Just found your channel and subscribed, i like how your tutorials are long and in depth about concepts to understand instead of just project tutorials, and i dont think 10 or 15 minute short videos can do the same.
I am telling you this seriously. I have watched 20+ videos on RU-vid about the same. All the time things didn`t worked out. But today i completed your video and trust me on this, your tutorial is the best tutorial in the whole world. Just wanted to say you thank You friend............
Hey Brett, I wanted to thank you for the very comprehensive video. Authentication is always a messy topic, and it's very appreciable how you explained not only credentials but also social login. Thanks again
This is a great and very helpful video, going through several different ways of logging in a user. Just one thing though… it’s not Prism. It’s very clearly PrisMA.
Thank you for the video! When registering, you need to block the form submit button after clicking, since you can spam the button and there will be many identical users in the database, you also need to add a check on the server when creating. Also, do not add your .env file to the repository. Now you have data that other users can use for authorization, be careful
Simply FABULOUS !!! THANK YOU SO VERY MUCH !!! I followed along. Perfect. You showed every nitty-gritty, were not too fast, not too slow, did not switch screens/windows suddenly (which confuses us, the beginners), were describing what you were doing, where you were doing, and why you were doing. Once more, THANK YOU !!!
Wow I just happily spend 5 hours watching and rewatching this video and I learned a lot. I don't know why I enjoyed some much. Thank Brett, you just earn a new loyal suscriber❤
Thank you for the nicely structured and detailed tutorial. I just couldn't understand how the signin to OAuth providers created the Account and User documents in mongodb.
My most recent videos go more in depth about session data/object. I would recommend console logging profile, user, session and all to see what data you get back
Good job sir really impressive content. Thank you very much for sharing. 1. On a purely cosmetic side, in the login page, instead of the h1 "Sign into Github below" , I would rather change the button label to "Sign into Github". Same goes true for Google. 2. Are you planning to add a "reset forgotten passwords" functionality, since this is the "Ultimate" guide ? Best regards.
In the async authorize(credentials) function, I would fetch an API login. It's more clear for me. There is an API to register and there is an API to login.
Hey, love the videos. They are really helpful and concise. I was wondering if you could possibly make a video on what changes would have to be made to the application when its being pushed into production (i.e. changing specific environment variables, etc)
Was scratching my head for this, using both credentials and social medias. Dude you just killed it, watched from zero to last seconds. Time to fight with TS into it 😊 Thanks buddy, thanks a lot ❤ Greetings from Tanzania 🇹🇿
It's a truly informative and well-made video. I still have two lingering questions. First, what difference does it make in the underlying operation of Next Auth if we don't specify 'jwt' as a strategy? Second, why didn't you touch upon the topic of Middleware? It's crucial for user experience.
@@brettwestwooddeveloper I have come across simple role based authentication videos but not ultimate guide per say. Role based authentication of user and admin using mongodb, prisma and next-auth. The major point of learning can be how to secure pages and then give access to certain routes only to the admin . For example: home and dashboard should be a protected route but only admin can access the dashboard.
Great video. Great job explaining each step and also showing how the network side of things looks in the browser console/tools. Thanks so much! I just subscribed!
Hey Brett, amazing tutorial, one question, why you dind't use the Session model that next-auth provides as a starter code for prisma schema? (I guess its because that if we use jwt, the sessions will not be saved on the db)
@@younkezenger8117 Session only is used when you implement google/github auth options, so instead of only creating a user you also create a session. Hope this helps
This is the best tutorials I have seen on RU-vid Awesome! Could you tell me the reason why we need to add "/test" url at the end of the DATABASE_URL? Thank YOu!!
Great tutorial!!! One of the best I've seen. Quick question : How would you make an admin account that would see all other account is some sort of table?
thank you! and you would have to create a custom value for admin signups through the login functionality. I would have to look into it more, and when I get good with it I can create a video on that topic. That is a very good topic that would be helpful!
Excellent tutorial. Unfortunately its not completed without JWT token option. Btw, you must modify your system environment for RU-vid tutorials. I mean your display resolution must not exceed 1080 HD Now all your screen texts are very tiny and makes a lot of eye strain.
Unfortunately, this isn't EVERYTHING I need. What I need now is to know why the adapters work in the development environment. But when I upload it to AWS Amplify, I cannot use the JWT to sign in any longer.
Thank you for the great video, it helped a lot, but I have a problem regarding google auth, when I log in with google the first time and log out, the next time i try to login with google it automatically logs in with that account, it doesnt let the user choose another one I already tried a lot of things and nothing seems to work Thanks a lot again, great video!!
i have a question, when you log in, next auth give you 3 tokens (next auth handled it), but how about when you sign up, you sent back user object via json, so we cant get the session when you sign up right
Hi, can you do a really short video showing us how to setup a DELETE api route handler with and without prisma or at least with prisma. The new way in next13(app) is a bit confusing. Thanks for the content!
i loved this ... and i added next auth to my project. but i still dont know how to protect a sever side page... i am getting error in my seversideprops
@@brettwestwooddeveloper I don't understand why it's not working automatically when I am using the adapter. Should I have to change anything for the session table to get populated automatically? plz help
I would watch this one first because it goes over everything. There is a new version of Next-Auth which is in beta. However, you can still use this video as a guide and is still relevant. I have other videos as well on my channel going over the session object and much more!
why cant i get fields other than name , email in the session? i tried returning user object with a field of Contact from [...nextauth] page too. but it is not carried into home page. btw Thanks for such a comprehensive tut. :)
Thank you for tuning in, and by default you only get the name and email in the session. You must use the JWT strategy and then pass the data through the jwt to the session using asyn callbacks. I have a video on this: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-bkUmN9TH_hQ.html
i have been using this procedure for some apps but now i have been facing an issue. The signup with google isnt working directly in api/auth/signup unless i remove the // adapter: PrismaAdapter(prisma) line in nextauth route. The signin with google isnt working at all from the login page in (site) folder. If there are any changes we should do then itll be really great because i have tried alot of stuff but nothing worked out for me. Youre a great teacher :)@@brettwestwooddeveloper
Thank you and you just have to create a middleware file on the root of the whole project. export { default } from "next-auth/middleware" export const config = { matcher: ["/dashboard"] } This protects the dashboard page
@@brettwestwooddeveloper Ok thank you. I already watch in another video. It has two option server side or client side. Glad to watch your video and help
@@brettwestwooddeveloper i just finished and its really alot of information to digest, especially the way the google and github user is added to the database )): but overall I loved it
at 25:41 when i try to sign in it gives me an error. Says: "Sign in failed. Check the details you provided are correct." But in inspector it has 302 Found
I'm not able to log in with google, I'm getting "Try signing in with a different account." this error message. How can I approach this problem? can anyone help
could be multiple reasons, inside of the google console where you set up the oAuth, make sure you entered the correct Redirect URI. If that is correct, then make sure your google client id and secret is correct. If that is fine, make sure your [...nextauth] route is probably set up with no errors.
Idk if someone else asked... I don't know much about Prisma, but is there a reason ti pick it over Mongoose? I thought Prisma is more suited for SQL db's. I just started the vid but this seems like it is what I was after.
After route protection, when I write the login route manually in the search bar, it will show the login page for a while and then disappear which is not a good user experience.
If you are calling the user on the client side with the useSession hook. Then it will cause that. You must fetch the user on server with the getServerSession. I am assuming you are calling the session client side?
no I don't but you will have to refactor your code so your page is a server component and then fetch the session on the server. Then any client components necessary. Impot them into the server page. Does that make sense? @@storyPlus12
Thank you for the explanation, just a question please, when user register he actually doesn't get auth cookies, he needs to signin after that to get them right? If yes, is there a way to tweak that, would be nice if user can register and start using his dashboard for example. Thank you again.
I want to plzzzz ask u a question. How can I use NextAuth with Google to authenticate the user and then pass the session to NestJS project to authenticate the user there also so I can use the guards' features in NesfJS. There are no guides or tutorials about this at all