{"id":18613579,"url":"https://github.com/aabbtree77/session-auth-starter","last_synced_at":"2026-02-19T13:02:03.033Z","repository":{"id":242244713,"uuid":"806166017","full_name":"aabbtree77/session-auth-starter","owner":"aabbtree77","description":"Username and passwd session auth with styled and validated forms: TypeScript, Astro, React, React Hook Form, Zod, Lucia v3, Tailwind, DaisyUI.","archived":false,"fork":false,"pushed_at":"2025-03-12T21:18:10.000Z","size":144,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-29T23:14:04.456Z","etag":null,"topics":["astro","authentication","chatgpt-4o","daisyui","discussion","heroicons","lucia-auth-v3","password","react","react-hook-form","session","starter","tailwind","template","user","zod"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/aabbtree77.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-05-26T15:02:00.000Z","updated_at":"2025-03-12T21:18:14.000Z","dependencies_parsed_at":"2025-02-18T03:42:13.328Z","dependency_job_id":"847bd13f-510e-44b8-bc54-82e10c4e7734","html_url":"https://github.com/aabbtree77/session-auth-starter","commit_stats":null,"previous_names":["aabbtree77/session-auth-starter"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/aabbtree77/session-auth-starter","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aabbtree77%2Fsession-auth-starter","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aabbtree77%2Fsession-auth-starter/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aabbtree77%2Fsession-auth-starter/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aabbtree77%2Fsession-auth-starter/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aabbtree77","download_url":"https://codeload.github.com/aabbtree77/session-auth-starter/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aabbtree77%2Fsession-auth-starter/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29614591,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-19T10:52:55.328Z","status":"ssl_error","status_checked_at":"2026-02-19T10:52:26.323Z","response_time":117,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["astro","authentication","chatgpt-4o","daisyui","discussion","heroicons","lucia-auth-v3","password","react","react-hook-form","session","starter","tailwind","template","user","zod"],"created_at":"2024-11-07T03:22:48.044Z","updated_at":"2026-02-19T13:02:02.989Z","avatar_url":"https://github.com/aabbtree77.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003e \"Astroturfing: the deceptive practice of presenting an orchestrated marketing or public relations campaign in the guise of unsolicited comments from members of the public.\" \n\u003e\n\u003e — *Oxford Languages*\n\n*Edit (March 2025): This stack is no longer viable. [Better Auth](https://www.youtube.com/watch?v=QhA55R4u6uk\u0026ab_channel=NevtheDev) is a new hot thing.*\n\n## Introduction\n\nThis is a \"starter template\" for the CRUD with a session-based authentication. It is based on [\"Lucia Astro User Name Password\" example](https://github.com/lucia-auth/examples/tree/main). Node.js, TypeScript, React, Lucia v3, Astro, daisyUI. It is an MPA (multi-page application).\n\n```sh\nnpm install\nnpm run dev\n```\n\nThe sole reason for this code is to check whether Astro is the way (it is not). Kudos to [pilcrow](https://github.com/pilcrowOnPaper) for sharing complete examples with multiple authentication methods and multiple frameworks.\n\n## Official \"Lucia Astro UserName Password\" Example\n\n1. Clone [the demo](https://lucia-auth.com/tutorials/username-and-password/astro) sample code.\n\n    cd to a folder and run `npm install`. \n\n2. Alternatively, \n\n    ```sh\n    npm create astro@latest mini-auth\n    cd mini-auth\n    npx astro add node\n    npm i lucia better-sqlite3 @types/better-sqlite3 @lucia-auth/adapter-sqlite\n    ```\n\n    Overwrite the src folder with the one provided by [the git repo](https://github.com/lucia-auth/examples/tree/main/astro/username-and-password).\n\nRun `npm run dev`, the demo will show an unstyled form expecting a username with length between 3 and 31 characters, and only lowercase letters, 0-9, -, and _. Password no shorter than 6 characters.\n\n## Modifications\n\nSo far, I have continued with\n\n1. Tailwind CSS:\n\n    ```sh\n    npx astro add tailwind\n    npm i @tailwindcss/typography daisyui@latest\n    ```\n    \n    Adjust `tailwind.config.mjs` with `typography` and `daisyui` as in [robbins23 daisyui-admin...](https://github.com/robbins23/daisyui-admin-dashboard-template/blob/master/tailwind.config.js) or now here.\n    \n2. React:\n\n    ```sh\n    npx astro add react\n    npm i react-hook-form @hookform/resolvers @heroicons/react\n    ```\n    \n3. Adding forms with a proper handling of errors around fetch, redirects, and styling. \n\n    Styling takes a lot of iterations, do not discount it.\n\nThere is still a lot to do, like blocking everything GUI-reachable when a user submits a form, not just the form. Turn an in-memory SQLite\nto an in-process file-based SQLite managed with, say, Drizzle ORM. CSRF protection and all sorts of other protections.\n\nThe weakest link in this whole technology stack is the metaframework.\n\n## Doubts About Astro\n\nAstro can serve as React metaframework, but it is not particularly good at it:\n\n1. The whole code base is now infected with \"*.astro\" which React cannot call.\n\n2. Routing/redirecting is still a mess:\n\n    * Astro.redirect(\"/user\"),\n    \n    * window.location.href = \"/user\",\n    \n    * Astro.locals.user with some env.d.ts weirdness, \n    \n    * HTML links inside React components,\n    \n    * fetch with double await and manual error handling...\n\n    This is not necessarily the problem created by Astro, but I just wish there was *send(address, data)* and *data = receive(address)* instead of all this \"gardening\".\n\n3. Astro allows writing HTML, JSX, and \"JSX-forked\", which is confusing:\n\n    ```astro\n    \u003cdiv class=\"min-h-screen gap-4 lg:gap-24 lg:w-3/5 mx-auto flex flex-col items-center text-base-content\"\u003e\n        \u003cHeader client:load /\u003e\n    \u003c/div\u003e\n    ```\n\n    Notice \"class\" instead of \"className\" and the \"client:load\" annotation inside what looks to be a JSX component.\n\n4. The SSG mode produces annoying React errors (warnings): [418](https://react.dev/errors/418?invariant=418), [423](https://react.dev/errors/423?invariant=423).\n\n5. \"npm run build\" creates only absolute paths controlled with \"site\" and \"base\", which is not enough, esp. if you want to use github pages. Manual editing will be needed.\n\n6. [Problems with nested scopes.](https://whoisryosuke.com/blog/2022/blog-refresh-2022#astro-nomical-issues)\n\nUltimately, Astro does avoid passing around React code as strings. Pairing it with Lucia v3, one can set up a minimal authentication demo. However, there is a lot of Astro and Lucia magic which makes coding like cobbling up obscure 3rd party services. The code patterns are unlikely to be portable or universal.\n\n**Status:** Abandoned all the metaframeworks entirely in favor of a hard split between [backend](https://github.com/aabbtree77/auth-starter-backend) (something minimal like Express or Hono, router-mostly, manual auth rewritten from scratch), and [frontend](https://github.com/aabbtree77/auth-starter-frontend) (Vite + React), which is essentially a single-page application (React router at the frontend). Better have less automation, but more stability and understanding what is really going on.\n\n## References\n\n1. [Vercel completes $250 mln Series E round at $3.25 bln valuation, 2024](https://www.reuters.com/technology/vercel-completes-250-mln-series-e-round-325-bln-valuation-2024-05-16/)\n\n2. [Web Dev Cody: How much money did my channel earn this year. youtube, 2024](https://www.youtube.com/watch?v=qwXvW_fN_9k)\n\n3. Lichess.org: [Technology Stack](https://lichess.org/source), [Server Costs](https://docs.google.com/spreadsheets/d/1Si3PMUJGR9KrpE5lngSkHLJKJkb0ZuI4/preview)\n\n4. [Web Dev Cody: Serverless might bankrupt you. youtube, 2024](https://www.youtube.com/watch?v=G5yNGd6sO-4)\n\n5. [Web Dev Cody: How do server side authentication sessions work (express \u0026 cookies). youtube, 2023](https://www.youtube.com/watch?v=BgsQrOHNKeY\u0026t=6s)\n\n6. [Diona Rodrigues: Fetch API, do you really know how to handle errors? dev.to, 2023](https://dev.to/dionarodrigues/fetch-api-do-you-really-know-how-to-handle-errors-2gj0)\n\n7. [Austin Shelby: react-hook-form and zod. youtube, 2022](https://www.youtube.com/watch?v=4zt1eadehKQ)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faabbtree77%2Fsession-auth-starter","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faabbtree77%2Fsession-auth-starter","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faabbtree77%2Fsession-auth-starter/lists"}