It's a bit late to comment, but congratulations Dave on getting sponsors for your videos (this is the first one I've come across) There are plenty of amazing tutorial creators on RUclips, but the amount of effort you put in your videos to explain each and every line of code, right down to mentioning the key binds you use, is just remarkable. Thank you for all your effort and I hope you gain even more success
This is a very informative and useful video. It would be awesome if you could expand on this by connecting a database to store users along with a credentials signup. Users should also be able to reset their password. An explanation of that is hard to come by and something most of us will need.
Hey Dave, after migrating from the pages router this tut helped me a lot on getting clear. There are a lot of tutorials out there and huge codebases with complex integrations and a lot of copy paste code, sometimes a bit hard to stay focused on the essentials. Greeting from Austria
The reason your videos are a cut above the rest is because you explain the 'why'. When you get an error you explain why you are getting the error and then you show how to fix it. When you paste a line of code, like the import of default from nextauth in the middleware file, you explain exactly what it's doing and also show how it works. Keep up the excellent work, you are appreciated!
Thank you Dave. I was having so much trouble trying to figure out how this was supposed to work. But after watching your video, the pattern became stupid simple. subscribed and looking forward to your content.
Thanks Dave. Crystal clear step by step instructions on next auth. Now we have a deep understanding of how to configure and setup next auth in our projects. One suggestion a quick diagram of how the auth flow should be even more awesome!! Thank you for delivering quality content for us. Learning a lot from your videos.😊
Thank you and good suggestion - while this default setup is very straightforward, I think some customized solutions may need further explanation in the future. The default setup uses a session cookie with an encrypted JWT (JWE). This is important because Next.js is hosted in a serverless deployment so the auth info is really in the JWE and is verified by a NextAuth server function (running in a serverless environment). Serverless is a confusing word. It means it is one big lambda function outsourced to AWS behind the scenes. The auth persists due to the cookie staying in the client. The serverless environment may go to sleep when inactive.
One of the best next-auth tutorials that actually covers the app router. Disappointing that the next-auth docs don't cover this and are instead using the older page router.
Thank you Dave. This was very helpful. You made things crystal clear to understand and implement the next-auth with next 13.2 + version. Also when to use server and client component. Overall you made it very simple.
This is super helpful, thank you! I do want to call out that you said you would never want to use a server component within a client component, but the application is doing that when you're talking about providers. The AuthProvider component is a client component and it the client/page.tsx component is a server component rendered inside of that
You're welcome! I appreciate the call out because this shows I likely didn't explain myself clearly on this specific issue. "use client" creates a boundary between server and client components and all other components imported in the client component including children will be rendered as client components according to the Next.js docs: nextjs.org/docs/app/building-your-application/rendering/client-components ..so to follow this up, I searched the NextAuth docs for an exception with the SessionProvider used inside the AuthProvider we create in this tutorial. I did not find where those docs dive into how NextAuth works around this.. but if you add a console.log(user) to the UserCard component, build the project with npm build, and then run it with npm start, you will see that after logging in and visiting the home and server routes, the console.log shows on the server terminal - confirming they are still server components. If you visit the client route, the console.log will show in the browser console. Further, the build report after running npm build will also indicate those pages are SSR and not client components. I hope this helps clarify what I meant. This would actually make a good blog post / explainer topic - but the client component uses the useSession hook which uses the context. The server components instead use getServerSession which doesn't require the context. More clarification on using Context Providers with Server Components here: nextjs.org/docs/app/building-your-application/rendering/composition-patterns#using-context-providers
Thanks Dave! It was very useful example, but very simple. 😉 Please, continue about NextAuth, cause you don't touch following themes: 1. Initial form for auth (how client can pass auth first time with credentials) 2. Working with DB, 3. How can clients change their credentials (email, pass, etc) at any time. 4. How can developer make own auth pages with another design? So we are waiting for next! Good luck, Dave! 💪😀)
Hi Dave, this was an incredibly helpful video, I've now successfully set up Next Auth in my Next JS project with an AWS Cognito provider. Thanks for explaning everything so clearly and not glossing over the small details. I'll definitely check out your other videos on Next JS.
if I may ask how did you find the cognito issuer? all the tutorials i've found for it used a cognito domain and amazon has revamped their whole UI making it really obnoxious
@@anonihme5142 sorry I didn't see your comment earlier, glad to see you got there! I followed this video to understand more about setting up the Cognito app client. I'd love to get Cognito working with the credentials provider as opposed to using their hosted UI, but that's on a future to-do list! ruclips.net/video/U4hEflgix9c/видео.html
@@SarahBrown-v6t cheers. Sadly the vid ends before he tries to log back in and sees that the next -auth logout function doesn't clear cookies on the cognito server, so the user is logged back in without being asked for his credentials, which is a major security risk. It amazes me that there's no simple way to do that. But then again, i'm a total noob, so simple for me is a very low bar. I shall persist and remain calm! thanks for the reply, best of luck
This is a very packed information and I really understand every bit of it ,I was in another tutorial before the guy was explaining it but it was very hard to get . Immediately I came here it just clicked ❤
Nice one...! One important point that maybe you can address in later videos is how to use user roles. To be able to pass roles to the session, you need to include them in the token, which is then read by the session.
Thanks Dave for this video! It has actually helped me GET the right data for the Credentials login. But im having a little difficulty getting users to sign in with Username,Password. But with this video i was actually able to get a step forward! THANK YOU!
Thank you dear Dave, for always inspiring me to put my best foot forward, even when I don't feel like I belong. I hope the best for you in your life. Warm Regards.
Great explanation and unique content. I am waiting for more videos about Next.js, and problems faced by many beginners and solve these problems. Thank you for making this effort to explain the code
fantastic tutorial, I just had one issue regarding api folder location, I did add it under pages rather than app folder which didnt work. I didnt understand why because in their docs it was built that way. Anyway after finding it everything went great. Thanks for preparing such a quality content. Db integration would be great in the future. Thank you so much
Great stuff! This was the first tutorial that actually showed the basics of how to get it working and showed where the actual routes for the automatic pages lived. One thing I'm still a bit confused about is as why there's no default signup as well in Next-Auth as that seems to be an extremely common pattern. For any type of SaaS application, how would you relate the models to the correct user/org unless you have the user in your db? So showing a more advanced (but still basic) flow like signup => verify email => verified signed in, and signin => change password would be appreciated. Also perhaps how to make your own signin page call the right endpoints in nextauth. Thanks again for saving me a lot of time!
There is an upcoming release of next-auth v5 which uses a universal auth() function and contains many breaking changes. I would love to see a renewed tutorial for the nearest v5 release. Keep on the good work..
A very informative video. Thank you very much. Your code is perfect and very easy to read. And I would be glad to see more about role-based user authorization.
If you're using App router without the src root folder you should move the middleware.ts in the root of the project at least that works in version 14.2 of next
Thank you much, Dave! I have been following and watching your Next series from the moment it was still in experimental phase and up to now that is already stable. Please create a video with signup that has a database and also the role based auth. Thank you and more power!
Once again. Thank you so much for your mater classes!! Your genius man. You know your stuff and know how to teach it! I will buy you a couple coffees lol
Awesome tutorial I would be delighted if you could consider creating a tutorial on the process of authentication and authorization, encompassing both frontend and backend aspects. It would greatly enhance my understanding to learn about the complete flow, such as how the frontend transmits the authentication token to the backend during sign up or login. I'm eager to gain insights into the entire process. Frontend - Nextjs Backend - python
💡One tip for anyone who is just starting: Please analyze the starter code file first, on the timestamp 25:06 and then complete the rest of it By the way Great tutorial Dave 🔥Loved it.
Thank you, this has been very helpful. It would be great to have more coverage around OAUTH configuration (scope, userinfo, etc.) and sign-out from the identity provider. Anyway, thanks for the great content!
That's a very comprehensive tutorial about next-auth. Thank you sir. and yes an advanced auth series (like react one) is very much appreciated. It is just a request to use sql based database this time for auth as we have covered mongodb in react.
It's a bit late to comment, but congratulations Dave on getting sponsors for your videos (this is the first one I've come across)
There are plenty of amazing tutorial creators on RUclips, but the amount of effort you put in your videos to explain each and every line of code, right down to mentioning the key binds you use, is just remarkable. Thank you for all your effort and I hope you gain even more success
Hallelujah, thanks to let the people know what dependencies and versions you are using it, it helps so much man!
Hey dave when i started this job i used to watch your videos now i got my first job as a developer thanks man!
Thank you Dave. You have the heart to teach and help people who are trying their best to learn how to code .
You're very welcome!
This is a very informative and useful video. It would be awesome if you could expand on this by connecting a database to store users along with a credentials signup. Users should also be able to reset their password. An explanation of that is hard to come by and something most of us will need.
Great suggestion!
Please I have the same request, looking forward to the video 😊
Same, with admin roles.
This is a great suggestion. I have learned a lot from this great piece. Thank you Dave
Prisma ❤
Hey Dave, after migrating from the pages router this tut helped me a lot on getting clear. There are a lot of tutorials out there and huge codebases with complex integrations and a lot of copy paste code, sometimes a bit hard to stay focused on the essentials.
Greeting from Austria
The reason your videos are a cut above the rest is because you explain the 'why'. When you get an error you explain why you are getting the error and then you show how to fix it. When you paste a line of code, like the import of default from nextauth in the middleware file, you explain exactly what it's doing and also show how it works.
Keep up the excellent work, you are appreciated!
Thank you!
You make the best tutorials man, seriously thank you so much.
everyone who face middleware issue. first clear your cookie in console.
Thank you Dave. I was having so much trouble trying to figure out how this was supposed to work. But after watching your video, the pattern became stupid simple. subscribed and looking forward to your content.
thank you so much for making this specifically with the new app router layout, i was very confused at first with the pages thing
Damn, this tutorial is god tier comparing to other ones I found that tackle this topic. Detail all in the right places!
Thanks Dave. Crystal clear step by step instructions on next auth. Now we have a deep understanding of how to configure and setup next auth in our projects. One suggestion a quick diagram of how the auth flow should be even more awesome!! Thank you for delivering quality content for us. Learning a lot from your videos.😊
Thank you and good suggestion - while this default setup is very straightforward, I think some customized solutions may need further explanation in the future. The default setup uses a session cookie with an encrypted JWT (JWE). This is important because Next.js is hosted in a serverless deployment so the auth info is really in the JWE and is verified by a NextAuth server function (running in a serverless environment). Serverless is a confusing word. It means it is one big lambda function outsourced to AWS behind the scenes. The auth persists due to the cookie staying in the client. The serverless environment may go to sleep when inactive.
Thank you for that explanation, indeed 'serverless' was confusing to me before reading this
One of the best next-auth tutorials that actually covers the app router. Disappointing that the next-auth docs don't cover this and are instead using the older page router.
DAVE YOU ARE CLEARLY THE GOAT FOR ME. THANX A LOT
Thank you!
This tutorial is so good! I was feeling so confused by next-auth and next.js, you made it seem so simple 😃
Glad it helped!
Another amazing toturial, to be honest I've been waiting for this video 👌👌👌
Glad you liked it!
A very nice nuanced explanaton of Next-Auth. Yes please, I would like to see follow on tutorials on role-based access as you mention at the end
Your tutorials are the best Dave. I got a job because of you. I thoroughly improved my projects because of your tutorials.
Excellent news! Congratulations on the job! 🚀
Thank you Dave. This was very helpful. You made things crystal clear to understand and implement the next-auth with next 13.2 + version. Also when to use server and client component. Overall you made it very simple.
This is long awaited video. Thank you Dave, you helped me so much
Glad to help!
OMG! Thank you so much Dave ❤❤🙏🙏. Love your tutorials...
Welcome!
This is super helpful, thank you! I do want to call out that you said you would never want to use a server component within a client component, but the application is doing that when you're talking about providers. The AuthProvider component is a client component and it the client/page.tsx component is a server component rendered inside of that
You're welcome! I appreciate the call out because this shows I likely didn't explain myself clearly on this specific issue. "use client" creates a boundary between server and client components and all other components imported in the client component including children will be rendered as client components according to the Next.js docs: nextjs.org/docs/app/building-your-application/rendering/client-components ..so to follow this up, I searched the NextAuth docs for an exception with the SessionProvider used inside the AuthProvider we create in this tutorial. I did not find where those docs dive into how NextAuth works around this.. but if you add a console.log(user) to the UserCard component, build the project with npm build, and then run it with npm start, you will see that after logging in and visiting the home and server routes, the console.log shows on the server terminal - confirming they are still server components. If you visit the client route, the console.log will show in the browser console. Further, the build report after running npm build will also indicate those pages are SSR and not client components. I hope this helps clarify what I meant.
This would actually make a good blog post / explainer topic - but the client component uses the useSession hook which uses the context. The server components instead use getServerSession which doesn't require the context. More clarification on using Context Providers with Server Components here: nextjs.org/docs/app/building-your-application/rendering/composition-patterns#using-context-providers
i love your voice Dave. keep up the Good Work! We Cant Thank You More Than We Say 🙏
Very beautifully explained dave.
love from India❤
I was making my website today and you uploaded this today saved many hours of work❤❤
Thanks Dave! It was very useful example, but very simple. 😉 Please, continue about NextAuth, cause you don't touch following themes: 1. Initial form for auth (how client can pass auth first time with credentials) 2. Working with DB, 3. How can clients change their credentials (email, pass, etc) at any time. 4. How can developer make own auth pages with another design? So we are waiting for next! Good luck, Dave! 💪😀)
Hi Dave, this was an incredibly helpful video, I've now successfully set up Next Auth in my Next JS project with an AWS Cognito provider. Thanks for explaning everything so clearly and not glossing over the small details. I'll definitely check out your other videos on Next JS.
if I may ask how did you find the cognito issuer? all the tutorials i've found for it used a cognito domain and amazon has revamped their whole UI making it really obnoxious
nevermind, finally got there^^
@@anonihme5142 sorry I didn't see your comment earlier, glad to see you got there! I followed this video to understand more about setting up the Cognito app client. I'd love to get Cognito working with the credentials provider as opposed to using their hosted UI, but that's on a future to-do list! ruclips.net/video/U4hEflgix9c/видео.html
@@SarahBrown-v6t cheers. Sadly the vid ends before he tries to log back in and sees that the next -auth logout function doesn't clear cookies on the cognito server, so the user is logged back in without being asked for his credentials, which is a major security risk. It amazes me that there's no simple way to do that. But then again, i'm a total noob, so simple for me is a very low bar. I shall persist and remain calm! thanks for the reply, best of luck
This is a very packed information and I really understand every bit of it ,I was in another tutorial before the guy was explaining it but it was very hard to get . Immediately I came here it just clicked ❤
Thank you Dave for your helpful content .
I'd love to see the role based user authorization video. Thanks for the video, nicely done. 👍
I was literally just looking for this, thank you!
Glad I could help!
this tutorial is absolutely perfect.
Phenomenal, best tutorial I've run across, thank you.
Thanks Dave, it was really insightful
Nice one...! One important point that maybe you can address in later videos is how to use user roles. To be able to pass roles to the session, you need to include them in the token, which is then read by the session.
This is correct, and it is coming very soon!
Elaborated Explanation. Great. Thanks
Thanks a lot for this tutorial Dave!
Thanks you explained very clearly and now i understand!
awesome work, thank you Dave!
This video was great. I was really confused trying to navigate the docs as they aren't updated to use Next.js 14. Thanks again!
Great tutorial, thank you!
Very beautifully explained as usual. I would love to see more next auth tutorials!
More to come!
Thank you so much for explaining everything beautifully Dave.
great job as always, thank you. you've been of great help once again!!!!
Thank you Dave Gray! You're life saver!
I just completed short while ago... Nice tutorial with well explanation... Thanks a lot... 🥰
The best content about this subject
Thank you so much dave 😊
Great job Dave ... well explained , tks a lot 🎉
Glad you liked it!
This video was of great help, we are currently extrapolating to ditch Supabase auth for nextAuth
Dude you are the best. much love
Great tutorial, thank you!
Thanks Dave for this video! It has actually helped me GET the right data for the Credentials login. But im having a little difficulty getting users to sign in with Username,Password. But with this video i was actually able to get a step forward! THANK YOU!
Nice job Dave 😊
An easy tutorial to understand. Thank you so much!👍
Thank you dear Dave, for always inspiring me to put my best foot forward, even when I don't feel like I belong.
I hope the best for you in your life.
Warm Regards.
Great video and great explanation of Nextauth . Amazing tool to manage authentication. Thanks Dave
Glad you liked it!
Great explanation and unique content. I am waiting for more videos about Next.js, and problems faced by many beginners and solve these problems. Thank you for making this effort to explain the code
Thank you so much Dave
Thank you Dave, amazing tutorial.
Glad you liked it!
Thank you for this amazing video! Super well explained, I just subscribed to your channel 🤩
Welcome!
fantastic tutorial, I just had one issue regarding api folder location, I did add it under pages rather than app folder which didnt work. I didnt understand why because in their docs it was built that way. Anyway after finding it everything went great. Thanks for preparing such a quality content. Db integration would be great in the future. Thank you so much
Very informative lesson thank you sir
Great stuff! This was the first tutorial that actually showed the basics of how to get it working and showed where the actual routes for the automatic pages lived. One thing I'm still a bit confused about is as why there's no default signup as well in Next-Auth as that seems to be an extremely common pattern. For any type of SaaS application, how would you relate the models to the correct user/org unless you have the user in your db? So showing a more advanced (but still basic) flow like signup => verify email => verified signed in, and signin => change password would be appreciated. Also perhaps how to make your own signin page call the right endpoints in nextauth. Thanks again for saving me a lot of time!
I found the answer. It’s called Clerk. Use it and never look back!
Thank you Dave, nothing to say, brilliant.
This is an awesome tutorial, thank you!
Thanks for the content but what about editing the user informations on his profile page ? with that stack it's a pain
There is an upcoming release of next-auth v5 which uses a universal auth() function and contains many breaking changes. I would love to see a renewed tutorial for the nearest v5 release. Keep on the good work..
Yep, this. Definitely this.
A very informative video. Thank you very much. Your code is perfect and very easy to read. And I would be glad to see more about role-based user authorization.
For those having problems with the App Router and middleware, I moved the middleware file inside the app folder, and worked
If you're using App router without the src root folder you should move the middleware.ts in the root of the project at least that works in version 14.2 of next
Thank you Dave!
YOU ARE GRATE DAVE, any time that I have any problems on coding , you will make a video about my problem, Thank you my friend
You are most welcome!
Very great video, helps a lot
Nice One Dave!!
Thanks!
Thank you much, Dave! I have been following and watching your Next series from the moment it was still in experimental phase and up to now that is already stable. Please create a video with signup that has a database and also the role based auth. Thank you and more power!
Role-based auth on the way. More to come!
Once again. Thank you so much for your mater classes!! Your genius man. You know your stuff and know how to teach it! I will buy you a couple coffees lol
You're welcome!! ☕
Thank you so much to explaining
Lots of thanks to you ❤
Awesome tutorial
I would be delighted if you could consider creating a tutorial on the process of authentication and authorization, encompassing both frontend and backend aspects. It would greatly enhance my understanding to learn about the complete flow, such as how the frontend transmits the authentication token to the backend during sign up or login. I'm eager to gain insights into the entire process.
Frontend - Nextjs
Backend - python
good easy to understand.
Yes, role based auth would be fantastic. Thanks! :)
Thank you Dave
Hello Dave Yet another awesome Tutorial thank you , here instead of using session callback for getting picture you used getserversession ?
Thanks Sir Dave!
Welcome!
Thanks Dave❤!!
Welcome!
Wow . Do you have plans to do one in clerk ?
I can. Clerk provides some nice features.
How to customize login button with Credentials?
💡One tip for anyone who is just starting: Please analyze the starter code file first, on the timestamp 25:06 and then complete the rest of it
By the way Great tutorial Dave 🔥Loved it.
Excellent ! 👏👏
very informative video giving a big laugh 36:06 🤣
thanks~
awesome!, good tutorial, the advanced playlist is coming soon???
Thank you so much for the amazing content 👍👍🙌🙌👌👌😍😍
You're welcome!
@@DaveGrayTeachesCode I follow your channel and recommend you to my friends and family members to follow for a quality content
Useful tutorial for me
Thank you, this has been very helpful. It would be great to have more coverage around OAUTH configuration (scope, userinfo, etc.) and sign-out from the identity provider. Anyway, thanks for the great content!
can you share the tutorial repo please? thank you
There is a link to it in the video description.
That's a very comprehensive tutorial about next-auth. Thank you sir. and yes an advanced auth series (like react one) is very much appreciated. It is just a request to use sql based database this time for auth as we have covered mongodb in react.
Thank you!
Great vid. the challenge im facing is defining a pattern that allows me to integrate with a custom API. Any recommendations?
You are gem
thanks
Thanks a lot