Launched this week
StackPatch

StackPatch

Patch authentication into your Next.js app with one command

104 followers

Visit website
StackPatch is an open-source CLI that patches production-ready authentication directly into your codebase. Run one command and get Google & GitHub auth, protected routes, session management, Auth UI pages, and middleware & API routes all added as real files inside your repo -- No SaaS, No lock-in, no black box SDKs. Works with: Nextjs; React; Nuxt; Sveltekit; Astro
StackPatch gallery image
StackPatch gallery image
StackPatch gallery image
StackPatch gallery image
StackPatch gallery image
Free
Launch tags:ProductivityOpen SourceDeveloper Tools
Launch Team / Built With
Intercom
Intercom
Startups get 90% off Intercom + 1 year of Fin AI Agent free
Promoted

What do you think? …

Jay Dev

Wow, StackPatch looks amazing! Love that it adds auth as real files in my repo – huge for customization. How does it handle multi-tenancy scenarios, say, separating user data by organization?

Darshit
StackPatch
Maker

@jaydev13 all these Role Based Access Control is not supported yet because its from the database side but you can connect your database and all of the RBAC can be controlled from db

Darshit
StackPatch
Maker
📌
Hey Product Hunt 👋 What inspired me to build StackPatch was pure repetition. Every time I started a new Next.js project, authentication wasn’t hard, it was just the same setup over and over again: NextAuth config, routes, providers, protected pages, environment variables. I didn’t want another hosted service or abstraction. I wanted a way to drop production-ready auth directly into my codebase and fully own it. That’s how StackPatch started. My approach evolved from trying to “simplify auth” to something more honest: patching real, editable files into the project using a CLI. No magic, no runtime dependency just code you can read, modify, or delete. For this launch, I focused on keeping the scope tight: one command, clear output, and a demo that shows exactly what gets added. I’d love feedback from the community: • Does this solve a real pain for you? • What would you want to patch next? Happy to answer any questions 🙂
Zeiki Yu

Congrats on the launch! Love how StackPatch patches battle-tested auth into existing Next.js apps with one command—great DX, zero lock-in, and perfect for production-focused teams.

Darshit
StackPatch
Maker

@zeiki_yu Thanks more frameworks and feature coming soon in this open source

Zolani Matebese

@zeiki_yu congrats Zeiki. How do you handle updates and maintenance?

Alex

This is awesome — I love that it just patches real files into the codebase.

No magic, no hidden stuff, just code you actually own.

Quick question: do you plan to support Role-Based Access Control in the future, or is the focus staying purely on authentication for now?

Can’t wait to try this on my next Next.js project

Darshit
StackPatch
Maker

@mrpop Thanks a lot really appreciate that 🙂

The core focus is staying authentication-first and composable.

I don’t want StackPatch to turn into a heavy auth framework.

RBAC is something I’m thinking about as an optional patch rather than a default something you add only if you need it and fully own the code.

Would love to hear how you usually handle roles in your projects.

Wilco Kruijer

Looks interesting, I feel like there are a couple good use cases for this. I'm wondering how flexible this is, do you have generic way of defining "patches". Could it also work for other domains and apps that are not Next.js? Is it / could it be combined with AI to automatically patch projects?

Darshit
StackPatch
Maker

@wilco_kruijer1 yes currently i am handling use cases for the existing app/project without messing your file structure introducing good design principle and you can revert the changes if something is not up to the mark all the files will be replaced as it is as well as the new project for other domains i am working on it will be out soon! I am not combining this with AI as AI needs lot of iteration to make this work and also AI is not updated with the latest doc changes and it can change file randomly or create new files so lets see

Curious Kitty
Product Hunt
Next.js projects vary a lot (App Router vs older patterns, monorepos, path aliases, existing providers/middleware). What’s the hardest integration edge case you’ve had to handle so far, and how do you decide when to support a pattern vs. intentionally say “not supported”?
Darshit
StackPatch
Maker

@curiouskitty Great question!! The hardest cases so far have been projects that already have partial auth setups (custom middleware, existing providers or mixed App Router + legacy patterns). Those are tricky because you’re not starting from a clean slate.

My rule is: StackPatch should never guess intent.

If a pattern can be:

-reliably detected

-patched without overwriting custom logic

-and leave the project in a predictable state

then I support it.

If it requires assumptions (for example: custom auth flows, deeply coupled middleware, or heavily modified folder structures), I intentionally fail fast and mark it as “not supported” rather than silently doing something risky.

The philosophy is: safe defaults > broad coverage. I’d rather support fewer patterns well than many patterns unreliably.

Over time, I’m expanding support based on real-world project structures I see and test against.

Easy Tools Dev

Security updates are always a headache, especially for non-technical users. Love that this simplifies the process. Quick question: does it work with custom-built sites, or mainly for popular CMS platforms like WordPress?

Darshit
StackPatch
Maker

@easytoolsdev  Thankyouu, it will be for different frameworks (Nextjs, React, Vue, Tanstack) that build custom sites not for platform like wordpress