DeesseJS

User Management

Managing users in DeesseJS

User Management

Complete guide to managing users in your DeesseJS application.

Creating Users

Via Admin Dashboard

  1. Navigate to Users section in the admin dashboard
  2. Click + New User
  3. Fill in user details:
    • Email (required, unique)
    • Name
    • Role
    • Password (or send invitation email)
  4. Click Create

Via API

import { db } from '@deessejs/db'
import { hashPassword } from '@deessejs/auth'

await db.users.create({
  data: {
    email: 'user@example.com',
    name: 'John Doe',
    password: await hashPassword('secure-password'),
    role: 'editor',
  },
})

Server Action

// app/actions/users.ts
'use server'

import { db } from '@deessejs/db'
import { hashPassword } from '@deessejs/auth'
import { revalidatePath } from 'next/cache'

export async function createUser(formData: FormData) {
  const email = formData.get('email') as string
  const password = formData.get('password') as string
  const name = formData.get('name') as string
  const role = formData.get('role') as string

  await db.users.create({
    data: {
      email,
      name,
      password: await hashPassword(password),
      role: role || 'author',
    },
  })

  revalidatePath('/admin/users')
}

Updating Users

Change Password

import { hashPassword } from '@deessejs/auth'

await db.users.update({
  where: { id: userId },
  data: {
    password: await hashPassword('new-password'),
  },
})

Change Role

await db.users.update({
  where: { id: userId },
  data: {
    role: 'admin',
  },
})

Update Profile

await db.users.update({
  where: { id: userId },
  data: {
    name: 'Updated Name',
    email: 'newemail@example.com',
  },
})

Deleting Users

Soft Delete

await db.users.update({
  where: { id: userId },
  data: {
    deletedAt: new Date(),
    isActive: false,
  },
})

Hard Delete

# Warning: This cannot be undone
await db.users.delete({
  where: { id: userId },
})

User Invitations

Send Invitation

import { sendInvitation } from '@deessejs/auth'

await sendInvitation({
  email: 'newuser@example.com',
  role: 'editor',
  invitedBy: currentUserId,
})

// Sends email with invitation link
// User clicks link to set password and activate account

Accept Invitation

// Handle invitation link
import { acceptInvitation } from '@deessejs/auth'

await acceptInvitation({
  token: invitationToken,
  password: 'user-password',
})

Password Reset

Request Reset

import { requestPasswordReset } from '@deessejs/auth'

await requestPasswordReset('user@example.com')
// Sends email with reset link

Complete Reset

import { resetPassword } from '@deessejs/auth'

await resetPassword({
  token: resetToken,
  password: 'new-password',
})

User Sessions

View Active Sessions

import { getUserSessions } from '@deessejs/auth'

const sessions = await getUserSessions(userId)

Revoke Session

import { revokeSession } from '@deessejs/auth'

await revokeSession(sessionId)

Revoke All Sessions

import { revokeAllSessions } from '@deessejs/auth'

await revokeAllSessions(userId)

Two-Factor Authentication

Enable 2FA for User

import { enableTwoFactor } from '@deessejs/auth'

const { secret, qrCode } = await enableTwoFactor(userId)
// Returns secret key and QR code for authenticator app

Verify 2FA Setup

import { verifyTwoFactorSetup } from '@deessejs/auth'

await verifyTwoFactorSetup(userId, token)

User Queries

Get Current User

import { getServerSession } from '@deessejs/auth'

const session = await getServerSession()
const user = session?.user

Get User by ID

const user = await db.users.findUnique({
  where: { id: userId },
})

Get User by Email

const user = await db.users.findUnique({
  where: { email: 'user@example.com' },
})

List Users

const users = await db.users.findMany({
  orderBy: { createdAt: 'desc' },
  take: 20,
})

Filter by Role

const editors = await db.users.findMany({
  where: { role: 'editor' },
})

Best Practices

Security

  • Always hash passwords before storing
  • Use strong password requirements
  • Implement rate limiting on login attempts
  • Enable 2FA for admin accounts
  • Log authentication attempts

User Experience

  • Send invitation emails for new users
  • Provide clear password requirements
  • Offer password reset functionality
  • Allow users to manage their own sessions
  • Display helpful error messages

Data Privacy

  • Comply with GDPR/CCPA requirements
  • Provide data export functionality
  • Allow account deletion
  • Implement data retention policies
  • Log consent for data processing

Next Steps

Authentication Overview

Understanding authentication in DeesseJS

Role-Based Access Control

Managing roles and permissions in DeesseJS

On this page

User ManagementCreating UsersVia Admin DashboardVia APIServer ActionUpdating UsersChange PasswordChange RoleUpdate ProfileDeleting UsersSoft DeleteHard DeleteUser InvitationsSend InvitationAccept InvitationPassword ResetRequest ResetComplete ResetUser SessionsView Active SessionsRevoke SessionRevoke All SessionsTwo-Factor AuthenticationEnable 2FA for UserVerify 2FA SetupUser QueriesGet Current UserGet User by IDGet User by EmailList UsersFilter by RoleBest PracticesSecurityUser ExperienceData PrivacyNext Steps