zenstack VS next-auth-example

ZenStack

ZenStack - Full-stack toolkit with access control

It's most probably ZenStack given the description: https://zenstack.dev/

Prisma combined with ZenStack offers a more programmatic approach. While requiring more setup than PostgREST, it provides better TypeScript integration and more control over the generated API. This combination excels in projects where type safety and custom business logic are priorities.

While better-auth solves the problem of determining a user's identity and roles, ZenStack continues from there and uses such information to control what actions the user can perform on a piece of data. ZenStack is built above Prisma ORM and extends Prisma's power with flexible access control and automatic CRUD API. Since better-auth has built-in integration with Prisma, the two can make a perfect combination for building secure multi-tenant applications. This post will walk you through the steps of creating one.

ZenStack: the access control layer on top of Prisma

ZenStack's new "strongly typed JSON field" feature is designed to address this need. It allows you to define shapes of JSON data in the schema, and "fixes" PrismaClient to return data with correct types. The feature is in preview and only supports PostgreSQL for now.

That's why we built ZenStack on top of Prisma ORM, adding the missing authorization layer and auto-generating type-safe APIs/hooks. It gives you the same convenience as using BaaS while maintaining flexibility with everything in your codebase.

SQL databases are not meant to be consumed from the frontend. You need an API to mediate. You can build such an API in many ways, but here we'll use ZenStack to "unbuild" it. ZenStack is a full-stack toolkit built above Prisma, and one of the cool things it does is to automagically derive a backend API from the schema.

https://next-auth-example.vercel.app/

https://github.com/nextauthjs/next-auth-example https://next-auth.js.org/getting-started/example https://next-auth.js.org/configuration/initialization#route-handlers-app https://www.prisma.io/docs/getting-started/quickstart https://authjs.dev/reference/adapter/prisma

This is not true in the slightest. Just one example: https://github.com/nextauthjs/next-auth-example/blob/main/components/footer.tsx

Looking at the example repo for using next-auth (https://github.com/nextauthjs/next-auth-example), how would I add a provider to the [...auth].ts file so that I could have a user login with email and password, hit my FastAPI authentication endpoint, and resolve with the token if authentication is successful? Do I just use the Credentials Provider? https://next-auth.js.org/configuration/providers/credentials

If you want a full-featured authentication system with built-in providers (Google, Facebook, GitHub…), JWT, JWE, email/password, magic links, and more… use [next-auth](https://github.com/nextauthjs/next-auth-example).

Just use (next-auth)[https://github.com/nextauthjs/next-auth-example], and without setting up a db it automatically defaults to JWTs. Only thing that I would do is make sure to setup a revocation policy on the server that allows you to revoke JWTs before its expiration. I usually keep a simple json document of revoked tokens, which I can then deny access to in-case the token was ever compromised.

I see in the official example app,

First we need to clone example app from next-auth. You can find the whole guide from next-auth here or just follow my steps.