The authentication is powered by Auth.js (formerly NextAuth.js). It's designed for a serverless architecture, is an open-source community project, and runs anywhere. It perfectly aligns with CodebaseUp's vendor-free key principle.

Auth.js provides built-in support for popular authentication services (Google, Facebook, Auth0, Apple, etc.), as well as for email or magic link authentication methods. It can be used with your own database (database-based sessions) and even works without one (JWT).

CodebaseUp implements database-based session authentication. By default, it offers configuration options for Google and Magic Link authentication.


  • Database docs
  • Emailing (to enable Magic Links) docs
  • Auth.js credentials in environment variables: NEXTAUTH_SECRET + NEXTAUTH_URL (see .env.local.example)
  • Google Auth credentials link 👇


  • Authentication providers: apps/web/lib/auth.tsx
  • Magic Link email: packages/emailing/emails/magic-link-signin-email.tsx
  • Authentication API endpoint: apps/web/app/api/auth/[...nextauth]/route.ts
  • Environment variables (e.g., Google credentials): .env.local

Other utils:

  • Session-related utilities apps/web/lib/session.ts

How to get Google Auth credentials?

  1. Create an account on Google Cloud Console.
  2. Create a new project. link
  3. Go to APIs & Services -> Credentials link.
  4. Create new "OAuth client ID" credentials.
  1. Include the obtained credentials in your .local.env and deployment settings - GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET.