NextJS Authentication with Server Actions - Learn to build from scratch!
HTML-код
- Опубликовано: 12 сен 2024
- In this video we create an entire JWT authentication system using NextJS server actions.
Source Code - github.com/Cod...
NextJS Install - nextjs.org/doc...
NextJS Route Handlers - nextjs.org/doc...
NextJS Server Actions - nextjs.org/doc...
NextJS Middleware - nextjs.org/doc...
Prisma JS Getting started - www.prisma.io/...
Jose - www.npmjs.com/...
Bcrypt JS - www.npmjs.com/... 
Наука
Do everything in server actions! ❤
Hi youtube.com/@codingwithrobby . How to remove cookies if the user session is expired. In my use case, I want to remove cookies instead of redirecting the user. Need your help, if you can reply. Thanks
@@junaid-alyyy cookies().delete('Authorization') This should work fine in middleware or a server action
@@codingwithrobby - Thanks for the quick response. It works with a server action but I want to validate the user session using middleware and if the session is expired or invalid then the cookie should be deleted but this deletion isn't possible `cookies().delete('Authorization')` in the middleware.
@@junaid-alyyy I also encountered this problem, what should I do?
import { cookies } from "next/headers"; belongs to the server-side API, but logout is a client-side operation
I don't understand why do you use api within the action, the whole point of action is to get rid of api?
Straight to the point. Thanks so much
Absolutely love the way you are explaining things! Please keep up the great work.
Thanks for this! But I do have a question... Wouldn't be easier to just use the server action to do all the work instead of having it offload the work to the API route? Based on my understanding of server actions, when you submit the form and the server action is called, under the hood there's a POST request being made to a hidden route (the server action). Daisy chaining the reuests like this might introduce more lag since two calls are being made, not to mention you have to account for errors in both methods.
Yeah this tutorial makes no sense. Just a proof that you should not trust any random youtuber for programming knowledge. Soon avg TS code tutorial it's going to be worse than PHP 20 years ago. Type safety is not going to help anyone if people are just going to do stupid things.
Yeah the whole idea of using a server action is so that you wouldn't need to create an api route for things like this.
Very nice :) So if you have time, the next interesting things are 'Forgot password', sending a verification link when a new user registers, to prevent false registrations, and a Google login option :)
awesome video, straight to the point . love the way you signed out with peace
You are an honest, true hero. Keep it up Chief
Exactly what I was looking for, thank you!
Glad to see this video on my youtube homepage, thank you for this video. ☺
Its very straight forward, thanks
Great video bro!
fantastic, i managed to follow you throughout the tutorial even if it did take me a while since i had to figure out using drizzle orm but everything was great! will try to implement jwt refresh tokens now
Hey man, have you figured out the refresh token part?
Love the sound of your keyboard. Can you share a keyboard name and link please?
Man thanks a lot. was looking for this. Got it at the right time
Thanks so much Robby, this video helped me a lot
You so real. Thanks
Very helpful and simple to understand
I'm new to server actions and still trying to understand them. Aren't they supposed to be independent of APIs/routes and be able to perform database operations directly within themselves?
I was thinking the same when I saw that part. No need for the fetch call to the api endpoint because you are already on the server, just do a db lookup.
How to Log out? and how to read user data from cookies?
thank to you i can continue my projects,keep it up
👍👍👍👍👍
Thanks for this explanation, I have only one question, how can I add refresh token with this approach? can you give me a hint? thanks in advance
Another useful google output: www.google.com/gasearch?q=nextjs%20server%20actions%20bearer%20token%20authorization&source=sh/x/gs/m2/5#ip=1 even though the results are probably not what you're expecting, it points you in the right direction
I'm getting a
Error:p1001: can't reach database server at `localhost`:`5432`
How do I solve it
Do you have Postgres installed locally? You could also just get a database at www.elephantsql.com and use the connection string they give you
@@codingwithrobby yea that was the problem I solved it thanks..
nice one, helpful information
Please, guide me if possible, How to add subscription based payment method that can be customised to any payment solution available all over the world. Take care.
Hi! Really love your content. In intro to App dev you said that tried creating it with golang from scratch. Can you do a video on this topic?)
How to protect api no one access , we can access only same origin 😢 in next js 14
Can you do captcha with google?
Good job
With server actions, does it feel like you don't need route handlers
isnt it a bad idea to store the db connection string in an env variable? it can be accessed on the front end. I'm going to watch this video and put it all in the backend and secure it with a public api key and then only allow calls from a certain ip.
.env variables are not accessible by FE per default. So we're fine here
I liked you video thanks
awesome content. can you explain why you moved all the logic to an route handler when you can keep it in the server actions?
I'd say he wanted to keep it simple, after all is not that bad
@@agusjkdev dont think so, adding one more step (the router handler)
Thanks so much
thanks for this amazing content but the only problem is your server actions are not protected so any one can see because you export them
Can you implement "Refresh token" and "Token rotation" to this code? seems to be fun.
Hey man, have you figured this out now?
@@divinecharles4102 Yes, I may create a video about it
thanks needed this
Excellent!
Great video thanks, but if you have a user and want to display the information or store it somehow in a useContext to be able to use the users information around the app, will I just put cookies().get("Authentication") into a authContext then?
Hey robby, which operating system you're using? I sense it's linux but which distro?
Thanks
It's MacOS, I use a mac mini
@@codingwithrobby oh okay! Thanks
How to Log out?
how to logout?
Thanks sir, but i have question. why u still create api route if only with server action can create user or login (logic in server action)?
Yeah... I suppose that would work too 😬. I guess this just adds a little more flexibility if you wanted to open it up externally down the line.
I believe that when utilizing server actions, you are essentially making a POST request to an endpoint representing the server action function. In this context, it seems like you are engaging in two fetch operations. I think you can invoke this function within both the signup route and the signup server action.
@@codingwithrobby
Not really needed, but it was good to see how to set up api endpoints if needed.
Brilliant, loved it! Referencing the docs was a great idea, made everything look so simple.
Thanks!
Thanks
Why are you making server-side request in server action to your own api? This makes no sense. Please stop.
😳
Sorry but using server action to make a request to a route handler is so DUMP
Thanks