Everything you need to sign in β€” already built FREE.

Get a production-grade Auth Kit built with NestJS + NextJS. It's plug-and-play, secure by default, and easy to extend for any project.

Focus On Innovation

Skip the repetitive tasks and start building your main idea.

πŸ” Session + JWT Auth Ready

Pre-wired session + token-based auth strategy with refresh token rotation and cookie security best practices.

🧠 Login Tracking + Anomaly Detection

Track login history (IP, device, user-agents, timestamp) and monitor for suspicious activity.

πŸ’» Multi-Device Session Management

Log in from multiple devices, view active sessions, and revoke them individually.

🧱 Dockerized Monorepo

Full Docker and Docker Compose setup for dev and prod. Includes both Auth and Notification services in a monorepo.

πŸ” Microservice Event System

Auth and Notification services communicate via NestJS EventPattern to trigger email alerts (e.g., login notification, new device, etc.)

πŸš€ Fully Extensible with NestJS

Built with NestJS and scalable project structure β€” plug in new services, guards, and strategies easily.

πŸ› οΈ Forgot Password Flow

Includes secure token generation, reset email, and expiration logic β€” ready to plug into your frontend.

πŸ” Refresh Token Strategy

Secure refresh tokens with device binding and rotation built in β€” keep sessions alive, safely.

🧰 Shared Utility Library

Includes prebuilt database abstractions and helpers for MongoDB, PostgreSQL, and MariaDB β€” so you can stay focused on business logic.

Why This Kit?

Unlock a battle-tested Auth system without starting from scratch.

Auth Service Screenshot

πŸš€ Save 30+ Hours of Setup

  • βœ…Focus on building product logic, not boilerplate auth flows.
  • βœ…Faster onboarding with a clean, documented codebase.
  • βœ…Reduce time-to-launch with drop-in ready auth modules.
  • βœ…Minimize integration errors with working endpoints.

πŸ›‘οΈ Secure by Design

  • βœ…Built-in session and refresh token flow to reduce token misuse.
  • βœ…Device-based session tracking for better control over logins.
  • βœ…Secure cookie management with HttpOnly and SameSite settings.
  • βœ…Track login history to spot unusual or suspicious behavior.
Login Activity Screenshot
Forgot Password Screenshot

πŸͺ„ Event-Driven Email Notifications

  • βœ… Sends verification and reset links via seamless event-based triggers.
  • βœ… Decoupled architecture makes the email system easily replaceable or extendable.
  • βœ… Works out-of-the-box with popular providers like Resend.
  • βœ… Easily trigger custom notifications for login attempts or password changes.

πŸ” Session-Aware & Token Refresh

  • βœ… Keeps users securely signed in without frequent logins.
  • βœ… Built-in session tracking to support multiple devices per user.
  • βœ… Supports secure token rotation to prevent hijacking.
  • βœ… Integrated session-based logout and token invalidation flows.
Refresh Token Screenshot
Dockerized Screenshot

🐳 Dockerized & Composable

  • βœ… Launch locally or on any server in seconds using Docker Compose.
  • βœ… Run each service in isolation β€” perfect for scaling or debugging.
  • βœ… Clean, consistent environments across dev, staging, and prod.
  • βœ… Easily swap components or add new services without rewiring everything.

Download the Free Auth Kit

Join a growing community of builders and get instant access to the complete starter kit delivered straight to your inbox.

What's Under the Hood

The Free Auth Kit is built on a modern, scalable stack designed for real-world use. Here's a high level architecture of how it works under the hood.

nestJsLogomongodbLogodockerLogo
next.jstypescriptLogo
authenticationArchitecture

Frequently Asked Questions

Everything you need to know before using the Free Auth Kit.