Main and other branches are not in sync with the blog post. I will be updating the branches and blog posts with the latest changes. Please consider main branch as the latest version.
This repo is for the series of blog post covering Authentication in Astro.
Main branch contains the latest updated code. If you're following the blog post, please use the specific branch for the post.
If you find any security vulnerability, please contact me at jitendra@everythingcs.dev
- Turso DB
- Drizzle ORM
- Redis for storing verification codes and rate limiting
- Resend for sending emails
- Solid.js
- Zod
- Database session strategy for auth persistence
- Argon2 for password hashing
I am not using any external auth library for this guide. At the moment of writing, Auth.js doesn't support Astro. In a separate blog post I will do all these authentication strategy through Arctic , Oslo and also Better Auth.
To get started, clone the repo and run the following commands:
npm installNow copy the .env.example file to .env and fill in the values.
Please refer to blog post for github and google oauth setup.
You will need Turso DB and Redis for it. You can use sqlite or choose other database but then you will have to make changes in the schema. For Redis, I am using Upstash Redis.
For emails you can use any email service which provides HTTP API.I am using Resend for sending emails. If you provider doesn't support HTTP API, you will have to make changes in the code (although single file)
To run the project, run the following command:
npm run dev Here are the strategies with their starter code, finished code and also the related blog post.
This can be hosted anywhere like VM or serverless platforms like Vercel, Netlify except edge platforms like Cloudflare Pages because this project uses Argon2 for password hashing which is not supported on edge platforms. If you choose not to have password based authentication, you can host it on edge platforms (still you will need to make changes especially in aes implementation).
- Blog post: Google and Github Authentication OAuth2 Setup in Astro.js
- Starter: oauth-starter Direct Download
- Final: oauth-final Direct Download
- Blog post: Email Password Credential authentication Setup in Astro.js
- Starter: credentials-starter Direct Download
- Final: credentials-final Direct Download
- Blog post: Passwordless Magic Link Authentication Setup in Astro.js
- Starter: magic-link-starter Direct Download
- Final: magic-link-final Direct Download
Integration of TOTP based verification along with recovery codes.