Feat/auth providers

[saatvik-10]

Description

Added authentication provider support to create-next-quick CLI tool. Users can now select from popular auth providers during project setup:

NextAuth.js
Clerk
Firebase Auth
None (default)

Related Issue

Fixes #20

Type of Change

• Bug fix (non-breaking change addressing an issue)
• New feature (non-breaking change adding functionality)
• Breaking change (fix or feature causing existing functionality to break)
• Documentation update

Testing

• Tested NextAuth provider selection
• Tested Clerk provider selection
• Tested Firebase provider selection
• Tested "none" option maintains existing behavior with no auth setup

Checklist

• My code follows the project's style guidelines
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes

Screenshots

Summary by CodeRabbit

• New Features

  • Added support for multiple authentication providers: NextAuth, Clerk, and Firebase with automatic configuration and setup.

• Documentation

  • Updated README with details on the new optional authentication scaffolding feature and integration workflows.

• Tests

  • Enhanced test coverage to validate authentication provider configurations and environment setup.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[gaureshpai]

Can I please get efficient screenshots and screen recording video to ensure that the primary behaviour won't break!
Thankyou

[saatvik-10]

Can I please get efficient screenshots and screen recording video to ensure that the primary behaviour won't break! Thankyou

Screencast from 2025-10-03 17-29-06.zip

[saatvik-10]

A screen recording showing the current behaviour and ss pointing out the main changes have been attached

A commit has been made removing the targeted emphasis on auth in the readme markdown as well

[gaureshpai]

Hey @saatvik-10, I want the auth providers to run with all setup done with the package, can u please confirm about the same? About the video: I want the video of the package running and the set-up for the auth providers running as expected than the tests running :)
Check ORMs for refrence
Thank you

[gaureshpai]

Any updates @saatvik-10 ?

[saatvik-10]

Any updates @saatvik-10 ?

sry for the delay due to an emergency....will complete the requested by tomorrow in both the repos!

[gaureshpai]

@saatvik-10 take your time

[gaureshpai]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR adds authentication provider integration (Next Auth, Clerk, Firebase) to the project scaffolding tool. Updates include CLI prompts for auth selection, conditional package installation and configuration, environment variable generation, and expanded test cases covering each provider option.

Changes

Cohort / File(s)	Summary
Configuration .gitignore	Added five new ignore patterns for test and authentication-related temporary files.
Documentation README.md	Updated with Optional Auth Scaffolding feature description, authentication provider prompts in example runs, and minor formatting adjustments.
Core Scaffolding Logic index.js	Introduced auth option prompt with choices (none, nextauth, clerk, firebase); added package installation and environment variable generation for each provider; extended setup for ORM/auth combinations and UI component paths; normalized to single-quote style throughout.
Test Coverage test/generated-test-cases.js, test/test-cases.js	Added auth field to all existing test cases; introduced new test cases verifying package.json and .env content for each auth provider (nextauth, clerk, firebase).
Test Automation test/test.js	Added conditional CLI input generation for auth selection based on test case options, mapping auth providers to ANSI down-arrow sequences for automated navigation.

Sequence Diagram

sequenceDiagram
    participant User
    participant CLI
    participant Scaffolder as Scaffolder Engine
    participant PackageManager as Package Manager
    participant EnvGen as Environment Generator
    participant FileSystem as File System

    User->>CLI: Run scaffolding with prompts
    CLI->>CLI: Present auth options (none/nextauth/clerk/firebase)
    User->>CLI: Select auth provider
    CLI->>Scaffolder: Pass auth selection
    Scaffolder->>PackageManager: Install auth packages based on choice
    PackageManager->>FileSystem: Add packages to package.json
    Scaffolder->>EnvGen: Generate auth-specific env variables
    EnvGen->>FileSystem: Create/update .env with provider credentials
    Scaffolder->>FileSystem: Setup auth configuration files
    FileSystem-->>Scaffolder: Confirm files created
    Scaffolder-->>User: Scaffolding complete with auth setup

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 Hoppy changes hopping in,
Auth providers tucked within,
Next-Auth, Clerk, Firebase too,
Tests ensuring all rings true, 🔐

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Feat/auth providers' directly summarizes the main change: adding authentication provider support to the CLI tool.
Description check	✅ Passed	The PR description is comprehensive and follows the template with all required sections completed: detailed description, linked issue, type of change, testing, checklist, and screenshots.
Linked Issues check	✅ Passed	The PR successfully implements the primary objective from #20: integrating authentication providers (NextAuth, Clerk, Firebase) into the project scaffolding workflow.
Out of Scope Changes check	✅ Passed	All changes are directly aligned with the auth provider integration objective. Minor scope items include .gitignore updates, README documentation, test infrastructure, and code style normalization, which are all supporting changes for the main feature.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@index.js`:
- Around line 447-450: The created .env can be accidentally committed; after
writeFile(path.join(projectPath, '.env'), envContent) ensure the generated
project’s .gitignore contains a ".env" entry: read or create the .gitignore at
path.join(projectPath, '.gitignore'), add a newline-delimited ".env" entry only
if it doesn't already exist (avoid duplicates), and write it back (use existing
utilities like writeFile/appendFile or fs methods) so new projects automatically
ignore the .env file.
- Around line 417-429: The auth setup currently only installs packages (see
auth, packageManager, projectPath and run in index.js); after each install step
add creation of the required provider boilerplate so the provider actually
works: for auth === 'nextauth' create app/api/auth/[...nextauth]/route.ts plus
the shared auth.ts config file with a minimal NextAuth handler; for auth ===
'clerk' create a root-level middleware.ts that wires Clerk middleware and the
required provider wrapper; for auth === 'firebase' add a firebase client init
file (e.g., utils/firebaseClient.ts or app/(components)/firebaseInit) that reads
the .env placeholders and initializes the Firebase SDK; ensure these files are
created under projectPath with sensible placeholder values and comments so the
scaffolded app runs without manual boilerplate.

🧹 Nitpick comments (3)

README.md (1)

62-62: Documentation is missing the auth provider step in the numbered list.

The numbered steps (Lines 54-62) list 9 items ending with Shadcn UI, but the example walkthrough on Line 81 shows an additional step for choosing an authentication provider. Consider adding step 10 for completeness:

 9.  **Do you want to use Shadcn UI? (default: Yes)**
+10. **Choose an authentication provider (default: none)**

index.js (1)

443-445: Firebase .env may need additional variables.

Firebase authentication typically requires more configuration variables beyond API key and auth domain (e.g., projectId, storageBucket, messagingSenderId, appId). The current scaffolding provides only two variables.

Consider expanding the Firebase env template:

♻️ Suggested enhancement

     } else if (auth === 'firebase') {
-      envContent += `NEXT_PUBLIC_FIREBASE_API_KEY="your_api_key_here"\nNEXT_PUBLIC_FIREBASE_AUTH_DOMAIN="your_domain_here"\n`;
+      envContent += `NEXT_PUBLIC_FIREBASE_API_KEY="your_api_key_here"
+NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN="your_domain_here"
+NEXT_PUBLIC_FIREBASE_PROJECT_ID="your_project_id_here"
+NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET="your_bucket_here"
+NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID="your_sender_id_here"
+NEXT_PUBLIC_FIREBASE_APP_ID="your_app_id_here"\n`;
     }

test/generated-test-cases.js (1)

281-344: Generated auth test cases lack file assertions.

The new auth test cases (and all others in this file) have empty expectedFiles: [] arrays. Unlike test/test-cases.js which has assertions functions that verify package.json contents and .env variables, these generated tests don't validate that auth packages are actually installed or configured.

If this file is consumed by a test runner that uses expectedFiles, consider populating these arrays, or document why they're intentionally empty.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# Get repository structure overview
git ls-files | head -20

Repository: gaureshpai/create-next-quick

Length of output: 477

---

🏁 Script executed:

# Find the index.js file and understand its purpose
fd "index.js" -x wc -l {}

Repository: gaureshpai/create-next-quick

Length of output: 86

---

🏁 Script executed:

# Look for any auth-related files or boilerplate generation
fd -e "ts" -e "js" | grep -i auth | head -20

Repository: gaureshpai/create-next-quick

Length of output: 54

---

🏁 Script executed:

# Search for boilerplate file creation in the codebase
rg "mkdir|writeFile|createFile" -A 2 -B 2 | head -50

Repository: gaureshpai/create-next-quick

Length of output: 1826

---

🏁 Script executed:

# Check if there are any functions that create auth config files
rg "app/api/auth|middleware\.ts|firebase.*config" -l

Repository: gaureshpai/create-next-quick

Length of output: 54

---

🏁 Script executed:

# Read lines around the auth setup section
sed -n '410,440p' index.js

Repository: gaureshpai/create-next-quick

Length of output: 1011

---

🏁 Script executed:

# Search for all occurrences of writeFile in relation to auth
rg "auth" -A 10 -B 2 index.js

Repository: gaureshpai/create-next-quick

Length of output: 2387

---

🏁 Script executed:

# Check the templates.js file to see if boilerplate is generated there
cat lib/templates.js

Repository: gaureshpai/create-next-quick

Length of output: 2583

---

🌐 Web query:

NextAuth.js v5 App Router setup requirements minimal boilerplate

💡 Result:

Minimal NextAuth.js (Auth.js) v5 + Next.js App Router setup

1) Install

npm i next-auth@beta

[1][2]

2) Add required env
Create .env.local:

AUTH_SECRET=your-long-random-secret

(You can generate one with npx auth secret.) [3][1]

3) Create a single shared auth entry file
./auth.ts

import NextAuth from "next-auth"

export const { handlers, signIn, signOut, auth } = NextAuth({
  providers: [],
})

[1]

4) Add the App Router Route Handler
./app/api/auth/[...nextauth]/route.ts

import { handlers } from "@/auth"

export const { GET, POST } = handlers

[1]

5) (Optional) Middleware to keep session alive / protect routes
./middleware.ts

export { auth as middleware } from "@/auth"

[1][4]

Notes (still “minimal”)

• Add at least one provider in providers: [] to enable sign-in. [1]
• v5 can infer OAuth env vars like AUTH_GITHUB_ID / AUTH_GITHUB_SECRET for the GitHub provider. [5]

Sources: Auth.js installation guide, Auth.js Next.js reference, Next.js Learn auth chapter, Auth.js “Protecting” docs. [1][5][2][4]

---

🌐 Web query:

Clerk Next.js middleware setup requirements

💡 Result:

Clerk + Next.js middleware: setup requirements

• Install the SDK: @clerk/nextjs. [2]
• Set Clerk environment variables (at minimum): NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY and CLERK_SECRET_KEY. [3]
• Create the middleware file in the correct location:
  • Next.js ≤ 15: create middleware.ts
  • Newer Next.js: create proxy.ts
  • Place it at the project root, or in /src if you use a /src directory. [1][2]
• Export clerkMiddleware() from @clerk/nextjs/server and include the recommended config.matcher so it runs on app routes and API routes while skipping Next.js internals/static files. [1][2]
• Route protection is opt-in: by default, clerkMiddleware() does not protect routes—you must explicitly call auth.protect() (or define public routes and protect everything else). [1][2]

---

🌐 Web query:

Firebase Next.js initialization setup requirements

💡 Result:

Firebase + Next.js initialization: what you need (and where)

1) Client-side Firebase (Web/JS SDK) — for browser features (Auth, Firestore, etc.)

Requirements

• A Firebase project and a registered Web app to obtain the Firebase config object (apiKey, authDomain, projectId, etc.). [1]
• Install and import the modular Web SDK (or use CDN/alt setup). [1][7]
• In Next.js, initialize Firebase in code that runs in the browser (typically a Client Component or a module imported by Client Components), using your config. [1]

Key setup rule

• Guard against re-initializing during hot reload / multiple imports by checking whether an app already exists (conceptually “initialize once; reuse the default app”). Firebase documents the “single default app / multiple apps” pattern. [0]

2) Server-side Firebase in Next.js (recommended) — Admin SDK for trusted backend work

Requirements

• Add the Firebase Admin SDK on the server. [0]
• Provide credentials via Application Default Credentials (recommended on Google-hosted environments) or via a service account key (set GOOGLE_APPLICATION_CREDENTIALS or pass the cert explicitly). [0][3]

3) Next.js SSR with Firebase Web SDK (special case)

If you specifically need the Web SDK during SSR, Firebase provides an SSR approach using initializeServerApp(...) (for passing tokens like App Check / auth context into the server render). [4]

4) If deploying Next.js on Firebase Hosting via the framework integration

Requirements

• Firebase CLI v12.1.0+. [2]
• Billing enabled if you plan to use SSR. [2]

---

Auth scaffolding only installs packages without required boilerplate files.

The auth setup installs packages but doesn't create the configuration files needed for each provider to function:

• NextAuth.js: Requires an API route at app/api/auth/[...nextauth]/route.ts to handle authentication callbacks (in addition to the shared auth.ts config file).
• Clerk: Requires a middleware.ts file at the project root to handle authentication checks and provider wrapping.
• Firebase: Requires initialization code (typically in a Client Component or utility file) to set up the Web SDK with your project credentials.

Currently, only the .env file with placeholder values is created. Users cannot run the auth providers without manually adding these boilerplate files.

Consider either adding these boilerplate files during scaffolding or documenting this limitation clearly.

🤖 Prompt for AI Agents

In `@index.js` around lines 417 - 429, The auth setup currently only installs
packages (see auth, packageManager, projectPath and run in index.js); after each
install step add creation of the required provider boilerplate so the provider
actually works: for auth === 'nextauth' create
app/api/auth/[...nextauth]/route.ts plus the shared auth.ts config file with a
minimal NextAuth handler; for auth === 'clerk' create a root-level middleware.ts
that wires Clerk middleware and the required provider wrapper; for auth ===
'firebase' add a firebase client init file (e.g., utils/firebaseClient.ts or
app/(components)/firebaseInit) that reads the .env placeholders and initializes
the Firebase SDK; ensure these files are created under projectPath with sensible
placeholder values and comments so the scaffolded app runs without manual
boilerplate.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Generated .env file may be committed accidentally.

The .env file is created in the generated project, but there's no logic to ensure .env is added to the project's .gitignore. This risks accidental exposure of secrets when users commit their projects.

Consider appending .env to the generated project's .gitignore:

🛡️ Proposed fix

     if (envContent) {
       console.log(chalk.yellow('Creating .env file...'));
       writeFile(path.join(projectPath, '.env'), envContent);
+      
+      // Ensure .env is in .gitignore
+      const gitignorePath = path.join(projectPath, '.gitignore');
+      if (fileExists(gitignorePath)) {
+        const gitignoreContent = fs.readFileSync(gitignorePath, 'utf8');
+        if (!gitignoreContent.includes('.env')) {
+          fs.appendFileSync(gitignorePath, '\n.env\n.env.local\n');
+        }
+      }
     }

🤖 Prompt for AI Agents

In `@index.js` around lines 447 - 450, The created .env can be accidentally
committed; after writeFile(path.join(projectPath, '.env'), envContent) ensure
the generated project’s .gitignore contains a ".env" entry: read or create the
.gitignore at path.join(projectPath, '.gitignore'), add a newline-delimited
".env" entry only if it doesn't already exist (avoid duplicates), and write it
back (use existing utilities like writeFile/appendFile or fs methods) so new
projects automatically ignore the .env file.