Features > Magic Links

Learn how to implement passwordless authentication using magic links in your Nexset application. This guide covers setup, configuration, and best practices.

Prerequisites

• 1

  Configured email service (see Email Setup)

• 2

  MongoDB database setup (see Database Setup)

Environment Setup

Add the following variables to your .env.local file:

NEXTAUTH_URL=http://localhost:3000
NEXTAUTH_SECRET=your-secret-key-here # At least 15 characters for JWT encryption

Email Configuration

Configure your email settings in config.js:

export default {
  resend: {
    fromNoReply: 'noreply@mail.yourdomain.com',
    // ... other email config
  },
  // ... other config
};

Usage

Use the built-in ButtonSignin component to implement magic link authentication:

"use client"

import { signIn } from "next-auth/react";
import config from "@/config";
                
const ButtonSignin = () => {
  return (
    <button
      className="btn btn-primary"
      onClick={() => signIn(undefined, { 
        callbackUrl: config.auth.callbackUrl 
      })}
    >
      Sign in with Email
    </button>
  );
};

Security Considerations

• 1

  Use a strong NEXTAUTH_SECRET for JWT encryption

• 2

  Configure rate limiting for email sending

• 3

  Set up proper email domain verification

• 4

  Monitor authentication attempts

• 5

  Implement proper error handling

Best Practices

• 1

  Use a dedicated email domain for authentication

• 2

  Implement proper error messages for failed attempts

• 3

  Add loading states during authentication

• 4

  Configure proper session handling

• 5

  Set up proper redirect URLs