Adding user authentication to a Next.js app with Whop OAuth

I wrote a tutorial on adding user authentication to an existing Next.js app using Whop OAuth. The...

giovedì 11 giugno 2026 New tab

729 words~3 min read

I wrote a tutorial on adding user authentication to an existing Next.js app using Whop OAuth. The TL;DR: drop Sign in with Whop into any Next.js app, skip credential storage, password hashing, email verification, and reset flows. Whop handles those.

Demo: https://nextjs-whop-oauth-demo.vercel.app/

The full integration is a few files: a couple of new modules under lib/, three route handlers under app/api/auth/, and a proxy.ts at the project root. The flow is OAuth 2.0 + PKCE; the session lives in an encrypted httpOnly cookie via iron-session. Here is how it comes together.

What you set up first

Two packages: iron-session for the encrypted session cookie, zod for env and response validation.

Adding user authentication to a Next.js app with Whop OAuth

Adding user authentication to a Next.js app with Whop OAuth

Related reading

Auth in Next.js SaaS starters: redirect loops, OAuth callbacks, magic links,…

"NestJS authentication in 5 minutes"

Building Authentication & Authorization in a Full-stack React + Express.js App…

How I wired Stripe subscriptions to Supabase in Next.js 15 (the parts tutorials…

Implementing Protected Routes and Authentication in React (2026 Edition)

Google Login in Express with PassportJS & JWT

Related reading

Auth in Next.js SaaS starters: redirect loops, OAuth callbacks, magic links,…

"NestJS authentication in 5 minutes"

Building Authentication & Authorization in a Full-stack React + Express.js App…

How I wired Stripe subscriptions to Supabase in Next.js 15 (the parts tutorials…

Implementing Protected Routes and Authentication in React (2026 Edition)

Google Login in Express with PassportJS & JWT