Email & Password

Traditional email and password authentication.

Note: This is mock/placeholder content for demonstration purposes.

Email and password authentication is the traditional way users sign up and sign in.

Overview

Email/password authentication provides:

User registration with email verification
Secure password storage
Password reset functionality
Session management

User Registration

import { signUpAction } from '~/lib/auth/actions';

const result = await signUpAction({
  email: '[email protected]',
  password: 'SecurePassword123!',
});

Server Action Implementation

'use server';

import { enhanceAction } from '@kit/next/actions';
import { z } from 'zod';

const SignUpSchema = z.object({
  email: z.string().email(),
  password: z.string().min(8),
});

export const signUpAction = enhanceAction(
  async (data) => {
    const client = getSupabaseServerClient();

    const { data: authData, error } = await client.auth.signUp({
      email: data.email,
      password: data.password,
      options: {
        emailRedirectTo: `${process.env.NEXT_PUBLIC_SITE_URL}/auth/callback`,
      },
    });

    if (error) throw error;

    return { success: true, data: authData };
  },
  { schema: SignUpSchema }
);

'use client';

import { useForm } from 'react-hook-form';
import { signUpAction } from '../_lib/actions';

export function SignUpForm() {
  const { register, handleSubmit, formState: { errors } } = useForm();

  const onSubmit = async (data) => {
    const result = await signUpAction(data);

    if (result.success) {
      toast.success('Check your email to confirm your account');
    }
  };

  return (
    <form onSubmit={handleSubmit(onSubmit)}>
      <div>
        <label>Email</label>
        <input
          type="email"
          {...register('email', { required: true })}
        />
        {errors.email && <span>Email is required</span>}
      </div>

      <div>
        <label>Password</label>
        <input
          type="password"
          {...register('password', { required: true, minLength: 8 })}
        />
        {errors.password && <span>Password must be 8+ characters</span>}
      </div>

      <button type="submit">Sign Up</button>
    </form>
  );
}

export const signInAction = enhanceAction(
  async (data) => {
    const client = getSupabaseServerClient();

    const { error } = await client.auth.signInWithPassword({
      email: data.email,
      password: data.password,
    });

    if (error) throw error;

    redirect('/home');
  },
  { schema: SignInSchema }
);

'use client';

export function SignInForm() {
  const { register, handleSubmit } = useForm();

  const onSubmit = async (data) => {
    try {
      await signInAction(data);
    } catch (error) {
      toast.error('Invalid email or password');
    }
  };

  return (
    <form onSubmit={handleSubmit(onSubmit)}>
      <input
        type="email"
        {...register('email')}
        placeholder="Email"
      />
      <input
        type="password"
        {...register('password')}
        placeholder="Password"
      />
      <button type="submit">Sign In</button>
    </form>
  );
}

Email & Password

Traditional email and password authentication.

Overview

User Registration

Server Action Implementation

Email Verification

Requiring Email Confirmation

Handling Unconfirmed Emails

Password Reset

Request Password Reset

Reset Password Form

Update Password

Password Requirements

Validation Schema

Password Strength Indicator

Session Management

Checking Authentication Status

Sign Out

Security Best Practices

Email & Password

Traditional email and password authentication.

Overview

Sign Up Flow

User Registration

Server Action Implementation

Sign Up Component

Sign In Flow

User Login

Sign In Component

Email Verification

Requiring Email Confirmation

Handling Unconfirmed Emails

Password Reset

Request Password Reset

Reset Password Form

Update Password

Password Requirements

Validation Schema

Password Strength Indicator

Session Management

Checking Authentication Status

Sign Out

Security Best Practices