Authentication
Email/password and Google OAuth with Supabase Auth.
Overview
Authentication is handled by Supabase Auth with email/password and Google OAuth pre-configured. All auth actions are Server Actions with Zod validation and rate limiting.
How It Works
- Users sign up via
/signup(email/password or Google) - A Supabase trigger automatically creates a
profilesrow - Protected routes redirect unauthenticated users to
/login - The middleware handles route protection
Auth Pages
| Route | Description |
|---|---|
/login | Email/password + Google OAuth |
/signup | Registration with full name |
/reset-password | Password reset via email |
/auth/callback | OAuth/email verification callback |
Adding Auth Providers
- Enable the provider in your Supabase project settings
- Add it to
config.ts:
auth: {
providers: ['email', 'google', 'github'],
}
- Add the login button in
components/forms/login-form.tsx
Server Actions
All auth mutations go through actions/auth.ts:
login(formData)- Email/password loginsignup(formData)- New account registrationloginWithGoogle()- Google OAuth redirectresetPassword(formData)- Send reset emaillogout()- Sign out and redirect
Each action validates input with Zod and applies rate limiting.
Getting the Current User
import { getUser, getUserWithProfile } from '@/lib/supabase/server'
// In a Server Component or Server Action:
const user = await getUser()
const { user, profile } = await getUserWithProfile()