Authentication

Mkdirs uses Auth.js v5 for authentication, supports email/password, GitHub, and Google authentication.

Configuration

1. Generate the AUTH_SECRET variable

   AUTH_SECRET is a random value, and you can generate one via running:

   npx auth secret
   
   # or
   openssl rand -base64 32

   Then set it to the .env file.

   .env

   # [required]
   AUTH_SECRET=secret

2. [Optional] Get the GitHub client variables

   If you want to use GitHub as an OAuth provider, you need to update the AUTH_GITHUB_ID and AUTH_GITHUB_SECRET variables.

   Follow the steps here to get the client_id and client_secret from the GitHub Developer Settings.

   For the callback URL, it is https://your-domain.com/api/auth/callback/github or http://localhost:3000/api/auth/callback/github for local development.

   .env

   # [only required if you want to support GitHub authentication]
   AUTH_GITHUB_ID = your_secret_client_id
   AUTH_GITHUB_SECRET = your_secret_client

   Caution

   Please create two different OAuth applications in the GitHub Developer Settings, one for the production environment and one for the development environment. Don’t use the same OAuth application for both environments.

   

3. [Optional] Get the Google client variables

   If you want to use Google as an OAuth provider, you need to update the AUTH_GOOGLE_ID and AUTH_GOOGLE_SECRET variables.

   You can get the client_id and client_secret from the Google Cloud Console.

   For the callback URL, it is https://your-domain.com/api/auth/callback/google or http://localhost:3000/api/auth/callback/google for local development.

   .env

   # [only required if you want to support Google authentication]
   AUTH_GOOGLE_ID = your_secret_client_id.apps.googleusercontent.com
   AUTH_GOOGLE_SECRET = your_secret_client

   Caution

   Please create two different OAuth applications in the Google Cloud Console, one for the production environment and one for the development environment. Don’t use the same OAuth application for both environments.

   

Tip

1. Please note that the environment variables are different in development and production environments, make sure to create two different OAuth applications for the production and development environments.

2. If you still have trouble with the authentication, for example, redirect_uri_mismatch or other issues, you can try to add the following environment variables to the .env file, only in the production environment.

   .env

   AUTH_TRUST_HOST=true
   AUTH_URL=https://your-domain.com/api/auth

Video tutorial

If you are interested in Next Auth V5, you can refer to the following video tutorial, it is a more advanced guide for Next Auth V5, so much better than the official documentation.

Further Reading

• Auth.js v5
• Auth.js v5 - Environment Variables
• Auth.js v5 - OAuth with GitHub
• Auth.js v5 - Database Adapter
• Auth.js v5 - Data Models
• YouTube Video - Next Auth V5 - Advanced Guide (2024)