A modern authentication system built with Next.js 15, NextAuth.js v5, and Prisma, featuring role-based access control.
- 🔐 Authentication with NextAuth.js v5
- 👥 Role-based access control (RBAC)
- 🔑 Credential authentication (email/password)
- 🌐 OAuth support (GitHub)
- 🎨 Modern UI with Tailwind CSS
- 🛡️ Type-safe with TypeScript
- 🗄️ Prisma ORM with PostgreSQL
- Node.js 18+
- PostgreSQL database
- npm or yarn
-
Clone the repository
-
Install dependencies:
npm install # or yarn install -
Set up your environment variables:
DATABASE_URL="postgresql://..." NEXTAUTH_SECRET="your-secret-key" NEXTAUTH_URL="http://localhost:3000" # OAuth providers (optional) GITHUB_ID="your-github-id" GITHUB_SECRET="your-github-secret"
-
Run Prisma migrations:
npx prisma migrate dev
-
Start the development server:
npm run dev # or yarn dev
├── app/
│ ├── api/
│ │ └── auth/
│ │ └── [...nextauth]/
│ └── auth/
│ ├── signin/
│ └── signup/
├── components/
│ ├── ui/
│ └── navbar.tsx
├── lib/
│ ├── prisma.ts
│ └── zod.ts
├── types/
│ └── next-auth.d.ts
├── auth.config.ts
├── auth.ts
└── middleware.ts
- Users can sign in using email/password or GitHub OAuth
- JWT strategy is used for session management
- Role-based access control is implemented through Prisma schema
- Protected routes are handled via middleware
The project uses a PostgreSQL database with the following main tables:
- User
- Role
- RolesOnUsers (junction table for many-to-many relationship)
- USER (default)
- ADMIN
- Password hashing with bcrypt
- JWT-based sessions
- Protected API routes
- Type-safe authentication with TypeScript
- Secure role-based access control
To add new features or modify existing ones:
- Create a new branch
- Make your changes
- Run tests (if available)
- Submit a pull request
MIT
Contributions are welcome! Please feel free to submit a Pull Request.