Get startedGet started for free

Authentication and user management with Replit

1. Authentication and user management with Replit

Okay, so now we're gonna talk about authentication and user management in Replit. So we've built out our form app, we polished the dashboard, we added some complex form builder functionality, now we have to add the ability for users to be able to log in to our app and manage it on the admin side, and what we want to do is make it so that only certain users can do that. This would normally be something very complicated doing in any other platform, I'm gonna show you how to do it very simply on Replit. So we're in our app, we're gonna create a new chat and we're gonna send the following prompt, In plan mode: “We need to gate our admin and form builder pages behind auth. Implement user login with Replit auth and add certain users to a white list so only they can access the application”. We're gonna fire that off, and agent is gonna come up with a plan for helping us protect these routes. Why are we doing this? Well, we want everyone to be able to see the main form page, but we want to be the ones that access the backend. So what we need to do is add some way to authenticate those pages and secure them, and asking agent to help us plan this out is a really great way to do so. Now, Replit has a service called Replit Auth, so we've been plugging all these building blocks together in our application that Replit's made available for us. Replit Authentication connects to our database to add users we can authenticate. So we don't need to create any separate accounts. It'll use our Replit account and we'll get exactly the functionality that we want. So I'm gonna jump back in once Agent is finished planning here and we'll see what we get. So we have our proposed tasks, we're gonna go ahead and start building our plan for Replit Auth, and then we'll come back once we have that implemented. So we finished our user and admin prompt, and there were a couple follow up prompts, so what I said here was whitelist the username Matt, email (my personal email) which our video guys will block out to access our admin page in form builder. So agent implemented Replit Auth, and then it whitelisted my user for that form builder. So what we'll see is that we get our form questions, but if we go to admin, we're gonna get prompted with a login page for Replit Auth. Now, clicking this login page is going to bring up my application and it's gonna ask if I would like it to access my Replit account, I'm gonna say yes. So what we're doing is we're using our Replit account as a proxy for our user, and now that I'm logged in, I should be able to go to admin, which I wasn't able to do before, and now I can see my user submissions and I can interact with the form as I did before. I can also open up our form builder and rearrange our fields and edit all of the content as I could previously. So what do we have now? Well, we have a complete end-to-end full stack application. On the front end, anybody can come and submit our form, on the back end, only we or people that we whitelist can access the admin panel and the form builder functionality. Then those users can export CSVs, they can manage this dashboard, they can do whatever they'd like. Now, this took one or two follow-up prompts, so you can see here the original prompt about gating our admin form builder pages, but then there was a prompt: ‘Hey, things didn't work quite as expected’, I think there might have been one or two more. So it might take you a little bit to get to this exact functionality, however, that back and forth and the process of understanding how your app works to build out the robust application is necessary when you're vibe coding with tools like Replit. So this has been our lesson on user management and authentication and how we can implement this functionality. Replit also supports just building applications where anybody can login, so if I wanted to have login for every user that submitted a form, I could do that. I could collect their email automatically, that would be no problem. This is a specific type of user authentication where I'm then gating access to parts of my application. So now we'll move on to the next lesson.

2. Let's practice!

Create Your Free Account

or

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.