Recommended Guide for Authentication and Authorization
Unanswered
VoidPointer posted this in #help-forum
Please can someone recommend a decent guide to setting up auth for a Nextjs application. I think I might prefer NextAuth, as it seems pretty well known and solid, but the Learn Next guide in chapter 14 of the official guides on the Nextjs website is quite unsatiactory, despite all the other chapters having given me a really good start.
11 Replies
@VoidPointer Please can someone recommend a decent guide to setting up auth for a Nextjs application. I think I might prefer NextAuth, as it seems pretty well known and solid, but the Learn Next guide in chapter 14 of the official guides on the Nextjs website is quite unsatiactory, despite all the other chapters having given me a really good start.
Silver Marten
https://lucia-auth.com/ explains pretty well on how to implement your own auth
Cinnamon Teal
Next.js docs have a good guide: https://nextjs.org/docs/app/guides/authentication
Silver Marten
And if you don't want to start from the bottom, and NextAuth isn't your taste, then you can check out https://openauth.js.org/
I'm going with the Nextjs guide, but it is terribly full of holes. I've subitted feedback, asking if those docs are open source, so I can help instead of just complaining, but as I said, a total noob would probably run away crying, where I'm trying to make things work and learn more.
@VoidPointer I'm going with the Nextjs guide, but it is terribly full of holes. I've subitted feedback, asking if those docs are open source, so I can help instead of just complaining, but as I said, a total noob would probably run away crying, where I'm trying to make things work and learn more.
Cinnamon Teal
Can you share few things that you feel is missing in the auth guide? Like what feels not clear?
I will shortly.
Maybe I'm being too picky, but I like to take a working example then do my own work in adapting it versus doing work to get it working.
1. No login form and related code. This is minor though, as the signup form and related can be adapted.
2. In the guide's signup form, the
3. Session Management.
- The
- The
- A lot of topics shared by stateless and datebase sessions fall under the heading of Stateless Sessions, so I had a lot of missing types and functions when I skipped ahead to Database sessions, unaware that Stateless was required reading.
2. In the guide's signup form, the
useActionState call passes undefined for initial state. This causes the returned state value to also be undefined and not have an errors array as used in displaying validation errors. I fixed this by passing initState = {} as FormState to the hook.3. Session Management.
- The
SessionPayload type used in the encrypt function is not mentioned anywhere in the guide, except for the advice that the payload should contain the minimum, unique user data. Maybe an actual example type would be helpful.- The
redirect API is called but not imported. I found it in next/navigation.- A lot of topics shared by stateless and datebase sessions fall under the heading of Stateless Sessions, so I had a lot of missing types and functions when I skipped ahead to Database sessions, unaware that Stateless was required reading.
That's for authentication. I've just started authorization but will be more careful about skipping any topics that seem optional.
For learning the docs for what every package your using usually are pretty good, but if your just trying to get an app going or its just a fun project? Don't over look a hosted auth soluotion like Clerk, Kinde, or WorkOS
Thanks. I'm just trying to get an app working basically, and have moved on to better-auth, and found better guides that the Nextjs guide, but nearly everything I've used has required decent debugging skills and oh so much perseverence. I'm very pleased to see the Nextjs docs are in fact open source and I will try and contribute later.