DEV Community

Cover image for Adding Next Auth on Website
Mohammad Ezzeddin Pratama
Mohammad Ezzeddin Pratama

Posted on • Updated on

Adding Next Auth on Website

#typescript #nextjs #webdev #authjs

Implementing Authentication in Next.js

To add authentication to your Next.js application, grasp these core concepts:

Key Concepts

  1. Authentication: Verifies user identity (e.g., username/password or via Google).
  2. Session Management: Tracks user's state across requests.
  3. Authorization: Controls access to different parts of the app.

Authentication Strategies

  • OAuth/OpenID Connect (OIDC): Ideal for social logins and Single Sign-On (SSO).
  • Email + Password: Common and straightforward, requires strong security.
  • Passwordless: Uses email magic links or SMS codes, reducing password fatigue.
  • Passkeys/WebAuthn: High-security cryptographic credentials, complex to implement.

Implementing Email-Password Authentication

Here’s how to add basic email-password authentication to a Next.js app:

Login Form

Create a login form in app/login/page.tsx:

import { authenticate } from '@/app/lib/actions';

export default function Page() {
  return (
    <form action={authenticate}>
      <input type="email" name="email" placeholder="Email" required />
      <input type="password" name="password" placeholder="Password" required />
      <button type="submit">Login</button>
    </form>
  );
}
Enter fullscreen mode Exit fullscreen mode

Authentication Logic

Handle authentication in app/lib/actions.ts:

'use server';
import { signIn } from '@/auth';

export async function authenticate(formData: FormData) {
  try {
    await signIn('credentials', formData);
  } catch (error) {
    if (error) {
      switch (error.type) {
        case 'CredentialsSignin':
          return 'Invalid credentials.';
        default:
          return 'Something went wrong.';
      }
    }
    throw error;
  }
}
Enter fullscreen mode Exit fullscreen mode

Form Handling

Manage form state and handle errors in app/login/page.tsx:

'use client';
import { authenticate } from '@/app/lib/actions';
import { useFormState, useFormStatus } from 'react-dom';

export default function Page() {
  const [errorMessage, dispatch] = useFormState(authenticate, undefined);

  return (
    <form action={dispatch}>
      <input type="email" name="email" placeholder="Email" required />
      <input type="password" name="password" placeholder="Password" required />
      {errorMessage && <p>{errorMessage}</p>}
      <LoginButton />
    </form>
  );
}

function LoginButton() {
  const { pending } = useFormStatus();

  return (
    <button aria-disabled={pending} type="submit">
      Login
    </button>
  );
}
Enter fullscreen mode Exit fullscreen mode

Conclusion

This setup provides a basic email-password authentication flow. For enhanced security and multiple login options, consider integrating OAuth or passwordless authentication methods.

Top comments (1)

Read next

asithalakshan profile image

Incredible New Features in JavaScript ES15 (2024)

Asitha Lakshan -

ariflogs profile image

Building an UI library that does not look generic!

Arif Hossain -

mayank_mohapatra profile image

Creating a Multilingual Expense Tracker with Tolgee

Mayank Mohapatra -

undolog profile image

Upgrading from Nextra v2 to Nextra v3: A "Quick" Guide

Giovambattista Fazioli -