You worked so hard to make the Get Things Done application and you probably want others to use it as well! But you do not want to mix up tasks from different users. Thus, you need to authenticate them by creating secure accounts. But … solving authentication is HARD! Even today, the internet is full of tutorials on how to create an efficient authentication system … with questionable results. Moreover, storing passwords and accounts in your database is prone to hacking attempts, taking on a lot of responsibility (looking at you, password re-users 🧐).

Luckily, most internet users use big service providers such as Google, Facebook, Instagram, and Github … and we can use their infrastructure to authenticate users. For this purpose, we will use the incredibly powerful library NextAuth providing access to 40+ authentication services. In the upcoming assignment, you will set up your application to use Github authentication, and in this part, we will set up your Github account to allow your application use this service.

Github

1. Log in to Github.com

2. In the top right part of the screen, click on your avatar and then on “Settings”

   

3. In the left menu at the very bottom, find “Develop Settings”, click on it

   

4. Click on “OAuthApps” and then “New OAuth App”

   

5. Please fill out this form using the values below

   

6. Click on “Register Application”
7. A new page will open, not down the ClientID in a secure location

8. Click on Generate a new client secret

   

9. This will generate a new secret. Copy its value to the same secure location as your ClientID. You will not be able to see this key again!

   

10. Done! You now have GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET that you will need to set up authentication in your application

Time for an exercise!