Work on Next 2023-10-9

[brianRingler]

What do we work on next? 1 and 6 can be done at the same time. Steps 2 and 3 require task 1 to be completed. Task 5 can be done before step 1 I think. I think we split up 1 and 6 then work on 2, 35 ?

1) Login Page - When user logs in they should be added to useSession. This will save non sensistive user information in a cookie. This has been started.

2) Modify Header to detect if user is logged in. If logged in authenticated header will be displayed else non authenticated header will be displayed.

3) Protect routes - User must be authenticated to access select routes. Non-authenticated user will not be allowed to access certain routes.

5) Create login for using Google Auth

6) When user Registers an account use Next-Auth to validate the email

Add or Create an Admin Page?

[brianRingler]

We also need to add a button on the register page that allows the user to register with Google. I think this is just two buttons. One that registers a regular user and the second that does the same except is does NOT store a password and third_party_auth becomes true.

[imaricodes]

I'll do 2, 4 , 1.

I'd like to see how you set up 6. Admin page wasn't on my radar! You probably have a better notion of how that needs to function.

I can setup the header behaviors with hardcode info even if the other things aren't done.

Only issue with the Google Auth is that it has to be from a cloud account that has billing enabled.

[brianRingler]

I sent you the Google Auth info that you need to populate into the .env file. I forget why I had to add the localhost.

For the Admin, that is probably not required for this project but maybe just a skill we want to practice creating. Imagine we create a site for a manufacturing company. The company might want to have a Supplier portal where Suppliers can access the site to certain docs, etc. The Admin Access will give one user Super User privileges so they can do certain things to the database without having to know how to access a database. They simply can create a Supplier, delete a Supplier, Add a document, and a lower-level Admin.

If you do 1, 2 and 4, I think you will need to first get 1 done and push that change to main. That will allow me to protect the routes based on a user being authenticated or non-authenticated. I am going to start on the Register Page and working on the email validation.

Also, I forgot a detail with Register Page. When a user Registers and they want to do it with a Google Account I need to update the database differently. If a user registers with google then all we need is email, first and last name. We store null for password. I need to think through the logic on this.

[imaricodes]

ok to all of that. Working on site today.

[imaricodes]

Heads up to pull main before you do more dev!! I pushed directly to main: a new navbar, changed Auth provider file name to Session Provider, added getSession to root Layout