Shipped
HomeContacts
  • Get started
  • 📚Tutorials
    • Make a waiting list
    • Launch a pre-sale
    • Build a SaaS
    • Create your store on Lemon Squeezy
  • 🟩Features
    • AI Services
    • Affiliate Program
    • Analytics
    • Authentication
      • MailChimp
      • Loops
      • AWS SES
      • SendGrid
      • Supabase Auth
        • Supabase Authentication Flow
        • Supabase Magic Link
        • Supabase Email & Password
        • Supabase Login with Google
    • API endpoints
      • 🛡️Authenticated API
    • Blog
    • Customer support
    • Chrome Extension
    • Dark mode
    • Database
      • Update your database
      • MongoDB
    • Emails
    • Error pages
    • Icons
    • Onboarding
    • Payments
      • Lemon Squeezy
        • Subscriptions
        • One-time purchase
        • Test mode
      • Stripe
    • Private pages
    • SEO
    • shadcn/ui
    • Supabase
    • Workspace / Organizations
  • 📦Components
    • AccountMenu
    • CtaBox
    • DarkModeSwitch
    • Explainer video
    • FAQ
    • Features
    • Footer
    • Header
    • Hero
    • Lifetime
    • Pricing
    • Sales Notification
    • Secondary Sidebar Pages
    • Sidebar
    • Tabs
    • Testimonials
    • Waitlist
    • WebAppPage
  • 🚀Deployment
  • ✅Other
    • Configuration
    • Changelog widget
    • Favicon
    • Google Fonts
    • Sitemap
    • Theme
  • Updates
  • GitHub Repository
  • Support
Powered by GitBook
On this page
  • NextAuth
  • Sign-up and login pages
  • NextAuth Setup
  • NextAuth Authentication methods
  • NextAuth Magic Links
  • NextAuth Google Auth
  • More authentication providers

Was this helpful?

  1. Features

Authentication

PreviousAnalyticsNextMailChimp

Last updated 5 months ago

Was this helpful?

Shipped supports and Supabase to handle user authentication.

With NexAuth you can create two types of authentications, Magic Links and Social Authentication which includes using Google, Twitter, Facebook, LinkedIn, Slack, and 60+ more services to sign up your users.

With Supabase Auth you get Magic Link Auth, Email and Password Auth, and Social Authentication.

If you intend to use Supabase, follow , for NextAuth continue reading.

NextAuth

The authentication logic resides in src/config/auth.ts. In that file, you define the authentication providers to use.

Sign-up and login pages

Shipped provides Sign-Up (/signup) and Login (/login) pages out of the box. Feel free to customize them according to your needs.

NextAuth Setup

Add this to your .env file:

NEXTAUTH_URL="http://localhost:3000"
NEXTAUTH_SECRET="4348yhu34h3ui4ofjndfsdfeirh4b637u5sfd3"

The NEXTAUTH_SECRET is a random string of at least 10 characters, used to encrypt.

NextAuth Authentication methods

NextAuth Magic Links

Magic Link Auth is a mechanism that sends an email to the user whenever they want to sign up or log into your product. You define for how long the link will be valid (24 hours or more).

To use this authentication method, you need an email SMTP server.

Add this provider to the NextAuth configuration (src/config/auth.ts).

EmailProvider({
    server: process.env.MAILPACE_EMAIL_SERVER || "",
    from: process.env.EMAIL_FROM || "",
    // maxAge: 24 * 60 * 60, // How long email links are valid for (default 24h)
}),

Remember to configure the environment variables MAILPACE_EMAIL_SERVER and EMAIL_FROM into the .env and Environment settings of your hosting service.

The value of MAILPACE_EMAIL_SERVERhas this format

smtp://username:password@smtp.mailpace.com:2525

and you can retrieve your values for username and password from MailPace in the tab API Tokens > SMTP Server Details

NextAuth Google Auth

Google Sign-Up is one of the most popular authentication methods.

To enable it you need to:

  1. Go to APIS & Services then Credentials

  2. Click on Configure Consent Screen

  3. Fill in all the info.

  4. Add userinfo.email and userinfo.profile to scope

  5. Submit

  6. Go to Credentials and click "Create Credentials", then "OAuth Client ID"

  7. Select "Web Application"

  8. Add http://localhost:3000 and https://yoursitename.com into the Authorized JavaScript Origins.

  9. Add http://localhost:3000/api/auth/callback/google and https://yoursitename.com/api/auth/callback/google to Authorized redirect URLs.

  10. Click Submit

  11. Copy and paste the Client ID and Client Secret into the .env file:

# for Google Sign up
GOOGLE_CLIENT_ID=""
GOOGLE_CLIENT_SECRET=""
  1. Go to "OAuth Consent Screen" and click "Publish App".

  1. Open src/config/auth.ts and add this provider

GoogleProvider({
    clientId: process.env.GOOGLE_CLIENT_ID || "",
    clientSecret: process.env.GOOGLE_CLIENT_SECRET || "",
}),

More authentication providers

NextAuth supports 60+ authentication providers.

Some examples:

  • Atlassian

  • Twitter / X

  • Facebook

  • Instagram

  • Apple

  • Amazon Cognito

  • Discord

  • GitHub

  • GitLab

  • Medium

  • Salesforce

  • Spotify

  • Twitch

  • Zoom

You can generate a secret using the .

Authentication needs a database to store the user's authentication information. if you haven't already.

I use to send transactional emails, and they provide an SMTP server as well.

But you can use , , , , or any other email provider.

Create a new project on

Google might request you to verify your domain in . It requires you to configure a CNAME or TXT DNS record.

Check the to learn how to integrate other third-party sign-in methods.

🟩
Shipped Generator
Configure a database
MailPace
MailChimp
Loops
AWS SES
SendGrid
Google Cloud
Google Search Console
documentation
NextAuth
this guide
Sign-Up page /signup
Login Page /login