This project now includes a basic authentication system with the following features:
The Prisma schema has been updated with proper authentication models:
- User: Stores user information (id, email, name, etc.)
- Session: Manages user sessions with tokens
- Account: OAuth account connections (for future OAuth providers)
- Verification: Email verification tokens
- Fixed type mismatches (String IDs instead of Int)
- Added proper default values for timestamps
- Added unique constraints for security
- Added proper foreign key relationships with cascade deletes
lib/auth.ts- Better-auth configurationlib/auth-utils.ts- Custom authentication utilitiesapp/api/auth/signin/route.ts- Sign-in API endpointapp/api/auth/signout/route.ts- Sign-out API endpointapp/auth/signin/page.tsx- Sign-in pageapp/auth/signup/page.tsx- Sign-up pageapp/auth/signin/signin-form.tsx- Client-side sign-in form
- Added authentication check to
/adminpage - Redirects unauthenticated users to sign-in page
- Shows user information and sign-out button
- Navigate to
/auth/signin - Enter your email and password
- You'll be redirected to the admin dashboard if successful
- Go to
/admin - If not authenticated, you'll be redirected to sign-in
- Once authenticated, you can access the dashboard
- Click the "Sign out" button in the admin dashboard
- You'll be logged out and redirected
Add these to your .env file for full authentication features:
# Database
DATABASE_URL="postgresql://..."
# Email (for email authentication)
EMAIL_SERVER_HOST="smtp.example.com"
EMAIL_SERVER_PORT=587
EMAIL_SERVER_USER="your-email@example.com"
EMAIL_SERVER_PASSWORD="your-password"
EMAIL_FROM="noreply@example.com"
# OAuth Providers (optional)
GITHUB_CLIENT_ID="your-github-client-id"
GITHUB_CLIENT_SECRET="your-github-client-secret"
GOOGLE_CLIENT_ID="your-google-client-id"
GOOGLE_CLIENT_SECRET="your-google-client-secret"- Password Hashing: Implement proper password hashing (bcrypt, Argon2)
- Rate Limiting: Add rate limiting to prevent brute force attacks
- CSRF Protection: Add CSRF tokens to forms
- Input Validation: Add proper input validation and sanitization
- Session Security: Implement session rotation and proper session management
- OAuth: Add OAuth providers for better security
The schema has been migrated and seeded. If you need to reset:
npx prisma migrate reset
npx prisma db seedYou can test the authentication with the seeded users:
- Email:
alice@prisma.io - Email:
bob@prisma.io
Note: Currently, any password will work (as password hashing is not implemented yet).