Authentication in Development Mode
In development mode, your application uses a simplified version of authentication for ease of testing and debugging. This is usually not secure and should not be used in a production environment.
.env file, you can switch between development and production environments using the
NODE_ENV variable. When it’s set to “development”, the application runs in development mode.
To make the application use the insecure, simple version of authentication, set the
NEXTAUTH_SECRET variable in your
.env file to a simple, insecure value (e.g., “changeme”).
Accessing Provider Secret Keys
To enable different types of OAuth authentication, you will need to acquire secret keys from the respective providers. Below are the general instructions for getting these secret keys:
Create a project in the Google Cloud Console.
Go to “Credentials”, click on “Create Credentials” and choose “OAuth client ID”.
Configure your OAuth consent screen and application type, then click “Create”.
Your client ID and secret will be displayed.
For more detailed instructions, visit Google’s official OAuth 2.0 setup guide.
Enabling Non-Local Authentication
.env file includes several placeholders for provider client IDs and secrets. Replace these placeholders with the keys obtained from the respective providers:
- For Google, replace the ”***” placeholders for
GOOGLE_CLIENT_SECRETwith the client ID and secret obtained from Google.
- For GitHub, replace the ”***” placeholders for
GITHUB_CLIENT_SECRETwith the client ID and secret obtained from GitHub.
- For Discord, replace the ”***” placeholders for
DISCORD_CLIENT_SECRETwith the client ID and secret obtained from Discord.
Once these changes are made, your application will be set up to use OAuth authentication with these providers. To switch from local authentication to OAuth authentication, change the
NEXTAUTH_URL variable in your
.env file to the URL where your application is hosted. This cannot be localhost.