Skip to content

Auth and Session File Creation #449

Open
Feature
Open
Auth and Session File Creation#449
Feature
Assignees
mzhang0213
Labels
app-portal
@adityapat24

Description

@adityapat24
adityapat24
opened on May 6, 2026

Goal

Create all files for the Auth & Session Foundation feature. No real logic yet, just have stubs only. Goal is for everything to compile, pages to render placeholders, and the contract doc to be filled in.

This ticket also creates the shared (applicant) layout file that other applicant-facing tickets will rely on.

Folders to create

  • src/app/auth/signin/
  • src/app/auth/verify-request/
  • src/app/auth/error/
  • src/app/api/auth/[...nextauth]/
  • src/app/api/v1/user/
  • src/lib/auth/
  • src/components/auth/

Files to create

Routes

  • src/app/(applicant)/layout.tsx — applicant shell (header, user menu); placeholder session check,
  • src/app/(landing)/page.tsx — already exists; update to redirect authed users to /dashboard
  • src/app/auth/signin/page.tsx — magic-link email entry form
  • src/app/auth/verify-request/page.tsx — "Check your email" confirmation screen
  • src/app/auth/error/page.tsx — auth error display (callback errors, expired links, etc.)
  • src/app/api/auth/[...nextauth]/route.ts — NextAuth handler, email provider + Mongo adapter wired up
  • src/app/api/v1/user/route.tsGET current session user; returns 401 if no session

Library

  • src/lib/auth/config.ts — NextAuth options (providers, callbacks, session strategy)
  • src/lib/auth/adapter.ts — Mongo adapter instance
  • src/lib/auth/session.ts — server-side getSession() helper for RSCs
  • src/lib/auth/guards.tsrequireUser() and requireAdmin() helpers for route handlers
  • src/lib/auth/email-transport.ts — Nodemailer transport stub for magic-link emails

Components

  • src/components/auth/SignInForm.tsx — email input form, calls signIn("email")
  • src/components/auth/UserMenu.tsx — avatar + sign-out dropdown for header

Middleware

  • src/middleware.ts — Next middleware, redirects unauthed users from protected routes

Acceptance criteria

  • All folders and files listed above exist and yarn build succeeds.
  • Pages render placeholder UI without errors.
  • Route handlers return either typed mock data or NextResponse.json({ error: 'not implemented' }, { status: 501 }).

Metadata

Metadata

Assignees

Labels

app-portal

Type

Feature

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions