An Next.js and MongoDB web application, designed with simplicity for learning and real-world applicability in mind.
🐇 Fast and light without bulky, slow Express.js.
✨ Full API Routes implementation and 👻 Serverless ready
🤠 Good ol' Middleware pattern, compatible with Express ecosystem, powered by next-connect
💋 KISS: No fancy stuff like GraphQL, SASS, Redux, etc. ✍️ Come with explanatory blog posts
📙 Can be adapted to any databases besides MongoDB (Just update api-lib/db)
- Session-based authentication (Passport.js)
- Sign up/Log in/Sign out API
- Authentication via email/password
- Authentication via OAuth (Google, Facebook, etc.)
- Email verification
- Password change
- Password reset via email
- Profile picture, username, name, bio, email
- Update user profile
- View others' profiles
- Posts and comments
Have any features that interest you, make an issue. Would like to work on a feature, make a PR.
This project accompanies the following posts:
- User authentication (using Passport.js)
- User profile and Profile Picture
- Email Verification, Password Reset/Changee
- Posts and comments
Also check them out on dev.to.
Although the project is written to be secure, its simplicity requires careful considerations for usage in sensitive productions. File an issue if you spot any security problems.
This project uses the following dependencies:
next.js
- v9.3 or above required for API Routes and new new data fetching method.react
- v16.8 or above required for react hooks.react-dom
- v16.8 or above.swr
- required for state management, may be replaced withreact-query
mongodb
- may be replaced bymongoose
.passport
,passport-local
- required for authentication.next-connect
- recommended if you want to use Express/Connect middleware and easier method routing.next-session
,connect-mongo
- required for session, may be replaced with other session libraries such ascookie-session
,next-iron-session
, orexpress-session
(express-session
is observed not to work properly on Next.js 11+).bcryptjs
- optional, may be replaced with any password-hashing library.argon2
recommended.validator
- optional but recommended, to validate email.ajv
- optional but recommended, to validate request body.multer
- may be replaced with any middleware that handlesmultipart/form-data
cloudinary
- optional, only if you are using Cloudinary for image upload.- several other optional dependencies for cosmetic purposes.
nodemailer
- optional, only if you use it for email. It is recommended to use 3rd party services like Mailgun, AWS SES, etc. instead.
Environmental variables in this project include:
MONGODB_URI
The MongoDB Connection String (with credentials and database name)WEB_URI
The URL of your web app.CLOUDINARY_URL
(optional, Cloudinary only) Cloudinary environment variable for configuration. See this.NODEMAILER_CONFIG
(optional, if using nodemailer only) JSON stringified nodemailer config. eg.{"service":"Gmail","auth":{"user":"hoangvvo.02@gmail.com","pass":"aHR0cHM6Ly95b3V0dS5iZS9kUXc0dzlXZ1hjUQ=="}}
Start the development server by running yarn dev
or npm run dev
. Getting started by create a .env.local
file with the above variables. See Environment Variables.
This project can be deployed anywhere Next.js can be deployed. Make sure to set the environment variables using the options provided by your cloud/hosting providers.
After building using npm run build
, simply start the server using npm run start
.
You can also deploy this with serverless providers given the correct setup.
Please see my contributing.md.