Authentication Flow in Next.js (Complete Tutorial)

Finally, someone not using 3rd party libraries to implement authentication. Thanks for this!

as a developer, for me one of the best nextjs auth concept tutorial with clean and clear

The most underrated React/Next.js YT channel. you deserve more recogition Sir.

Sir, you are the best instructor ever. I started a brand new project with Next.js and you uploaded a fresh new video right on topic. Thank you! (I commented before watching it, I'm sure it's great anyway ) 🔥

Finally, the Next.js course is up! I knew you’d come through, dude🔥

Literally just found this dude yesterday, and today he puts out a video of EXACTLY what I was looking for!!!

Thank you so much for showing the bare minimum to really understand the required steps in auth.
FYI, you get the pending state as the third argument directly from useActionState hook.
const [state, formAction, isPending] = useActionState(fn, initialState)

very rare video on youtube. Thanks a lot!!

Just in time. I was researching the topic and this video came out. What a luck. Thanks.

I was just watching one of your shorts, wishing you could do NextJS. You're awesome, man. I keep on recommending you to people wanting to learn React and Tanstack. You're the GOAT!

you're the best instructor I've ever found! I've been watching your tutorials since you had 1K subscribers. I'd really appreciate it if you could cover more about React Native.

Very clear and useful really appreciate it!

You just got yourself a subscriber!
This is dope! I've always wanted something like this!
Thank you so much. 👏

Fantastic video! Thank you for clearly explaining every step!

Great Video finally ! It would be nice to have auto refresh token implementation in nextjs

I make the compliments of everyone my own, thank you for this

I am from India I am big fan of you and your tutorial specific on React, and Next
Kindly make some videos on node, express and Mongo also
Your videos helps a lot
Thanks
Love from India

Great video about the vanilla next authenttication! it would have been more better if you could've added how to store the user details and consume it in the components whenever required.

thank you so much. you make it such that i can make a nextjs app with a separate backend without depending in 3rd party library

I really like your videos 🎉
Hopefully we get more NextJs videos. Thanks a lot for a well explained content.

Seriously, I can't believe a big framework like NextJs don't have own authentication & authorization in-Built, programmer should make own auth system from scratch or using 3rd party libraries.

Hey, Bro Could you Please make this but in the scenario where Nodejs is the backend and Nextjs Frontend?

This a great tutorial. Thanks!

Would *LOVE* to see some more content on Remix or the new Tanstack Start

wow thanks

How to use session in client components??

Thanks a lot buddy! I was just trying to add auth in my on going project and found ur tutorial, Thanks again <

Do you plan to make a video about Front-end architecture?

I believe useActionState also now returns isPending state (the old useFormState did not), so I don't think you need to rely on useFormStatus just for pending anymore. I could be wrong though. It's been some time since I read the docs on it.

very very thanks

Thanks bro, you're great and love the explanation. Please, could you do the same process using NextAuth lib?

WHEN WILL THE NEXT JS COURSE COME

would be great to also maybe include refresh token rotation just to extend the feature already implemented

Thank you! This is just what I need but how do you resolve the hydrated warning?

Great tutorial.
Confusing part is how do i extend the session expiry time, when they are logged in
Need help on this.. 🙏🏻🙏🏻

Can we have more interviews like proper interview I got asked questions like event loop, event bubling difference between http server and express etc stuff I know it was a kinda big company but iam a 3rd students like who ask those questions. I prefer these kind of interview questions please also thanks for your hooks playlist.❤❤❤❤

Good stuff… just a little side note on login validation. There is no reason to validate passwords when logging in.

Thank you. Where is the starter code? Is it a code-along tuto?

Refresh token ?

Can you make a video tutorial on custom fetch of nextjs like axios in a real project?

Thanks for another great tutorial! Tried to run the project but received an error in terminal "Failed to verify session" after adding middleware.ts therefore login didn`t work.
Also in session.ts two functions create and delete wants cookies to be awaited. Could you help please?

Great video!
I would like to know how auth solutions like clerk work, do you have to make a request for their api each time you need to verify the auth?
how does the hooks to get user work..?

I'm surely missing something but, how do you call/categorize "jwt" when you say "without any 3rd party library" ?

next video on nextauth Please🙏

thanks for this video
how can I check if user is logged in in home page? like if user logged in ? print his email other wise show login button

How about using react hook form for form handling? Can we combine the server action with react hook form?

Same thing for React Native, please.

Thanks, but you didn't show getme - how do you know I'm logged in, you didn't show token update, interceptor on 401

Excuse me i'm having a problem with useActionState and useFormStatus. I've already installed the same dependencies you had but I still get this error: "The 'react' module doesn't have any 'useActionState' exported.
Same error with react-dom and useFormStatus.
Thanks!

can this tutorial to be redone in nextjs 14 without useActionState as nextjs 15 is still quite buggy for production.

Someone knows how to see details on hover (14:36) in VS Code ? The name of the extension please ? 🙏
Thank U for the Tuto 🙌

did you verify that the middleware is working on a vercel deployment of nextjs?
i dont think it works because jose isnt edge runtime compatible.

Your solution is solid, but the logic in the middleware isn’t fully accurate in a few production cases. I’d submit a pull request, but since you’ve combined all the video code into a single standalone repo, it’s not feasible.
Here’s the issue with your middleware code:
typescript
Copy code
if (isPublicRoute && session?.userId) {
return NextResponse.redirect(new URL("/dashboard", req.nextUrl));
}
Currently, this line redirects the user to the dashboard if they’re logged in and trying to access a public route. However, consider that some pages-like marketing or landing pages-should be accessible to all users, regardless of login status. This code would redirect logged-in users to the dashboard, which isn’t always correct.
A better solution would be to categorize pages into three main types: protected, public, and neutral. Then, if the user is trying to access a public route and has a session ID, redirect them.

Can you not crash the server by spoofing the formData requests and sending e.g. null instead? Object.fromEntries(null) will throw with type error.

How can we get the token if we need to use it on client side?

How I can implement csrf token in nextjs with authentication?

Same steps with NextJS 15 ? Which released today

Are we actually getting Next.js tutorials on this channel?

Is the middleware file actually used here or it is just for server simulation? I dont see you use it anywhere so im curious

Not secure tho and could have a lot of issues since you're not refreshing that jwt token

where is project start code?

passwrong 😂😂

NextResponse.redirect("/login") throws an error. I solved it by doing NextResponse.redirect(new URL("/login", res.url))