HTTPS
middleware: node()
});
Web standard#
Use the web standard middleware if you’re using the standard Request
and Response
.
import { lucia } from "lucia";
import { web } from "lucia/middleware";
export const auth = lucia({
env: "DEV", // "PROD" if deployed to HTTPS
middleware: web(),
sessionCookie: {
expires: false
}
});
Setup your database#
Lucia uses adapters to connect to your database. We provide official adapters for a wide range of database options, but you can always create your own. The schema and usage are described in each adapter’s documentation. The example below is for the Prisma adapter.
import { lucia } from "lucia";
import { prisma } from "@lucia-auth/adapter-prisma";
import { PrismaClient } from "@prisma/client";
const client = new PrismaClient();
const auth = lucia({
env: "DEV", // "PROD" if deployed to HTTPS
adapter: prisma(client)
});
Adapters for database drivers and ORMs#
better-sqlite3
: SQLite- libSQL: libSQL (Turso)
- Mongoose: MongoDB
mysql2
: MySQLpg
: PostgreSQL (including@neondatabase/serverless
,@vercel/postgres
)postgres
: PostgreSQL- Prisma: MongoDB, MySQL, PostgreSQL, SQLite
- Redis: Redis
- Unstorage: Azure, Cloudflare KV, Memory, MongoDB, Planetscale, Redis, Vercel KV
Provider specific adapters#
Using query builders#
Set up types#
Create a .d.ts
file in your project root and declare a Lucia
namespace. The import path for Auth
is where you initialized lucia()
.
// app.d.ts
/// <reference types="lucia" />
declare namespace Lucia {
type Auth = import("./lucia.js").Auth;
type DatabaseUserAttributes = {};
type DatabaseSessionAttributes = {};
}
Polyfill#
If you’re using Node.js version 18 or below, you need to polyfill the Web Crypto API. This is not required if you’re using runtimes other than Node.js (Deno, Bun, Cloudflare Workers, etc) or using Node.js v20 and above.
import { lucia } from "lucia";
import "lucia/polyfill/node";
export const auth = lucia({
// ...
});
Optionally, instead of doing a side-effect import, add the --experimental-global-webcrypto
flag when running node
.
node --experimental-global-webcrypto index.js
Next steps#
You can learn all the concepts and general APIs of Lucia by reading the Basics section in the docs. If you prefer writing code immediately, check out the Starter guides page or the examples repository.
Remember to check out the Guidebook for tutorials and guides! If you have any questions, join our Discord server!
Limitations#
Cloudflare#
Please note that password hashing will not work on Free Bundled Workers; the allocated 10ms CPU time is not sufficient for this. Consider using unbound workers or paid bundled workers for hashing operations. This is not an issue when using OAuth.