GitHub Integration

Project Repository

GitHub is integrated as an OAuth authentication provider via NextAuth.js. Users can sign in with their GitHub account, which creates or links a user record in the database.

Authentication Provider

File: lib/auth.ts

GitHub is configured as a NextAuth.js OAuth provider:

import GitHubProvider from 'next-auth/providers/github'

GitHubProvider({
  clientId: process.env.GITHUB_CLIENT_ID!,
  clientSecret: process.env.GITHUB_CLIENT_SECRET!,
})

Environment Variables

Setup

Create a GitHub OAuth App

1. Go to GitHub Developer Settings
2. Click "New OAuth App"
3. Set the Authorization callback URL to https://your-domain.com/api/auth/callback/github
4. Copy the Client ID and generate a Client Secret

Configure environment variables

GITHUB_CLIENT_ID=Iv1.abc...
GITHUB_CLIENT_SECRET=abc123...

OAuth Flow

When a user signs in with GitHub:

1. NextAuth redirects to GitHub's OAuth authorization page
2. GitHub returns an authorization code to the callback URL
3. The JWT callback in lib/auth.ts handles the OAuth sign-in:
   • Looks up the user by email in the database
   • If no user exists, creates one with role: 'CUSTOMER' and isEmailVerified: true
   • Stores the user ID and role in the JWT token
   • Stores the GitHub profile picture as avatar in the token

if (account?.provider === 'github' && token.email) {
  let dbUser = await prisma.user.findUnique({
    where: { email: normalizedEmail },
  })
  if (!dbUser) {
    dbUser = await prisma.user.create({
      data: {
        email: normalizedEmail,
        name: token.name,
        isEmailVerified: true,
        role: 'CUSTOMER',
      },
    })
  }
}

Repository Setup

The project repository is hosted on GitHub. The codebase uses:

• GitHub Actions for CI/CD (via Vercel integration)
• GitHub as the source of truth for version control
• Branch protection rules on main

Key Files