MastraAuthClerk 类

🌐 MastraAuthClerk Class

MastraAuthClerk 类使用 Clerk 为 Mastra 提供身份验证。它使用 Clerk 的身份验证系统验证传入请求，并通过 auth 选项与 Mastra 服务器集成。

🌐 The MastraAuthClerk class provides authentication for Mastra using Clerk. It verifies incoming requests using Clerk's authentication system and integrates with the Mastra server using the auth option.

先决条件

🌐 Prerequisites

此示例使用 Clerk 身份验证。请确保将你的 Clerk 凭据添加到 .env 文件中，并确保你的 Clerk 项目已正确配置。

🌐 This example uses Clerk authentication. Make sure to add your Clerk credentials to your .env file and ensure your Clerk project is properly configured.

.env

CLERK_PUBLISHABLE_KEY=pk_test_...
CLERK_SECRET_KEY=sk_test_...
CLERK_JWKS_URI=https://your-clerk-domain.clerk.accounts.dev/.well-known/jwks.json

note

你可以在你的职员仪表盘中的“API密钥”中找到这些密钥。

🌐 You can find these keys in your Clerk Dashboard under "API Keys".

安装

🌐 Installation

在使用 MastraAuthClerk 类之前，你必须先安装 @mastra/auth-clerk 包。

🌐 Before you can use the MastraAuthClerk class you have to install the @mastra/auth-clerk package.

npm install @mastra/auth-clerk@latest

使用示例

🌐 Usage example

src/mastra/index.ts

import { Mastra } from "@mastra/core";
import { MastraAuthClerk } from "@mastra/auth-clerk";

export const mastra = new Mastra({
  server: {
    auth: new MastraAuthClerk({
      publishableKey: process.env.CLERK_PUBLISHABLE_KEY,
      secretKey: process.env.CLERK_SECRET_KEY,
      jwksUri: process.env.CLERK_JWKS_URI,
    }),
  },
});

info

默认的 authorizeUser 方法允许所有经过身份验证的用户。要自定义用户授权，请在构建提供程序时提供自定义的 authorizeUser 函数。

🌐 The default authorizeUser method allows all authenticated users. To customize user authorization, provide a custom authorizeUser function when constructing the provider.

请访问 MastraAuthClerk 了解所有可用的配置选项。

🌐 Visit MastraAuthClerk for all available configuration options.

客户端设置

🌐 Client-side setup

在使用 Clerk 认证时，你需要在客户端从 Clerk 获取访问令牌，并将其传递给你的 Mastra 请求。

🌐 When using Clerk auth, you'll need to retrieve the access token from Clerk on the client side and pass it to your Mastra requests.

正在获取访问令牌

🌐 Retrieving the access token

使用 Clerk React 钩子来验证用户身份并获取他们的访问令牌：

🌐 Use the Clerk React hooks to authenticate users and retrieve their access token:

lib/auth.ts

import { useAuth } from "@clerk/nextjs";

export const useClerkAuth = () => {
  const { getToken } = useAuth();

  const getAccessToken = async () => {
    const token = await getToken();
    return token;
  };

  return { getAccessToken };
};

info

有关更多信息，请参阅 Clerk 文档。

🌐 Refer to the Clerk documentation for more information.

配置 MastraClient

🌐 Configuring MastraClient

当启用 auth 时，所有使用 MastraClient 发出的请求必须在 Authorization 头中包含有效的 Clerk 访问令牌：

🌐 When auth is enabled, all requests made with MastraClient must include a valid Clerk access token in the Authorization header:

lib/mastra/mastra-client.ts

import { MastraClient } from "@mastra/client-js";

export const mastraClient = new MastraClient({
  baseUrl: "https://<mastra-api-url>",
  headers: {
    Authorization: `Bearer ${accessToken}`,
  },
});

info

访问令牌在 Authorization 头中必须以 Bearer 为前缀。

🌐 The access token must be prefixed with Bearer in the Authorization header.

访问 Mastra Client SDK 以获取更多配置选项。

🌐 Visit Mastra Client SDK for more configuration options.

进行身份验证的请求

🌐 Making authenticated requests

一旦使用 Clerk 访问令牌配置了 MastraClient，你就可以发送经过身份验证的请求：

🌐 Once MastraClient is configured with the Clerk access token, you can send authenticated requests:

React

src/components/test-agent.tsx

"use client";

import { useAuth } from "@clerk/nextjs";
import { MastraClient } from "@mastra/client-js";

export const TestAgent = () => {
  const { getToken } = useAuth();

  async function handleClick() {
    const token = await getToken();

    const client = new MastraClient({
      baseUrl: "http://localhost:4111",
      headers: token ? { Authorization: `Bearer ${token}` } : undefined,
    });

    const weatherAgent = client.getAgent("weatherAgent");
    const response = await weatherAgent.generate("What's the weather like in New York");

    console.log({ response });
  }

  return <button onClick={handleClick}>Test Agent</button>;
};

cURL

curl -X POST http://localhost:4111/api/agents/weatherAgent/generate \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <your-clerk-access-token>" \
  -d '{
    "messages": "Weather in London"
  }'