Next.js 15 + Supabase Auth + PWA

Complete implementation guide for adding Supabase authentication to a Next.js 15 App Router PWA

šŸ“š Overview

This application serves as a complete reference implementation for integrating Supabase authentication into a Next.js 15 Progressive Web App.

Tech Stack:

  • āœ… Next.js 15.5.4 (App Router)
  • āœ… React 19.1.0
  • āœ… Supabase Auth (@supabase/ssr)
  • āœ… TypeScript
  • āœ… Tailwind CSS v4
  • āœ… PWA Support (@ducanh2912/next-pwa)

šŸ—ļø Architecture

Auth Flow

  1. User signs up with email/password
  2. Supabase sends confirmation email
  3. User clicks confirmation link
  4. Route handler verifies token and logs user in
  5. Middleware refreshes session on every request
  6. Session stored in cookies (httpOnly, secure)

Key Components

  • Server Client: Used in Server Components, Route Handlers, and Server Actions
  • Browser Client: Used in Client Components ("use client")
  • Middleware Client: Refreshes sessions on every request
  • Middleware: Runs before every page load to maintain auth state

šŸš€ Implementation Guide (7 Phases)

Follow these phases in order. Each phase builds on the previous one. Test pages are provided to verify each phase works correctly.

Phase 1: Setup & Dependencies

Install packages, configure environment, verify TypeScript paths

ā€¢ Install @supabase/ssr and @supabase/supabase-js

ā€¢ Configure .env.local with Supabase credentials

ā€¢ Verify tsconfig.json path aliases

ā€¢ Create lib/utils.ts

Test ā†’

Phase 2: Supabase Clients

Create server, browser, and middleware Supabase clients

ā€¢ Create lib/supabase/server.ts

ā€¢ Create lib/supabase/client.ts

ā€¢ Create lib/supabase/middleware.ts

Test ā†’

Phase 3: Middleware

Set up middleware to refresh auth sessions automatically

ā€¢ Create src/middleware.ts

ā€¢ Configure matcher to exclude static files

ā€¢ Implement session refresh on every request

Test ā†’

Phase 4: Auth Routes

Create authentication pages and route handlers

ā€¢ Create /auth/login page

ā€¢ Create /auth/sign-up page

ā€¢ Create /auth/confirm route handler

ā€¢ Create /auth/error and /auth/sign-up-success pages

Test ā†’

Phase 5: Auth Components & Forms

Build login, signup, logout components with full functionality

ā€¢ Create LoginForm component

ā€¢ Create SignUpForm component

ā€¢ Create LogoutButton component

ā€¢ Create AuthButton component

ā€¢ Add AuthButton to header

Test ā†’

Phase 6: Supabase Dashboard Config

Configure production redirect URLs and optional settings

ā€¢ Add production URLs to Supabase redirect list

ā€¢ Configure Site URL

ā€¢ Optional: Customize email templates

ā€¢ Optional: Configure custom SMTP

Guide ā†’

Phase 7: Protected Pages & Integration

Add protected pages, feature gating, and final testing

ā€¢ Create protected page examples

ā€¢ Implement feature gating patterns

ā€¢ End-to-end integration testing

ā€¢ Production readiness checklist

Test ā†’

šŸ“ Key Files & Structure

src/
ā”œā”€ā”€ middleware.ts
ā”œā”€ā”€ lib/
ā”‚   ā”œā”€ā”€ supabase/
ā”‚   ā”‚   ā”œā”€ā”€ server.ts
ā”‚   ā”‚   ā”œā”€ā”€ client.ts
ā”‚   ā”‚   ā””ā”€ā”€ middleware.ts
ā”‚   ā””ā”€ā”€ utils.ts
ā”œā”€ā”€ components/
ā”‚   ā”œā”€ā”€ login-form.tsx
ā”‚   ā”œā”€ā”€ sign-up-form.tsx
ā”‚   ā”œā”€ā”€ logout-button.tsx
ā”‚   ā””ā”€ā”€ auth-button.tsx
ā”œā”€ā”€ app/
ā”‚   ā”œā”€ā”€ auth/
ā”‚   ā”‚   ā”œā”€ā”€ login/page.tsx
ā”‚   ā”‚   ā”œā”€ā”€ sign-up/page.tsx
ā”‚   ā”‚   ā”œā”€ā”€ confirm/route.ts
ā”‚   ā”‚   ā”œā”€ā”€ error/page.tsx
ā”‚   ā”‚   ā””ā”€ā”€ sign-up-success/page.tsx
ā”‚   ā””ā”€ā”€ components/
ā”‚       ā”œā”€ā”€ Header.tsx
ā”‚       ā””ā”€ā”€ NavDropdown.tsx
ā””ā”€ā”€ .env.local

Key files explained:

  • ā€¢ middleware.ts - Session refresh middleware
  • ā€¢ lib/supabase/server.ts - Server-side client
  • ā€¢ lib/supabase/client.ts - Browser-side client
  • ā€¢ lib/supabase/middleware.ts - Middleware client
  • ā€¢ components/ - Auth forms and buttons
  • ā€¢ app/auth/ - Authentication pages and handlers

šŸ’» Common Code Patterns

Check Auth in Server Component

import { createClient } from "@/lib/supabase/server";

export default async function MyPage() {
  const supabase = await createClient();
  const { data } = await supabase.auth.getUser();
  const user = data?.user;

  if (!user) {
    return <div>Please log in</div>;
  }

  return <div>Welcome, {user.email}!</div>;
}

Check Auth in Client Component

"use client";
import { createClient } from "@/lib/supabase/client";
import { useEffect, useState } from "react";

export function MyComponent() {
  const [user, setUser] = useState(null);

  useEffect(() => {
    const supabase = createClient();
    supabase.auth.getUser().then(({ data }) => {
      setUser(data.user);
    });
  }, []);

  return user ? <div>Logged in!</div> : <div>Not logged in</div>;
}

Protected Route Pattern

import { createClient } from "@/lib/supabase/server";
import { redirect } from "next/navigation";

export default async function ProtectedPage() {
  const supabase = await createClient();
  const { data } = await supabase.auth.getUser();
  
  if (!data.user) {
    redirect("/auth/login");
  }

  return <div>Protected content for {data.user.email}</div>;
}

šŸ”§ Troubleshooting

Email confirmation not working?

Check that your production URL is added to Supabase redirect URLs with the /** wildcard

Session not persisting?

Ensure middleware is configured correctly and calling updateSession()

Random logouts?

Make sure middleware is calling await supabase.auth.getClaims() to refresh the session

TypeScript errors with env vars?

Add ! assertion: process.env.NEXT_PUBLIC_SUPABASE_URL!

šŸ”— Resources

This implementation guide serves as a reference for developers implementing Supabase authentication in Next.js 15 Progressive Web Apps.

All code is tested and production-ready. Feel free to use as a template! šŸš€

Simple PWA