mirror of https://github.com/stack-auth/stack.git synced 2026-06-13 21:01:21 +08:00

History

Aman Ganapathy bb69ee4230 Some checks failed all-good: Did all the other checks pass? / all-good (push) Has been cancelled Details Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled Details DB migrations are backwards-compatible / Check if migrations changed (push) Has been cancelled Details Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled Details Docker Server Build and Run / docker (push) Has been cancelled Details Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (mock, 22.x) (push) Has been cancelled Details Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (prod, 22.x) (push) Has been cancelled Details Runs E2E API Tests with custom port prefix / build (22.x) (push) Has been cancelled Details Runs E2E API Tests with external source of truth / build (22.x) (push) Has been cancelled Details Lint & build / lint_and_build (latest) (push) Has been cancelled Details Dev Environment Test With Custom Base Port / restart-dev-and-test-with-custom-base-port (push) Has been cancelled Details Dev Environment Test / restart-dev-and-test (push) Has been cancelled Details Run setup tests with custom base port / setup-tests-with-custom-base-port (push) Has been cancelled Details Run setup tests / setup-tests (push) Has been cancelled Details TOC Generator / TOC Generator (push) Has been cancelled Details DB migrations are backwards-compatible / Test migrations with ${{ needs.check-migrations-changed.outputs.base_branch }} branch code (push) Has been cancelled Details DB migrations are backwards-compatible / No migration changes (skipped) (push) Has been cancelled Details [Fix] Token Store Overrides are now Respected (#1156 ) ### Context Recently, a user raised [this issue](https://github.com/stack-auth/stack-auth/issues/1144), which indicated that `tokenOverrides` were not being respected/used in the `getUser()` function. If we trace the flow through this function, we see `this._getSession -> this._getOrCreateTokenStore -> _createCookieHelper -> createCookieHelper -> createNextCookieHelper -> await rscHeaders()`. What this means is that even when a `requestLike tokenOverride` was passed, we would not end up using it because the `createCookieHelper` call occurs before the extant override checking logic in `getOrCreateTokenStore`, and the `createCookieHelper` didn't check the override but only the default `tokenStoreInit`. This caused the error to propagate up. ### Summary of Changes We check the `tokenStoreOverride` in the `createCookieHelper` function now, preventing this issue from happening. We also add extra test coverage to verify that overrides are respected, and don't overwrite the default token store. ### Out of Scope Discussion The original issue was raised with a `bun` runtime running `next.js` code. There seems to be some incompatibility between `bun 1.3.8` and `nextjs 15+`, not just with our backend but with fetching and working with responses from any `nextjs` server.		2026-02-03 18:58:46 -08:00
..
scripts	Widget playground mobile mode	2025-07-14 20:04:43 -07:00
src	[Fix] Token Store Overrides are now Respected (#1156 )	2026-02-03 18:58:46 -08:00
.env	Vanilla JS client library (#408 )	2025-02-08 02:31:03 +01:00
.eslintrc.cjs	tsup for stack-shared (#647 )	2025-04-28 21:26:52 -07:00
.gitignore	Vanilla JS client library (#408 )	2025-02-08 02:31:03 +01:00
components.json	Vanilla JS client library (#408 )	2025-02-08 02:31:03 +01:00
LICENSE	Vanilla JS client library (#408 )	2025-02-08 02:31:03 +01:00
next-env.d.ts	Vanilla JS client library (#408 )	2025-02-08 02:31:03 +01:00
package-template.json	chore: update package versions	2026-02-03 10:06:48 -08:00
package.json	chore: update package versions	2026-02-03 10:06:48 -08:00
postcss.config.js	Vanilla JS client library (#408 )	2025-02-08 02:31:03 +01:00
quetzal.config.json	Vanilla JS client library (#408 )	2025-02-08 02:31:03 +01:00
README.md	Update branding from Stack to Stack Auth in documentation (#504 )	2025-03-04 04:07:54 +01:00
tailwind.config.js	Vanilla JS client library (#408 )	2025-02-08 02:31:03 +01:00
tsconfig.json	In-source unit tests (#429 )	2025-02-14 11:47:52 -08:00
tsup.config.ts	convex fix auth config bug (#1031 )	2025-11-26 11:36:36 -08:00
vitest.config.ts	In-source unit tests (#429 )	2025-02-14 11:47:52 -08:00

README.md

Stack Auth: Open-source Clerk/Auth0 alternative

📘 Docs | ☁️ Hosted Version | ✨ Demo | 🎮 Discord | GitHub

Stack Auth is a managed user authentication solution. It is developer-friendly and fully open-source (licensed under MIT and AGPL).

Stack Auth gets you started in just five minutes, after which you'll be ready to use all of its features as you grow your project. Our managed service is completely optional and you can export your user data and self-host, for free, at any time.

We support Next.js frontends, along with any backend that can use our REST API. Check out our setup guide to get started.

📦 Installation & Setup

Run Stack Auth's installation wizard with the following command:
```
npx @stackframe/init-stack@latest
```
Then, create an account on the Stack Auth dashboard, create a new project with an API key, and copy its environment variables into the .env.local file of your Next.js project:
```
NEXT_PUBLIC_STACK_PROJECT_ID=<your-project-id>
NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY=<your-publishable-client-key>
STACK_SECRET_SERVER_KEY=<your-secret-server-key>
```
That's it! You can run your app with npm run dev and go to http://localhost:3000/handler/signup to see the sign-up page. You can also check out the account settings page at http://localhost:3000/handler/account-settings.

Check out the documentation for a more detailed guide.