πŸš€StarShip Developer Kit

Authentication

Overview

The Next.js 15 StarShip Developer Kit includes a comprehensive authentication system powered by NextAuth.js, offering a secure, flexible, and user-friendly authentication experience with minimal setup required.

Key Benefits

  • Multiple sign-in methods (email/password, social providers)
  • Account linking and merging across providers
  • Secure password handling and storage
  • Role-based access control (user/admin)
  • Seamless integration with Stripe payments
  • Email notifications for auth events

Authentication Methods

Email & Password

Traditional email and password authentication with security features:

  • Secure password hashing
  • Email verification
  • Password reset functionality
  • Account reactivation

Google OAuth

Allow users to sign in with their Google accounts:

  • One-click authentication
  • Automatic profile information import
  • Account linking with existing email accounts

Expandable Social Logins

Easily add additional social login providers:

  • GitHub, Twitter, Facebook, and more
  • Consistent user experience across providers
  • Automatic account merging with matching emails

For adding more providers, see the NextAuth.js OAuth Providers documentation

User Management

Role-Based Access Control

The authentication system includes built-in role management:

  • User Role: Standard access to user-specific content
  • Admin Role: Enhanced privileges for content management
  • Admin-only areas (user management, blog creation)
  • Protected API routes based on roles

Ready-to-use admin panel: A dedicated user management page is already implemented at /admin/users, allowing administrators to:

  • View a complete list of all registered users
  • Block or unblock user accounts
  • Promote users to admin role or remove admin privileges
  • Activate or deactivate accounts

Account Management

Comprehensive user account management features:

  • Profile editing and avatar uploads
  • Linking multiple authentication methods to one account
  • Account deletion with data cleanup
  • Account recovery and reactivation

Email Notifications

The authentication system includes built-in email notifications via SMTP:

  • Welcome emails for new users
  • Password reset instructions
  • Email verification
  • Account status changes
  • Stripe payment confirmations and receipts

πŸ”‘ SMTP Configuration

Configure your SMTP email provider in the environment variables to enable all email functionality. Works with Gmail, SendGrid, Mailgun, and most SMTP providers.

Stripe Integration

Authentication is seamlessly integrated with Stripe for payments:

  • User accounts automatically linked to Stripe customers
  • Purchase history tied to user accounts
  • Subscription management
  • Payment notifications via email
  • Secure checkout flows with user context

Setting Up Google OAuth

  1. Go to the Google Cloud Console
  2. Create a new project or select an existing one
  3. Navigate to "APIs & Services" > "Credentials"
  4. Click "Create Credentials" > "OAuth client ID"
  5. Select "Web application" as the application type
  6. Add authorized JavaScript origins:
    • http://localhost:3000 (for development)
    • https://your-production-domain.com (for production)
  7. Add authorized redirect URIs:
    • http://localhost:3000/api/auth/callback/google (for development)
    • https://your-production-domain.com/api/auth/callback/google (for production)
  8. Click "Create"
  9. Copy the Client ID and Client Secret to your .env file

Environment Setup

Configure authentication by setting these environment variables:

# NextAuth Base Configuration
NEXTAUTH_URL=http://localhost:3000
NEXTAUTH_SECRET=your-secret-key

# Google OAuth
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret

# Email Configuration (SMTP)
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=your-email@gmail.com
SMTP_PASSWORD=your-app-password
SMTP_FROM=your-email@gmail.com