Akari Art’s authentication is fully managed by NextAuth.js, which registers a catch-all route handler atDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/nayalsaurav/Akari-Art/llms.txt
Use this file to discover all available pages before exploring further.
app/api/auth/[...nextauth]/route.ts. You never need to call most of these endpoints directly — NextAuth’s client-side helpers (useSession, signIn, signOut) and the Next.js middleware handle the full authentication lifecycle. This page documents the underlying endpoints, session shape, and how to access the session in both client and server contexts.
Endpoints
These endpoints are automatically created by NextAuth.js. They handle every stage of the Google OAuth flow and session management.| Method | Path | Description |
|---|---|---|
GET | /api/auth/signin | Redirect to the configured sign-in page (/signin) |
POST | /api/auth/signin/google | Initiate the Google OAuth flow |
GET | /api/auth/callback/google | OAuth callback handler — exchanges code for token and creates session |
GET | /api/auth/session | Return the current session data as JSON |
POST | /api/auth/signout | Sign out the current user and clear the session cookie |
All paths under
/api/auth/* are marked as public in the middleware — no
existing session is required to access them. This ensures the sign-in flow
itself is never blocked.Session Response Shape
CallingGET /api/auth/session (or using useSession()) returns a session object with the following structure. The user.id field is the MongoDB _id of the user document, injected by the jwt and session callbacks in lib/auth.ts.
Using the Session on the Client
Use theuseSession() hook from next-auth/react in any Client Component:
Using the Session on the Server
UsegetServerSession(authOptions) in Server Components, Route Handlers, or Server Actions. Import authOptions from lib/auth.ts:
Route Protection (Middleware)
middleware.ts uses NextAuth’s withAuth helper to enforce authentication across the entire application. The authorized callback runs on every request matched by the matcher config.
Public paths (no token required):
/— landing page/signin— sign-in page/api/auth/*— all NextAuth internal endpoints
/signin. The middleware matches all routes except static assets (_next/static, _next/image, favicon.ico).
Auth Configuration — lib/auth.ts
The authOptions object configures the Google provider, three JWT/session callbacks, and the custom sign-in page. The signIn callback automatically creates a new MongoDB User document on first login. The jwt callback embeds the MongoDB _id into the token, and the session callback forwards it to session.user.id.
Route Handler Source
Required Environment Variables
| Variable | Description |
|---|---|
GOOGLE_CLIENT_ID | OAuth client ID from Google Cloud Console |
GOOGLE_CLIENT_SECRET | OAuth client secret from Google Cloud Console |
NEXTAUTH_SECRET | Random secret used to sign and encrypt JWT tokens |
NEXTAUTH_URL | Canonical URL of your deployment (e.g. https://your-domain.com) |