Introduction

Production-ready SaaS starter kit with authentication, user management, and session tracking

Fastly is a full-stack authentication and user management system built with Next.js 16. It provides everything you need to handle user accounts, sessions, and profiles in production applications.

Features

Email/Password Auth

Registration with OTP verification, password reset, and secure bcrypt hashing.

OAuth Integration

GitHub and Google OAuth with automatic account creation and profile linking.

JWT Sessions

Access tokens (15 min) and refresh tokens (7 days) with automatic renewal.

Session Management

Multi-device session tracking with browser, OS, and IP metadata.

Tech Stack

CategoryTechnology
FrameworkNext.js 16 (App Router)
LanguageTypeScript
DatabaseMongoDB with Mongoose
AuthenticationJWT with access/refresh tokens
StylingTailwind CSS + shadcn/ui
ValidationZod schemas
File UploadUploadThing
EmailReact Email + Nodemailer

Project Structure

How It Works

User Registration

User submits email and password. The system creates an unverified account and sends a 6-digit OTP to their email.

Email Verification

User enters the OTP code. Once verified, the system creates their profile and generates JWT tokens.

Session Creation

A session record is created with device metadata (browser, OS, IP). The session ID is returned alongside tokens.

Authenticated Requests

All protected endpoints require the access token in the Authorization header and session ID in the X-Session-Id header.

Next Steps

Installation

Complete setup instructions and prerequisites.

Environment Setup

Configure MongoDB, JWT secrets, OAuth, and email settings.

Authentication

Learn how the auth system works.

API Reference

Complete endpoint documentation.

Installation

Get Fastly running on your local machine

On this page

Features
Tech Stack
Project Structure
How It Works
User Registration
Email Verification
Session Creation
Authenticated Requests
Next Steps