NextAuth.js is a complete open source authentication solution for Next.js applications.
It is designed from the ground up to support Next.js and Serverless.
- Signed, prefixed, server-only cookies
- Built-in CSRF protection
- JWT with JWS / JWE / JWK
- Doesn’t rely on client side JavaScript
I’m always on the look out for JWT / JWS etc usage and how these might get replaced by ucan
This used to be called Next Auth and is by the Vercel team.
- Can also be used without a database (e.g. OAuth + JWT)
- Promotes the use of passwordless sign-in mechanisms
- When JSON Web Tokens are enabled, they are encrypted by default (JWE) with A256GCM