Users collection in Payload is intended to be used as application users?
I'm developing an application that implements Next-Auth for user authentication. I want to implement Payload as CMS. Should I migrate my auth provider to Payload?
Yes!!!
Payload's auth is 100% meant to be used for application users and we've done it a LOT
https://github.com/payloadcms/next-auth-frontend
https://github.com/payloadcms/next-auth-cmsI just run both repos. It's amazing how it works!!
But now my question is: Is it possible to connect Payload with Next-auth?
https://next-auth.js.org/If not, is there any way to use different providers like google or github for authentication?
I haven't heard of anyone doing this yet, and honestly I haven't looked into Next Auth at all yet just because Payload can do it for us
You can build your own google / github auth pattern but it's kinda tough tbh
we maintain an Enterprise OAuth2.0 plugin which can be used in those contexts but that requires an enterprise license
I'm part way into trying to get next-auth to work with Payload mainly because I started a NextJS project with a template that used Auth.js (
https://github.com/steven-tey/precedent) - I was looking for something up to date, using the /app directory with Tailwind and Typescript.
The Payload examples from the next-auth-frontend and template-ecommerce-nextjs are great and make sense so I don't know if I'm on a hiding to nothing with Auth.js and I should just pull it out and switch over. Are there any examples of NextJS with the /app directory and Payload?
This is where I've got to with Auth.js treating Payload as a CredentialsProvider - the logon works and sets a next-auth.session-token (as long as there is a value in .env for NEXTAUTH_SECRET)
// adding a credential provider to use PayloadCMS with email and password CredentialsProvider({ // name: "Credentials", // The name to display on the sign in form (e.g. 'Sign in with...') name: 'PayloadCMS', // `credentials` is used to generate a form on the sign in page. // You can specify which fields should be submitted, by adding keys to the `credentials` object. // e.g. domain, username, password, 2FA token, etc. // You can pass any HTML attribute to the <input> tag through the object. credentials: { email: { label: 'Email', type: 'text', value: 'dev@payloadcms.com', // REMOVE!! placeholder: 'dev@payloadcms.com', }, password: { label: 'Password', type: 'password' }, }, async authorize(credentials, req) { // Auth to PayloadCMS using REST const res = await fetch(`${process.env.NEXT_PUBLIC_CMS_URL}/api/users/login`, { method: 'POST', credentials: 'include', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(credentials), }) if (res.ok) { const { message, user, token, exp, errors } = await res.json() console.log(message, user) if (errors) throw new Error(errors[0].message) // setUser(data?.loginUser?.user) // setStatus('loggedIn') return user } return null // shows error message // throw new Error('Invalid login') }, }),Looking at it a bit more I think next-auth (auth.js) is kind of fighting Payload because Payload already creates the JWT and adds it as a cookie so there is nothing really for AuthJS to do. It desn't make sense for next-auth/auth.js to be creating its own JWT
yeah i don't think we would ever need next-auth on top of payload honestly
I'm looking at the same problem and I'm thinking the same. However, it would be beneficial for teams like mine to manain the current next-auth APIs. What I will try is to crete a next-auth DB adapter instead, to adapt it to the Paylod CMS schema.
How are you getting on with the next-auth DB adapter? Is it a viable approach?
Star
Discord
online
Get help straight from the Payload team with an Enterprise License.