{"id":31070889,"url":"https://github.com/miladjoodi/next-fullstack-auth","last_synced_at":"2025-09-15T23:04:25.800Z","repository":{"id":311967897,"uuid":"1045818379","full_name":"MiladJoodi/Next-Fullstack-Auth","owner":"MiladJoodi","description":"A Next.js 15 project implementing secure user authentication with JWT, refresh tokens, and protected routes. Includes full client-side forms for registration and login, server-side token verification, and dashboard access control.","archived":false,"fork":false,"pushed_at":"2025-09-09T11:52:07.000Z","size":248,"stargazers_count":8,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-09T14:38:12.221Z","etag":null,"topics":["access-token","argon2","fullstack","jose","mongodb","nextjs","prisma","prisma-orm","react","react-hook-form","reactjs","refresh-token","tailwind","tailwindcss","zod"],"latest_commit_sha":null,"homepage":"https://next-fullstack-auth.netlify.app","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MiladJoodi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-08-27T18:54:13.000Z","updated_at":"2025-09-09T11:52:11.000Z","dependencies_parsed_at":"2025-08-28T03:42:04.109Z","dependency_job_id":"2b449f41-f21d-4c6f-af51-9acbe4aee892","html_url":"https://github.com/MiladJoodi/Next-Fullstack-Auth","commit_stats":null,"previous_names":["miladjoodi/next-fullstack-auth"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/MiladJoodi/Next-Fullstack-Auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MiladJoodi%2FNext-Fullstack-Auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MiladJoodi%2FNext-Fullstack-Auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MiladJoodi%2FNext-Fullstack-Auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MiladJoodi%2FNext-Fullstack-Auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MiladJoodi","download_url":"https://codeload.github.com/MiladJoodi/Next-Fullstack-Auth/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MiladJoodi%2FNext-Fullstack-Auth/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":275333311,"owners_count":25446100,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-15T02:00:09.272Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-token","argon2","fullstack","jose","mongodb","nextjs","prisma","prisma-orm","react","react-hook-form","reactjs","refresh-token","tailwind","tailwindcss","zod"],"created_at":"2025-09-15T23:03:33.853Z","updated_at":"2025-09-15T23:04:25.783Z","avatar_url":"https://github.com/MiladJoodi.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Next Fullstack Auth\n\nThis is a simple authentication system built with **Next.js 15 App Router**, **TypeScript**, **Prisma**, and **JWT**. It demonstrates a modern approach to secure login, registration, and protected routes using server-side logic and refresh tokens.\n\n---\n\n## Libraries \u0026 Tools Used\n\n- **Frontend:** Next.js 15, React, TypeScript, react-hook-form, Zod, axios\n- **Backend:** Next.js API routes, Prisma / MongoDB\n- **Security:** argon2 for password hashing, jose for JWT handling, HttpOnly cookies\n- **UI:** Tailwind CSS\n\n---\n\n## Features Implemented So Far\n\n- **User Registration**\n  - Users can register with `name`, `email`, and `password`.\n  - Passwords are securely hashed using `argon2`.\n  - Email is normalized to lowercase to avoid case-sensitivity issues.\n  - Validations are enforced with **Zod**.\n  - On success, the user is redirected to the **Login** page.\n\n- **User Login**\n  - Users can log in using email and password.\n  - Passwords are verified using `argon2`.\n  - Upon successful login:\n    - An **access token** (15 min) and a **refresh token** (7 days) are generated using `jose`.\n    - Refresh token is saved in the database.\n    - Refresh token is stored as an **HttpOnly cookie**.\n    - Old refresh tokens for the user are automatically deleted.\n  - Login form validation using **react-hook-form + Zod**.\n  - After login, the user is redirected to the **Dashboard**.\n\n- **Logout**\n  - Removes refresh token from the database.\n  - Clears the refresh token cookie.\n\n- **Protected Routes**\n  - `/dashboard` and other sensitive pages require login.\n  - Middleware verifies the refresh token before accessing protected routes.\n  - Users who are already logged in cannot access `/login` or `/register`.\n  - Unauthenticated users are redirected to `/login`.\n\n- **Server-Side Dashboard**\n  - Server-side rendering fetches user data from the database using the refresh token.\n  - Displays real user information such as name and email.\n  - Logout button is integrated in the dashboard.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmiladjoodi%2Fnext-fullstack-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmiladjoodi%2Fnext-fullstack-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmiladjoodi%2Fnext-fullstack-auth/lists"}