Files
supabase/apps/ui-library/content/docs/tanstack/password-based-auth.mdx
Ivan Vasilov 0bd892547c fix: Use the new envVars property in the shadcn blocks (#37585)
* Search and replace all mentions of SUPABASE_ANON_KEY.

* Copy over some comments from the nextjs template.

* Bump shadcn version.

* Change the building of the blocks to append envVars and docs.

* Use the new envVars property in the clients.

* Rebuild all blocks.

* Fix the wording.

* Update the docs.
2025-08-04 10:30:53 +02:00

80 lines
3.6 KiB
Plaintext

---
title: Password-based Authentication
description: Password-based authentication block for TanStack Start
---
<BlockPreview name="password-based-auth/auth/sign-up" />
## Installation
<BlockItem name="password-based-auth-tanstack" description="Supabase Client for TanStack Start" />
## Folder structure
This block includes the [Supabase client](/ui/docs/tanstack/client). If you already have one installed, you can skip overwriting it.
<RegistryBlock itemName="password-based-auth-tanstack" />
## Usage
Once you install the block in your TanStack Start project, you'll get all the necessary pages and components to set up a password-based authentication flow.
### Getting started
After installing the block, you'll have the following environment variables in your `.env.local` file:
```env
VITE_SUPABASE_URL=
VITE_SUPABASE_PUBLISHABLE_OR_ANON_KEY=
```
- If you're using supabase.com, you can find these values in the [Connect modal](https://supabase.com/dashboard/project/_?showConnect=true) under App Frameworks or in your project's [API settings](https://supabase.com/dashboard/project/_/settings/api).
- If you're using a local instance of Supabase, you can find these values by running `supabase start` or `supabase status` (if you already have it running).
### Adding email templates
1. Add an [email template for sign-up](https://supabase.com/dashboard/project/_/auth/templates) to the Supabase project. Your signup email template should contain at least the following HTML:
```html
<h2>Confirm your signup</h2>
<p>Follow this link to confirm your user:</p>
<p>
<a
href="{{ .SiteURL }}/auth/confirm?token_hash={{ .TokenHash }}&type=email&next={{ .RedirectTo }}"
>Confirm your email</a
>
</p>
```
For detailed instructions on how to configure your email templates, including the use of variables like `{{ .SiteURL }}`,`{{ .TokenHash }}`, and `{{ .RedirectTo }}`, refer to our [Email Templates guide](https://supabase.com/docs/email-templates).
1. Add an [email template for reset password](https://supabase.com/dashboard/project/_/auth/templates) to the Supabase project. Your reset password email template should contain at least the following HTML:
```html
<h2>Reset Password</h2>
<p>Follow this link to reset the password for your user:</p>
<p>
<a
href="{{ .SiteURL }}/auth/confirm?token_hash={{ .TokenHash }}&type=recovery&next={{ .RedirectTo }}"
>Reset Password</a
>
</p>
```
### Setting up routes and redirect URLs
1. Set the site URL in the [URL Configuration](https://supabase.com/dashboard/project/_/auth/url-configuration) settings in the Supabase Dashboard.
1. Set up the route users will visit to reset or update their password. Go to the [URL Configuration](https://supabase.com/dashboard/project/_/auth/url-configuration) settings and add the `forgot-password` route to the list of Redirect URLs. It should look something like: `http://example.com/auth/forgot-password`.
1. Update the redirect paths in `login.tsx` and `update-password.tsx` components to point to the logged-in routes in your app. 1. Our examples use `/protected`, but you can set this to whatever fits your app.
## Further reading
- [Password-based authentication (PKCE flow)](https://supabase.com/docs/guides/auth/passwords?queryGroups=flow&flow=pkce)
- [Authentication error codes](https://supabase.com/docs/guides/auth/debugging/error-codes)
- [Email templates](https://supabase.com/docs/guides/auth/auth-email-templates)
- [Email templates for local development](https://supabase.com/docs/guides/local-development/customizing-email-templates)
- [Custom SMTP](https://supabase.com/docs/guides/auth/auth-smtp)