Authentication

Overview

The template uses NextAuth.js for authentication, supporting multiple providers and session management out of the box.

Environment Variables

Configure the following environment variables in your .env.local file:

# NextAuth.js
NEXTAUTH_URL=http://localhost:3000
NEXTAUTH_SECRET=your-secret-key-here

# Google OAuth (optional)
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret

# Discord OAuth (optional)
DISCORD_CLIENT_ID=your-discord-client-id
DISCORD_CLIENT_SECRET=your-discord-client-secret

# GitHub OAuth (optional)
GITHUB_CLIENT_ID=your-github-client-id
GITHUB_CLIENT_SECRET=your-github-client-secret

Setting up Google OAuth

1. 1Go to the Google Cloud Console
2. 2Create a new project or select existing one
3. 3Navigate to "APIs & Services" → "Credentials"
4. 4Click "Create Credentials" → "OAuth client ID"
5. 5Select "Web application" as the application type
6. 6Add authorized redirect URI: http://localhost:3000/api/auth/callback/google
7. 7Copy the Client ID and Client Secret to your .env.local

Setting up Discord OAuth

1. 1Go to the Discord Developer Portal
2. 2Create a new application
3. 3Go to "OAuth2" → "General"
4. 4Add redirect URI: http://localhost:3000/api/auth/callback/discord
5. 5Copy the Client ID and Client Secret to your .env.local

User Roles

The template includes a role-based access control system:

Protected Routes

Routes are protected using middleware. Configure protected paths in middleware.ts:

// Protected routes require authentication
/library/*
/profile/*
/settings/*

// Admin routes require ADMIN role
/admin/*

Next Steps

• Set up your database for user storage
• Configure environment variables
• Test login with your chosen providers