{"id":30685172,"url":"https://github.com/pedroestevaodev/advanced-authentication","last_synced_at":"2026-05-08T19:33:46.124Z","repository":{"id":258719501,"uuid":"874479256","full_name":"pedroestevaodev/advanced-authentication","owner":"pedroestevaodev","description":"Advanced authentication demo using Next.js 14 \u0026 NextAuth v5: OAuth, credentials, email verification, 2FA, role-based access (Admin/User), secure API routes, dynamic login/register components, password reset, and extensive session handling with custom hooks. Includes social login with Google \u0026 GitHub.","archived":false,"fork":false,"pushed_at":"2025-08-22T11:51:35.000Z","size":445,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-09-01T21:22:44.114Z","etag":null,"topics":["2fa","authentication","authjs","email-verification","middleware","nextauth","nextjs","oauth","react","role-based-access-control","security"],"latest_commit_sha":null,"homepage":"https://advanced-authentication-pedroestevao.vercel.app","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pedroestevaodev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-10-17T22:47:58.000Z","updated_at":"2025-08-22T11:57:43.000Z","dependencies_parsed_at":"2025-04-30T20:48:57.340Z","dependency_job_id":"c7e371b9-f0fb-4234-8883-e24566e6be8c","html_url":"https://github.com/pedroestevaodev/advanced-authentication","commit_stats":null,"previous_names":["pedro-estevao/advanced-authentication","pedroestevaodev/advanced-authentication"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/pedroestevaodev/advanced-authentication","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pedroestevaodev%2Fadvanced-authentication","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pedroestevaodev%2Fadvanced-authentication/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pedroestevaodev%2Fadvanced-authentication/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pedroestevaodev%2Fadvanced-authentication/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pedroestevaodev","download_url":"https://codeload.github.com/pedroestevaodev/advanced-authentication/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pedroestevaodev%2Fadvanced-authentication/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32794716,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-08T08:22:46.396Z","status":"ssl_error","status_checked_at":"2026-05-08T08:22:45.650Z","response_time":54,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2fa","authentication","authjs","email-verification","middleware","nextauth","nextjs","oauth","react","role-based-access-control","security"],"created_at":"2025-09-01T21:09:03.698Z","updated_at":"2026-05-08T19:33:46.106Z","avatar_url":"https://github.com/pedroestevaodev.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Advanced Authentication App (Next.js + NextAuth v5)\n\n\u003cp style=\"text-align: center;\"\u003e\n  \u003ca href=\"https://www.pedroestevao.com\"\u003e\n    \u003cimg src=\"https://res.cloudinary.com/dge3g9rcw/image/upload/v1755862505/Screenshot-2025-08-22-083236_btu3vt.webp\" alt=\"Illustrative image\" /\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\nThis is a complete authentication solution built with **Next.js 14** and **NextAuth.js v5 (Auth.js)**. It features robust security practices and real-world features like **2FA**, **role-based access**, **OAuth**, **email verification**, and much more. All implemented using reusable components, server/client utilities, and middleware.\n\n## About the Project\n\nThis project is the result of an in-depth tutorial that demonstrates how to implement production-grade authentication in a modern full-stack Next.js application.\n\nWhat you'll find inside:\n\n- Credentials \u0026 OAuth login (Google, GitHub)\n- Two-Factor Authentication (2FA)\n- Email verification flow\n- Forgot/reset password feature\n- Role-based access control (Admin \u0026 User)\n- Protected server/client components \u0026 API routes\n- User settings (change email, password, enable 2FA)\n- Custom reusable auth components and hooks\n- Session extension, callbacks, and middleware logic\n\n\u003e **Disclaimer:** This project is for **educational purposes only** and is not intended for production use without further customization.\n\n## Tech Stack\n\nThis project leverages modern technologies and libraries:\n\n- [Next.js (App Router)](https://nextjs.org/) - React framework for web applications.\n- [React](https://react.dev/) - JavaScript library for building user interfaces.\n- [TypeScript](https://www.typescriptlang.org/) - JavaScript superset for static typing.\n- [Tailwind CSS](https://tailwindcss.com/) - Utility-first CSS framework for fast and customizable design.\n- [NextAuth v5 (Auth.js)](https://authjs.dev/) - Authentication for the Web.\n- [React Hook Form](https://react-hook-form.com/) (form handling)\n- [Zod](https://zod.dev/) (form validation)\n- [Resend](https://resend.com/) (email service)\n- [Prisma ORM](https://www.prisma.io/) (serverless database)\n- [SQLite](https://sqlite.org/index.html) (can be replaced with PostgreSQL)\n- [bcryptjs](https://github.com/dcodeIO/bcrypt.js) (salt cryptography)\n- [Lucide Icons](https://lucide.dev/)\n\n## Features\n\n- **Email/Password Login**\n- **Social Login with Google \u0026 GitHub**\n- **Email Verification**\n- **Forgot \u0026 Reset Password**\n- **Two-Factor Authentication (2FA)**\n- **User Roles:** Admin \u0026 User\n- **Protect Client/Server Components and API Routes**\n- **Role-based UI Rendering (with RoleGate)**\n- **Change Email (with re-verification)**\n- **Change Password (with current password confirmation)**\n- **Enable/Disable 2FA in User Settings**\n- **Reusable Hooks:** useCurrentUser, useRole\\*\\*\n- **Reusable Utilities:** currentUser, currentRole\\*\\*\n- **Session Callbacks \u0026 Middleware Integration**\n\n## Setup \u0026 Installation\n\n### 1. Clone the repository\n\n```bash\ngit clone https://github.com/pedroestevaodev/advanced-authentication.git\ncd advanced-authentication\n```\n\n### 2. Install dependencies\n\n```bash\n$ bun install\n```\n\n### 3. Environment Variables\n\nCreate a `.env.local` file in the root and configure the following variables:\n\n```bash\nDATABASE_URL=\"tobemodified\"\nDIRECT_DATABASE_URL=\"tobemodified\"\nAUTH_SECRET=\"tobemodified\"\nAUTH_URL=\"http://localhost:3000\"\nAPPLICATION_URL=\"http://localhost:3000\"\nGITHUB_CLIENT_ID=\"tobemodified\"\nGITHUB_CLIENT_SECRET=\"tobemodified\"\nGOOGLE_CLIENT_ID=\"tobemodified\"\nGOOGLE_CLIENT_SECRET=\"tobemodified\"\nRESEND_API_KEY=\"tobemodified\"\nNEXT_PUBLIC_APP_URL=\"http://localhost:3000\"\n```\n\n### 4. Set Up the Database\n\n```bash\nbunx prisma generate\nbunx prisma db push\n```\n\nYou can preview the database schema in `prisma/schema.prisma`.\n\n### 5. Start the Development Server\n\n```bash\nbun run dev\n```\n\nVisit `http://localhost:3000` to see the application running.\n\n## Available Commands\n\n| Command               | Description                         |\n| --------------------- | ----------------------------------- |\n| `dev`                 | Starts the development server       |\n| `build`               | Builds the app for production       |\n| `start`               | Runs the production build           |\n| `lint`                | Runs ESLint for code quality        |\n| `prisma:migrate-dev`  | Creates \u0026 applies new dev migration |\n| `prisma:migrate-prod` | Applies pending prod migrations     |\n| `prisma:generate`     | Generates Prisma client             |\n| `prisma:reset`        | Deletes all migrations              |\n| `postinstall`         | Runs setup script after install     |\n\n## Resources\n\nTo learn more about the stack used in this project:\n\n- [Next.js Docs](https://nextjs.org/docs) - Learn more about Next.js features and APIs.\n- [Next.js Learn](https://nextjs.org/learn) - Interactive tutorial to learn Next.js.\n- [React Docs](https://pt-br.react.dev/learn) - Access the official React guide.\n- [Tailwind CSS Docs](https://tailwindcss.com/docs) - Learn how to use Tailwind CSS to style your application.\n- [Auth.js](https://authjs.dev/) - Access the official Auth.js guide.\n- [Resend Docs](https://resend.com/docs/introduction) - Learn how to get Resend set up in your project.\n\n## Deployment\n\nThe easiest way to deploy your Next.js application is by using the [Vercel Platform](https://vercel.com/new), created by the developers of Next.js.\n\nCheck out the [Next.js deployment documentation](https://nextjs.org/docs/deployment) for more details.\n\n\u003e Make sure to set the environment variables in Vercel \u003e Settings \u003e Environment Variables.\n\u003e Consider switching to PostgreSQL for production environments.\n\n## License\n\nThis project is open source and available under the [MIT License](https://mit-license.org/).\n\u003cbr /\u003e\n\n---\n\n\u003cbr /\u003e\n\n**Built with ☕ by [Pedro Estevão](https://www.pedroestevao.com)**\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpedroestevaodev%2Fadvanced-authentication","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpedroestevaodev%2Fadvanced-authentication","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpedroestevaodev%2Fadvanced-authentication/lists"}