The latest articles on DEV Community by Ojas (@ojaswiat). https://dev.to/ojaswiat https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2923868%2F670a30f6-1750-4d00-aeb4-77bb9ec292ea.jpg https://dev.to/ojaswiat en Ojas Sun, 19 Oct 2025 13:45:57 +0000 https://dev.to/ojaswiat/how-i-boosted-my-nuxt-3-portfolio-speed-by-3x-45s-14s-5025 https://dev.to/ojaswiat/how-i-boosted-my-nuxt-3-portfolio-speed-by-3x-45s-14s-5025 <p>I recently realized my personal portfolio—built with <strong>Nuxt 3, Vue 3, TypeScript, and Vite</strong>—was loading <em>way</em> slower than I expected. It looked great but felt sluggish. After digging into its metrics, I found the initial load time was <strong>around 4.5 seconds</strong>. That might not sound terrible, but for a portfolio, it’s enough to lose visitors before they even see your work. </p> <p>So, I decided to take a weekend to <strong>optimize it</strong>—and ended up cutting the loading time down to <strong>just 1.4 seconds</strong>. Here’s how I did it.</p> <h2> The Problem </h2> <p>When I first ran a Lighthouse audit, the metrics weren’t pretty:</p> <ul> <li> <strong>First Contentful Paint:</strong> ~3.9s </li> <li> <strong>Time to Interactive:</strong> ~4.5s </li> <li> <strong>Largest Contentful Paint:</strong> ~4.2s </li> </ul> <p>Most of the slowness came from:</p> <ul> <li>Rendering delays due to <strong>SSR configuration</strong> </li> <li> <strong>Heavy component imports</strong> and unused dependencies in the bundle</li> <li> <strong>Unoptimized images</strong> (massive JPGs and PNGs)</li> <li>Everything loading all at once, no matter if the section was currently visible</li> </ul> <p>The goal: make it <strong>fast without losing developer convenience</strong>. That’s when I revisited my Nuxt setup.</p> <h2> SSR vs SSG — The Big Decision </h2> <p>At first, I built my portfolio using <strong>Server-Side Rendering (SSR)</strong>. That meant every request was processed dynamically on the server before being sent to the client.</p> <p>However, after thinking it through, SSR was overkill for a mostly static portfolio.</p> <h3> Simplified Explanation </h3> <ul> <li> <strong>SSR (Server-Side Rendering):</strong> Each request gets a fresh, pre-rendered HTML page from the server. Great for <strong>dynamic</strong> data (like dashboards or user profiles). </li> <li> <strong>SSG (Static Site Generation):</strong> HTML pages are <strong>prebuilt at build time</strong> and served as static files. Excellent for <strong>static content</strong> (like personal portfolios or blogs).</li> </ul> <h3> Real Use Cases </h3> <ul> <li> <strong>SSR:</strong> News sites, e-commerce product pages.</li> <li> <strong>SSG:</strong> Developer portfolios, landing pages, blogs.</li> </ul> <p>Switching from SSR to <strong>SSG</strong> alone made my pages load almost instantly since most of the HTML was pre-rendered ahead of time.</p> <h2> Optimization Techniques That Made the Difference </h2> <h3> 1. Route Prerendering Configuration </h3> <p>Nuxt 3 allows you to prerender certain routes during the build process.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// nuxt.config.ts export default defineNuxtConfig({ nitro: { prerender: { routes: [ '/', '/about', '/projects', '/contact' ], crawlLinks: true, }, }, }) </code></pre> </div> <ul> <li> <strong>Static pages</strong> like <code>/about</code> and <code>/contact</code> were prebuilt.</li> <li> <strong>Dynamic routes</strong> like <code>/projects/[id]</code> were skipped to be fetched lazily at runtime.</li> </ul> <p>This instantly shaved off a big chunk of server-render time.</p> <h3> 2. Lazy Loading Components with <code>defineAsyncComponent()</code> </h3> <p>Initially, every Vue component was imported upfront—even for parts not visible on initial load. That’s bad for performance.</p> <p>By loading larger sections <strong>asynchronously</strong>, I made the first paint faster:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>&lt;script setup lang="ts"&gt; import { defineAsyncComponent } from 'vue' const ProjectGrid = defineAsyncComponent(() =&gt; import('@/components/ProjectGrid.vue')) &lt;/script&gt; &lt;template&gt; &lt;HeroSection /&gt; &lt;Suspense&gt; &lt;ProjectGrid /&gt; &lt;/Suspense&gt; &lt;/template&gt; </code></pre> </div> <p>This approach ensures users don’t wait for heavy components if they’re below the fold.</p> <h3> 3. Tree-Shaking Dependencies (Goodbye Full Lodash Import) </h3> <p>I noticed my bundle size ballooned because I imported Lodash like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import _ from 'lodash' </code></pre> </div> <p>That pulled the <em>entire</em> library, even if I used just one or two functions. Instead, importing individually helped a lot:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import cloneDeep from 'lodash/cloneDeep' import debounce from 'lodash/debounce' </code></pre> </div> <p>After switching to individual imports, <strong>my JS bundle dropped by 35%</strong>.</p> <h3> 4. Image Optimization with NuxtImg and WebP Format </h3> <p>My images were beautiful... and huge. Switching to the <strong>Nuxt Image module</strong> was an easy win.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>&lt;template&gt; &lt;NuxtImg src="/images/profile.jpg" format="webp" width="400" height="400" alt="Profile picture" /&gt; &lt;/template&gt; </code></pre> </div> <ul> <li>The module automatically serves <strong>optimized formats</strong> like WebP and AVIF.</li> <li>It also lazy-loads below-the-fold images.</li> <li>This single change improved my <strong>Largest Contentful Paint</strong> by nearly 1 full second.</li> </ul> <h3> 5. Client-Side Data Fetching with <code>useLazyFetch()</code> </h3> <p>For my dynamic project data (fetched from a JSON API), I switched from <code>useFetch()</code> to <code>useLazyFetch()</code> with client-only fetching. This prevented unnecessary server rendering on each request.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>&lt;script setup lang="ts"&gt; const { data: projects } = useLazyFetch('/api/projects', { server: false }) &lt;/script&gt; </code></pre> </div> <p>This ensured that static pages were prebuilt, and dynamic data fetched <strong>only on the client side</strong>, keeping build times short and initial page loads quick.</p> <h3> 6. Manual Code Splitting with Vite Rollup Options </h3> <p>Even after tree-shaking, some libraries remained large. Vite’s Rollup options helped me manually split bundles.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// vite.config.ts export default defineConfig({ build: { rollupOptions: { output: { manualChunks: { vue: ['vue', 'vue-router'], vendor: ['axios', 'lodash'] } } } } }) </code></pre> </div> <p>This helped make caching smarter: vendor code rarely changes and can be reused for longer periods.</p> <h3> 7. Custom Composables for Performance </h3> <p>Reusable composables helped centralize optimization logic. For instance, I created a composable for <strong>debounced window resize</strong>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>// composables/useDebouncedResize.ts import { ref, onMounted, onUnmounted } from 'vue' import debounce from 'lodash/debounce' export function useDebouncedResize(delay = 200) { const width = ref(window.innerWidth) const update = debounce(() =&gt; { width.value = window.innerWidth }, delay) onMounted(() =&gt; window.addEventListener('resize', update)) onUnmounted(() =&gt; window.removeEventListener('resize', update)) return { width } } </code></pre> </div> <p>Using this composable instead of creating multiple <code>resize</code> listeners across components reduced redundant listeners and lowered CPU usage.</p> <h2> Results &amp; Metrics </h2> <p>After implementing all these optimizations, I re-ran the Lighthouse and WebPageTest audits.</p> <p>| Metric | Before | After |<br> ||||<br> | <strong>Load Time</strong> | 4.5s | <strong>1.4s</strong> |<br> | <strong>First Contentful Paint</strong> | 3.9s | <strong>1.2s</strong> |<br> | <strong>Time to Interactive</strong> | 4.5s | <strong>1.4s</strong> |<br> | <strong>Bundle Size</strong> | ~830KB | <strong>280KB</strong> |</p> <p>That’s a solid <strong>3x performance improvement</strong>. The site now feels instant, even on mobile 4G.</p> <h2> Key Takeaways </h2> <ul> <li> <strong>Know when to use SSG over SSR.</strong> Static pages should stay static.</li> <li> <strong>Lazy-load everything</strong> non-critical to your First Paint.</li> <li> <strong>Avoid full dependency imports</strong>; tree-shake effectively.</li> <li> <strong>Optimize assets early.</strong> The Nuxt Image module is your best friend.</li> <li> <strong>Measure as you go.</strong> Fixing blindly can lead to diminishing returns.</li> </ul> <h2> Conclusion </h2> <p>Optimizing performance in Nuxt 3 isn’t just about faster load times—it’s about improving the <strong>developer experience</strong> and giving visitors a smoother feel. Every millisecond counts, especially for a personal portfolio that makes that crucial first impression.</p> <p>If you’ve built a Nuxt 3 site and haven’t checked its performance yet—now’s the time. You might be surprised by how much difference a weekend of careful optimization can make.</p> <p><a href="https://www.pexels.com/@krizz59" rel="noopener noreferrer">Cover image by Chris Peeters</a></p> webdev nuxt frontend performance Ojas Sat, 15 Mar 2025 11:27:49 +0000 https://dev.to/ojaswiat/secure-your-nextjs-app-email-google-authentication-with-supabase-postgresql-rls-and-triggers-21op https://dev.to/ojaswiat/secure-your-nextjs-app-email-google-authentication-with-supabase-postgresql-rls-and-triggers-21op <p>In this part of the series, we will focus on building the <strong>Profiles</strong> table for our users using Prisma, Supabase, and PostgreSQL for our Next.js application. This combination offers a powerful backend solution, leveraging Prisma's advanced ORM capabilities and Supabase's PostgreSQL database, which provides a scalable and reliable data storage system. We will also be creating Triggers such that a user profile is created as soon as a user signs up on our application.</p> <p>🔗 <a href="https://github.com/ojaswiat/supabase-auth-demo" rel="noopener noreferrer">Check out the full code for this series here.</a></p> <p>Enabling Row Level Security (RLS) is crucial for ensuring that users can only access their data. RLS allows us to define fine-grained access control policies directly within the database, enhancing security and privacy. By integrating RLS with Supabase's authentication system, we can create a secure environment where users can manage their profile data without compromising data integrity. This approach not only protects against unauthorized access but also simplifies the development process by reducing the need for complex server-side / middleware logic.</p> <p>While the authentication table in the Supabase gives you basic information about the user, you may want to store some extra information in a separate table, such as the Profile to store more info about the user. In this section we will be doing the same.</p> <h2> Adding Prisma and Defining Schemas </h2> <ol> <li>Add Prisma to your project by using this command. This will install the Prisma ORM client that will make it easier for us to do CRUD operations in our Supabase DB. </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pnpm add @prisma/client </code></pre> </div> <ol> <li>To get the Database URL from the project in the Supabase, switch to the project that you’re working on. In the left pane, click “Database” and then click “Connect” on the top. </li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftuh3jiggnrkem0x9eqsd.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftuh3jiggnrkem0x9eqsd.png" alt="Select Supabase project" width="800" height="444"></a></p> <ol> <li>Copy your Database URL and in your .env file, paste it like this. Add these lines in the bottom of the file.</li> </ol> <h3> <code>.env</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">DATABASE_URL</span><span class="o">=</span>postgresql://postgres:[YOUR-PASSWORD]@db.phbngigehmegragywadf.supabase.co:5432/postgres?pgbouncer<span class="o">=</span><span class="nb">true </span><span class="nv">DIRECT_URL</span><span class="o">=</span>postgresql://postgres:[YOUR-PASSWORD]@db.phbngigehmegragywadf.supabase.co:5432/postgres </code></pre> </div> <p>Note: The <code>DIRECT_URL</code> is the same as the <code>DATABASE_URL</code>, except that it contains the <code>pgbouncer</code> query.</p> <p>Also, replace the “[YOUR-PASSWORD]” part with your Database password. If you forgot your Database password, you can always reset it by going to the <strong>Project Settings &gt; Database &gt; Reset Database Password</strong>. This won’t affect any other configuration in the Supabase project.</p> <ol> <li>Create a folder named <strong>“prisma”</strong> in the root of your project, and inside that, create a file named <strong>“schema. prisma “.</strong> </li> </ol> <p>Note: Try to figure out the Prisma Schema. It should be self explanatory. Since it’s a different language altogether, I won’t be able to explain it here. You can check out <a href="https://www.prisma.io/docs" rel="noopener noreferrer">Prisma Docs</a> for more.</p> <h3> <code>prisma/schema.prisma</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="nx">generator</span> <span class="nx">client</span> <span class="p">{</span> <span class="nx">provider</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">prisma-client-js</span><span class="dl">"</span> <span class="p">}</span> <span class="nx">datasource</span> <span class="nx">db</span> <span class="p">{</span> <span class="nx">provider</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">postgresql</span><span class="dl">"</span> <span class="nx">url</span> <span class="o">=</span> <span class="nf">env</span><span class="p">(</span><span class="dl">"</span><span class="s2">DATABASE_URL</span><span class="dl">"</span><span class="p">)</span> <span class="nx">directUrl</span> <span class="o">=</span> <span class="nf">env</span><span class="p">(</span><span class="dl">"</span><span class="s2">DIRECT_URL</span><span class="dl">"</span><span class="p">)</span> <span class="p">}</span> <span class="nx">model</span> <span class="nx">Profile</span> <span class="p">{</span> <span class="nx">id</span> <span class="nb">String</span> <span class="p">@</span><span class="nd">id</span> <span class="p">@</span><span class="nd">default</span><span class="p">(</span><span class="nf">dbgenerated</span><span class="p">(</span><span class="dl">"</span><span class="s2">gen_random_uuid()</span><span class="dl">"</span><span class="p">))</span> <span class="p">@</span><span class="nd">db</span><span class="p">.</span><span class="nx">Uuid</span> <span class="nx">firstName</span> <span class="nb">String</span><span class="p">?</span> <span class="p">@</span><span class="nd">map</span><span class="p">(</span><span class="dl">"</span><span class="s2">first_name</span><span class="dl">"</span><span class="p">)</span> <span class="nx">lastName</span> <span class="nb">String</span><span class="p">?</span> <span class="p">@</span><span class="nd">map</span><span class="p">(</span><span class="dl">"</span><span class="s2">last_name</span><span class="dl">"</span><span class="p">)</span> <span class="nx">email</span> <span class="nb">String</span> <span class="p">@</span><span class="nd">unique</span> <span class="nx">createdAt</span> <span class="nx">DateTime</span> <span class="p">@</span><span class="nd">default</span><span class="p">(</span><span class="nf">now</span><span class="p">())</span> <span class="p">@</span><span class="nd">map</span><span class="p">(</span><span class="dl">"</span><span class="s2">created_at</span><span class="dl">"</span><span class="p">)</span> <span class="nx">updatedAt</span> <span class="nx">DateTime</span> <span class="p">@</span><span class="nd">updatedAt</span> <span class="p">@</span><span class="nd">map</span><span class="p">(</span><span class="dl">"</span><span class="s2">updated_at</span><span class="dl">"</span><span class="p">)</span> <span class="p">@@</span><span class="nd">map</span><span class="p">(</span><span class="dl">"</span><span class="s2">profiles</span><span class="dl">"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>💡 Tip: Install the Prisma extension for the VS Code to get syntax highlighting and type safety features of Prisma.</p> <ol> <li>Let’s add a script in our <code>package.json</code> file to make the migrations easier. Migration is a process in which you take your local schema and “migrate” it to make/modify the tables in your remote database. Add the following line under the <code>scripts</code> section in your <code>package.json</code> file.</li> </ol> <h3> <code>/package.json</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code> <span class="dl">"</span><span class="s2">migrate</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">pnpx prisma migrate dev --name init &amp;&amp; bunx prisma generate</span><span class="dl">"</span> </code></pre> </div> <ol> <li>Let’s try out our migration script. This should ideally create a <strong>“profiles”</strong> table in our Supabase Database. Run the following command in the terminal: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pnpm migrate </code></pre> </div> <ol> <li>Check your Database in the Supabase again, and confirm that the tables are created.</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7bsidnl56fgfllyy95ik.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7bsidnl56fgfllyy95ik.png" alt="Check Suapbase Tables" width="800" height="464"></a></p> <h2> Adding Triggers to Create and Delete a profile automatically when a new User Signs Up for our Application </h2> <p>Now that we created the Profiles table, it is time to ensure that whenever a new User signs up for our application, we must create a new Profile for that user, and delete that user from the authentication table when the user has deleted their profile. In simple terms</p> <ol> <li>User signs up → A record is added to the auth table → We create a profile. </li> <li><p>User deletes their profile → A record is removed from the profiles table → We delete their authentication info (account).</p></li> <li><p>Head over to your Supabase project and select the SQL Editor in the left navigation pane.</p></li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvu3hx17fq4h3i2kr0m4u.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvu3hx17fq4h3i2kr0m4u.png" alt="SQL Editor" width="800" height="447"></a></p> <ol> <li>Paste the following query in the editor and click “Run” </li> </ol> <h3> <code>triggers.sql</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="c1">-- Creates a function to run when user is authenticated (signed up)</span> <span class="k">create</span> <span class="k">or</span> <span class="k">replace</span> <span class="k">function</span> <span class="k">public</span><span class="p">.</span><span class="n">on_user_signup</span><span class="p">()</span> <span class="k">returns</span> <span class="k">trigger</span> <span class="k">as</span> <span class="err">$$</span> <span class="k">begin</span> <span class="k">insert</span> <span class="k">into</span> <span class="k">public</span><span class="p">.</span><span class="n">profiles</span> <span class="p">(</span><span class="n">id</span><span class="p">,</span> <span class="n">email</span><span class="p">,</span> <span class="n">updated_at</span><span class="p">,</span> <span class="n">first_name</span><span class="p">,</span> <span class="n">last_name</span><span class="p">)</span> <span class="k">values</span> <span class="p">(</span> <span class="k">new</span><span class="p">.</span><span class="n">id</span><span class="p">,</span> <span class="k">new</span><span class="p">.</span><span class="n">email</span><span class="p">,</span> <span class="n">now</span><span class="p">(),</span> <span class="k">NEW</span><span class="p">.</span><span class="n">raw_user_meta_data</span><span class="o">-&gt;&gt;</span><span class="s1">'first_name'</span><span class="p">,</span> <span class="k">NEW</span><span class="p">.</span><span class="n">raw_user_meta_data</span><span class="o">-&gt;&gt;</span><span class="s1">'last_name'</span> <span class="p">);</span> <span class="k">return</span> <span class="k">new</span><span class="p">;</span> <span class="k">end</span><span class="p">;</span> <span class="err">$$</span> <span class="k">language</span> <span class="n">plpgsql</span> <span class="k">security</span> <span class="k">definer</span><span class="p">;</span> <span class="c1">-- Creates a trigger to run the above function when a new user is authenticated (signed up)</span> <span class="k">create</span> <span class="k">or</span> <span class="k">replace</span> <span class="k">trigger</span> <span class="n">create_user_profile</span> <span class="k">after</span> <span class="k">insert</span> <span class="k">on</span> <span class="n">auth</span><span class="p">.</span><span class="n">users</span> <span class="k">for</span> <span class="k">each</span> <span class="k">row</span> <span class="k">execute</span> <span class="k">procedure</span> <span class="k">public</span><span class="p">.</span><span class="n">on_user_signup</span><span class="p">();</span> <span class="c1">-- Create a function to delete a user</span> <span class="k">create</span> <span class="k">or</span> <span class="k">replace</span> <span class="k">function</span> <span class="k">public</span><span class="p">.</span><span class="n">on_profile_delete</span><span class="p">()</span> <span class="k">returns</span> <span class="k">trigger</span> <span class="k">as</span> <span class="err">$$</span> <span class="k">begin</span> <span class="k">delete</span> <span class="k">from</span> <span class="n">auth</span><span class="p">.</span><span class="n">users</span> <span class="k">where</span> <span class="n">id</span> <span class="o">=</span> <span class="k">old</span><span class="p">.</span><span class="n">id</span><span class="p">;</span> <span class="k">return</span> <span class="k">new</span><span class="p">;</span> <span class="k">end</span><span class="p">;</span> <span class="err">$$</span> <span class="k">language</span> <span class="n">plpgsql</span> <span class="k">security</span> <span class="k">definer</span><span class="p">;</span> <span class="c1">-- Creates a trigger to run when a profile is deleted</span> <span class="k">create</span> <span class="k">or</span> <span class="k">replace</span> <span class="k">trigger</span> <span class="n">delete_auth_user</span> <span class="k">after</span> <span class="k">delete</span> <span class="k">on</span> <span class="k">public</span><span class="p">.</span><span class="n">profiles</span> <span class="k">for</span> <span class="k">each</span> <span class="k">row</span> <span class="k">execute</span> <span class="k">procedure</span> <span class="k">public</span><span class="p">.</span><span class="n">on_profile_delete</span><span class="p">();</span> </code></pre> </div> <ol> <li>First we create a <strong>function</strong> to create a new profile in the Profiles table.</li> <li>Then we create a <strong>trigger</strong> to execute the above function when a new user is authenticated (means a new user is added to the “auth” table).</li> <li>Then we create a <strong>function</strong> to delete the user from the “auth” table.</li> <li>Then we create a <strong>trigger</strong> to run that function whenever a profile is deleted from the “Profile” table.</li> </ol> <p><strong>Note</strong>: I have used <code>create or replace</code> such that it doesn’t cause any issues when you run this query again and there’s already a trigger or function with that name. Keep in mind this will replace the already existing function (if you have) of the same name, so be careful when executing this script.</p> <ol> <li>Test these changes by signing up with a new account. A new record should appear in the Profile table. Go to Table Editor (in the left navigation pane) &gt; profiles and see there’s a new record.</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flkmo8t3p9ji5gl1elw0l.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flkmo8t3p9ji5gl1elw0l.png" alt="Profiles table" width="800" height="353"></a></p> <ol> <li>Now delete this record manually from here, and check the authentication table to verify if the records are being deleted there.</li> </ol> <h2> Adding Row Level Security RLS to your tables </h2> <p><strong>Note: It is recommended that you only access your Database from server-side code only. But since supabase uses public keys which are exposed to the client side of the NextJS framework, we need to secure the table data with RLS.</strong></p> <p>Row Level Security (RLS) in PostgreSQL is a powerful feature that allows database administrators to control access to specific rows within a table based on user roles or other conditions. This is achieved by defining policies that act as filters, determining which rows are visible or modifiable by a user during operations like SELECT, INSERT, UPDATE, and DELETE</p> <p>When using Supabase in client-side (our Next JS client) applications, enabling RLS is crucial for securing data. Even if authentication is handled through server actions, enabling RLS on tables prevents unauthorized access via the anonymous key, ensuring that data is not exposed to unauthorized users. This provides an additional layer of security, acting as a "defense in depth" mechanism to protect data from malicious actors.</p> <p>If your application only manipulates data from the server side using service keys, RLS policies are not strictly necessary. Service keys can bypass RLS, allowing server-side operations to access data without restrictions. However, enabling RLS without policies still blocks unauthorized access attempts via the anonymous key, providing some security benefits even in server-side scenarios.</p> <ol> <li>Paste the following query in the SQL Editor and run it: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="c1">-- Enable RLS on profiles table</span> <span class="k">ALTER</span> <span class="k">TABLE</span> <span class="n">profiles</span> <span class="n">ENABLE</span> <span class="k">ROW</span> <span class="k">LEVEL</span> <span class="k">SECURITY</span><span class="p">;</span> <span class="c1">-- ============================================================================</span> <span class="c1">-- Policies for profiles table</span> <span class="c1">-- ============================================================================</span> <span class="c1">-- Policy: Allow users to read their own profile</span> <span class="k">CREATE</span> <span class="n">POLICY</span> <span class="n">read_own_profile</span> <span class="k">ON</span> <span class="n">profiles</span> <span class="k">FOR</span> <span class="k">SELECT</span> <span class="k">USING</span> <span class="p">(</span><span class="n">auth</span><span class="p">.</span><span class="n">uid</span><span class="p">()</span> <span class="o">=</span> <span class="n">id</span><span class="p">);</span> <span class="c1">-- Policy: Allow users to update their own profile</span> <span class="k">CREATE</span> <span class="n">POLICY</span> <span class="n">update_own_profile</span> <span class="k">ON</span> <span class="n">profiles</span> <span class="k">FOR</span> <span class="k">UPDATE</span> <span class="k">USING</span> <span class="p">(</span><span class="n">auth</span><span class="p">.</span><span class="n">uid</span><span class="p">()</span> <span class="o">=</span> <span class="n">id</span><span class="p">);</span> <span class="c1">-- Policy: Allow users to delete their own profile</span> <span class="k">CREATE</span> <span class="n">POLICY</span> <span class="n">delete_own_profile</span> <span class="k">ON</span> <span class="n">profiles</span> <span class="k">FOR</span> <span class="k">DELETE</span> <span class="k">USING</span> <span class="p">(</span><span class="n">auth</span><span class="p">.</span><span class="n">uid</span><span class="p">()</span> <span class="o">=</span> <span class="n">id</span><span class="p">);</span> </code></pre> </div> <p>I’ve added comments for each line to describe what each line is doing.</p> <ol> <li>In the table editor, you can see now the <strong>“Open Lock”</strong> icon is gone from the profile table. Which means our profile table has RLS enabled. </li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fy17uf3v7e1ukyar6mtm1.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fy17uf3v7e1ukyar6mtm1.png" alt="Check RLS" width="800" height="465"></a></p> <h2> Congratulations! </h2> <p>As we wrap up our detailed guide on creating a robust full-stack application with Next.js and Supabase, let's reflect on what we've accomplished. We started by setting up a brand new Next.js app, complete with essential authentication pages like Signup, Login, Forgot Password, and Reset Password, all styled with ShadCN and Tailwind CSS. This not only gave our app a sleek look but also provided a solid foundation for user management.</p> <p>Next, we integrated Supabase to handle authentication and protect our routes, ensuring that sensitive data is only accessible to authorized users. We also made logging in easier for our users by setting up Google authentication, providing a seamless experience.</p> <p>One of the most powerful aspects of our application is its advanced database management. We used Prisma ORM to create, migrate, and query tables efficiently. Additionally, we implemented Row Level Security (RLS) in our Supabase PostgreSQL tables, which means that only authenticated users can manage data they own. This extra layer of security is crucial for maintaining data integrity.</p> <p>Throughout this journey, we've shown how Next.js and Supabase can be combined to build applications that are both secure and scalable. Whether we're creating a user management system or a complex data-driven platform, the techniques outlined here provide a solid foundation for success. By following these steps, developers can ensure their applications meet the demands of modern web development while keeping data safe and secure.</p> <p>🔗 <a href="https://github.com/ojaswiat/supabase-auth-demo" rel="noopener noreferrer">Check out the full code for this series here.</a></p> <p>If you found this article useful, like, comment, and share, or just <a href="https://buymeacoffee.com/ojaswiat" rel="noopener noreferrer">buy me a coffee?</a></p> supabase postgres database webdev Ojas Sat, 15 Mar 2025 11:18:37 +0000 https://dev.to/ojaswiat/secure-your-nextjs-app-email-google-authentication-with-supabase-postgresql-rls-and-triggers-38nl https://dev.to/ojaswiat/secure-your-nextjs-app-email-google-authentication-with-supabase-postgresql-rls-and-triggers-38nl <p>Let us see how to enhance our web app's security and user experience by integrating Google authentication using Supabase. This guide will walk you through creating a Google Cloud project, obtaining client credentials, and configuring them in Supabase for seamless Google sign-in functionality.</p> <p>🔗 <a href="https://github.com/ojaswiat/supabase-auth-demo" rel="noopener noreferrer">Check out the full code for this series here.</a></p> <p>Google Cloud is a comprehensive suite of cloud computing services that includes Google Cloud Platform (GCP), Google Workspace, and more. GCP provides a robust infrastructure for building, deploying, and managing web applications, leveraging services such as computing, storage, and machine learning. A Google Cloud project is a top-level entity that organizes resources and services, allowing users to manage access, billing, and resource allocation efficiently.</p> <h2> Creating a new Google Cloud Project and getting the Credentials </h2> <p><strong>Ignore this step if you want to integrate Google login in an already existing project.</strong></p> <ol> <li>Sign up for <a href="http://console.cloud.google.com" rel="noopener noreferrer">console.cloud.google.com</a> if you didn’t already. Go to your Google Cloud Dashboard, and click “All Projects”, then in the dialog that appeared, click “New Project”.</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqam3l9i0p95wskizbmd6.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqam3l9i0p95wskizbmd6.png" alt="Create Supabase Project" width="800" height="583"></a></p> <ol> <li>Give your project a suitable name and click “Create”. Wait for a few minutes, and sip that cola while the project is being created.</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fai22dajfyshyvetwas4u.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fai22dajfyshyvetwas4u.png" alt="All projects Supabase" width="800" height="586"></a></p> <ol> <li>After the project is created, select that project from the “All Projects” dropdown.</li> <li>Click on the hamburger menu on the top left, then select APIs and Services &gt; OAuth Consent Screen.</li> </ol> <p>💡 Tip: If you don’t find these settings, then just search for “OAuth consent screen” in the search bar at the top.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F873mglizyrqtl23iuglp.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F873mglizyrqtl23iuglp.png" alt="Create an OAuth Client in GCP" width="800" height="573"></a></p> <ol> <li>Click “Get Started”. Here are the settings that you need to fill/choose: <ol> <li>Give an app name of your choice, preferably the same as your project name.</li> <li>In the user support email, give your email that you want to be contacted on.</li> <li>Select audience as <strong>“External”</strong> </li> <li>Give your email as the contact information.</li> <li>Agree to the terms and conditions after carefully reading them.</li> <li>Click “Create”. This will create a new consent screen for login to your application.</li> </ol> </li> </ol> <p>Now we are ready to create a new OAuth Client that will handle the signup and login in our application.</p> <ol> <li>Click “Create OAuth Client” on the right side of the screen</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7ynvhp9nkgykgu19b6sl.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7ynvhp9nkgykgu19b6sl.png" alt="Create an OAuth client in GCP" width="800" height="428"></a></p> <ol> <li>Fill in the details as follows. For application type, select “Web application”. For “Authorized JavaScript Origins”, select your local host address. If you have a production environment URL, you can add it here too. <strong>DO NOT CLICK “CREATE”.</strong> We need to enter the “Authorized Redirect URL” from <strong>Supabase</strong> here.</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi249y5z2smrmeg9828gf.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fi249y5z2smrmeg9828gf.png" alt="Get callback URL from Supabase" width="800" height="880"></a></p> <ol> <li>Go to your Supabase Dashboard and select the project for which you want to enable the Google authentication. In our case, we created “supabase-auth-demo” project, so I will be using that one.</li> <li>In the left pane, select the “Authentication” screen </li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fprp0e64gi6x870cq8wxz.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fprp0e64gi6x870cq8wxz.png" alt="Find Google auth in Supabase" width="800" height="645"></a></p> <ol> <li>In the left pane, click “Sign In / Up” and then scroll down in the “Auth Providers” section and click “Google”, and enable it.</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1atv4bs7xryr1z129i1h.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F1atv4bs7xryr1z129i1h.png" alt="Paste the callback URL in Supabase" width="800" height="296"></a></p> <ol> <li>Copy the “Callback URL (for OAuth)” URL and head over back to your GCP Project and paste it there. DO NOT CLOSE THIS TAB, as we will have to fill in the details “Client ID” and “Client Secret” after generating it.</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffr2f1r78zao1y6vvfxmf.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffr2f1r78zao1y6vvfxmf.png" alt="Add callback URL to GCP" width="800" height="948"></a></p> <ol> <li>Add that “Callback URL” from Supabase to the “Authorized redirect URIs” in the OAuth Client in GCP and click “Create”.</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fye64txivsiplppk5bn8p.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fye64txivsiplppk5bn8p.png" alt="Get client ID and secret from GCP" width="800" height="786"></a></p> <ol> <li>Now visit the client you just created, copy the “Client ID” and “Client Secret” and paste it in the Supabase Google settings.</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fktf0yfxsupy33cchd3hl.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fktf0yfxsupy33cchd3hl.png" alt="Add client ID and secret to GCP project" width="800" height="422"></a></p> <p>Now we are ready to set up the routes in our NextJS application to perform the Google Authentication.</p> <h2> Adding Google authentication functionality to our Next JS application </h2> <p>Now all we need is to add the function that will handle the Google signup and Login for us.</p> <p>Add the <code>signInWithGoogle</code> function to the component below and use this function on the Google sign in button.</p> <h3> Signup <code>/app/signup/page.ts</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight jsx"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">useSearchParams</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/navigation</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">createClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/utils/supabase/client</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// rest of the code</span> <span class="p">...</span> <span class="p">...</span> <span class="c1">// rest of the code</span> <span class="kd">const</span> <span class="nx">searchParams</span> <span class="o">=</span> <span class="nf">useSearchParams</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">next</span> <span class="o">=</span> <span class="nx">searchParams</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">next</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">supabase</span> <span class="o">=</span> <span class="nf">createClient</span><span class="p">();</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">signInWithGoogle</span><span class="p">()</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">error</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">supabase</span><span class="p">.</span><span class="nx">auth</span><span class="p">.</span><span class="nf">signInWithOAuth</span><span class="p">({</span> <span class="na">provider</span><span class="p">:</span> <span class="dl">"</span><span class="s2">google</span><span class="dl">"</span><span class="p">,</span> <span class="na">options</span><span class="p">:</span> <span class="p">{</span> <span class="na">redirectTo</span><span class="p">:</span> <span class="s2">`</span><span class="p">${</span><span class="nb">window</span><span class="p">.</span><span class="nx">location</span><span class="p">.</span><span class="nx">origin</span><span class="p">}</span><span class="s2">/auth/callback</span><span class="p">${</span> <span class="nx">next</span> <span class="p">?</span> <span class="s2">`?next=</span><span class="p">${</span><span class="nf">encodeURIComponent</span><span class="p">(</span><span class="nx">next</span><span class="p">)}</span><span class="s2">`</span> <span class="p">:</span> <span class="dl">""</span> <span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="nx">error</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nf">alert</span><span class="p">(</span><span class="dl">"</span><span class="s2">There was an error logging in with Google.</span><span class="dl">"</span><span class="p">),</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">// rest of the code</span> <span class="c1">// ...</span> <span class="c1">// ...</span> <span class="c1">// rest of the code</span> <span class="p">&lt;</span><span class="nc">Button</span> <span class="na">type</span><span class="p">=</span><span class="s">"button"</span> <span class="na">variant</span><span class="p">=</span><span class="s">"outline"</span> <span class="na">className</span><span class="p">=</span><span class="s">"w-full"</span> <span class="na">onClick</span><span class="p">=</span><span class="si">{</span><span class="p">()</span> <span class="o">=&gt;</span> <span class="nf">signInWithGoogle</span><span class="p">()</span><span class="si">}</span> <span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">Mail</span> <span class="na">size</span><span class="p">=</span><span class="si">{</span><span class="mi">16</span><span class="si">}</span> <span class="na">className</span><span class="p">=</span><span class="s">"mr-2"</span> <span class="p">/&gt;</span> Sign up with Google <span class="p">&lt;/</span><span class="nc">Button</span><span class="p">&gt;</span> </code></pre> </div> <h3> And do the same in the file <code>/app/login/page.tsx</code> </h3> <p>Test out the Google Login/Signup flow.</p> <p><strong>Note: Supabase will take care of the Email and Google integration if you Sign Up with your Gmail address.</strong></p> <h2> 💡Tips </h2> <ol> <li>In case of any errors, look for any console logs in the browser console as well as the server terminal. <strong>Also check Supabase logs in your Supabase project.</strong> </li> <li>For production, you should publish your Google OAuth Client that you created in the GCP.</li> </ol> <p>🔗 <a href="https://github.com/ojaswiat/supabase-auth-demo" rel="noopener noreferrer">Check out the full code for this series here.</a></p> <p>If you found this article useful, like, comment, and share, or just <a href="https://buymeacoffee.com/ojaswiat" rel="noopener noreferrer">buy me a coffee?</a></p> nextjs webdev auth javascript Ojas Sat, 15 Mar 2025 05:26:18 +0000 https://dev.to/ojaswiat/secure-your-nextjs-app-email-google-authentication-with-supabase-postgresql-rls-and-triggers-4g5j https://dev.to/ojaswiat/secure-your-nextjs-app-email-google-authentication-with-supabase-postgresql-rls-and-triggers-4g5j <p>Supabase is a powerful backend-as-a-service that provides a PostgreSQL database, authentication, and storage, making it an excellent alternative to Firebase. Here's how to create a Supabase project and set up the necessary environment variables for your Next.js application.</p> <p>🔗 <a href="https://github.com/ojaswiat/supabase-auth-demo" rel="noopener noreferrer">Check out the full code for this series here.</a></p> <h2> Create a Supabase Project </h2> <ol> <li> <strong>Sign Up or Log In</strong>: Visit <a href="https://supabase.com/" rel="noopener noreferrer">supabase.com</a> and create an account or log in if you already have one.</li> <li> <strong>Create a New Project</strong>: Once logged in, click "New Project" and fill in the necessary details such as organisation, project name, and password. Choose a database region that is closest to your users.</li> </ol> <p>💡 Tip: Save your Database Password somewhere safe. You’ll get this one-time, and we will need it. You can always reset the Database Password in the Project Settings if you forget it.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5xvyyvxzzes74zuffqd6.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5xvyyvxzzes74zuffqd6.png" alt="Create a new Supabase Project" width="800" height="521"></a></p> <ol> <li>Click on <strong>Create new project</strong> and wait for the process to finish.</li> </ol> <h2> Get your API keys </h2> <p>Let’s get our Project URL and API keys required to connect our application to our Supabase project.</p> <ol> <li>Navigate to the Supabase <strong>Dashboard</strong> and click on the Project you just created.</li> <li>In the left menu, at the bottom, click <strong>Project Settings,</strong> and then click <strong>Data API</strong> </li> <li>Find your <strong>Project URL</strong> and <strong>Public Anon Key</strong> here:</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkkw8noetnppu93ls7jfc.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkkw8noetnppu93ls7jfc.png" alt="Get the API keys of your project" width="800" height="521"></a></p> <ol> <li>Create a <code>.env</code> file in the root of your <strong>Next.js</strong> application and paste your keys like this </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>NEXT_PUBLIC_SUPABASE_URL=&lt;your-project-url&gt; NEXT_PUBLIC_SUPABASE_ANON_KEY=&lt;your-anon-key&gt; </code></pre> </div> <h2> Creating Client and Server Supabase Client </h2> <p>Supabase uses two different clients to connect to the Supabase project</p> <ol> <li> <strong>Server Client:</strong> This will be used by Server Components, Server Actions, and anything else that runs on our NextJS Server.</li> <li><p><strong>Browser Client:</strong> This will be used by Client Components, Hooks, Stores, and anything else that runs on our Browser UI.</p></li> <li><p>Install the supabase ssr package<br> </p></li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pnpm add @supabase/ssr @supabase/supabase-js </code></pre> </div> <ol> <li>Create a folder called <strong><code>utils/supabase</code></strong> . We will use this folder to create Supabase Browser Client, Supabase Server Client, and Supabase Middleware to handle routing for us.</li> </ol> <h3> Supabase Browser Client <code>/utils/supabase/client.ts</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createBrowserClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@supabase/ssr</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">createClient</span> <span class="o">=</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="nf">createBrowserClient</span><span class="p">(</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">NEXT_PUBLIC_SUPABASE_URL</span><span class="o">!</span><span class="p">,</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">NEXT_PUBLIC_SUPABASE_ANON_KEY</span><span class="o">!</span><span class="p">,</span> <span class="p">);</span> </code></pre> </div> <h3> Supabase Server Client <code>/utils/supabase/server.ts</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createServerClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@supabase/ssr</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">cookies</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/headers</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">createClient</span> <span class="o">=</span> <span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">cookieStore</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">cookies</span><span class="p">();</span> <span class="k">return</span> <span class="nf">createServerClient</span><span class="p">(</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">NEXT_PUBLIC_SUPABASE_URL</span><span class="o">!</span><span class="p">,</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">NEXT_PUBLIC_SUPABASE_ANON_KEY</span><span class="o">!</span><span class="p">,</span> <span class="p">{</span> <span class="na">cookies</span><span class="p">:</span> <span class="p">{</span> <span class="nf">getAll</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">cookieStore</span><span class="p">.</span><span class="nf">getAll</span><span class="p">();</span> <span class="p">},</span> <span class="nf">setAll</span><span class="p">(</span><span class="nx">cookiesToSet</span><span class="p">)</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="nx">cookiesToSet</span><span class="p">.</span><span class="nf">forEach</span><span class="p">(({</span> <span class="nx">name</span><span class="p">,</span> <span class="nx">value</span><span class="p">,</span> <span class="nx">options</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">cookieStore</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="nx">name</span><span class="p">,</span> <span class="nx">value</span><span class="p">,</span> <span class="nx">options</span><span class="p">);</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// The `set` method was called from a Server Component.</span> <span class="c1">// This can be ignored if you have middleware refreshing</span> <span class="c1">// user sessions.</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">},</span> <span class="p">},</span> <span class="p">},</span> <span class="p">);</span> <span class="p">};</span> </code></pre> </div> <ol> <li>Before creating the middleware, let’s define what routes are in the client, and which routes are allowed only when the user is logged in. Add the following lines to the end of the constants file <strong><code>/lib/constants</code></strong> </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">export</span> <span class="kd">const</span> <span class="nx">CLIENT_ROUTES</span> <span class="o">=</span> <span class="p">{</span> <span class="na">HOME</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// app</span> <span class="na">DASHBOARD</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/dashboard</span><span class="dl">"</span><span class="p">,</span> <span class="na">RESET_PASSWORD</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/reset-password</span><span class="dl">"</span><span class="p">,</span> <span class="c1">// auth</span> <span class="na">LOGIN</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/login</span><span class="dl">"</span><span class="p">,</span> <span class="na">SIGNUP</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/signup</span><span class="dl">"</span><span class="p">,</span> <span class="na">FORGOT_PASSWORD</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/forgot-password</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">PROTECTED_ROUTES</span> <span class="o">=</span> <span class="p">[</span> <span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">DASHBOARD</span><span class="p">,</span> <span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">RESET_PASSWORD</span><span class="p">,</span> <span class="p">];</span> <span class="k">export</span> <span class="kr">enum</span> <span class="nx">EServerResponseCode</span> <span class="p">{</span> <span class="c1">// good practice</span> <span class="nx">SUCCESS</span><span class="p">,</span> <span class="nx">FAILURE</span><span class="p">,</span> <span class="p">}</span> </code></pre> </div> <p>💡 Tip: After adding these routes, you can use them for href linking. It is considered a better practice over using plain strings everywhere.</p> <p>Also, let’s add lodash to make our lives easier while working with JS functions.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pnpm add lodash-es pnpm add <span class="nt">-D</span> @types/lodash-es </code></pre> </div> <ol> <li>Let’s create a dummy dashboard route that will be protected by our middleware, defined in the <code>PROTECTED_ROUTES</code> above.</li> </ol> <h3> Dashboard Page <code>/app/dashboard/page.tsx</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="dl">"</span><span class="s2">use client</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Button</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/components/ui/button</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">signOutAction</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/actions/supabase</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">useRouter</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/navigation</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">CLIENT_ROUTES</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/lib/constants</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="k">default</span> <span class="kd">function</span> <span class="nf">DashboardPage</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">router</span> <span class="o">=</span> <span class="nf">useRouter</span><span class="p">();</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">onLogout</span><span class="p">()</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="k">await</span> <span class="nf">signOutAction</span><span class="p">();</span> <span class="nx">router</span><span class="p">.</span><span class="nf">push</span><span class="p">(</span><span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">LOGIN</span><span class="p">);</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nf">alert</span><span class="p">(</span><span class="dl">"</span><span class="s2">Some error occured</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">return </span><span class="p">(</span> <span class="p">&lt;</span><span class="nt">div</span> <span class="na">className</span><span class="p">=</span><span class="s">"mt-32 text-center"</span><span class="p">&gt;</span> This is a protected dashboard page. You can only view this page when you're logged in. <span class="p">&lt;</span><span class="nt">form</span> <span class="na">action</span><span class="p">=</span><span class="si">{</span><span class="nx">onLogout</span><span class="si">}</span> <span class="na">className</span><span class="p">=</span><span class="s">"mt-4"</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">Button</span><span class="p">&gt;</span>Logout<span class="p">&lt;/</span><span class="nc">Button</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nt">form</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nt">div</span><span class="p">&gt;</span> <span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>Now let’s create our Supabase Middleware to handle auth routing</p> <h3> Supabase Middleware <code>/utils/supabase/middleware</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createServerClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@supabase/ssr</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">includes</span><span class="p">,</span> <span class="nx">isEmpty</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">lodash-es</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="kd">type</span> <span class="nx">NextRequest</span><span class="p">,</span> <span class="nx">NextResponse</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/server</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">CLIENT_ROUTES</span><span class="p">,</span> <span class="nx">PROTECTED_ROUTES</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/lib/constants</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">updateSession</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span><span class="nx">request</span><span class="p">:</span> <span class="nx">NextRequest</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// This `try/catch` block is only here for the interactive tutorial.</span> <span class="c1">// Feel free to remove once you have Supabase connected.</span> <span class="kd">const</span> <span class="nx">headers</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Headers</span><span class="p">(</span><span class="nx">request</span><span class="p">.</span><span class="nx">headers</span><span class="p">);</span> <span class="nx">headers</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">"</span><span class="s2">x-current-path</span><span class="dl">"</span><span class="p">,</span> <span class="nx">request</span><span class="p">.</span><span class="nx">nextUrl</span><span class="p">.</span><span class="nx">pathname</span><span class="p">);</span> <span class="k">try</span> <span class="p">{</span> <span class="c1">// Create an unmodified response</span> <span class="kd">let</span> <span class="nx">response</span> <span class="o">=</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">next</span><span class="p">({</span> <span class="na">request</span><span class="p">:</span> <span class="p">{</span> <span class="na">headers</span><span class="p">:</span> <span class="nx">request</span><span class="p">.</span><span class="nx">headers</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="c1">// supabase defaults</span> <span class="kd">const</span> <span class="nx">supabase</span> <span class="o">=</span> <span class="nf">createServerClient</span><span class="p">(</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">NEXT_PUBLIC_SUPABASE_URL</span><span class="o">!</span><span class="p">,</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">NEXT_PUBLIC_SUPABASE_ANON_KEY</span><span class="o">!</span><span class="p">,</span> <span class="p">{</span> <span class="na">cookies</span><span class="p">:</span> <span class="p">{</span> <span class="nf">getAll</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">request</span><span class="p">.</span><span class="nx">cookies</span><span class="p">.</span><span class="nf">getAll</span><span class="p">();</span> <span class="p">},</span> <span class="nf">setAll</span><span class="p">(</span><span class="nx">cookiesToSet</span><span class="p">)</span> <span class="p">{</span> <span class="nx">cookiesToSet</span><span class="p">.</span><span class="nf">forEach</span><span class="p">(({</span> <span class="nx">name</span><span class="p">,</span> <span class="nx">value</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="nx">request</span><span class="p">.</span><span class="nx">cookies</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="nx">name</span><span class="p">,</span> <span class="nx">value</span><span class="p">),</span> <span class="p">);</span> <span class="nx">response</span> <span class="o">=</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">next</span><span class="p">({</span> <span class="nx">request</span><span class="p">,</span> <span class="p">});</span> <span class="nx">cookiesToSet</span><span class="p">.</span><span class="nf">forEach</span><span class="p">(({</span> <span class="nx">name</span><span class="p">,</span> <span class="nx">value</span><span class="p">,</span> <span class="nx">options</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="nx">response</span><span class="p">.</span><span class="nx">cookies</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="nx">name</span><span class="p">,</span> <span class="nx">value</span><span class="p">,</span> <span class="nx">options</span><span class="p">),</span> <span class="p">);</span> <span class="p">},</span> <span class="p">},</span> <span class="p">},</span> <span class="p">);</span> <span class="c1">// This will refresh session if expired - required for Server Components</span> <span class="c1">// https://supabase.com/docs/guides/auth/server-side/nextjs</span> <span class="kd">const</span> <span class="p">{</span> <span class="na">data</span><span class="p">:</span> <span class="p">{</span> <span class="nx">user</span> <span class="p">},</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">supabase</span><span class="p">.</span><span class="nx">auth</span><span class="p">.</span><span class="nf">getUser</span><span class="p">();</span> <span class="k">if </span><span class="p">(</span> <span class="nf">isEmpty</span><span class="p">(</span><span class="nx">user</span><span class="p">)</span> <span class="o">&amp;&amp;</span> <span class="nf">includes</span><span class="p">(</span><span class="nx">PROTECTED_ROUTES</span><span class="p">,</span> <span class="nx">request</span><span class="p">.</span><span class="nx">nextUrl</span><span class="p">.</span><span class="nx">pathname</span><span class="p">)</span> <span class="p">)</span> <span class="p">{</span> <span class="c1">// no user, potentially respond by redirecting the user to the login page except for the above pages</span> <span class="kd">const</span> <span class="nx">url</span> <span class="o">=</span> <span class="nx">request</span><span class="p">.</span><span class="nx">nextUrl</span><span class="p">.</span><span class="nf">clone</span><span class="p">();</span> <span class="nx">url</span><span class="p">.</span><span class="nx">pathname</span> <span class="o">=</span> <span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">LOGIN</span><span class="p">;</span> <span class="k">return</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="nx">url</span><span class="p">,</span> <span class="p">{</span> <span class="nx">headers</span> <span class="p">});</span> <span class="p">}</span> <span class="k">if </span><span class="p">(</span> <span class="o">!</span><span class="nf">isEmpty</span><span class="p">(</span><span class="nx">user</span><span class="p">)</span> <span class="o">&amp;&amp;</span> <span class="p">(</span><span class="nx">request</span><span class="p">.</span><span class="nx">nextUrl</span><span class="p">.</span><span class="nx">pathname</span> <span class="o">===</span> <span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">LOGIN</span> <span class="o">||</span> <span class="nx">request</span><span class="p">.</span><span class="nx">nextUrl</span><span class="p">.</span><span class="nx">pathname</span> <span class="o">===</span> <span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">SIGNUP</span> <span class="o">||</span> <span class="nx">request</span><span class="p">.</span><span class="nx">nextUrl</span><span class="p">.</span><span class="nx">pathname</span> <span class="o">===</span> <span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">FORGOT_PASSWORD</span><span class="p">)</span> <span class="p">)</span> <span class="p">{</span> <span class="c1">// if the user is logged in and the url is login, signup, or forgot-password we redirect the user to dashboard.</span> <span class="kd">const</span> <span class="nx">url</span> <span class="o">=</span> <span class="nx">request</span><span class="p">.</span><span class="nx">nextUrl</span><span class="p">.</span><span class="nf">clone</span><span class="p">();</span> <span class="nx">url</span><span class="p">.</span><span class="nx">pathname</span> <span class="o">=</span> <span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">DASHBOARD</span><span class="p">;</span> <span class="k">return</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="nx">url</span><span class="p">,</span> <span class="p">{</span> <span class="nx">headers</span> <span class="p">});</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">response</span><span class="p">;</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// If you are here, a Supabase client could not be created!</span> <span class="c1">// This is likely because you have not set up environment variables.</span> <span class="c1">// Check out steps 1-4 again.</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="k">return</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">next</span><span class="p">({</span> <span class="na">request</span><span class="p">:</span> <span class="p">{</span> <span class="nx">headers</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="p">}</span> <span class="p">};</span> </code></pre> </div> <p>Now let’s create a Next.js Middleware in the root folder of our application and hook the Supabase middleware we just created. Otherwise the Supabase middleware is useless.</p> <h3> Next.js Middleware <code>/middleware.ts</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">import</span> <span class="p">{</span> <span class="kd">type</span> <span class="nx">NextRequest</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/server</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">updateSession</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/utils/supabase/middleware</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">middleware</span><span class="p">(</span><span class="nx">request</span><span class="p">:</span> <span class="nx">NextRequest</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="k">await</span> <span class="nf">updateSession</span><span class="p">(</span><span class="nx">request</span><span class="p">);</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="p">{</span> <span class="na">matcher</span><span class="p">:</span> <span class="p">[</span> <span class="cm">/* * Match all request paths except: * - _next/static (static files) * - _next/image (image optimization files) * - favicon.ico (favicon file) * - images - .svg, .png, .jpg, .jpeg, .gif, .webp * Feel free to modify this pattern to include more paths. */</span> <span class="dl">"</span><span class="s2">/((?!_next/static|_next/image|favicon.ico|.*</span><span class="se">\\</span><span class="s2">.(?:svg|png|jpg|jpeg|gif|webp)$).*)</span><span class="dl">"</span><span class="p">,</span> <span class="p">],</span> <span class="p">};</span> </code></pre> </div> <p>💡 Tip: I’ve added the Route handling logic to the Supabase middleware for simplicity. It should ideally be handled with a separate middleware.</p> <p>Now we are ready to create Server Actions (APIs) that will help our App to login and manage authentication.</p> <h2> Adding Supabase Callbacks and Server Actions to handle authentication </h2> <p>Before adding Server Actions for the users to authenticate to our application, we need to add some necessary callback URLs for Supabase to work.</p> <ol> <li> <strong>Callback Route:</strong> This route helps Supabase to verify a temporary token to let users reset their password, even when they are not logged in. Supabase sends a temporary token to let the user authenticate to our application temporarily just to change the password. </li> <li> <strong>Confirm Route:</strong> This route helps Supabase identify new users, and allows the signup to our application. Then this route redirects the user to the specified page where we want the user to visit.</li> </ol> <h3> Callback <code>/app/auth/callback/route.ts</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">isEmpty</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">lodash-es</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">NextResponse</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/server</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">CLIENT_ROUTES</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/lib/constants</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">createClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/utils/supabase/server</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">GET</span><span class="p">(</span><span class="nx">request</span><span class="p">:</span> <span class="nx">Request</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// The `/auth/callback` route is required for the server-side auth flow implemented</span> <span class="c1">// by the SSR package. It exchanges an auth code for the user's session.</span> <span class="c1">// https://supabase.com/docs/guides/auth/server-side/nextjs</span> <span class="kd">const</span> <span class="nx">requestUrl</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">URL</span><span class="p">(</span><span class="nx">request</span><span class="p">.</span><span class="nx">url</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">code</span> <span class="o">=</span> <span class="nx">requestUrl</span><span class="p">.</span><span class="nx">searchParams</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">code</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">origin</span> <span class="o">=</span> <span class="nx">requestUrl</span><span class="p">.</span><span class="nx">origin</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">redirectTo</span> <span class="o">=</span> <span class="nx">requestUrl</span><span class="p">.</span><span class="nx">searchParams</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">redirect_to</span><span class="dl">"</span><span class="p">)?.</span><span class="nf">toString</span><span class="p">();</span> <span class="k">if </span><span class="p">(</span><span class="nx">code</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">supabase</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">createClient</span><span class="p">();</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">error</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">supabase</span><span class="p">.</span><span class="nx">auth</span><span class="p">.</span><span class="nf">exchangeCodeForSession</span><span class="p">(</span><span class="nx">code</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nf">isEmpty</span><span class="p">(</span><span class="nx">error</span><span class="p">))</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span> <span class="s2">`</span><span class="p">${</span><span class="nx">origin</span><span class="p">}${</span><span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">LOGIN</span><span class="p">}</span><span class="s2">?failed=true`</span><span class="p">,</span> <span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">if </span><span class="p">(</span><span class="nx">redirectTo</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="s2">`</span><span class="p">${</span><span class="nx">origin</span><span class="p">}${</span><span class="nx">redirectTo</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// URL to redirect to after sign up process completes</span> <span class="k">return</span> <span class="nx">NextResponse</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="s2">`</span><span class="p">${</span><span class="nx">origin</span><span class="p">}${</span><span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">DASHBOARD</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <h3> Confirm <code>/app/auth/confirm/route.ts</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">import</span> <span class="p">{</span> <span class="kd">type</span> <span class="nx">EmailOtpType</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@supabase/supabase-js</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">redirect</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/navigation</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="kd">type</span> <span class="nx">NextRequest</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/server</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">CLIENT_ROUTES</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/lib/constants</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">createClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/utils/supabase/server</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">GET</span><span class="p">(</span><span class="nx">request</span><span class="p">:</span> <span class="nx">NextRequest</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">searchParams</span> <span class="p">}</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">URL</span><span class="p">(</span><span class="nx">request</span><span class="p">.</span><span class="nx">url</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">token_hash</span> <span class="o">=</span> <span class="nx">searchParams</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">token_hash</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="kd">type</span> <span class="o">=</span> <span class="nx">searchParams</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">type</span><span class="dl">"</span><span class="p">)</span> <span class="k">as</span> <span class="nx">EmailOtpType</span> <span class="o">|</span> <span class="kc">null</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">next</span> <span class="o">=</span> <span class="nx">searchParams</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">next</span><span class="dl">"</span><span class="p">)</span> <span class="o">??</span> <span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">DASHBOARD</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="nx">token_hash</span> <span class="o">&amp;&amp;</span> <span class="kd">type</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">supabase</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">createClient</span><span class="p">();</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">error</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">supabase</span><span class="p">.</span><span class="nx">auth</span><span class="p">.</span><span class="nf">verifyOtp</span><span class="p">({</span> <span class="kd">type</span><span class="p">,</span> <span class="nx">token_hash</span><span class="p">,</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// redirect user to specified redirect URL or root of app</span> <span class="nf">redirect</span><span class="p">(</span><span class="nx">next</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">// redirect the user to an error page with some instructions</span> <span class="nf">redirect</span><span class="p">(</span><span class="dl">"</span><span class="s2">/error</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>Now let’s add the Server Actions to handle the authentication from the client.</p> <h3> Supabase Actions <code>/actions/supabase.ts</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="dl">"</span><span class="s2">use server</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">headers</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/headers</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">redirect</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/navigation</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">CLIENT_ROUTES</span><span class="p">,</span> <span class="nx">EServerResponseCode</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/lib/constants</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">ForgotPasswordFormSchema</span><span class="p">,</span> <span class="nx">ResetPasswordFormSchema</span><span class="p">,</span> <span class="nx">SignupFormSchema</span><span class="p">,</span> <span class="kd">type</span> <span class="nx">TForgotPasswordFormSchema</span><span class="p">,</span> <span class="kd">type</span> <span class="nx">TLoginFormSchema</span><span class="p">,</span> <span class="kd">type</span> <span class="nx">TResetPasswordFormSchema</span><span class="p">,</span> <span class="kd">type</span> <span class="nx">TSignupFormSchema</span><span class="p">,</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/lib/constants</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">createClient</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/utils/supabase/server</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">signupAction</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span><span class="nx">formData</span><span class="p">:</span> <span class="nx">TSignupFormSchema</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">formData</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">supabase</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">createClient</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">origin</span> <span class="o">=</span> <span class="p">(</span><span class="k">await</span> <span class="nf">headers</span><span class="p">()).</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">origin</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">validation</span> <span class="o">=</span> <span class="nx">SignupFormSchema</span><span class="p">.</span><span class="nf">safeParse</span><span class="p">(</span><span class="nx">formData</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">validation</span><span class="p">.</span><span class="nx">success</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">FAILURE</span><span class="p">,</span> <span class="na">error</span><span class="p">:</span> <span class="nx">validation</span><span class="p">.</span><span class="nx">error</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Signup failed</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">error</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">supabase</span><span class="p">.</span><span class="nx">auth</span><span class="p">.</span><span class="nf">signUp</span><span class="p">({</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span><span class="p">,</span> <span class="na">options</span><span class="p">:</span> <span class="p">{</span> <span class="na">emailRedirectTo</span><span class="p">:</span> <span class="s2">`</span><span class="p">${</span><span class="nx">origin</span><span class="p">}</span><span class="s2">/auth/callback`</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">.</span><span class="nx">code</span> <span class="o">+</span> <span class="dl">"</span><span class="s2"> </span><span class="dl">"</span> <span class="o">+</span> <span class="nx">error</span><span class="p">.</span><span class="nx">message</span><span class="p">);</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">FAILURE</span><span class="p">,</span> <span class="nx">error</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Something went wrong! Please try again</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">SUCCESS</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Signup successful! Please check your mail to confirm your account</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="p">};</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">loginAction</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span><span class="nx">formData</span><span class="p">:</span> <span class="nx">TLoginFormSchema</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">formData</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">supabase</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">createClient</span><span class="p">();</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">error</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">supabase</span><span class="p">.</span><span class="nx">auth</span><span class="p">.</span><span class="nf">signInWithPassword</span><span class="p">({</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span><span class="p">,</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">.</span><span class="nx">code</span> <span class="o">+</span> <span class="dl">"</span><span class="s2"> </span><span class="dl">"</span> <span class="o">+</span> <span class="nx">error</span><span class="p">.</span><span class="nx">message</span><span class="p">);</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">FAILURE</span><span class="p">,</span> <span class="nx">error</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Invalid credentials</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nf">redirect</span><span class="p">(</span><span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">DASHBOARD</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">forgotPasswordAction</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span> <span class="nx">formData</span><span class="p">:</span> <span class="nx">TForgotPasswordFormSchema</span><span class="p">,</span> <span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">email</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">formData</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">supabase</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">createClient</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">origin</span> <span class="o">=</span> <span class="p">(</span><span class="k">await</span> <span class="nf">headers</span><span class="p">()).</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">origin</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">validation</span> <span class="o">=</span> <span class="nx">ForgotPasswordFormSchema</span><span class="p">.</span><span class="nf">safeParse</span><span class="p">(</span><span class="nx">formData</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">validation</span><span class="p">.</span><span class="nx">success</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">FAILURE</span><span class="p">,</span> <span class="na">error</span><span class="p">:</span> <span class="nx">validation</span><span class="p">.</span><span class="nx">error</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Password reset failed! Please try again</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">error</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">supabase</span><span class="p">.</span><span class="nx">auth</span><span class="p">.</span><span class="nf">resetPasswordForEmail</span><span class="p">(</span><span class="nx">email</span><span class="p">,</span> <span class="p">{</span> <span class="na">redirectTo</span><span class="p">:</span> <span class="s2">`</span><span class="p">${</span><span class="nx">origin</span><span class="p">}</span><span class="s2">/auth/callback?redirect_to=/</span><span class="p">${</span><span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">RESET_PASSWORD</span><span class="p">}</span><span class="s2">`</span><span class="p">,</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">.</span><span class="nx">code</span> <span class="o">+</span> <span class="dl">"</span><span class="s2"> </span><span class="dl">"</span> <span class="o">+</span> <span class="nx">error</span><span class="p">.</span><span class="nx">message</span><span class="p">);</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">FAILURE</span><span class="p">,</span> <span class="nx">error</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Something went wrong! Please try again</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">SUCCESS</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Success! Please check your mail to reset your password</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="p">};</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">resetPasswordAction</span> <span class="o">=</span> <span class="k">async </span><span class="p">(</span> <span class="nx">formData</span><span class="p">:</span> <span class="nx">TResetPasswordFormSchema</span><span class="p">,</span> <span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">supabase</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">createClient</span><span class="p">();</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">password</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">formData</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">validation</span> <span class="o">=</span> <span class="nx">ResetPasswordFormSchema</span><span class="p">.</span><span class="nf">safeParse</span><span class="p">(</span><span class="nx">formData</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">validation</span><span class="p">.</span><span class="nx">success</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">FAILURE</span><span class="p">,</span> <span class="na">error</span><span class="p">:</span> <span class="nx">validation</span><span class="p">.</span><span class="nx">error</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Password reset failed! Please try again</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">error</span> <span class="p">}</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">supabase</span><span class="p">.</span><span class="nx">auth</span><span class="p">.</span><span class="nf">updateUser</span><span class="p">({</span> <span class="na">password</span><span class="p">:</span> <span class="nx">password</span><span class="p">,</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">FAILURE</span><span class="p">,</span> <span class="nx">error</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Something went wrong! Please try again</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">SUCCESS</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Password changed successfully</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="p">};</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">signOutAction</span> <span class="o">=</span> <span class="k">async </span><span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">supabase</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">createClient</span><span class="p">();</span> <span class="k">await</span> <span class="nx">supabase</span><span class="p">.</span><span class="nx">auth</span><span class="p">.</span><span class="nf">signOut</span><span class="p">();</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">SUCCESS</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">User logged out successfully!</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="k">return</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">FAILURE</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Failed to logout! Please try again</span><span class="dl">"</span><span class="p">,</span> <span class="p">};</span> <span class="p">}</span> <span class="p">};</span> </code></pre> </div> <p>Now let’s edit our Form Handlers to call these functions. Edit the following pages:</p> <h3> Signup <code>/app/signup/page.tsx</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">async</span> <span class="kd">function</span> <span class="nf">onSubmit</span><span class="p">(</span><span class="nx">values</span><span class="p">:</span> <span class="nx">TSignupFormSchema</span><span class="p">)</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">signupAction</span><span class="p">(</span><span class="nx">values</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nf">isEmpty</span><span class="p">(</span><span class="nx">response</span><span class="p">)</span> <span class="o">||</span> <span class="nx">response</span><span class="p">.</span><span class="nx">code</span> <span class="o">!==</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">SUCCESS</span><span class="p">)</span> <span class="p">{</span> <span class="nf">alert</span><span class="p">(</span><span class="dl">"</span><span class="s2">Failed to signup!</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">form</span><span class="p">.</span><span class="nf">reset</span><span class="p">();</span> <span class="nf">alert</span><span class="p">(</span><span class="nx">response</span><span class="p">.</span><span class="nx">message</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">"</span><span class="s2">Signup failed:</span><span class="dl">"</span><span class="p">,</span> <span class="nx">error</span><span class="p">);</span> <span class="nf">alert</span><span class="p">(</span><span class="dl">"</span><span class="s2">Failed to signup!</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Login <code>/app/login/page.tsx</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">async</span> <span class="kd">function</span> <span class="nf">onSubmit</span><span class="p">(</span><span class="nx">values</span><span class="p">:</span> <span class="nx">TLoginFormSchema</span><span class="p">)</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">loginAction</span><span class="p">(</span><span class="nx">values</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nf">isEmpty</span><span class="p">(</span><span class="nx">response</span><span class="p">)</span> <span class="o">&amp;&amp;</span> <span class="nx">response</span><span class="p">.</span><span class="nx">code</span> <span class="o">===</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">FAILURE</span><span class="p">)</span> <span class="p">{</span> <span class="nf">alert</span><span class="p">(</span><span class="nx">response</span><span class="p">.</span><span class="nx">message</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">"</span><span class="s2">Login failed:</span><span class="dl">"</span><span class="p">,</span> <span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Forgot Password <code>/app/forgot-password/page.tsx</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="k">async</span> <span class="kd">function</span> <span class="nf">onSubmit</span><span class="p">(</span><span class="nx">values</span><span class="p">:</span> <span class="nx">TForgotPasswordFormSchema</span><span class="p">)</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">forgotPasswordAction</span><span class="p">(</span><span class="nx">values</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nf">isEmpty</span><span class="p">(</span><span class="nx">response</span><span class="p">)</span> <span class="o">||</span> <span class="nx">response</span><span class="p">.</span><span class="nx">code</span> <span class="o">!==</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">SUCCESS</span><span class="p">)</span> <span class="p">{</span> <span class="nf">alert</span><span class="p">(</span><span class="dl">"</span><span class="s2">Failed to send verification link. Please try again</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nf">alert</span><span class="p">(</span><span class="dl">"</span><span class="s2">Verification link send. Please check your email</span><span class="dl">"</span><span class="p">);</span> <span class="nx">form</span><span class="p">.</span><span class="nf">reset</span><span class="p">();</span> <span class="p">}</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">"</span><span class="s2">Forgot password failed:</span><span class="dl">"</span><span class="p">,</span> <span class="nx">error</span><span class="p">);</span> <span class="nf">alert</span><span class="p">(</span><span class="dl">"</span><span class="s2">Failed to send verification link. Please try again</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Reset Password <code>/app/reset-password/page.tsx</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="c1">// make sure you import the router from next/navigation</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">useRouter</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">next/navigation</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">router</span> <span class="o">=</span> <span class="nf">useRouter</span><span class="p">();</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">onSubmit</span><span class="p">(</span><span class="nx">values</span><span class="p">:</span> <span class="nx">TResetPasswordFormSchema</span><span class="p">)</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">resetPasswordAction</span><span class="p">(</span><span class="nx">values</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span> <span class="nf">isEmpty</span><span class="p">(</span><span class="nx">response</span><span class="p">)</span> <span class="o">||</span> <span class="nx">response</span><span class="p">.</span><span class="nx">code</span> <span class="o">!==</span> <span class="nx">EServerResponseCode</span><span class="p">.</span><span class="nx">SUCCESS</span> <span class="p">)</span> <span class="p">{</span> <span class="nf">alert</span><span class="p">(</span><span class="nx">response</span><span class="p">.</span><span class="nx">message</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">response</span><span class="p">.</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">form</span><span class="p">.</span><span class="nf">reset</span><span class="p">();</span> <span class="nf">alert</span><span class="p">(</span><span class="nx">response</span><span class="p">.</span><span class="nx">message</span><span class="p">);</span> <span class="nx">router</span><span class="p">.</span><span class="nf">push</span><span class="p">(</span><span class="nx">CLIENT_ROUTES</span><span class="p">.</span><span class="nx">DASHBOARD</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">"</span><span class="s2">Password reset error:</span><span class="dl">"</span><span class="p">,</span> <span class="nx">error</span><span class="p">);</span> <span class="nf">alert</span><span class="p">(</span><span class="dl">"</span><span class="s2">Password reset failed! Please try again</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Our application is ready with Email authentication. The users will be able to sign up, login, and reset their password via these routes. Test these routes and actions carefully.</p> <h2> 💡Tips </h2> <ol> <li>In case of any errors, look for any console logs in the browser console as well as the server terminal. <strong>Also check Supabase logs in your Supabase project.</strong> </li> <li>For production you should always configure your own custom SMTP server to work with Supabase.</li> <li>Always set a low time limit for the auth token generated using the <code>/forgot-password</code> route.</li> </ol> <p>🔗 <a href="https://github.com/ojaswiat/supabase-auth-demo" rel="noopener noreferrer">Check out the full code for this series here.</a></p> <p>If you found this article useful, like, comment, and share, or just <a href="https://buymeacoffee.com/ojaswiat" rel="noopener noreferrer">buy me a coffee?</a></p> nextjs webdev postgres supabase Ojas Sat, 15 Mar 2025 05:19:20 +0000 https://dev.to/ojaswiat/secure-your-nextjs-app-email-google-authentication-with-supabase-postgresql-rls-and-triggers-4c3 https://dev.to/ojaswiat/secure-your-nextjs-app-email-google-authentication-with-supabase-postgresql-rls-and-triggers-4c3 <p>In this 4-part series, we will explore the process of creating robust, scalable, and secure web applications using the powerful combination of <strong>Next.js</strong> and <strong>Supabase</strong>. NextJS, a leading React framework, offers server-side rendering, static site generation, and performance optimization, making it perfect for building dynamic and SEO-friendly websites. Supabase, on the other hand, provides a comprehensive backend-as-a-service solution, featuring a PostgreSQL database, real-time data capabilities, and streamlined authentication services.</p> <p>🔗 <a href="https://github.com/ojaswiat/supabase-auth-demo" rel="noopener noreferrer">Check out the full code for this series here.</a></p> <p>By integrating <strong>Supabase</strong> with <strong>Next.js,</strong> we can leverage the strengths of both platforms to create full-stack applications easily. <strong>Supabase</strong> simplifies backend operations by handling database management, authentication, and real-time updates, allowing us to focus on building exceptional user experiences. Meanwhile, <strong>Next.js</strong> enhances the front-end with its robust rendering capabilities and optimization features. This integration enables us to build fast, secure, and scalable applications without the complexity of managing servers or writing extensive backend code.</p> <p>Throughout this series, we will go through the following key topics:</p> <ol> <li> <strong>Setting Up Our Next.js App</strong>: We'll start by creating a brand new Next.js application using <strong>ShadCN</strong> and <strong>Tailwind CSS</strong> for styling. Next, we will create essential authentication pages, including <strong>Signup, Login, Forgot Password, and Reset Password.</strong> </li> <li> <strong>Supabase Integration</strong>: Next, we'll create a Supabase project and configure routes and middlewares to handle authentication and basic route protection. This will ensure our application is secure and only authorized users can access sensitive data.</li> <li> <strong>Google Authentication</strong>: We'll also set up a Google Cloud console project and integrate Google authentication into our application, providing users with a seamless login experience.</li> <li> <strong>Advanced Database Management</strong>: Finally, we'll dive into advanced database management techniques by using <strong>Prisma ORM</strong> to create, migrate, and query tables. We will add triggers to create and manage user data and implement Row-Level Security (RLS) in our Supabase PostgreSQL tables. This ensures that only authenticated users can manipulate data owned by them. </li> </ol> <p>To streamline form handling and validation, we will use <strong>React Hook Forms</strong> for managing form state and <strong>Zod</strong> for validating form data. These tools will help us create robust and user-friendly forms that enhance the overall user experience.</p> <h2> Initializing a Shadcn Project with Next.js and pnpm </h2> <p>Shadcn UI, combined with Tailwind CSS, offers a powerful way to build visually appealing web applications. Here's how to initialize a Shadcn project with Next.js using pnpm.</p> <ol> <li> <p><strong>Install and Initialize Shadcn:</strong> Use the following command to initialize your project with default options:<br> </p> <pre class="highlight shell"><code>pnpm dlx shadcn@latest init <span class="nt">-d</span> </code></pre> <p>When prompted, select <strong>Next.js</strong> as your project type. This command will set up your project with necessary dependencies and configurations. It includes setting up CSS variables for theming. The <code>-d</code> flag creates the project with default options.</p> </li> <li> <p><strong>Start Development:</strong></p> <p>Run your Next.js development server with:<br> </p> <pre class="highlight shell"><code>pnpm dev </code></pre> </li> </ol> <p>Our project is now ready to be customized and developed further. This setup provides a solid foundation for building modern web applications with Shadcn UI and Next.js.</p> <h2> Route creation for Authentication </h2> <p>In this section we will create four basic form pages using Shadcn UI: <strong>signup</strong>, <strong>login</strong>, <strong>forgot-password</strong>, and <strong>reset-password</strong>. We'll cover how to add necessary Shadcn components and create the forms.</p> <h2> Add Components Individually: </h2> <p>Use the following commands to add specific components:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pnpm dlx shadcn@latest add button input form card separator </code></pre> </div> <h2> Installing Dependencies </h2> <p>Let’s install “Zod” and “React Hook Forms” for form building and validations<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pnpm add zod react-hook-form @hookform/resolvers </code></pre> </div> <p>Let’s install “lucide-react” for beautiful icons<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>pnpm add lucide-react </code></pre> </div> <h2> Creating Form Schemas for Form Validation </h2> <p>We can create very refined and granular form schemas for custom validation using zod. Create a file <code>lib/constants.ts</code> </p> <p>💡 Tip: These are just basic validations to show you how to add them. You should customise these validations as per your needs.</p> <h3> <code>lib/constants.ts</code> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="c1">// Auth Management</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">z</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">zod</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">SignupFormSchema</span> <span class="o">=</span> <span class="nx">z</span> <span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">email</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">email</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Please enter a valid email address.</span><span class="dl">"</span><span class="p">,</span> <span class="p">}),</span> <span class="na">password</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">min</span><span class="p">(</span><span class="mi">8</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Password must be at least 8 characters.</span><span class="dl">"</span><span class="p">,</span> <span class="p">}),</span> <span class="na">confirmPassword</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">(),</span> <span class="p">})</span> <span class="p">.</span><span class="nf">refine</span><span class="p">((</span><span class="nx">data</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">data</span><span class="p">.</span><span class="nx">password</span> <span class="o">===</span> <span class="nx">data</span><span class="p">.</span><span class="nx">confirmPassword</span><span class="p">,</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">confirmPassword</span><span class="dl">"</span><span class="p">],</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Passwords do not match</span><span class="dl">"</span><span class="p">,</span> <span class="p">});</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">LoginFormSchema</span> <span class="o">=</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">email</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">email</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Please enter a valid email address.</span><span class="dl">"</span><span class="p">,</span> <span class="p">}),</span> <span class="na">password</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">min</span><span class="p">(</span><span class="mi">1</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Password is required.</span><span class="dl">"</span><span class="p">,</span> <span class="p">}),</span> <span class="p">})</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">ForgotPasswordFormSchema</span> <span class="o">=</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">email</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">email</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Please enter a valid email address.</span><span class="dl">"</span><span class="p">,</span> <span class="p">}),</span> <span class="p">})</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">ResetPasswordFormSchema</span> <span class="o">=</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">password</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">min</span><span class="p">(</span><span class="mi">8</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Password must be at least 8 characters.</span><span class="dl">"</span><span class="p">,</span> <span class="p">}),</span> <span class="na">confirmPassword</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">()</span> <span class="p">}).</span><span class="nf">refine</span><span class="p">((</span><span class="nx">data</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">data</span><span class="p">.</span><span class="nx">password</span> <span class="o">===</span> <span class="nx">data</span><span class="p">.</span><span class="nx">confirmPassword</span><span class="p">,</span> <span class="p">{</span><span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Passwords do not match</span><span class="dl">"</span><span class="p">})</span> <span class="k">export</span> <span class="kd">type</span> <span class="nx">TSignupFormSchema</span> <span class="o">=</span> <span class="nx">z</span><span class="p">.</span><span class="nx">infer</span><span class="o">&lt;</span><span class="k">typeof</span> <span class="nx">SignupFormSchema</span><span class="o">&gt;</span> <span class="k">export</span> <span class="kd">type</span> <span class="nx">TLoginFormSchema</span> <span class="o">=</span> <span class="nx">z</span><span class="p">.</span><span class="nx">infer</span><span class="o">&lt;</span><span class="k">typeof</span> <span class="nx">LoginFormSchema</span><span class="o">&gt;</span> <span class="k">export</span> <span class="kd">type</span> <span class="nx">TForgotPasswordFormSchema</span> <span class="o">=</span> <span class="nx">z</span><span class="p">.</span><span class="nx">infer</span><span class="o">&lt;</span><span class="k">typeof</span> <span class="nx">ForgotPasswordFormSchema</span><span class="o">&gt;</span> <span class="k">export</span> <span class="kd">type</span> <span class="nx">TResetPasswordFormSchema</span> <span class="o">=</span> <span class="nx">z</span><span class="p">.</span><span class="nx">infer</span><span class="o">&lt;</span><span class="k">typeof</span> <span class="nx">ResetPasswordFormSchema</span><span class="o">&gt;</span> </code></pre> </div> <p>We have created schemas using Zod and inferred their types using zod itself. Now let’s use these schemas to create forms using <code>react-hook-form</code></p> <h2> <strong>Create Form Pages</strong> </h2> <p>Create a new file for each form page in your <strong><code>app</code></strong> directory.</p> <h3> <strong>Signup Page (<code>app/signup/page.tsx</code>):</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="dl">"</span><span class="s2">use client</span><span class="dl">"</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">zodResolver</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@hookform/resolvers/zod</span><span class="dl">"</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">useForm</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">react-hook-form</span><span class="dl">"</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Button</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/components/ui/button</span><span class="dl">"</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Card</span><span class="p">,</span> <span class="nx">CardContent</span><span class="p">,</span> <span class="nx">CardDescription</span><span class="p">,</span> <span class="nx">CardFooter</span><span class="p">,</span> <span class="nx">CardHeader</span><span class="p">,</span> <span class="nx">CardTitle</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/components/ui/card</span><span class="dl">"</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Form</span><span class="p">,</span> <span class="nx">FormControl</span><span class="p">,</span> <span class="nx">FormDescription</span><span class="p">,</span> <span class="nx">FormField</span><span class="p">,</span> <span class="nx">FormItem</span><span class="p">,</span> <span class="nx">FormLabel</span><span class="p">,</span> <span class="nx">FormMessage</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/components/ui/form</span><span class="dl">"</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Input</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/components/ui/input</span><span class="dl">"</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Separator</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/components/ui/separator</span><span class="dl">"</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Mail</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">lucide-react</span><span class="dl">"</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">SignupFormSchema</span><span class="p">,</span> <span class="nx">TSignupFormSchema</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">@/lib/constants</span><span class="dl">"</span> <span class="k">export</span> <span class="k">default</span> <span class="kd">function</span> <span class="nf">SignupForm</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">form</span> <span class="o">=</span> <span class="nx">useForm</span><span class="o">&lt;</span><span class="nx">TSignupFormSchema</span><span class="o">&gt;</span><span class="p">({</span> <span class="na">resolver</span><span class="p">:</span> <span class="nf">zodResolver</span><span class="p">(</span><span class="nx">SignupFormSchema</span><span class="p">),</span> <span class="na">mode</span><span class="p">:</span> <span class="dl">"</span><span class="s2">onChange</span><span class="dl">"</span><span class="p">,</span> <span class="na">defaultValues</span><span class="p">:</span> <span class="p">{</span> <span class="na">email</span><span class="p">:</span> <span class="dl">""</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="dl">""</span><span class="p">,</span> <span class="na">confirmPassword</span><span class="p">:</span> <span class="dl">""</span><span class="p">,</span> <span class="p">},</span> <span class="p">})</span> <span class="kd">function</span> <span class="nf">onSubmit</span><span class="p">(</span><span class="nx">values</span><span class="p">:</span> <span class="nx">TSignupFormSchema</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// This would typically send the data to your API</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">values</span><span class="p">)</span> <span class="p">}</span> <span class="k">return </span><span class="p">(</span> <span class="p">&lt;</span><span class="nc">Card</span> <span class="na">className</span><span class="p">=</span><span class="s">"w-full max-w-md mx-auto mt-32"</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">CardHeader</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">CardTitle</span> <span class="na">className</span><span class="p">=</span><span class="s">"text-2xl"</span><span class="p">&gt;</span>Create an account<span class="p">&lt;/</span><span class="nc">CardTitle</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">CardDescription</span><span class="p">&gt;</span>Enter your information to get started.<span class="p">&lt;/</span><span class="nc">CardDescription</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nc">CardHeader</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">CardContent</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">Form</span> <span class="si">{</span><span class="p">...</span><span class="nx">form</span><span class="si">}</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">form</span> <span class="na">onSubmit</span><span class="p">=</span><span class="si">{</span><span class="nx">form</span><span class="p">.</span><span class="nf">handleSubmit</span><span class="p">(</span><span class="nx">onSubmit</span><span class="p">)</span><span class="si">}</span> <span class="na">className</span><span class="p">=</span><span class="s">"space-y-6"</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormField</span> <span class="na">control</span><span class="p">=</span><span class="si">{</span><span class="nx">form</span><span class="p">.</span><span class="nx">control</span><span class="si">}</span> <span class="na">name</span><span class="p">=</span><span class="s">"email"</span> <span class="na">render</span><span class="p">=</span><span class="si">{</span><span class="p">({</span> <span class="nx">field</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="p">(</span> <span class="p">&lt;</span><span class="nc">FormItem</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormLabel</span><span class="p">&gt;</span>Email<span class="p">&lt;/</span><span class="nc">FormLabel</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormControl</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">Input</span> <span class="na">placeholder</span><span class="p">=</span><span class="s">"you@example.com"</span> <span class="na">type</span><span class="p">=</span><span class="s">"email"</span> <span class="si">{</span><span class="p">...</span><span class="nx">field</span><span class="si">}</span> <span class="p">/&gt;</span> <span class="p">&lt;/</span><span class="nc">FormControl</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormDescription</span><span class="p">&gt;</span>Enter a valid email<span class="p">&lt;/</span><span class="nc">FormDescription</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormMessage</span> <span class="p">/&gt;</span> <span class="p">&lt;/</span><span class="nc">FormItem</span><span class="p">&gt;</span> <span class="p">)</span><span class="si">}</span> <span class="p">/&gt;</span> <span class="p">&lt;</span><span class="nc">FormField</span> <span class="na">control</span><span class="p">=</span><span class="si">{</span><span class="nx">form</span><span class="p">.</span><span class="nx">control</span><span class="si">}</span> <span class="na">name</span><span class="p">=</span><span class="s">"password"</span> <span class="na">render</span><span class="p">=</span><span class="si">{</span><span class="p">({</span> <span class="nx">field</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="p">(</span> <span class="p">&lt;</span><span class="nc">FormItem</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormLabel</span><span class="p">&gt;</span>Password<span class="p">&lt;/</span><span class="nc">FormLabel</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormControl</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">Input</span> <span class="na">placeholder</span><span class="p">=</span><span class="s">"Create a password"</span> <span class="na">type</span><span class="p">=</span><span class="s">"password"</span> <span class="si">{</span><span class="p">...</span><span class="nx">field</span><span class="si">}</span> <span class="p">/&gt;</span> <span class="p">&lt;/</span><span class="nc">FormControl</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormDescription</span><span class="p">&gt;</span>Must be at least 8 characters<span class="p">&lt;/</span><span class="nc">FormDescription</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormMessage</span> <span class="p">/&gt;</span> <span class="p">&lt;/</span><span class="nc">FormItem</span><span class="p">&gt;</span> <span class="p">)</span><span class="si">}</span> <span class="p">/&gt;</span> <span class="p">&lt;</span><span class="nc">FormField</span> <span class="na">control</span><span class="p">=</span><span class="si">{</span><span class="nx">form</span><span class="p">.</span><span class="nx">control</span><span class="si">}</span> <span class="na">name</span><span class="p">=</span><span class="s">"confirmPassword"</span> <span class="na">render</span><span class="p">=</span><span class="si">{</span><span class="p">({</span> <span class="nx">field</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="p">(</span> <span class="p">&lt;</span><span class="nc">FormItem</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormLabel</span><span class="p">&gt;</span>Confirm password<span class="p">&lt;/</span><span class="nc">FormLabel</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormControl</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">Input</span> <span class="na">placeholder</span><span class="p">=</span><span class="s">"Retype the password again"</span> <span class="na">type</span><span class="p">=</span><span class="s">"password"</span> <span class="si">{</span><span class="p">...</span><span class="nx">field</span><span class="si">}</span> <span class="p">/&gt;</span> <span class="p">&lt;/</span><span class="nc">FormControl</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormDescription</span><span class="p">&gt;</span>Must be same as the password<span class="p">&lt;/</span><span class="nc">FormDescription</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">FormMessage</span> <span class="p">/&gt;</span> <span class="p">&lt;/</span><span class="nc">FormItem</span><span class="p">&gt;</span> <span class="p">)</span><span class="si">}</span> <span class="p">/&gt;</span> <span class="p">&lt;</span><span class="nc">Button</span> <span class="na">type</span><span class="p">=</span><span class="s">"submit"</span> <span class="na">className</span><span class="p">=</span><span class="s">"w-full"</span><span class="p">&gt;</span> Sign up <span class="p">&lt;/</span><span class="nc">Button</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">div</span> <span class="na">className</span><span class="p">=</span><span class="s">"relative my-4"</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">Separator</span> <span class="p">/&gt;</span> <span class="p">&lt;</span><span class="nt">div</span> <span class="na">className</span><span class="p">=</span><span class="s">"absolute inset-0 flex items-center justify-center"</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">span</span> <span class="na">className</span><span class="p">=</span><span class="s">"bg-background px-2 text-xs text-muted-foreground"</span><span class="p">&gt;</span>OR CONTINUE WITH<span class="p">&lt;/</span><span class="nt">span</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nt">div</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nt">div</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">Button</span> <span class="na">type</span><span class="p">=</span><span class="s">"button"</span> <span class="na">variant</span><span class="p">=</span><span class="s">"outline"</span> <span class="na">className</span><span class="p">=</span><span class="s">"w-full"</span> <span class="na">onClick</span><span class="p">=</span><span class="si">{</span><span class="p">()</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">Google sign-in</span><span class="dl">"</span><span class="p">)</span><span class="si">}</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">Mail</span> <span class="na">size</span><span class="p">=</span><span class="si">{</span><span class="mi">16</span><span class="si">}</span> <span class="na">className</span><span class="p">=</span><span class="s">"mr-2"</span> <span class="p">/&gt;</span> Sign up with Google <span class="p">&lt;/</span><span class="nc">Button</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nt">form</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nc">Form</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nc">CardContent</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nc">CardFooter</span> <span class="na">className</span><span class="p">=</span><span class="s">"flex justify-center border-t pt-6"</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">p</span> <span class="na">className</span><span class="p">=</span><span class="s">"text-sm text-muted-foreground"</span><span class="p">&gt;</span> Already have an account?<span class="si">{</span><span class="dl">"</span><span class="s2"> </span><span class="dl">"</span><span class="si">}</span> <span class="p">&lt;</span><span class="nt">a</span> <span class="na">href</span><span class="p">=</span><span class="s">"/login"</span> <span class="na">className</span><span class="p">=</span><span class="s">"text-primary font-medium hover:underline"</span><span class="p">&gt;</span> Sign in <span class="p">&lt;/</span><span class="nt">a</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nt">p</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nc">CardFooter</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nc">Card</span><span class="p">&gt;</span> <span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h3> Login Page <strong>(<code>app/login/page.tsx</code>):</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight html"><code>"use client" import { zodResolver } from "@hookform/resolvers/zod" import { useForm } from "react-hook-form" import { Button } from "@/components/ui/button" import { Card, CardContent, CardDescription, CardFooter, CardHeader, CardTitle } from "@/components/ui/card" import { Form, FormControl, FormField, FormItem, FormLabel, FormMessage } from "@/components/ui/form" import { Input } from "@/components/ui/input" import { Separator } from "@/components/ui/separator" import { Mail } from "lucide-react" import { TLoginFormSchema, LoginFormSchema } from "@/lib/constants" export default function LoginForm() { const form = useForm<span class="nt">&lt;TLoginFormSchema&gt;</span>({ resolver: zodResolver(LoginFormSchema), mode: "onChange", defaultValues: { email: "", password: "", }, }) function onSubmit(values: TLoginFormSchema) { // This would typically send the data to your API console.log(values) } return ( <span class="nt">&lt;Card</span> <span class="na">className=</span><span class="s">"w-full max-w-md mx-auto mt-32"</span><span class="nt">&gt;</span> <span class="nt">&lt;CardHeader&gt;</span> <span class="nt">&lt;CardTitle</span> <span class="na">className=</span><span class="s">"text-2xl"</span><span class="nt">&gt;</span>Welcome back<span class="nt">&lt;/CardTitle&gt;</span> <span class="nt">&lt;CardDescription&gt;</span>Sign in to your account to continue<span class="nt">&lt;/CardDescription&gt;</span> <span class="nt">&lt;/CardHeader&gt;</span> <span class="nt">&lt;CardContent&gt;</span> <span class="nt">&lt;Form</span> <span class="err">{...</span><span class="na">form</span><span class="err">}</span><span class="nt">&gt;</span> <span class="nt">&lt;form</span> <span class="na">onSubmit=</span><span class="s">{form.handleSubmit(onSubmit)}</span> <span class="na">className=</span><span class="s">"space-y-6"</span><span class="nt">&gt;</span> <span class="nt">&lt;FormField</span> <span class="na">control=</span><span class="s">{form.control}</span> <span class="na">name=</span><span class="s">"email"</span> <span class="na">render=</span><span class="s">{({</span> <span class="na">field</span> <span class="err">}</span><span class="na">) =</span><span class="err">&gt; </span><span class="s">(</span> <span class="err">&lt;</span><span class="na">FormItem</span><span class="nt">&gt;</span> <span class="nt">&lt;FormLabel&gt;</span>Email<span class="nt">&lt;/FormLabel&gt;</span> <span class="nt">&lt;FormControl&gt;</span> <span class="nt">&lt;Input</span> <span class="na">placeholder=</span><span class="s">"you@example.com"</span> <span class="na">type=</span><span class="s">"email"</span> <span class="err">{...</span><span class="na">field</span><span class="err">}</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/FormControl&gt;</span> <span class="nt">&lt;FormMessage</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/FormItem&gt;</span> )} /&gt; <span class="nt">&lt;FormField</span> <span class="na">control=</span><span class="s">{form.control}</span> <span class="na">name=</span><span class="s">"password"</span> <span class="na">render=</span><span class="s">{({</span> <span class="na">field</span> <span class="err">}</span><span class="na">) =</span><span class="err">&gt; </span><span class="s">(</span> <span class="err">&lt;</span><span class="na">FormItem</span><span class="nt">&gt;</span> <span class="nt">&lt;FormLabel&gt;</span>Password<span class="nt">&lt;/FormLabel&gt;</span> <span class="nt">&lt;FormControl&gt;</span> <span class="nt">&lt;Input</span> <span class="na">placeholder=</span><span class="s">"Enter your password"</span> <span class="na">type=</span><span class="s">"password"</span> <span class="err">{...</span><span class="na">field</span><span class="err">}</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/FormControl&gt;</span> <span class="nt">&lt;FormMessage</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/FormItem&gt;</span> )} /&gt; <span class="nt">&lt;div</span> <span class="na">className=</span><span class="s">"flex items-center justify-end"</span><span class="nt">&gt;</span> <span class="nt">&lt;Button</span> <span class="na">variant=</span><span class="s">"link"</span> <span class="na">className=</span><span class="s">"px-0 font-normal"</span> <span class="na">type=</span><span class="s">"button"</span><span class="nt">&gt;</span> <span class="nt">&lt;a</span> <span class="na">href=</span><span class="s">"/forgot-password"</span> <span class="na">className=</span><span class="s">"text-primary font-medium hover:underline"</span><span class="nt">&gt;</span>Forgot password?<span class="nt">&lt;/a&gt;</span> <span class="nt">&lt;/Button&gt;</span> <span class="nt">&lt;/div&gt;</span> <span class="nt">&lt;Button</span> <span class="na">type=</span><span class="s">"submit"</span> <span class="na">className=</span><span class="s">"w-full"</span><span class="nt">&gt;</span> Sign in <span class="nt">&lt;/Button&gt;</span> <span class="nt">&lt;div</span> <span class="na">className=</span><span class="s">"relative my-4"</span><span class="nt">&gt;</span> <span class="nt">&lt;Separator</span> <span class="nt">/&gt;</span> <span class="nt">&lt;div</span> <span class="na">className=</span><span class="s">"absolute inset-0 flex items-center justify-center"</span><span class="nt">&gt;</span> <span class="nt">&lt;span</span> <span class="na">className=</span><span class="s">"bg-background px-2 text-xs text-muted-foreground"</span><span class="nt">&gt;</span>OR CONTINUE WITH<span class="nt">&lt;/span&gt;</span> <span class="nt">&lt;/div&gt;</span> <span class="nt">&lt;/div&gt;</span> <span class="nt">&lt;Button</span> <span class="na">type=</span><span class="s">"button"</span> <span class="na">variant=</span><span class="s">"outline"</span> <span class="na">className=</span><span class="s">"w-full"</span> <span class="na">onClick=</span><span class="s">{()</span> <span class="err">=</span><span class="nt">&gt;</span> console.log("Google sign-in")}&gt; <span class="nt">&lt;Mail</span> <span class="na">size=</span><span class="s">{16}</span> <span class="na">className=</span><span class="s">"mr-2"</span> <span class="nt">/&gt;</span> Sign in with Google <span class="nt">&lt;/Button&gt;</span> <span class="nt">&lt;/form&gt;</span> <span class="nt">&lt;/Form&gt;</span> <span class="nt">&lt;/CardContent&gt;</span> <span class="nt">&lt;CardFooter</span> <span class="na">className=</span><span class="s">"flex justify-center border-t pt-6"</span><span class="nt">&gt;</span> <span class="nt">&lt;p</span> <span class="na">className=</span><span class="s">"text-sm text-muted-foreground"</span><span class="nt">&gt;</span> Don't have an account?{" "} <span class="nt">&lt;a</span> <span class="na">href=</span><span class="s">"/signup"</span> <span class="na">className=</span><span class="s">"text-primary font-medium hover:underline"</span><span class="nt">&gt;</span> Sign up <span class="nt">&lt;/a&gt;</span> <span class="nt">&lt;/p&gt;</span> <span class="nt">&lt;/CardFooter&gt;</span> <span class="nt">&lt;/Card&gt;</span> ) } </code></pre> </div> <h3> <strong>Forgot Password Page (<code>app/forgot-password/page.tsx</code>):</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight html"><code>"use client" import { zodResolver } from "@hookform/resolvers/zod" import { useForm } from "react-hook-form" import { Button } from "@/components/ui/button" import { Card, CardContent, CardDescription, CardFooter, CardHeader, CardTitle } from "@/components/ui/card" import { Form, FormControl, FormField, FormItem, FormLabel, FormMessage } from "@/components/ui/form" import { Input } from "@/components/ui/input" import { TForgotPasswordFormSchema, ForgotPasswordFormSchema } from "@/lib/constants" export default function SignupForm() { const form = useForm<span class="nt">&lt;TForgotPasswordFormSchema&gt;</span>({ resolver: zodResolver(ForgotPasswordFormSchema), mode: "onChange", defaultValues: { email: "", }, }) function onSubmit(values: TForgotPasswordFormSchema) { // This would typically send the data to your API console.log(values) } return ( <span class="nt">&lt;Card</span> <span class="na">className=</span><span class="s">"w-full max-w-md mx-auto mt-32"</span><span class="nt">&gt;</span> <span class="nt">&lt;CardHeader&gt;</span> <span class="nt">&lt;CardTitle</span> <span class="na">className=</span><span class="s">"text-2xl"</span><span class="nt">&gt;</span>Forgot password<span class="nt">&lt;/CardTitle&gt;</span> <span class="nt">&lt;CardDescription&gt;</span>Enter your email to get a verification link<span class="nt">&lt;/CardDescription&gt;</span> <span class="nt">&lt;/CardHeader&gt;</span> <span class="nt">&lt;CardContent&gt;</span> <span class="nt">&lt;Form</span> <span class="err">{...</span><span class="na">form</span><span class="err">}</span><span class="nt">&gt;</span> <span class="nt">&lt;form</span> <span class="na">onSubmit=</span><span class="s">{form.handleSubmit(onSubmit)}</span> <span class="na">className=</span><span class="s">"space-y-6"</span><span class="nt">&gt;</span> <span class="nt">&lt;FormField</span> <span class="na">control=</span><span class="s">{form.control}</span> <span class="na">name=</span><span class="s">"email"</span> <span class="na">render=</span><span class="s">{({</span> <span class="na">field</span> <span class="err">}</span><span class="na">) =</span><span class="err">&gt; </span><span class="s">(</span> <span class="err">&lt;</span><span class="na">FormItem</span><span class="nt">&gt;</span> <span class="nt">&lt;FormLabel&gt;</span>Email<span class="nt">&lt;/FormLabel&gt;</span> <span class="nt">&lt;FormControl&gt;</span> <span class="nt">&lt;Input</span> <span class="na">placeholder=</span><span class="s">"you@example.com"</span> <span class="na">type=</span><span class="s">"email"</span> <span class="err">{...</span><span class="na">field</span><span class="err">}</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/FormControl&gt;</span> <span class="nt">&lt;FormMessage</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/FormItem&gt;</span> )} /&gt; <span class="nt">&lt;Button</span> <span class="na">type=</span><span class="s">"submit"</span> <span class="na">className=</span><span class="s">"w-full"</span><span class="nt">&gt;</span> Send Email <span class="nt">&lt;/Button&gt;</span> <span class="nt">&lt;/form&gt;</span> <span class="nt">&lt;/Form&gt;</span> <span class="nt">&lt;/CardContent&gt;</span> <span class="nt">&lt;CardFooter</span> <span class="na">className=</span><span class="s">"flex justify-center border-t pt-6"</span><span class="nt">&gt;</span> <span class="nt">&lt;p</span> <span class="na">className=</span><span class="s">"text-sm text-muted-foreground"</span><span class="nt">&gt;</span> Remember your password?{" "} <span class="nt">&lt;a</span> <span class="na">href=</span><span class="s">"/login"</span> <span class="na">className=</span><span class="s">"text-primary font-medium hover:underline"</span><span class="nt">&gt;</span> Sign in <span class="nt">&lt;/a&gt;</span> <span class="nt">&lt;/p&gt;</span> <span class="nt">&lt;/CardFooter&gt;</span> <span class="nt">&lt;/Card&gt;</span> ) } </code></pre> </div> <h3> <strong>Reset Password Page (<code>app/reset-password/page.tsx</code>):</strong> </h3> <div class="highlight js-code-highlight"> <pre class="highlight html"><code>"use client" import { zodResolver } from "@hookform/resolvers/zod" import { useForm } from "react-hook-form" import { Button } from "@/components/ui/button" import { Card, CardContent, CardDescription, CardHeader, CardTitle } from "@/components/ui/card" import { Form, FormControl, FormDescription, FormField, FormItem, FormLabel, FormMessage } from "@/components/ui/form" import { Input } from "@/components/ui/input" import { TResetPasswordFormSchema, ResetPasswordFormSchema } from "@/lib/constants" export default function SignupForm() { const form = useForm<span class="nt">&lt;TResetPasswordFormSchema&gt;</span>({ resolver: zodResolver(ResetPasswordFormSchema), mode: "onChange", defaultValues: { password: "", confirmPassword: "", }, }) function onSubmit(values: TResetPasswordFormSchema) { // This would typically send the data to your API console.log(values) } return ( <span class="nt">&lt;Card</span> <span class="na">className=</span><span class="s">"w-full max-w-md mx-auto mt-32"</span><span class="nt">&gt;</span> <span class="nt">&lt;CardHeader&gt;</span> <span class="nt">&lt;CardTitle</span> <span class="na">className=</span><span class="s">"text-2xl"</span><span class="nt">&gt;</span>Reset password<span class="nt">&lt;/CardTitle&gt;</span> <span class="nt">&lt;CardDescription&gt;</span>Create a new password<span class="nt">&lt;/CardDescription&gt;</span> <span class="nt">&lt;/CardHeader&gt;</span> <span class="nt">&lt;CardContent&gt;</span> <span class="nt">&lt;Form</span> <span class="err">{...</span><span class="na">form</span><span class="err">}</span><span class="nt">&gt;</span> <span class="nt">&lt;form</span> <span class="na">onSubmit=</span><span class="s">{form.handleSubmit(onSubmit)}</span> <span class="na">className=</span><span class="s">"space-y-6"</span><span class="nt">&gt;</span> <span class="nt">&lt;FormField</span> <span class="na">control=</span><span class="s">{form.control}</span> <span class="na">name=</span><span class="s">"password"</span> <span class="na">render=</span><span class="s">{({</span> <span class="na">field</span> <span class="err">}</span><span class="na">) =</span><span class="err">&gt; </span><span class="s">(</span> <span class="err">&lt;</span><span class="na">FormItem</span><span class="nt">&gt;</span> <span class="nt">&lt;FormLabel&gt;</span>New password<span class="nt">&lt;/FormLabel&gt;</span> <span class="nt">&lt;FormControl&gt;</span> <span class="nt">&lt;Input</span> <span class="na">placeholder=</span><span class="s">"Create a password"</span> <span class="na">type=</span><span class="s">"password"</span> <span class="err">{...</span><span class="na">field</span><span class="err">}</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/FormControl&gt;</span> <span class="nt">&lt;FormDescription&gt;</span>Must be at least 8 characters<span class="nt">&lt;/FormDescription&gt;</span> <span class="nt">&lt;FormMessage</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/FormItem&gt;</span> )} /&gt; <span class="nt">&lt;FormField</span> <span class="na">control=</span><span class="s">{form.control}</span> <span class="na">name=</span><span class="s">"confirmPassword"</span> <span class="na">render=</span><span class="s">{({</span> <span class="na">field</span> <span class="err">}</span><span class="na">) =</span><span class="err">&gt; </span><span class="s">(</span> <span class="err">&lt;</span><span class="na">FormItem</span><span class="nt">&gt;</span> <span class="nt">&lt;FormLabel&gt;</span>Confirm password<span class="nt">&lt;/FormLabel&gt;</span> <span class="nt">&lt;FormControl&gt;</span> <span class="nt">&lt;Input</span> <span class="na">placeholder=</span><span class="s">"Retype the password again"</span> <span class="na">type=</span><span class="s">"password"</span> <span class="err">{...</span><span class="na">field</span><span class="err">}</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/FormControl&gt;</span> <span class="nt">&lt;FormDescription&gt;</span>Must be same as the password<span class="nt">&lt;/FormDescription&gt;</span> <span class="nt">&lt;FormMessage</span> <span class="nt">/&gt;</span> <span class="nt">&lt;/FormItem&gt;</span> )} /&gt; <span class="nt">&lt;Button</span> <span class="na">type=</span><span class="s">"submit"</span> <span class="na">className=</span><span class="s">"w-full"</span><span class="nt">&gt;</span> Save <span class="nt">&lt;/Button&gt;</span> <span class="nt">&lt;/form&gt;</span> <span class="nt">&lt;/Form&gt;</span> <span class="nt">&lt;/CardContent&gt;</span> <span class="nt">&lt;/Card&gt;</span> ) } </code></pre> </div> <h3> 🗒️ Things to be noted </h3> <ol> <li>The <strong>Zod</strong> library makes it easier to infer types from the Zod Schema and provides full type safety features of the TypeScript language.</li> <li>Use <strong>Zod Resolver</strong> adapter to ensure our <strong>React Hook Form</strong> works with Zod validations.</li> <li>The mode <code>onChange</code> ensures we validate the input on change of the values in the field. </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="p">{</span> <span class="p">...</span><span class="na">mode</span><span class="p">:</span> <span class="dl">"</span><span class="s2">onChange</span><span class="dl">"</span> <span class="p">}</span> </code></pre> </div> <p>The binding of other props, and errors in the form are taken by the <code>render()</code> function in the <code>&lt;Input&gt;</code> component via the <code>{ …field }</code> prop.</p> <p>As you can see, we are not handling the form onSubmit functions. We are just console logging the values from the form on submit.</p> <p>Test out these pages by visiting their respective routes. In the next part of this series, we will create a Supabase project and add email signup and authentication to our app.</p> <p>🔗 <a href="https://github.com/ojaswiat/supabase-auth-demo" rel="noopener noreferrer">Check out the full code for this series here.</a></p> <p>If you found this article useful, like, comment, and share, or just <a href="https://buymeacoffee.com/ojaswiat" rel="noopener noreferrer">buy me a coffee?</a></p> webdev nextjs postgres frontend Ojas Fri, 14 Mar 2025 05:22:59 +0000 https://dev.to/ojaswiat/master-data-structures-and-algorithms-a-practical-approach-48mm https://dev.to/ojaswiat/master-data-structures-and-algorithms-a-practical-approach-48mm <p>As a college student aiming to excel in Data Structures and Algorithms (DSA), it's crucial to approach learning with a strategic plan rather than investing in expensive courses. Spending money on a DSA course might not be the best use of your resources, as it often focuses on memorization rather than developing problem-solving skills essential for acing interviews. Here’s a week-by-week guide to help you master DSA without breaking the bank:</p> <h2> <strong>Week 1 &amp; 2: Building Foundations</strong> </h2> <ol> <li> <strong>Familiarize Yourself with Platforms</strong>: Solve 20-30 easy problems on platforms like LeetCode or HackerRank. This step helps you understand the format and how to approach problems.</li> <li> <strong>Train Your Brain</strong>: If you encounter a difficult problem, review the solution and attempt it again. This process trains your brain to think critically and approach problems systematically.</li> </ol> <h2> <strong>Week 3, 4, &amp; 5: Deep Dive into Concepts</strong> </h2> <ol> <li> <strong>Optimize Previous Solutions</strong>: Take the easy problems you solved in the first two weeks and try to optimize them. This practice helps you understand how to improve efficiency.</li> <li> <strong>Learn Data Structures</strong>: Focus on understanding different data structures (e.g., arrays, linked lists, trees, graphs) and how to implement them in your preferred programming language. Don’t rush into solving problems yet; just get familiar with the concepts.</li> <li> <strong>Master Techniques</strong>: Learn and memorize key techniques such as hashing, sliding window, Kadane’s algorithm, etc. These tools will be invaluable in solving complex problems.</li> <li> <strong>Identify Problem Patterns</strong>: <ul> <li> <strong>Heaps</strong>: If a problem involves finding the Kth optimal element, it might be a heap question.</li> <li> <strong>Dynamic Programming (DP)</strong>: If it asks for the most optimal result, it’s likely a DP problem. Start with recursion and then memoize it.</li> <li> <strong>Recursion</strong>: Problems involving choices often require recursion.</li> <li> <strong>Stacks and Queues</strong>: Develop your own patterns for these data structures.</li> </ul> </li> </ol> <h2> <strong>Week 6 &amp; 7: Practice with Standard Sets</strong> </h2> <ol> <li> <strong>Brute Force Approach</strong>: Start by coding the brute force solution for each problem.</li> <li> <strong>Identify Patterns</strong>: Look for similarities between problems and identify the patterns involved.</li> <li> <strong>Apply Learned Techniques</strong>: Recall the problem types and apply the techniques you’ve learned (e.g., hashing, DP).</li> <li> <strong>Solve with Efficiency</strong>: Use the tools in your arsenal to optimize your solutions.</li> </ol> <h2> <strong>Afterwards: Consolidating Knowledge</strong> </h2> <p>By following this plan, you will have acquired most of the tools and techniques needed to tackle DSA problems effectively. The goal is to think about problems rationally rather than memorizing solutions from sheets. This approach not only saves you money but also equips you with the skills required to excel in coding interviews.</p> <h2> Resources </h2> <p>For further assistance, explore the following resources to enhance your learning journey:</p> <ul> <li><a href="https://www.geeksforgeeks.org/" rel="noopener noreferrer">GeeksforGeeks <strong>-</strong> Provides detailed explanations and examples for various algorithms and data structures.</a></li> <li><a href="https://web.stanford.edu/class/archive/cs/cs106b/cs106b.1178/lectures/7-IntroToRecursion/7-IntroToRecursion.pdf" rel="noopener noreferrer">Stanford Recursion Slides with Visualizations</a></li> <li><a href="https://www.geeksforgeeks.org/introduction-to-tree-data-structure/" rel="noopener noreferrer">Solve Tree problems in GeeksForGeeks to master Recursion</a></li> <li><a href="https://github.com/SohanR/100-DSA-Interview-Problems" rel="noopener noreferrer">100 Important DSA Questions and Solutions on LeetCode</a></li> <li><a href="https://www.youtube.com/@TheAdityaVerma" rel="noopener noreferrer">Aditya Verma’s YouTube Channel (Go through playlists) - Hindi (Gold Stuff)</a></li> </ul> <p>By adopting this structured approach, you can master Data Structures and Algorithms without relying on expensive courses, ensuring you're well-prepared for coding interviews and future challenges in the field.</p> <p>If you found this article useful, like, comment, and share, or just <a href="https://buymeacoffee.com/ojaswiat" rel="noopener noreferrer">buy me a coffee?</a></p> datastructures algorithms programming tutorial