blog: 231108 authjs

docs/blog/231108_authjs/231108_authjs.md

@@ -0,0 +1,41 @@
+# Adding Authorization and Authentication to your Next.js App with Auth.js
+
+In this post, we will be adding authorization and authentication to our Next.js app with [Auth.js](https://authjs.dev/). We will use Auth.js's default [session strategy](https://authjs.dev/concepts/session-strategies) of JSON Web Tokens (JWT), authenticate using Oauth2 with GitHub, and set up [role based access control (RBAC)](https://authjs.dev/guides/basics/role-based-access-control) to restrict access to certain pages.
+
+## Getting Started
+
+First, make sure you have a Next.js app to start with. If you are starting out from scratch, some details are basics can be found in the previous post [2023-10-15 Deploying a Next.js App to Google Cloud Run using Docker](../231015_nextjs_app/231026_nextjs_app.md), and of course in the official [Next.js docs](https://nextjs.org/docs/getting-started). I'd recommend getting started with the `create-next-app` command and use the [with-docker examples](https://github.com/vercel/next.js/tree/canary/examples/with-docker).
+
+## Adding User Sessions and Authentication
+
+I recommending [Dave Gray's](https://courses.davegray.codes/) [YouTube tutorial](https://www.youtube.com/watch?v=w2h54xz6Ndw) on adding Auth.js to a Next.js app. Following his steps, you'll have authentication with GitHub set up.
+
+## Adding Role Based Access Control
+
+Now that we have authentication set up, we can add role based access control (RBAC) to our app. There are a couple ways to do this, but we will do so with a database. Auth.js supports a [large number of databases](https://authjs.dev/getting-started/adapters), we will use the [PostgreSQL (pg) adapter](https://authjs.dev/reference/adapter/pg).
+
+### Setting up a PostgreSQL Database
+
+First, we need to set up a PostgreSQL database. I will be using a serverless [Neon](https://neon.tech/) database. Their free tier is more than enough for this project. An alternative would be to use [Google Cloud SQL](https://cloud.google.com/sql/docs/postgres/quickstart) or [Amazon RDS](https://aws.amazon.com/rds/postgresql/) but neither offer a completely free option.
+
+Create an account, your first project (you get one free project in the free tier), and a database to use for this purpose, let's name the database `auth-db`. Connect using the command below. This requires `psql`. If you don't have it, please see [this gist](../../gists/psql.md) for installation instructions.
+
+```bash
+psql -h pg.neon.tech
+```
+
+To list all databases, use the command `\l`. You should see `auth-db` in the list. To connect to a database, use the command `\c <database_name>`. After typing `\c auth-db`, you should see `You are now connected to database "auth-db" as user "<username>".`
+
+To list all tables in a database, use the command `\dt`. You should see no tables in the list, we need to create them first:
+
+In the [Auth.js pg adapter docs](https://authjs.dev/reference/adapter/pg#setup), we can see the SQL commands to create the required tables (`verification_token`, `accounts`, `sessions`, and `users`). Enter the `CREATE TABLE ...;` commands one by one in the terminal.
+
+Now, if you type `\dt` again, you should see the four tables in the list.
+
+### Setting up Auth.js to use the PostgreSQL Database
+
+
+
+---
+
+- https://stackoverflow.com/questions/41292559/could-not-find-a-declaration-file-for-module-module-name-path-to-module-nam