ไม่สามารถเล่นวิดีโอนี้
ขออภัยในความไม่สะดวก
Next-Auth Login Authentication Tutorial with Next.js App Directory
ฝัง
- เผยแพร่เมื่อ 17 ส.ค. 2024
- Web Dev Roadmap for Beginners (Free!): bit.ly/DaveGra...
In this Next-Auth login authentication tutorial with Next.js app directory, you will learn how to protect all of your pages with credentials or an OAuth login from providers like GitHub. Learn how to protect any page in your app.
*Get CodiumAI for FREE:* marketplace.vi... or visit: www.codium.ai/
💖 Support me on Patreon ➜ / davegray
⭐ Become a full-stack web dev with Zero To Mastery Courses:
- Complete Next.js Developer: bit.ly/CompNex...
- Advanced React: bit.ly/AdvReac...
- Junior to Senior Dev Roadmap: bit.ly/WebDevR...
🚩 Subscribe ➜ bit.ly/3nGHmNn
📬 Course Updates ➜ courses.davegr...
❓ Questions - Please post them to my Discord ➜ / discord
☕ Buy Me A Coffee ➜ www.buymeacoff...
👇 Follow Me On Social Media:
Github: github.com/git...
Twitter: / yesdavidgray
LinkedIn: / davidagray
🔗 Source Code: github.com/git...
Next-Auth Login Authentication Tutorial with Next.js App Directory
(00:00) Intro
(00:05) Welcome
(00:28) CodiumAI
(01:39) Create Next.js Project & Dependencies
(02:21) NextAuth.js Introduction
(04:20) Auth Route Handler
(05:49) NextAuth options
(10:13) NEXTAUTH_SECRET
(11:52) Setting up GitHub OAuth
(16:09) Configuring Providers in options
(23:08) Send a GET request to /api/auth/providers
(25:06) App Behavior for 3 different server pages
(26:27) Apply NextAuth with Middleware
(29:10) 3 Different Protection Approaches
(31:14) NextAuth with Client Components
(37:35) Next.js Images from an OAuth Provider
(39:26) Wrap-up
📚 Tutorial References:
🔗 NextAuth.js Official Site: next-auth.js.org/
🔗 Next.js Official Site: nextjs.org/
🔗 ES7 React Snippets Extension: marketplace.vi...
Was this Next-Auth tutorial using the Next.js 13 App Directory helpful? If so, please share. Let me know your thoughts in the comments.
#nextjs #next #auth
For those having problems with the App Router and middleware, I moved the middleware file inside the app folder, and worked
It's a bit late to comment, but congratulations Dave on getting sponsors for your videos (this is the first one I've come across)
There are plenty of amazing tutorial creators on TH-cam, but the amount of effort you put in your videos to explain each and every line of code, right down to mentioning the key binds you use, is just remarkable. Thank you for all your effort and I hope you gain even more success
everyone who face middleware issue. first clear your cookie in console.
This is a very informative and useful video. It would be awesome if you could expand on this by connecting a database to store users along with a credentials signup. Users should also be able to reset their password. An explanation of that is hard to come by and something most of us will need.
Great suggestion!
Please I have the same request, looking forward to the video 😊
Same, with admin roles.
This is a great suggestion. I have learned a lot from this great piece. Thank you Dave
Prisma ❤
Hallelujah, thanks to let the people know what dependencies and versions you are using it, it helps so much man!
The reason your videos are a cut above the rest is because you explain the 'why'. When you get an error you explain why you are getting the error and then you show how to fix it. When you paste a line of code, like the import of default from nextauth in the middleware file, you explain exactly what it's doing and also show how it works.
Keep up the excellent work, you are appreciated!
Thank you!
Thank you Dave. I was having so much trouble trying to figure out how this was supposed to work. But after watching your video, the pattern became stupid simple. subscribed and looking forward to your content.
Thank you Dave. You have the heart to teach and help people who are trying their best to learn how to code .
You're very welcome!
Hey dave when i started this job i used to watch your videos now i got my first job as a developer thanks man!
One of the best next-auth tutorials that actually covers the app router. Disappointing that the next-auth docs don't cover this and are instead using the older page router.
Hey Dave, after migrating from the pages router this tut helped me a lot on getting clear. There are a lot of tutorials out there and huge codebases with complex integrations and a lot of copy paste code, sometimes a bit hard to stay focused on the essentials.
Greeting from Austria
Thanks Dave. Crystal clear step by step instructions on next auth. Now we have a deep understanding of how to configure and setup next auth in our projects. One suggestion a quick diagram of how the auth flow should be even more awesome!! Thank you for delivering quality content for us. Learning a lot from your videos.😊
Thank you and good suggestion - while this default setup is very straightforward, I think some customized solutions may need further explanation in the future. The default setup uses a session cookie with an encrypted JWT (JWE). This is important because Next.js is hosted in a serverless deployment so the auth info is really in the JWE and is verified by a NextAuth server function (running in a serverless environment). Serverless is a confusing word. It means it is one big lambda function outsourced to AWS behind the scenes. The auth persists due to the cookie staying in the client. The serverless environment may go to sleep when inactive.
Thank you for that explanation, indeed 'serverless' was confusing to me before reading this
Thanks Dave! It was very useful example, but very simple. 😉 Please, continue about NextAuth, cause you don't touch following themes: 1. Initial form for auth (how client can pass auth first time with credentials) 2. Working with DB, 3. How can clients change their credentials (email, pass, etc) at any time. 4. How can developer make own auth pages with another design? So we are waiting for next! Good luck, Dave! 💪😀)
I'd love to see the role based user authorization video. Thanks for the video, nicely done. 👍
This video was of great help, we are currently extrapolating to ditch Supabase auth for nextAuth
Damn, this tutorial is god tier comparing to other ones I found that tackle this topic. Detail all in the right places!
Awesome tutorial
I would be delighted if you could consider creating a tutorial on the process of authentication and authorization, encompassing both frontend and backend aspects. It would greatly enhance my understanding to learn about the complete flow, such as how the frontend transmits the authentication token to the backend during sign up or login. I'm eager to gain insights into the entire process.
Frontend - Nextjs
Backend - python
Your tutorials are the best Dave. I got a job because of you. I thoroughly improved my projects because of your tutorials.
Excellent news! Congratulations on the job! 🚀
There is an upcoming release of next-auth v5 which uses a universal auth() function and contains many breaking changes. I would love to see a renewed tutorial for the nearest v5 release. Keep on the good work..
Yep, this. Definitely this.
This tutorial is so good! I was feeling so confused by next-auth and next.js, you made it seem so simple 😃
Glad it helped!
Nice one...! One important point that maybe you can address in later videos is how to use user roles. To be able to pass roles to the session, you need to include them in the token, which is then read by the session.
This is correct, and it is coming very soon!
Thank you Dave. This was very helpful. You made things crystal clear to understand and implement the next-auth with next 13.2 + version. Also when to use server and client component. Overall you made it very simple.
You make the best tutorials man, seriously thank you so much.
I was making my website today and you uploaded this today saved many hours of work❤❤
This is super helpful, thank you! I do want to call out that you said you would never want to use a server component within a client component, but the application is doing that when you're talking about providers. The AuthProvider component is a client component and it the client/page.tsx component is a server component rendered inside of that
You're welcome! I appreciate the call out because this shows I likely didn't explain myself clearly on this specific issue. "use client" creates a boundary between server and client components and all other components imported in the client component including children will be rendered as client components according to the Next.js docs: nextjs.org/docs/app/building-your-application/rendering/client-components ..so to follow this up, I searched the NextAuth docs for an exception with the SessionProvider used inside the AuthProvider we create in this tutorial. I did not find where those docs dive into how NextAuth works around this.. but if you add a console.log(user) to the UserCard component, build the project with npm build, and then run it with npm start, you will see that after logging in and visiting the home and server routes, the console.log shows on the server terminal - confirming they are still server components. If you visit the client route, the console.log will show in the browser console. Further, the build report after running npm build will also indicate those pages are SSR and not client components. I hope this helps clarify what I meant.
This would actually make a good blog post / explainer topic - but the client component uses the useSession hook which uses the context. The server components instead use getServerSession which doesn't require the context. More clarification on using Context Providers with Server Components here: nextjs.org/docs/app/building-your-application/rendering/composition-patterns#using-context-providers
This is a very packed information and I really understand every bit of it ,I was in another tutorial before the guy was explaining it but it was very hard to get . Immediately I came here it just clicked ❤
Great stuff! This was the first tutorial that actually showed the basics of how to get it working and showed where the actual routes for the automatic pages lived. One thing I'm still a bit confused about is as why there's no default signup as well in Next-Auth as that seems to be an extremely common pattern. For any type of SaaS application, how would you relate the models to the correct user/org unless you have the user in your db? So showing a more advanced (but still basic) flow like signup => verify email => verified signed in, and signin => change password would be appreciated. Also perhaps how to make your own signin page call the right endpoints in nextauth. Thanks again for saving me a lot of time!
I found the answer. It’s called Clerk. Use it and never look back!
A very nice nuanced explanaton of Next-Auth. Yes please, I would like to see follow on tutorials on role-based access as you mention at the end
Thanks Dave for this video! It has actually helped me GET the right data for the Credentials login. But im having a little difficulty getting users to sign in with Username,Password. But with this video i was actually able to get a step forward! THANK YOU!
Hi Dave, this was an incredibly helpful video, I've now successfully set up Next Auth in my Next JS project with an AWS Cognito provider. Thanks for explaning everything so clearly and not glossing over the small details. I'll definitely check out your other videos on Next JS.
if I may ask how did you find the cognito issuer? all the tutorials i've found for it used a cognito domain and amazon has revamped their whole UI making it really obnoxious
nevermind, finally got there^^
@@anonihme5142 sorry I didn't see your comment earlier, glad to see you got there! I followed this video to understand more about setting up the Cognito app client. I'd love to get Cognito working with the credentials provider as opposed to using their hosted UI, but that's on a future to-do list! th-cam.com/video/U4hEflgix9c/w-d-xo.html
@@user-dt6ze6qm3f cheers. Sadly the vid ends before he tries to log back in and sees that the next -auth logout function doesn't clear cookies on the cognito server, so the user is logged back in without being asked for his credentials, which is a major security risk. It amazes me that there's no simple way to do that. But then again, i'm a total noob, so simple for me is a very low bar. I shall persist and remain calm! thanks for the reply, best of luck
Thanks for the content but what about editing the user informations on his profile page ? with that stack it's a pain
Another amazing toturial, to be honest I've been waiting for this video 👌👌👌
Glad you liked it!
i love your voice Dave. keep up the Good Work! We Cant Thank You More Than We Say 🙏
Thank you dear Dave, for always inspiring me to put my best foot forward, even when I don't feel like I belong.
I hope the best for you in your life.
Warm Regards.
DAVE YOU ARE CLEARLY THE GOAT FOR ME. THANX A LOT
Thank you!
How to customize login button with Credentials?
Great explanation and unique content. I am waiting for more videos about Next.js, and problems faced by many beginners and solve these problems. Thank you for making this effort to explain the code
Thank you Dave. This was very helpful
I just completed short while ago... Nice tutorial with well explanation... Thanks a lot... 🥰
This is long awaited video. Thank you Dave, you helped me so much
Glad to help!
Very beautifully explained dave.
love from India❤
YOU ARE GRATE DAVE, any time that I have any problems on coding , you will make a video about my problem, Thank you my friend
You are most welcome!
Thank you Dave for your helpful content .
OMG! Thank you so much Dave ❤❤🙏🙏. Love your tutorials...
Welcome!
Thank you so much for explaining everything beautifully Dave.
Sir after configure the next-auth , you just directly go on UI without saying that how setup this ui login page therefore a lot of viewer leave the video
Very beautifully explained as usual. I would love to see more next auth tutorials!
More to come!
Please explain the concept using some flow diagrams for easy understanding. Simply copying along the code is not very practical.
Thank you, this has been very helpful. It would be great to have more coverage around OAUTH configuration (scope, userinfo, etc.) and sign-out from the identity provider. Anyway, thanks for the great content!
Thank you much, Dave! I have been following and watching your Next series from the moment it was still in experimental phase and up to now that is already stable. Please create a video with signup that has a database and also the role based auth. Thank you and more power!
Role-based auth on the way. More to come!
great job as always, thank you. you've been of great help once again!!!!
I was literally just looking for this, thank you!
Glad I could help!
💡One tip for anyone who is just starting: Please analyze the starter code file first, on the timestamp 25:06 and then complete the rest of it
By the way Great tutorial Dave 🔥Loved it.
An easy tutorial to understand. Thank you so much!👍
A very informative video. Thank you very much. Your code is perfect and very easy to read. And I would be glad to see more about role-based user authorization.
Thanks you explained very clearly and now i understand!
Phenomenal, best tutorial I've run across, thank you.
Once again. Thank you so much for your mater classes!! Your genius man. You know your stuff and know how to teach it! I will buy you a couple coffees lol
You're welcome!! ☕
Great video and great explanation of Nextauth . Amazing tool to manage authentication. Thanks Dave
Glad you liked it!
Thank you for this amazing video! Super well explained, I just subscribed to your channel 🤩
Welcome!
Super clear. Thank you! One question - what exact purpose is adding "AuthProvider" to the layout page serving? I think was able to apply authentication to a client page even without this. Also, more basic question - what do we exactly mean by client page vs. server page?
Work through my Next.js course to understand what client vs server component means. AuthProvider is like any other context provider in React. It is required to support auth in client components.
Thanks a lot for this tutorial Dave!
Thanks Dave, it was really insightful
Elaborated Explanation. Great. Thanks
Hi , I wanted to deploy my application in some platform by using gitlab pipeline. So how to pick credentials because I cannot pass it directly in .env file... So how to pass the sensitive credentials like cognito id and all
Wow . Do you have plans to do one in clerk ?
I can. Clerk provides some nice features.
I am looking at Next-Auth for the first time normally i create my own authentication system with avatar session management etc. it is kinda interesting but the disadvantage is we can't control the full security system
thank you so much for all you do to enlighten me personally, please if you can expand this to include user roles, and how to redirect different users to their dashboard like if admin take them to admin only page on login and if only member take them only to member page ...
I have another video about NextAuth and roles. The callback function is what you need to complete the routing you want.
How do we add production-grade auth if we're using a backend API like Django or Springboot?
Suppose we wanna use an API that already has auth (either JWT or session-based) and all the password reset etc features built-in. How best do we set up auth and how best do we manage server state vs client state?
Any resources or advice would be thoroughly appreciated.
Good questions - More to come on this.
this tutorial is absolutely perfect.
Thank you Dave nice tutorial and it is good that you mention your practice about client and server components, will work like you said because it made perfect sense to me, have a nice day!
The best content about this subject
Thanks Dave, Personally I need more authentication tutorials specially on next-auth it seems a little shady the code and the documentation also abstracts some details the only way to learn is is by experimenting it in my opinion, It would be amazing if you share us your findings.
Yes.the docs are overwhelming
You forgot to add the secret after the providers in the options.ts
It was causing the error while signing in
PS: I did not watch the video, I just went through the codebase
Hello Dave Yet another awesome Tutorial thank you , here instead of using session callback for getting picture you used getserversession ?
Thank you Dave Gray! You're life saver!
hello, where i can watch the tutorial before this video ? so i can learn it before jump to this tutorial
That's great, I have a question that if we have to design a custom form so with it we have to make post request to that dynamic route of next auth([...nextauth]) using fetch or similar api? or is there another way to send credentials to the api route? and how github or google provider can be placed in custom form, It would be a great favor for me if you make video on it or extend this video. Thanks.
Hit like if you want this too
That's a very comprehensive tutorial about next-auth. Thank you sir. and yes an advanced auth series (like react one) is very much appreciated. It is just a request to use sql based database this time for auth as we have covered mongodb in react.
Thank you!
awesome work, thank you Dave!
I have a question : Lets say I want to allow the user to choose what to use to login in with and then they can connect all there social media account such as twitter,instgram after they sign in . How do you do that ?
im facing an issue during production build. The middleware pages/middleware must export a middleware or a default function
Great vid. the challenge im facing is defining a pattern that allows me to integrate with a custom API. Any recommendations?
This is an awesome tutorial, thank you!
can you make a tutorial for authjs v5? it is in beta 20 now i want to use crediential and mongodb database.
Hey! Great tutorial ... though it doesn't seem to work with i18n: I can't get the matcher in config in middleware to simultaneously (1) define a regex to redirect a URL to [lang] as well as (2) defining matching routes for Auth.
Yes, role based auth would be fantastic. Thanks! :)
Hey Dave Great Explaination but What if I want to add and get data to my database MongoDB
Hey Dave,
Looking forward for a full-stack project with Next.js, typescript and MongoDB like Dandy shop project, please make one?
Great job Dave ... well explained , tks a lot 🎉
Glad you liked it!
Hi Dave, is there any specific reason for using redirect instead of router.push?
Good question! 💯 A few reasons: 1) I think it is the accurate choice in this situation. 2) router.push comes from useRouter which is only available in client components. I can use the same redirect logic in both client and server components. 3) Redirect shouldn't impact your browser history. You want the callback to bring you back to where you were going after you login. I believe router.push adds the location to your browser history.
@@DaveGrayTeachesCode Thanks for the reply Dave. I totally forgot that you cant you use hooks in server component.
I had one more question. You mentioned that NextJS runs on serverless environment like AWS lambda. So going by this statement I can’t deploy a full stack NextJS app on, lets say, an EC2 instance?
Thank you Dave, nothing to say, brilliant.
Hey Mr Dave Gray, you have used types packages in dependencies not in devdependencies. Is this ok to have types packages in main dependencies? Anyone answer please?
Hi dav i am trying to implement apple id sing-in in next js but i am unable to integrate the same, please make one video on the same. I am not find any reference as well please help me with this regards
dave , someday i will be like you and help the beginner's like i am now i am stuck in role based auth like admin , client , admin with add update delete and client only can acces or fetch the data and submit a form , and admin can toggle the status of the formdata
it will be very helpful to make a video on the same
thank you for being consistent and may god give you alot of happines to helping us as we are beginners
Role-based user auth coming very soon!
Hi Dave, thanks for the really nice tutorial. I heard what you said about only using services on your channel that you think are really good. In relation to that, I was wondering what your opinion is on AWS Cognito? I am trying to do authentication using next-auth and Cognito but find this tricky. Any chance you would be willing to make a tutorial on this combination? Thanks again.
Great tutorial, thank you!
Hey Dave, can you make an updated video of how to combine this implementation with firebase users? I want to use the credentials provider for email and password, but I want to be able to use the bult in sign in functions that firebase has.
Please upload a version where you integrate a login system where the backend is either Laravel Passport or Sanctum.
Can you please create a detailed tutorial video on NodeJs on LoopBack framework... Much Awaited... Lot of thanks in advance....