Authentication

Auth.js provides built-in support for popular authentication services (Google, Facebook, Auth0, Apple, etc.), as well as for email or magic link authentication methods. It can be used with your own database (database-based sessions) and even works without one (JWT).

CodebaseUp implements database-based session authentication. By default, it offers configuration options for Google and Magic Link authentication.

Prerequisites:

• Database docs
• Emailing (to enable Magic Links) docs
• Auth.js credentials in environment variables: NEXTAUTH_SECRET + NEXTAUTH_URL (see .env.local.example)
• Google Auth credentials link 👇

Configurations:

• Authentication providers: apps/web/lib/auth.tsx
• Magic Link email: packages/emailing/emails/magic-link-signin-email.tsx
• Authentication API endpoint: apps/web/app/api/auth/[...nextauth]/route.ts
• Environment variables (e.g., Google credentials): .env.local

Other utils:

• Session-related utilities apps/web/lib/session.ts

How to get Google Auth credentials?

1. Create an account on Google Cloud Console.
2. Create a new project. link
3. Go to APIs & Services -> Credentials link.
4. Create new "OAuth client ID" credentials.

• Configure a consent screen first by following the instructions given by Google.
• For "Authorized JavaScript origins," include http://localhost:3000 for local development and https://www.your-own-domain.com (when using preview deployments on Vercel, include the preview URL too).
• For "Authorized redirect URIs," include the domains above with the path to the authentication endpoint, in our case /api/auth/callback/google. E.g., http://localhost:3000/api/auth/callback/google or https://www.your-own-domain.com/api/auth/callback/google.
• According to Google, it may take 5 minutes to a few hours for settings to take effect (in reality it's usually a few minutes).

5. Include the obtained credentials in your .local.env and deployment settings - GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET.