{"id":29055062,"url":"https://github.com/yanguadotdev/taskflow-auth","last_synced_at":"2025-08-03T14:37:02.123Z","repository":{"id":301437264,"uuid":"1007253639","full_name":"yanguadotdev/taskflow-auth","owner":"yanguadotdev","description":"Authentication flow for TaskFlow 🛡️🔐 — includes email/password sign up, email verification with Resend, secure password reset, and protected routes with BetterAuth 🚀","archived":false,"fork":false,"pushed_at":"2025-06-26T21:34:39.000Z","size":115,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-06-26T22:42:05.186Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yanguadotdev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-23T17:44:19.000Z","updated_at":"2025-06-26T21:34:43.000Z","dependencies_parsed_at":"2025-06-26T22:42:09.861Z","dependency_job_id":"42a6d01f-5944-42d8-94cf-8b796337ebe1","html_url":"https://github.com/yanguadotdev/taskflow-auth","commit_stats":null,"previous_names":["yanguadotdev/taskflow-auth"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/yanguadotdev/taskflow-auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yanguadotdev%2Ftaskflow-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yanguadotdev%2Ftaskflow-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yanguadotdev%2Ftaskflow-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yanguadotdev%2Ftaskflow-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yanguadotdev","download_url":"https://codeload.github.com/yanguadotdev/taskflow-auth/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yanguadotdev%2Ftaskflow-auth/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262183427,"owners_count":23271842,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-06-27T03:39:39.184Z","updated_at":"2025-06-27T03:39:40.442Z","avatar_url":"https://github.com/yanguadotdev.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# TaskFlow Auth\n\nAuthentication flow for **TaskFlow**: a modern and secure implementation built with BetterAuth, Resend, and modern Next.js best practices. 🛡️🔐\n\n---\n\n## 🚀 Tech Stack\n\n* **Framework**: Next.js 14 (App Router)\n* **Auth**: [BetterAuth](https://betterauth.dev)\n* **Mailing**: [Resend](https://resend.com) + custom React email templates\n* **ORM**: Drizzle + Neon DB\n* **UI**: ShadCN + Tailwind CSS\n* **State Management**: React Server \u0026 Client Components\n\n---\n\n## 🔍 Features Implemented\n\n### ✅ Email \u0026 Password Authentication\n\n* Secure registration and login\n* Server-side form validation with Zod\n* Friendly UI feedback with toasts\n\n### ✅ Email Verification Flow\n\n* Sends verification email on sign up\n* Prevents login until email is verified\n* Auto-signs in users after verification\n* Uses secure token-based link with redirect\n* Includes resend email functionality\n\n### ✅ Password Reset Flow\n\n* Secure reset-password request flow\n* Custom email with reset link\n* Error feedback for unregistered emails\n\n### ✅ Protected Routes\n\n* Middleware checks for valid session\n* Prevents access to protected pages without login\n* Smart redirect: prevents access to `/verify-email` if already logged in\n\n### ✅ Add OAuth (Google)\n\n* Add OAuth (Google)\n---\n\n## 🧠 What I Learned\n\nThis project was a deep dive into real-world authentication workflows:\n\n* ✉️ How to securely verify user emails using tokens and React-based templates\n* ⚙️ How session handling works across server and client in Next.js with BetterAuth\n* 🧱 How to use middleware to enforce route protection and smart redirects\n* 🔁 How to structure auth flows that are user-friendly but secure\n* 🎨 How to polish the UI/UX with animations (Lottie), layout tweaks, and clear messaging\n\n---\n\n## 🛡️ Auth Middleware Logic\n\n* If user is **not authenticated**, redirect to `/`\n* If user is **authenticated** and tries to access `/verify-email`, redirect to `/dashboard`\n* Only allow access to `/verify-email` via proper flow (with token or email in URL)\n\n---\n\n## 💡 Future Improvements\n\n* 2FA with email or authenticator app\n* Magic link login option\n* Rate limiting and abuse protection\n\n---\n\n## 📬 Contact\n\nMade with ❤️ by [Samir](mailto:hey@yangua.dev)\n\n---\n\n\u003e This project was a great exercise in designing secure, production-grade auth logic using modern tools. Proud of how far it's come! 🚀\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyanguadotdev%2Ftaskflow-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyanguadotdev%2Ftaskflow-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyanguadotdev%2Ftaskflow-auth/lists"}