You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
Securing your Next.js application requires authentication (who is the user?) and authorisation (what can they do?). This lesson covers NextAuth.js (Auth.js) setup, providers, session management, protecting routes, middleware, and role-based access control.
NextAuth.js (now called Auth.js) is the most popular authentication library for Next.js:
| Feature | Description |
|---|---|
| Multiple providers | OAuth (Google, GitHub), credentials, email |
| Session management | JWT or database sessions |
| Built-in pages | Sign-in, sign-out, error pages |
| CSRF protection | Automatic |
| TypeScript support | Full type safety |
npm install next-auth
// src/lib/auth.ts
import NextAuth from "next-auth";
import Google from "next-auth/providers/google";
import GitHub from "next-auth/providers/github";
import Credentials from "next-auth/providers/credentials";
import { PrismaAdapter } from "@auth/prisma-adapter";
import { prisma } from "@/lib/prisma";
import bcrypt from "bcryptjs";
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.