A robust authentication template for Nuxt.js applications using Supabase, designed to jumpstart your SaaS project with pre-built authentication flows and user management.
-
Complete Authentication Flows:
- Email/password registration with email verification
- Secure login with rate limiting
- Password reset functionality
- Session management and token refresh
-
User Profile Management:
- Profile data editing
- Avatar upload and management
- Account settings
-
Security Implementations:
- CSRF protection
- XSS protection
- Rate limiting for auth attempts
- Secure HTTP headers
-
Frontend Components:
- Reusable auth forms
- User avatar with fallbacks
- User menu
- Protected routes
-
Developer Experience:
- TypeScript support
- Comprehensive test coverage
- Detailed documentation
- Node.js v16.x or higher
- npm, yarn, or pnpm
- Supabase account
# Clone the repository
git clone https://github.com/azraihasan/nuxt-supabase-auth.git
cd nuxt-supabase-auth
# Install dependencies
bun install
# or
npm install
# or
yarn install
# or
pnpm install-
Create a new project at supabase.com
-
Set up the required database tables:
-- Create profiles table
CREATE TABLE profiles (
id UUID REFERENCES auth.users ON DELETE CASCADE,
email TEXT,
full_name TEXT,
username TEXT UNIQUE,
website TEXT,
avatar_url TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT TIMEZONE('utc', NOW()),
updated_at TIMESTAMP WITH TIME ZONE DEFAULT TIMEZONE('utc', NOW()),
PRIMARY KEY (id)
);
-- Set up Row Level Security (RLS)
ALTER TABLE profiles ENABLE ROW LEVEL SECURITY;
-- Create policies
CREATE POLICY "Users can view their own profile"
ON profiles FOR SELECT
USING (auth.uid() = id);
CREATE POLICY "Users can update their own profile"
ON profiles FOR UPDATE
USING (auth.uid() = id);-
Create Storage Bucket:
- Navigate to Storage in your Supabase dashboard
- Create a new bucket called
avatars - Set it to public or enable RLS with appropriate policies
-
Detailed Supabase setup guide can be found in the Supabase Setup Guide
Create a .env file at the root of your project:
SUPABASE_URL=https://your-project-id.supabase.co
SUPABASE_KEY=your-anon-key
Replace the values with your Supabase project URL and anon key.
bun dev
# or
npm run dev
# or
yarn dev
# or
pnpm devVisit http://localhost:3000 to see your application.
- UserAvatar.vue: Displays user avatars with fallback to initials or default icon
- AvatarUpload.vue: Handles file selection, validation, and uploading to Supabase storage
- UserMenu.vue: Provides user dropdown menu with links to profile, settings, etc.
The template includes the following pages for authentication:
/login: User login page/register: User registration page/reset-password: Password reset request/update-password: Set new password (after reset)/profile: User profile management
Authentication state is managed through the useAuth composable which provides methods for:
login(email, password): Sign in usersregister(email, password): Create new accountsresetPassword(email): Request password resetupdatePassword(newPassword): Change user passwordlogout(): Sign out users
The template includes comprehensive tests for components, pages, and composables.
# Run tests
npx vitest run # recommended
# or
npm run test
# or
yarn test
# or
pnpm testThe template uses Nuxt UI components which can be customized in nuxt.config.ts:
export default defineNuxtConfig({
// ...
ui: {
primary: 'blue', // Change primary color
// Additional UI configuration
}
})To customize authentication behaviors, modify:
composables/useAuth.tsfor authentication logiccomposables/useRateLimiter.tsfor rate limiting configurationnuxt.config.tsfor Supabase redirect settings
The modular structure makes it easy to add:
- Social login providers
- Two-factor authentication
- Additional profile fields
- Custom onboarding flows
Follow the Nuxt.js deployment guides for your preferred hosting platform:
Remember to configure your environment variables on your hosting platform.
MIT
Contributions are welcome! Please feel free to submit a Pull Request.