I recently started learning Next.js and I wanted to improve my Next.js skills, so I decided to make a simple Login and Signup Website with Next.js and MongoDB.
The website has 4 pages and 3 API routes:
/: where the user can see if they have logged in or not, and view all the other pages they can access/login: a page where the user can login/signup: the page where the user can signup for an account/profile: where the user can check their account creation date/api/signup: the API route where a user's account is created/api/login: the API route where the password entered is checked/api/logout: the API route where the username cookie is deleted
I have used cookies to check if the user has logged in.
The cookies are set and deleted in the/api routes but read usinggetServerSideProps.
The full source code can be viewed in this GitHub repo:
Can you check out the code and give me ways I can improve?
Top comments(12)
I have tried it, but itsauthentication is not secure enough, i was able to bypass login at all.
you are just setting a cookie named username which can have a user's registered name. i just added the username cookie and my username manually and it logged me in. WITHOUT ANY PASSWORD !
- LocationEngland
- Pronounsshe/her
- Joined
yes i know
i made this post ages ago and have never actually used this method myself
my recommendation is to use an auth client like next auth
Hey, this is really cool! It might be nice to add email verification so that people can't just spam accounts. Otherwise nice work :)
For further actions, you may consider blocking this person and/orreporting abuse
