Authentication
Complete guide to user authentication and authorization
Authentication
SaaS Pack provides a complete authentication system with support for multiple providers.
Features
- Email/Password authentication
- OAuth providers (Google, GitHub, etc.)
- Role-based access control (RBAC)
- Session management
- Password reset flow
- Email verification
Configuration
Environment Variables
Set up the following environment variables in your .env file:
# Authentication
AUTH_SECRET=your-secret-key
AUTH_ORIGIN=http://localhost:3000
# OAuth Providers
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
GITHUB_CLIENT_ID=your-github-client-id
GITHUB_CLIENT_SECRET=your-github-client-secret
User Registration
// Register a new user
const { data, error } = await $fetch('/api/auth/register', {
method: 'POST',
body: {
email: '[email protected]',
password: 'securepassword',
name: 'John Doe'
}
})
Login
// Login with email and password
const { data, error } = await $fetch('/api/auth/login', {
method: 'POST',
body: {
email: '[email protected]',
password: 'securepassword'
}
})
Protected Routes
Use middleware to protect routes that require authentication:
<script setup>
definePageMeta({
middleware: 'auth'
})
</script>
Role-Based Access
// Check user role
const user = await getCurrentUser()
if (user.role === 'admin') {
// Admin-only functionality
}