Next.js 15 + NextAuth v5 Starter Kit ๐
A production-ready, feature-complete authentication starter kit with modern best practices.
โจ Features
| ๐ Authentication | ๐ ๏ธ Development | ๐งช Testing |
|
|
|
๐ Table of Contents
- Quick Start
- Project Structure
- Authentication System
- Database Setup
- Running Tests
- Deployment
- Learn More
๐ Quick Start
Prerequisites
- Node.js (18.17.0 or later)
- PostgreSQL database
Step 1: Clone & Install
# Clone the repository
git clone https://github.com/your-username/next15-nextauth-boilerplate.git
# Navigate to the project
cd next15-nextauth-boilerplate
# Install dependencies
npm install
Step 2: Environment Setup
Create a .env.local file in the root directory:
# Required environment variables
AUTH_SECRET=your-auth-secret
POSTGRES_URL=your-postgres-url
Generate a secure AUTH_SECRET:
openssl rand -base64 32
Step 3: Database Setup
# Generate database migrations
npm run db:generate
# Run migrations
npm run db:migrate
Step 4: Start Development Server
npm run dev
Visit http://localhost:3000 to see your application running.
๐ Project Structure
next15-nextauth-boilerplate/
โ
โโโ ๐๏ธ app/ # Next.js App Router
โ โโโ (auth)/ # Authentication routes
โ โ โโโ auth.config.ts # NextAuth configuration
โ โ โโโ auth.ts # Auth setup and providers
โ โ โโโ actions.ts # Server actions (login/register)
โ โ โโโ login/ # Login page
โ โ โโโ register/ # Registration page
โ โ
โ โโโ (dashboard)/ # Protected routes
โ โโโ layout.tsx # Dashboard layout
โ โโโ page.tsx # Dashboard home
โ
โโโ ๐งฉ components/ # Reusable React components
โ โโโ auth-form.tsx # Authentication form
โ โโโ sign-out-form.tsx # Sign out component
โ โโโ ui/ # UI components
โ
โโโ ๐ lib/ # Utilities and libraries
โ โโโ db/ # Database utilities
โ โโโ schema.ts # Drizzle schema definition
โ โโโ queries.ts # Database operations
โ โโโ migrations/ # Generated migrations
โ
โโโ ๐งช tests/ # Test files
โ โโโ auth.setup.ts # Authentication test setup
โ โโโ auth.test.ts # Auth flow tests
โ โโโ dashboard.test.ts # Dashboard tests
โ
โโโ ๐ง middleware.ts # NextAuth middleware
โโโ โ๏ธ drizzle.config.ts # Drizzle ORM configuration
โโโ ๐ญ playwright.config.ts # Playwright test configuration
โโโ ๐ README.md # You are here!
๐ Authentication System
This starter kit implements a complete authentication system using NextAuth v5 with email/password authentication.
๐ Authentication Flow
1๏ธโฃ Registration Process
sequenceDiagram
User->>+Frontend: Fill registration form
Frontend->>+Server: Submit credentials
Server->>Server: Validate input with Zod
Server->>Server: Hash password with bcrypt
Server->>+Database: Check if user exists
Database-->>-Server: User exists/doesn't exist
alt User exists
Server-->>Frontend: Return error
else User doesn't exist
Server->>Database: Create new user
Server->>Server: Create session
Server-->>Frontend: Success & redirect
end
Frontend-->>-User: Show success/error
2๏ธโฃ Login Process
- User submits credentials via login form
- Server validates the input
- Server checks credentials against database
- If valid, a session is created and user is redirected
- If invalid, an error message is displayed
3๏ธโฃ Protected Routes
The middleware protects routes by:
- Checking for valid session
- Redirecting unauthenticated users to login
- Redirecting authenticated users away from auth pages
4๏ธโฃ Sign Out
- User clicks "Sign out" button
- Session is destroyed
- User is redirected to login page
๐ ๏ธ Key Authentication Files
| File | Purpose |
|---|---|
auth.config.ts |
Core NextAuth configuration |
auth.ts |
NextAuth setup with providers |
actions.ts |
Server actions for auth operations |
middleware.ts |
Route protection |
๐พ Database Setup
This starter uses Drizzle ORM with PostgreSQL for type-safe database access.
๐ Database Schema
// lib/db/schema.ts
export const user = pgTable('User', {
id: uuid('id').primaryKey().notNull().defaultRandom(),
email: varchar('email', { length: 64 }).notNull(),
password: varchar('password', { length: 64 }),
});
๐ Database Operations
The starter includes two main database operations:
Creating users - Securely hashes passwords before storage:
export async function createUser(email: string, password: string)Retrieving users - Finds users by email for authentication:
export async function getUser(email: string): Promise<Array<User>>
๐ Migrations
Database migrations are handled automatically:
# Generate migrations after schema changes
npm run db:generate
# Apply migrations to your database
npm run db:migrate
๐งช Running Tests
This starter includes comprehensive end-to-end tests with Playwright.
๐งฉ Test Structure
Tests are organized using the Page Object Model pattern for better maintainability:
// Example of AuthPage class
class AuthPage {
constructor(private page: Page) {}
async login(email: string, password: string) {
await this.gotoLogin();
await this.page.getByLabel('Email Address').fill(email);
await this.page.getByLabel('Password').fill(password);
await this.page.getByRole('button', { name: 'Sign In' }).click();
}
// Other authentication methods...
}
๐ฆ Running the Test Suite
# Install Playwright browsers (first time only)
npx playwright install
# Run all tests
npm run test
# Run tests with visual UI
npm run test:ui
๐ What's Tested
| Feature | Tests |
|---|---|
| Registration |
โ
New user registration โ Existing email validation โ Password requirements |
| Login |
โ
Valid credentials โ Invalid credentials โ Form validation |
| Protected Routes |
โ
Authenticated access โ Unauthenticated redirects |
| Dashboard |
โ
User info display โ Sign out functionality |
๐ Deployment
Vercel Deployment (Recommended)
- Push your code to GitHub, GitLab, or Bitbucket
- Import the project on Vercel
- Configure your environment variables:
AUTH_SECRETPOSTGRES_URL
- Deploy!
Alternative Hosting
For other hosting providers, ensure you:
- Build the application with
npm run build - Set up the required environment variables
- Configure your database connection
- Deploy the built application
Made with โค๏ธ for Next.js developers
MIT License
