A tiny, interactive CLI that scaffolds a ready-to-run NextAuth.js setup in your Next.js app. It supports both App Router and Pages Router, NextAuth v4, multiple providers, optional Upstash Redis session storage, and sensible defaults.
- Interactive setup: Guided prompts for router, NextAuth version, providers, and storage
- App Router or Pages Router: Generates the proper API routes and middleware
- NextAuth v4: Template output adapts to your selection
- Multiple providers: GitHub, Google, Auth0, Discord, Apple, Twitter, plus Credentials
- Optional Upstash Redis: Adds adapter and config when selected
- Env and deps automation: Creates .env entries and updates package.json; offers to run install
npm install -g scaffold-authnpx scaffold-auth initWorks in any existing Next.js project. Recommended Node.js 18+.
# In your Next.js project root
npx scaffold-auth initYou’ll be prompted for:
- NextAuth.js version: V4
- Router type: App Router or Pages Router
- src directory: Whether your app code lives under
src/ - Providers: GitHub, Google, Auth0, Discord, Apple, Twitter (choose ≥1)
- Storage: Whether to use Upstash Redis for session storage
At the end, the CLI updates dependencies, writes files, creates .env entries, and offers to run npm install for you.
For v4, NextAuth uses a Pages API route. The CLI creates:
pages/api/auth/[...nextauth].ts: NextAuth v4 configmiddleware.ts: Default NextAuth middleware with an examplematcher
pages/api/auth/[...nextauth].ts: NextAuth v4 configmiddleware.ts: Default NextAuth middleware with an examplematcher
The CLI writes baseline variables to .env (creates the file if needed):
AUTH_SECRET— random value- For each selected provider:
AUTH_<PROVIDER>_IDAUTH_<PROVIDER>_SECRET
- If Upstash Redis storage is enabled:
UPSTASH_REDIS_URLUPSTASH_REDIS_TOKEN
Notes:
- The generated templates reference
NEXTAUTH_SECRET(v4). Set it in your.env. - The CLI also seeds
AUTH_SECRETfor convenience. You can copy the same value intoNEXTAUTH_SECRETor generate a new one.
The CLI updates package.json (if present) with:
next-auth:latest versionfor V4 (only if not already present)zod:latest(only if not present)- If storage is enabled:
@auth/upstash-redis-adapter:latest@upstash/redis:latest
You’ll be prompted to run npm install automatically after scaffolding.
You can select any combination of:
- GitHub, Google, Auth0, Discord, Apple, Twitter
- Credentials provider is included by default
For each selected OAuth provider, fill your real credentials in .env:
AUTH_GITHUB_ID=...
AUTH_GITHUB_SECRET=...
# etc.The credentials provider includes placeholder logic; replace it with your DB lookup.
- v4:
middleware.tsre-exports the default NextAuth middleware- Example
config.matcherprotects all nested routes
Adjust matcher to fit your app.
- Sign-in pages: The template sets
pages.signIn = "/sign-in"andpages.signUp = "/sign-up". Create those pages or update the paths. - Session strategy: JWT
- Example callbacks:
- Adds an
accessTokenfor Google accounts - Mirrors
accessTokento the session
- Adds an
These are sensible defaults you can tailor to your needs.
Scaffolds the NextAuth setup based on your answers.
# With global install
scaffold-auth init
# Or via npx
npx scaffold-auth init- Fill real provider IDs and secrets in
.env - For v4, set
NEXTAUTH_SECRET(copy fromAUTH_SECRETor generate one) - Replace the credentials
authorizelogic with your DB/user store - Adjust
middleware.tsmatcherrules - Create your sign-in/sign-up pages or update the
pagesconfig - Run and test your app
npm install npm run dev
- “File already exists” prompts: The CLI asks before overwriting. Choose accordingly.
- Missing
package.json: Initialize your project first (npm initornpm create next-app). - Secrets mismatch: For v4, ensure
NEXTAUTH_SECRETis set. The CLI seedsAUTH_SECRET; setNEXTAUTH_SECRETto the same value if desired.
npm uninstall -g scaffold-authMIT © Nelson Ndukwe