Skip to main content
George Khananaev
Case Study

PyNextStack: a full-stack user management starter

FastAPI backend, Next.js frontend, auth and profiles out of the box

2 min read
View on GitHub25 stars
#fastapi#nextjs#python#typescript#authentication#full-stack

Overview

PyNextStack is a starter kit for full-stack applications that need user accounts. It pairs a FastAPI backend with a Next.js frontend, handles registration, authentication, password reset, profile management, and email verification out of the box. The goal is to get to your first real feature on day one.

The problem it solves

Every new product I start spends the first week rebuilding the same user-management layer. Registration, login, session, password reset, email verification, profile pages, admin. It is all commodity work, none of it is product-differentiating, and most of it has subtle security pitfalls. PyNextStack captures the pieces I'd write anyway so I can skip straight to the part that actually matters.

What is included

  • FastAPI backend with JWT auth, password hashing (bcrypt), email verification, and password reset flows
  • Next.js frontend with typed API client, protected routes, and Material-UI components
  • Database layer abstracted so you can swap PostgreSQL, MySQL, or MongoDB
  • Email layer pluggable for SendGrid, AWS SES, SMTP, or local testing
  • Admin area with user list, role management, and audit log
  • Docker Compose for local development with hot reload on both ends

Design choices worth highlighting

The frontend and backend communicate through a typed API client generated from the FastAPI OpenAPI schema. That means when you change a backend endpoint, the TypeScript types update automatically and the frontend breaks with a compiler error. No runtime drift between the two.

Auth uses short-lived access tokens (15 minutes) paired with long-lived refresh tokens (7 days, httpOnly cookie). The access token lives in memory, the refresh token is invisible to JavaScript. This is the sweet spot between developer ergonomics and security.

Tech stack

Python, FastAPI, Pydantic, SQLAlchemy or Motor (depending on DB), Next.js App Router, React, TypeScript, Material-UI, Docker, and GitHub Actions for CI.

Takeaway

Starter kits earn their keep when they embody opinions. PyNextStack is opinionated on purpose: short-lived JWTs, refresh tokens in httpOnly cookies, typed API client, Material-UI as the component library. If your product has different needs, fork it. If it doesn't, use it and ship.

View the code on GitHub

georgekhananaev/PyNextStack

Working on something similar?

I take on a handful of engagements at a time: architecture reviews, platform rescues, AI integration, and fractional technical leadership. The clearer the brief, the faster the reply.

How I work

Related posts

Travel Panel: the core travel management platform
Travel Panel: the core travel management platform illustrationFeaturedMoon Holidays
11 minDec 2022 — Present

Travel Panel: the core travel management platform

FastAPI backend, Next.js operator portal, and B2B partner portal powering Moon Holidays end to end

Travel Panel is the core system at Moon Holidays. A FastAPI backend, a Next.js operator portal, a B2B partner portal, and the orchestrator for every downstream product: TravelOffer for end customers, Live Deck for call-center TVs, Vercel Controller for deployment cache, StaySync for allotment availability, and a WebSocket messenger for internal communication. Running on AWS with ALB, MemoryDB, CloudFront, S3, and more.

fastapinextjspythontypescript
FastAPI DocShield: protect your API docs with one line
FastAPI DocShield: protect your API docs with one line illustrationGitHub
2 min13

FastAPI DocShield: protect your API docs with one line

HTTP Basic Auth on the OpenAPI docs endpoints for FastAPI

A tiny FastAPI extension that adds HTTP Basic Authentication to the Swagger UI, ReDoc, and OpenAPI JSON endpoints. Drop it in, set a username and password, and your API docs are no longer public. Useful when you want docs in production but not publicly indexable.

fastapipythonsecurityauthentication
Dark Theme Auth FastAPI Server
Dark Theme Auth FastAPI Server illustrationGitHub
2 min10

Dark Theme Auth FastAPI Server

A FastAPI template with auth-protected endpoints, Redis, logging, and a custom dark-themed docs UI

A versatile FastAPI server template with authentication-protected endpoints, Redis caching, structured logging, and a custom dark theme for the API documentation. A solid foundation for production APIs that want opinions baked in from day one.

fastapipythonredisauthentication