From 45eb8b3914131071c7204d7eedd986a8b66c2daf Mon Sep 17 00:00:00 2001
From: Janis <janis.meister87@gmail.com>
Date: Sun, 23 Jul 2023 01:07:41 +0200
Subject: [PATCH] update readme

---
 README.md                       | 17 +++++++++++++++--
 pages/api/auth/[...nextauth].ts |  6 +++---
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index df7f89d..215e71c 100644
--- a/README.md
+++ b/README.md
@@ -4,15 +4,28 @@ Markdown-based tutorials and articles webapp, built using Docker, NextJS & Prism
 
 ## Getting Started
 
-1. Create a `.env` file in the root directory and add the following variables:
+1. Register a new OAuth app on GitHub: <https://github.com/settings/applications/new>
+
+   1. Set the "Homepage URL" to `http://localhost:3000`
+   2. Set "Authorization callback" URL to `http://localhost:3000/api/auth/callback`
+
+2. Create a `.env` file in the root directory and add the following variables:
 
 ```bash
 DATABASE_URL="postgresql://postgres:postgres@localhost:5432/postgres?schema=explainegy"
+AUTH_GH_CLIENT_ID="abc"
+AUTH_GH_CLIENT_SECRET="abcdef"
+AUTH_DEBUG_GH_ADMIN_ID="123" # The GitHub user ID of the admin user
 ```
 
-2. Run the following commands:
+> Note: `AUTH_DEBUG_GH_ADMIN_ID` can be optaind here: <https://api.github.com/users/your-username>
+
+3. Run the following commands:
 
 ```bash
 docker compose up -d
 npm run dev
 ```
+
+4. Login as admin using your GitHub account: <http://localhost:3000/api/auth/signin>
+5. Use the webapp: <http://localhost:3000/>
diff --git a/pages/api/auth/[...nextauth].ts b/pages/api/auth/[...nextauth].ts
index 63aa665..3bab8b5 100644
--- a/pages/api/auth/[...nextauth].ts
+++ b/pages/api/auth/[...nextauth].ts
@@ -4,14 +4,14 @@ export const authOptions: AuthOptions = {
   // Configure one or more authentication providers
   providers: [
     GithubProvider({
-      clientId: "1afc604704e6ac0149e3", //! env vars
-      clientSecret: "b8f76990fc0a9181eaba23359a27b2d140ab67e7",  //! env vars
+      clientId: process.env.AUTH_GH_CLIENT_ID ?? "",
+      clientSecret: process.env.AUTH_GH_CLIENT_SECRET ?? ""
     }),
     // ...add more providers here
   ], callbacks: {
     async signIn({ user, account, profile, email, credentials }) {
 
-      if (user.id.toString() == "76851529") { //! env vars
+      if (user.id.toString() == process.env.AUTH_DEBUG_GH_ADMIN_ID) { //! env vars
         return true
       } else {
         // Return false to display a default error message