UNPKG

@mastra/core

Version:

Mastra is a framework for building AI-powered applications and agents with a modern TypeScript stack.

mastra.ai

mastra-ai/mastra

114 lines (78 loc) 3.02 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
# JSON Web Token The `MastraJwtAuth` class provides a lightweight authentication mechanism for Mastra using JSON Web Tokens (JWTs). It verifies incoming requests based on a shared secret and integrates with the Mastra server using the `auth` option. ## Installation Before you can use the `MastraJwtAuth` class you have to install the `@mastra/auth` package. **npm**: ```bash npm install @mastra/auth@latest ``` **pnpm**: ```bash pnpm add @mastra/auth@latest ``` **Yarn**: ```bash yarn add @mastra/auth@latest ``` **Bun**: ```bash bun add @mastra/auth@latest ``` ## Creating a JWT To authenticate requests to your Mastra server, you'll need a valid JSON Web Token (JWT) signed with your `MASTRA_JWT_SECRET`. The easiest way to generate one is using [jwt.io](https://www.jwt.io/): 1. Select **JWT Encoder**. 2. Scroll down to the **Sign JWT: Secret** section. 3. Enter your secret (for example: `supersecretdevkeythatishs256safe!`). 4. Click **Generate example** to create a valid JWT. 5. Copy the generated token and set it as `MASTRA_JWT_TOKEN` in your `.env` file. ## Usage example Take your generated JWT and use it to configure `MastraJwtAuth` in your Mastra server: ```typescript import { Mastra } from '@mastra/core' import { MastraJwtAuth } from '@mastra/auth' export const mastra = new Mastra({ server: { auth: new MastraJwtAuth({ secret: process.env.MASTRA_JWT_SECRET, }), }, }) ``` > **Info:** Visit [MastraJwtAuth](https://mastra.ai/reference/auth/jwt) for all available configuration options. Inside [Studio](https://mastra.ai/docs/studio/overview), go to **Settings** and under **Headers** select the **"Add Header"** button. Enter `Authorization` as the header name and `Bearer <your-jwt>` as the value. ## Configuring `MastraClient` When `auth` is enabled, all requests made with `MastraClient` must include a valid JWT in the `Authorization` header: ```typescript import { MastraClient } from '@mastra/client-js' export const mastraClient = new MastraClient({ baseUrl: 'https://<mastra-api-url>', headers: { Authorization: `Bearer ${process.env.MASTRA_JWT_TOKEN}`, }, }) ``` > **Info:** Visit [Mastra Client SDK](https://mastra.ai/docs/server/mastra-client) for more configuration options. ### Making authenticated requests Once `MastraClient` is configured, you can send authenticated requests from your frontend application, or use `curl` for quick local testing: **React**: ```tsx import { mastraClient } from '../../lib/mastra-client' export const TestAgent = () => { async function handleClick() { const agent = mastraClient.getAgent('weatherAgent') const response = await agent.generate('Weather in London') console.log(response) } return <button onClick={handleClick}>Test Agent</button> } ``` **cURL**: ```bash curl -X POST http://localhost:4111/api/agents/weatherAgent/generate \ -H "Content-Type: application/json" \ -H "Authorization: Bearer <your-jwt>" \ -d '{ "messages": "Weather in London" }' ```