Skip to content

Add email & password auth provider backed by Neo4j #1345

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
issuetopr-dev wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add email & password auth provider backed by Neo4j #1345

issuetopr-dev wants to merge 3 commits into from

Conversation

@issuetopr-dev
Copy link

@issuetopr-dev issuetopr-dev bot commented Oct 24, 2025

Summary

  • Introduces a new NextAuth Credentials provider (id: "email-password") for email/password authentication.
  • Implements Neo4j-backed user storage and verification with bcryptjs hashing.
  • Adds a registration API endpoint to create accounts without email verification for now.
  • Keeps existing GitHub App authentication intact and compatible.

Details

  1. NextAuth provider
  • Added Credentials provider alongside the existing GitHub App provider.
  • For email/password sign-ins, the session token includes:
    • authMethod: "email-password"
    • profile.login: user email (so code expecting profile.login remains consistent)
  • Existing token refresh and Redis caching remain for GitHub App; credentials logins are JWT-only.
  1. Neo4j integration
  • New repository: lib/neo4j/repositories/userAuth.ts
    • findUserByEmail(tx, email)
    • createUserWithEmailPassword(tx, email, passwordHash)
  • New service: lib/neo4j/services/auth.ts
    • registerUserEmailPassword({ email, password })
    • verifyEmailPassword({ email, password })
  • Uses bcryptjs for hashing and comparison.
  1. Registration endpoint
  • New route: POST /api/auth/email/register
    • Body: { email, password, confirmPassword }
    • Validates email format and matching passwords.
    • Creates a User node with username=email, email, passwordHash, createdAt in Neo4j.

Notes

  • No email verification implemented per request.
  • Username/ID is the email to keep things consistent with other code paths.
  • Kept existing OAuth migration guard, but now sessions with authMethod === "email-password" are also accepted.

Follow-ups (optional)

  • Add UI for email/password sign in and sign up flows (buttons/forms) as desired.
  • Consider adding unique constraints in Neo4j for User(username) to enforce uniqueness.
  • Optionally add a logout/session management UI for credentials users.

Checks

  • ESLint passes locally (next lint).
  • No breaking changes to GitHub App authentication code path.

Closes #1344

feat(auth): add email & password authentication provider with Neo4j s…
9095a0b 
…upport\n\n- Add Credentials provider to NextAuth with id "email-password"\n- Store and verify users in Neo4j (User nodes) with bcryptjs password hashing\n- Register API endpoint: POST /api/auth/email/register to create new accounts\n- Ensure session token carries profile.login as email and authMethod="email-password"\n- Keep existing GitHub App flow unchanged and compatible\n- Add bcryptjs dependency
@issuetopr-dev issuetopr-dev bot added the AI generated AI-generated Pull Requests label Oct 24, 2025
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 24, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

AI generated AI-generated Pull Requests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add email and password authentication provider with Neo4j support

2 participants

@youngchingjui