Authentication Flow in Next.js (Complete Tutorial)

Finally, someone not using 3rd party libraries to implement authentication. Thanks for this!

The most underrated React/Next.js YT channel. you deserve more recogition Sir.

Sir, you are the best instructor ever. I started a brand new project with Next.js and you uploaded a fresh new video right on topic. Thank you! (I commented before watching it, I'm sure it's great anyway ) 🔥

as a developer, for me one of the best nextjs auth concept tutorial with clean and clear

Thanks for sharing this. I am just in the middle of implementing my own custom auth

Finally, the Next.js course is up! I knew you’d come through, dude🔥

Literally just found this dude yesterday, and today he puts out a video of EXACTLY what I was looking for!!!

Just in time. I was researching the topic and this video came out. What a luck. Thanks.

I was just watching one of your shorts, wishing you could do NextJS. You're awesome, man. I keep on recommending you to people wanting to learn React and Tanstack. You're the GOAT!

Very clear and useful really appreciate it!

you're the best instructor I've ever found! I've been watching your tutorials since you had 1K subscribers. I'd really appreciate it if you could cover more about React Native.

You just got yourself a subscriber!
This is dope! I've always wanted something like this!
Thank you so much. 👏

Fantastic video! Thank you for clearly explaining every step!

very rare video on youtube. Thanks a lot!!

Thank you so much for showing the bare minimum to really understand the required steps in auth.
FYI, you get the pending state as the third argument directly from useActionState hook.
const [state, formAction, isPending] = useActionState(fn, initialState)

I make the compliments of everyone my own, thank you for this

Hey, Bro Could you Please make this but in the scenario where Nodejs is the backend and Nextjs Frontend?

I really like your videos 🎉
Hopefully we get more NextJs videos. Thanks a lot for a well explained content.

Finally 😮🎉🎉🎉

This a great tutorial. Thanks!

I am from India I am big fan of you and your tutorial specific on React, and Next
Kindly make some videos on node, express and Mongo also
Your videos helps a lot
Thanks
Love from India

thank you so much. you make it such that i can make a nextjs app with a separate backend without depending in 3rd party library

Great video about the vanilla next authenttication! it would have been more better if you could've added how to store the user details and consume it in the components whenever required.

Great Video finally ! It would be nice to have auto refresh token implementation in nextjs

WHEN WILL THE NEXT JS COURSE COME

How to use session in client components??

Really nice tutorial, please can you do this with an external backend written in django, nodejs, etc. and also show how refresh tokens will be implemented

Very cool

wow thanks

where is project start code?

Do you plan to make a video about Front-end architecture?

Would *LOVE* to see some more content on Remix or the new Tanstack Start

I believe useActionState also now returns isPending state (the old useFormState did not), so I don't think you need to rely on useFormStatus just for pending anymore. I could be wrong though. It's been some time since I read the docs on it.

Someone knows how to see details on hover (14:36) in VS Code ? The name of the extension please ? 🙏
Thank U for the Tuto 🙌

Refresh token ?

So if then you wanted to get the user data you would get his is from the token and then fetch his data using the id right ?

Thank you! This is just what I need but how do you resolve the hydrated warning?

did you verify that the middleware is working on a vercel deployment of nextjs?
i dont think it works because jose isnt edge runtime compatible.

Thanks a lot buddy! I was just trying to add auth in my on going project and found ur tutorial, Thanks again <

can this tutorial to be redone in nextjs 14 without useActionState as nextjs 15 is still quite buggy for production.

Thanks bro, you're great and love the explanation. Please, could you do the same process using NextAuth lib?

very very thanks

Seriously, I can't believe a big framework like NextJs don't have own authentication & authorization in-Built, programmer should make own auth system from scratch or using 3rd party libraries.

Great video!
I would like to know how auth solutions like clerk work, do you have to make a request for their api each time you need to verify the auth?
how does the hooks to get user work..?

how can you implement the refresh token functionality in this? when i create a session i get 2 tokens "access token" and "refresh token" .. when the access token expires i need the refresh token to make an api call and get the new access token and refresh token

How about using react hook form for form handling? Can we combine the server action with react hook form?

how the client components are supposed to get access to the data that is unique to a user for example a database if they don't have access to cookies?

how to access the token in client component?

Trying to do this but with separate backend. On login, I’m receiving the set-header but the server action doesn’t set the header in the client

would be great to also maybe include refresh token rotation just to extend the feature already implemented

The source code already has the finished code in it. Is there no repo with the starter code?

How can we get the token if we need to use it on client side?

Is the middleware file actually used here or it is just for server simulation? I dont see you use it anywhere so im curious

Good stuff… just a little side note on login validation. There is no reason to validate passwords when logging in.

I'm surely missing something but, how do you call/categorize "jwt" when you say "without any 3rd party library" ?

Your solution is solid, but the logic in the middleware isn’t fully accurate in a few production cases. I’d submit a pull request, but since you’ve combined all the video code into a single standalone repo, it’s not feasible.
Here’s the issue with your middleware code:
typescript
Copy code
if (isPublicRoute && session?.userId) {
return NextResponse.redirect(new URL("/dashboard", req.nextUrl));
}
Currently, this line redirects the user to the dashboard if they’re logged in and trying to access a public route. However, consider that some pages-like marketing or landing pages-should be accessible to all users, regardless of login status. This code would redirect logged-in users to the dashboard, which isn’t always correct.
A better solution would be to categorize pages into three main types: protected, public, and neutral. Then, if the user is trying to access a public route and has a session ID, redirect them.

Thanks for another great tutorial! Tried to run the project but received an error in terminal "Failed to verify session" after adding middleware.ts therefore login didn`t work.
Also in session.ts two functions create and delete wants cookies to be awaited. Could you help please?

Same steps with NextJS 15 ? Which released today

Great tutorial.
Confusing part is how do i extend the session expiry time, when they are logged in
Need help on this.. 🙏🏻🙏🏻

How I can implement csrf token in nextjs with authentication?

Thanks, but you didn't show getme - how do you know I'm logged in, you didn't show token update, interceptor on 401

Can you make a video tutorial on custom fetch of nextjs like axios in a real project?

thanks for this video
how can I check if user is logged in in home page? like if user logged in ? print his email other wise show login button

Excuse me i'm having a problem with useActionState and useFormStatus. I've already installed the same dependencies you had but I still get this error: "The 'react' module doesn't have any 'useActionState' exported.
Same error with react-dom and useFormStatus.
Thanks!

Can you not crash the server by spoofing the formData requests and sending e.g. null instead? Object.fromEntries(null) will throw with type error.

Can we have more interviews like proper interview I got asked questions like event loop, event bubling difference between http server and express etc stuff I know it was a kinda big company but iam a 3rd students like who ask those questions. I prefer these kind of interview questions please also thanks for your hooks playlist.❤❤❤❤

Same thing for React Native, please.

next video on nextauth Please🙏

Not secure tho and could have a lot of issues since you're not refreshing that jwt token

Are we actually getting Next.js tutorials on this channel?

passwrong 😂😂

has anyone else had this error:
Property 'set' does not exist on type 'Promise'.ts(2339)
session.tsx?

NextResponse.redirect("/login") throws an error. I solved it by doing NextResponse.redirect(new URL("/login", res.url))