🔐 Add GitHub Login (Next.js Only) to Support Private Repositories

[naheel0]

📌 Summary

Currently, ReadmeGenAI only works with public repositories. When a user provides a private repository URL, the app cannot access it and fails to generate a README.

We need to implement GitHub authentication using Next.js only (no separate backend server) to allow access to private repositories.

---

🎯 Goal

Enable users to log in with GitHub and allow the app to fetch private repository data securely.

---

🚨 Problem

If a user pastes a private repository URL:

• GitHub API returns 403 Forbidden
• The app cannot fetch repository data
• README generation fails
• No authentication flow exists

---

✅ Expected Behavior

1. User clicks "Login with GitHub"
2. OAuth flow completes successfully
3. Access token is stored securely (HTTP-only session)
4. Authenticated requests can fetch private repositories
5. If user is not logged in and tries a private repo:
   • Show login prompt

Example message:

🔐 This repository is private.
Please log in with GitHub to continue.

---

💡 Suggested Implementation (Next.js Only)

Recommended Approach: NextAuth

• Install next-auth
• Configure GitHub OAuth provider
• Request appropriate scope (repo for private repos)
• Use session token when calling GitHub API

---

🖥 Frontend Changes

• Add "Login with GitHub" button
• Display authentication state
• Add logout functionality
• Show proper error state for private repo access

---

🔒 Security Requirements

• Do NOT expose access token in client-side code
• Use secure environment variables
• Use minimal required OAuth scopes
• Handle token expiration properly

---

🧪 Example Scenarios

Case 1: Not Logged In

User pastes private repo URL
→ App prompts login

Case 2: Logged In

User pastes private repo URL
→ README is generated successfully

---

🎯 Acceptance Criteria

• GitHub OAuth integrated
• Private repositories accessible after login
• Secure token handling
• Proper 403 error handling
• Clear authentication UI state

---