Skip to content

Enhance user authentication with MFA and additional OAuth providers #45

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
shouryamaanjain wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Enhance user authentication with MFA and additional OAuth providers #45

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 13 additions & 1 deletion .env.example
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,4 +32,16 @@ ADMIN_EMAIL='[email protected]'
#Create a new redis database on upstash and copy/paste the keys from it
#https://console.upstash.com/
UPSTASH_REDIS_REST_URL=
UPSTASH_REDIS_REST_TOKEN=
UPSTASH_REDIS_REST_TOKEN=

# GitHub OAuth
GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=

# Twitter OAuth
TWITTER_CLIENT_ID=
TWITTER_CLIENT_SECRET=

# Facebook OAuth
FACEBOOK_CLIENT_ID=
FACEBOOK_CLIENT_SECRET=
11 changes: 11 additions & 0 deletions src/app/actions.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,17 @@ export async function handleNameSubmit(
};
}

// password should be at least 8 characters long, contain at least one uppercase letter, one lowercase letter, one number, and one special character
if (!/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,}$/.test(password)) {
return {
status: 400,
body: {
error:
"Password should be at least 8 characters long, contain at least one uppercase letter, one lowercase letter, one number, and one special character.",
},
};
}

const checkAvailability = await db.user.findFirst({
where: {
username: name,
Expand Down
23 changes: 21 additions & 2 deletions src/app/api/auth/[...nextauth]/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,26 @@
import NextAuth from "next-auth";

import { authOptions } from "@/server/auth";
import { withAuth } from "next-auth/middleware";
import { getSession } from "next-auth/react";
import { sendVerificationRequest } from "@/server/mfa";

// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
const handler = NextAuth(authOptions);

export { handler as GET, handler as POST };

export const config = {
matcher: ["/api/auth/:path*"],
};

export default withAuth({
callbacks: {
async signIn({ user, account, profile, email, credentials }) {
const session = await getSession();
if (session && session.user) {
// Send MFA verification request
await sendVerificationRequest(session.user.email);
}
return true;
},
},
});
15 changes: 15 additions & 0 deletions src/server/auth.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@ import {
} from "next-auth";
// import EmailProvider from "next-auth/providers/email";
import GoogleProvider from "next-auth/providers/google";
import GitHubProvider from "next-auth/providers/github";
import TwitterProvider from "next-auth/providers/twitter";
import FacebookProvider from "next-auth/providers/facebook";

import { env } from "@/env";
import { db } from "@/server/db";
Expand Down Expand Up @@ -82,6 +85,18 @@ export const authOptions: NextAuthOptions = {
}
}
}),
GitHubProvider({
clientId: env.GITHUB_CLIENT_ID,
clientSecret: env.GITHUB_CLIENT_SECRET,
}),
TwitterProvider({
clientId: env.TWITTER_CLIENT_ID,
clientSecret: env.TWITTER_CLIENT_SECRET,
}),
FacebookProvider({
clientId: env.FACEBOOK_CLIENT_ID,
clientSecret: env.FACEBOOK_CLIENT_SECRET,
}),
],
};

Expand Down