Internet Identity is an authentication service running on the Internet Computer. It allows users to create an identity that can be used to authenticate with canisters (smart contracts) running on the Internet Computer.
ic-use-internet-identity
is a hook that makes it easy to integrate Internet Identity into your React application. It provides a simple interface for logging in and out with the Internet Identity service.
- Cached Identity: The identity is cached in local storage and restored on page load. This allows the user to stay logged in even if the page is refreshed.
- Login progress: State varibles are provided to indicate whether the user is logged in, logging in, or logged out.
- Works with ic-use-actor: Plays nicely with ic-use-actor that provides easy access to canister methods.
pnpm install ic-use-internet-identity
The hook also requires the following @dfinity/x
packages to be installed with a version of at least 2.1.2
:
pnpm install @dfinity/agent @dfinity/auth-client @dfinity/identity
Tip
For a complete example, see the ic-use-internet-identity-demo demo project.
To use ic-use-internet-identity
in your React application, follow these steps:
Wrap your application's root component with InternetIdentityProvider
to provide all child components access to the identity context.
// main.tsx
import { InternetIdentityProvider } from "ic-use-internet-identity";
import React from "react";
import ReactDOM from "react-dom/client";
ReactDOM.createRoot(document.getElementById("root")!).render(
<React.StrictMode>
<InternetIdentityProvider>
<App />
</InternetIdentityProvider>
</React.StrictMode>
);
[!TIP] >
InternetIdentityProvider
defaults to using the main Internet Identity instance running onhttps://identity.ic0.app
. If you want to use a local instance of the Internet Identity, override theII_URL
environment variable with the URL of the local instance.Example for Vite, using the vite-plugin-environment plugin:
// vite.config.js import environment from "vite-plugin-environment"; process.env.II_URL = process.env.DFX_NETWORK === "local" ? `http://${process.env.CANISTER_ID_INTERNET_IDENTIY}.localhost:4943` : `https://identity.ic0.app`; export default defineConfig({ // ... plugins: [ // ... environment(["II_URL"]), ], // ... });
Calling login()
opens up the Internet Identity service in a new window where the user is asked to sign in. Once signed in, the window closes and the identity is stored in local storage. The identity is then available in the identity
context variable.
Use the loginStatus
state variable to track the status of the login process. The loginStatus
can be one of the following values: idle
, logging-in
, success
, or error
.
// LoginButton.tsx
import { useInternetIdentity } from "ic-use-internet-identity";
export function LoginButton() {
const { login, loginStatus } = useInternetIdentity();
const disabled = loginStatus === "logging-in" || loginStatus === "success";
const text = loginStatus === "logging-in" ? "Logging in..." : "Login";
return (
<button onClick={login} disabled={disabled}>
{text}
</button>
);
}
The identity
context variable contains the identity of the currently logged in user. The identity is available after successfully loading the identity from local storage or completing the login process.
The preferred way to use the identity is to connect it to the ic-use-actor hook. The hook provides a typed interface to the canister methods as well as interceptor functions for handling errors etc.
// Actors.tsx
import { ReactNode } from "react";
import {
ActorProvider,
createActorContext,
createUseActorHook,
} from "ic-use-actor";
import {
canisterId,
idlFactory,
} from "path-to/your-service/index";
import { _SERVICE } from "path-to/your-service.did";
import { useInternetIdentity } from "ic-use-internet-identity";
const actorContext = createActorContext<_SERVICE>();
export const useActor = createUseActorHook<_SERVICE>(actorContext);
eexport default function Actors({ children }: { children: ReactNode }) {
const { identity } = useInternetIdentity();
return (
<ActorProvider<_SERVICE>
canisterId={canisterId}
context={actorContext}
identity={identity}
idlFactory={idlFactory}
>
{children}
</ActorProvider>
);
}
{
/** Options for creating the {@link AuthClient}. See AuthClient documentation for list of options
*
*`ic-use-internet-identity` defaults to disabling the AuthClient idle handling (clearing identities
* from store and reloading the window on identity expiry). If that behaviour is preferred, set these settings:
*
* ```
* const options = {
* idleOptions: {
* disableDefaultIdleCallback: false,
* disableIdle: false,
* },
* }
* ```
*/
createOptions?: AuthClientCreateOptions;
/** Options that determine the behaviour of the {@link AuthClient} login call. These options are a subset of
* the {@link AuthClientLoginOptions}. */
loginOptions?: LoginOptions;
/** The child components that the InternetIdentityProvider will wrap. This allows any child
* component to access the authentication context provided by the InternetIdentityProvider. */
children: ReactNode;
}
export type LoginOptions = {
/**
* Expiration of the authentication in nanoseconds
* @default BigInt(8) hours * BigInt(3_600_000_000_000) nanoseconds
*/
maxTimeToLive?: bigint;
/**
* If present, indicates whether or not the Identity Provider should allow the user to authenticate and/or register using a temporary key/PIN identity. Authenticating dapps may want to prevent users from using Temporary keys/PIN identities because Temporary keys/PIN identities are less secure than Passkeys (webauthn credentials) and because Temporary keys/PIN identities generally only live in a browser database (which may get cleared by the browser/OS).
*/
allowPinAuthentication?: boolean;
/**
* Origin for Identity Provider to use while generating the delegated identity. For II, the derivation origin must authorize this origin by setting a record at `<derivation-origin>/.well-known/ii-alternative-origins`.
* @see https://github.com/dfinity/internet-identity/blob/main/docs/internet-identity-spec.adoc
*/
derivationOrigin?: string | URL;
/**
* Auth Window feature config string
* @example "toolbar=0,location=0,menubar=0,width=500,height=500,left=100,top=100"
*/
windowOpenerFeatures?: string;
/**
* Extra values to be passed in the login request during the authorize-ready phase
*/
customValues?: Record<string, unknown>;
};
export type InternetIdentityContextType = {
/** Is set to `true` on mount until a stored identity is loaded from local storage or
* none is found. */
isInitializing: boolean;
/** Connect to Internet Identity to login the user. */
login: () => Promise<void>;
/** The status of the login process. Note: The login status is not affected when a stored
* identity is loaded on mount. */
loginStatus: LoginStatus;
/** `loginStatus === "logging-in"` */
isLoggingIn: boolean;
/** `loginStatus === "error"` */
isLoginError: boolean;
/** `loginStatus === "success"` */
isLoginSuccess: boolean;
/** `loginStatus === "idle"` */
isLoginIdle: boolean;
/** Login error. Unsurprisingly. */
loginError?: Error;
/** Clears the identity from the state and local storage. Effectively "logs the user out". */
clear: () => Promise<void>;
/** The identity is available after successfully loading the identity from local storage
* or completing the login process. */
identity?: Identity;
};
See the CHANGELOG for details on updates.
- kristofer@kristoferlund.se
- Twitter: @kristoferlund
- Discord: kristoferkristofer
- Telegram: @kristoferkristofer
Contributions are welcome. Please submit your pull requests or open issues to propose changes or report bugs.
This project is licensed under the MIT License. See the LICENSE file for more details.