Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
@contentchef/auth0-react
Advanced tools
@contentchef/auth0-react
Adds auth0 functionalities in React.
Install
npm i --save @contentchef/auth0-react
# or
yarn add @contentchef/auth0-react
Components
Auth0Provider
Auth0Provider configures your auth0 client in order to perform the right http calls to your auth0 application.
It's highly recommended to read your configuration from an .env file (obviously excluded by the scm) with dotenv package
// in your main application file
import { Auth0Provider } from '@contentchef/auth0-react';
import React from 'react';
import ReactDOM from 'react-dom';
import MyApp from './MyApp';
ReactDOM.render(
<Auth0Provider
clientID="your-auth0-client-id"
domain="your-application-domain"
redirectUri="/path/to/callback-component"
responseType="token id_token"
scope="openid profile email"
>
<MyApp />
</Auth0Provider>
, document.getElementById('app'));
Auth0Callback
Use this component in your callback page(s) set in your auth0 application.
The Auth0Provider component must be an ancestor of this one.
import React from 'react';
import { Auth0Callback } from '@contentchef/auth0-react';
const requestEndHandler = (error, decodedAuthToken) => {
if (error) {
/* redirect to an error page */
}
/* redirect everywhere you need to */
};
export default () => (
<Auth0Provider
autologin={true}
config={
{
clientID: "your-auth0-client-id",
domain: "your-application-domain",
redirectUri: "/path/to/callback-component",
responseType: "token id_token",
scope: "openid profile email",
}
}
onSessionRenew={session => console.log(session)}
>
<Auth0Callback onAuthenticationEnd={requestEndHandler}>
<h1>You are logging in...</h1>
<p>You will be redirected in seconds</p>
</Auth0Callback>
</Auth0Provider>
)
Authorized/Unauthorized
import React from 'react';
import { Authorized, Unauthorized } from '@contentchef/auth0-react';
export default () => (
<div>
<Authorized>
You are authenticated
</Authorized>
<Unauthorized>
You are not authenticated
</Unauthorized>
</div>
)
Login/Logout button
These components can let the user to sign-in / sign-out your auth0 application.
import React from 'react';
import { Authorized, Unauthorized, withUser, IWithUserProps } from '@contentchef/auth0-react';
export default withUser()(({ user }: IWithUserProps) => (
<div>
<Authorized>
Hello { user.name }, <LogoutButton>logout</LogoutButton>
</Authorized>
<Unauthorized>
Hello, <LoginButton>logout</LoginButton>
</Unauthorized>
</div>
))
withAuthentication
// in your components/hocs/containers/...
import React from 'react';
import { withAuthentication, LoginButton } from '@contentchef/auth0-react';
export const OnlyAuthUsers = withAuthentication(true)(() => (
<div>
<div>
Hello! You will see this only if authenticated.
</div>
</div>
))
export const OnlyUnAuthUsers = withAuthentication(false)(() => (
<div>
<div>
Hello! You are not logged in, please
<LoginButton>Login</LoginButton> before proceeding
</div>
</div>
))
withUser
This decorator will inject a user prop (if authenticated) inside your component props.
// in your components/hocs/containers/...
import React from 'react';
import { Authorized, Unauthorized, withUser, IWithUserProps } from '@contentchef/auth0-react';
export default withUser()(({ user }: IWithUserProps) => (
<div>
<Authorized>
Hello { user.name }, <LogoutButton>logout</LogoutButton>
</Authorized>
<Unauthorized>
Hello, <LoginButton>logout</LoginButton>
</Unauthorized>
</div>
));
Examples
import React from 'react';
import Auth0 from '@contentchef/auth0-react';
const UserName = Auth0.withUser()(({ user }) => <span>Hello { user }</span>)
const Application = () => (
<Auth0.Auth0Provider
clientID={process.env.AUTH0_CLIENT_ID}
domain={process.env.AUTH0_DOMAIN}
redirectUri={process.env.AUTH0_CALLBACK}
responseType="token id_token"
scope="openid profile email"
>
<header>
<strong>My App</strong>
<Auth0.Authorized>
<UserName />
<Auth0.Logout>
<button>Sign out</button>
</Auth0.Logout>
</Auth0.Authorized>
<Auth0.Unauthorized>
<Auth0.Login>
<button>Sign in</button>
</Auth0.Login>
</Auth0.Unauthorized>
</header>
<Auth0.Authorized>
<section>This is a private section</section>
</Auth0.Authorized>
</Auth0.Auth0Provider>
)
FAQs
A component library for user handling
We found that @contentchef/auth0-react demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 18 Jun 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026