Share to X
Share to LinkedInLearn how to configure OAuth providers in your ShipNowKit application.
ShipNowKit supports multiple OAuth providers, including Google, GitHub, Discord, Facebook, and Twitter. You can enable and configure these providers through the configuration manager or environment variables.
Supported OAuth Providers
ShipNowKit currently supports the following OAuth providers:
- Google - Google account login
- GitHub - GitHub account login
- Discord - Discord account login
- Facebook - Facebook account login
- Twitter - Twitter account login
Configuration Methods
Method 1: Configure via Dashboard (Recommended)
- Log in to the Dashboard
- Navigate to the Settings page
- Find the "Authentication Settings" section
- Enable the OAuth providers you want to use
- Enter the corresponding client ID and secret
- Save the configuration
The configuration will be automatically saved to the database and will take effect without restarting the application.
Method 2: Configure via Environment Variables
You can also configure OAuth providers through environment variables:
# .env.local
# Google OAuth
AUTH_GOOGLE_ENABLED=true
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
# GitHub OAuth
AUTH_GITHUB_ENABLED=true
GITHUB_CLIENT_ID=your-github-client-id
GITHUB_CLIENT_SECRET=your-github-client-secret
# Discord OAuth
AUTH_DISCORD_ENABLED=true
DISCORD_CLIENT_ID=your-discord-client-id
DISCORD_CLIENT_SECRET=your-discord-client-secret
# Facebook OAuth
AUTH_FACEBOOK_ENABLED=true
FACEBOOK_CLIENT_ID=your-facebook-client-id
FACEBOOK_CLIENT_SECRET=your-facebook-client-secret
# Twitter OAuth
AUTH_TWITTER_ENABLED=true
TWITTER_CLIENT_ID=your-twitter-client-id
TWITTER_CLIENT_SECRET=your-twitter-client-secretObtaining OAuth Credentials
- Visit Google Cloud Console
- Create a new project or select an existing project
- Enable Google+ API
- Create OAuth 2.0 Client ID
- Configure authorized redirect URI:
https://your-domain.com/api/auth/callback/google - Copy the client ID and secret
GitHub
- Go to GitHub Settings > Developer settings > OAuth Apps
- Click "New OAuth App"
- Fill in the application information:
- Application name: Your application name
- Homepage URL: Your website URL
- Authorization callback URL:
https://your-domain.com/api/auth/callback/github
- After creating the app, copy the Client ID and Client Secret
Discord
- Visit Discord Developer Portal
- Create a new application
- Go to OAuth2 settings
- Add redirect URI:
https://your-domain.com/api/auth/callback/discord - Copy the Client ID and Client Secret
- Visit Facebook Developers
- Create a new application
- Add Facebook Login product
- Configure settings:
- Valid OAuth Redirect URI:
https://your-domain.com/api/auth/callback/facebook
- Valid OAuth Redirect URI:
- Copy the App ID and App Secret from Settings > Basic
- Visit Twitter Developer Portal
- Create a new application
- Configure in application settings:
- Callback URL:
https://your-domain.com/api/auth/callback/twitter
- Callback URL:
- Copy the API Key and API Secret
Configuration Priority
ShipNowKit's configuration manager loads configuration in the following priority order:
- Database Configuration (via Dashboard settings) - Highest priority
- If configuration exists in the database, database configuration takes priority
- If certain fields in the database configuration are empty, it will fall back to environment variables
- Environment Variable Configuration - If no configuration exists in the database, environment variables are used
This means if you configure OAuth providers in the Dashboard, the configuration in environment variables will be ignored (unless fields in the database configuration are empty).
Disabling Admin Configuration
If you want to force the use of environment variable configuration and prevent modification through the Dashboard, you can set an environment variable:
DISABLE_ADMIN_CONFIG="true"After setting this:
- The Settings panel in the Dashboard will still exist, but modifications will not take effect
- The system will always use configuration values from environment variables
- Configuration in the database will be ignored
Dynamic Configuration Loading
ShipNowKit's authentication configuration supports dynamic loading, which means:
- No need to restart the application after configuration changes
- Configuration automatically reloads from the database or environment variables
- Supports hot configuration updates
The configuration loading logic is implemented in lib/auth/config-loader.ts.
Checking Enabled Providers
You can check currently enabled authentication providers through an API endpoint:
// GET /api/auth/providers
const response = await fetch('/api/auth/providers');
const { providers } = await response.json();
console.log(providers);
// {
// password: true,
// magicLink: true,
// google: true,
// github: false,
// ...
// }Account Linking
better-auth supports account linking functionality, allowing users to link multiple OAuth accounts to the same user account. This means:
- Users can sign in to the same account using different login methods
- Users can link or unlink OAuth accounts in the settings page
Permissions and Access
Learn how to implement permission control and access control in ShipNowKit frontend applications. Protect routes and display UI based on user roles and permissions.
Customize App Info
Configure site basics in ShipNowKit: name, URL, logo files, favicon, social meta, sitemap, robots.txt, and policies.