24 comments found.
In the file manager are the icons a public library or are they custom?
Hi, they are not from public library, the components can be found under src/assets/svg/files/*
Sup, great work!
Quick question. Is there a way to assign icons instead of dots to the sub-menu entries in the side navigation?
Edit:
Currently, an icon is only displayed in the submenu if it is a NAV_ITEM_TYPE_COLLAPSE. This is not the case with “NAV_ITEM_TYPE_ITEM.”
All right. Never mind. I found it after all. I was able to change it by modifying the cascade. Thanks anyway. Keep up the good work!
Great to heard that, please let us know if you have any further question.
Hi again,
Is the TypeScript error in middleware.ts already known? It occurs as soon as you follow the documentation and enable role-based access.
[{ “resource”: ”/C:sample/src/middleware.ts”, “owner”: “typescript”, “code”: “2339”, “severity”: 8, “message”: “Property ‘authority’ does not exist on type ‘User’.”, “source”: “ts”, “startLineNumber”: 57, “startColumn”: 82, “endLineNumber”: 57, “endColumn”: 91, “origin”: “extHost1” }]
Should authority be part of the authenticated user object by default, or is the authentication setup incomplete?
Best regards, Mason
Hi, thanks for pointing this out! This is indeed one of the slightly inconvenient parts of extending the default NextAuth session types.
Here’s what you can do: create a next-auth.d.ts file under src/@types and add the following type declarations:
import 'next-auth'
declare module 'next-auth' {
interface Session {
user?: {
id: string | null
name: string | null
email: string | null
image: string | null
authority: string[]
}
}
}
declare module 'next-auth/jwt' {
interface JWT {
sub?: string
authority?: string[]
}
}
This should resolve the type errors related to session and JWT extensions. We’ll also include this information in our documentation in the next update to make it clearer for everyone.
Thanks, the idea of following the official documentation sounds reasonable.
However, I’ve just noticed that a huge amount of adjustments are needed to make the entire authority system work properly.
Currently, at the point where you add the next-auth.d.ts, the permission checks don’t work.
Users can access pages marked as “authority: [ADMIN]” even if they only have “authority: [‘user’]”.
Hi, we tested the interceptor in the middleware, and it correctly redirected to the “Access Denied” page with the following scenario:
- Page authority: [‘admin’] - User authority: [‘user’]
It shouldn’t require much adjustment to get it working. Please share your implementation with us via our support page https://themeforest.net/item/ecme-the-ultimate-react-tailwind-admin-template/54470284/support, and we can discuss further over email.
Hello, I think this belongs in this section.
callbacks: { async session(payload) { /** apply extra user attributes here, for example, we add ‘authority’ & ‘id’ in this section */ return { ...payload.session, user: { ...payload.session.user, id: payload.token.sub, authority: [‘admin’], }, } }, },
The authority uses the static value (auth.config.ts) from it, right? The value within the mock (authData) is not used, right?
And sorry for asking such unnecessary questions. 
No problem! After looking into it further, we realized that our NextAuth configuration was missing a few parts. Since the template doesn’t enforce permission settings by default, we hadn’t fully implemented the logic for passing extra fields to the token.
Here’s the complete callback configuration in auth.config:
providers: [
...
Credentials({
async authorize(credentials) {
/** Validate credentials from backend here */
const user = await validateCredential(
credentials as SignInCredential,
)
if (!user) {
return null
}
console.log('user', user)
return {
id: user.id,
name: user.userName,
email: user.email,
image: user.avatar,
authority: user.authority,
}
},
}),
],
callbacks: {
async jwt({ token, user }) {
// Persist the authority to the token right after signin
if (user) {
token.authority = user.authority
}
return token
},
async session({ session, token }) {
// Send properties to the client
return {
...session,
user: {
...session.user,
id: token.sub,
authority: token.authority,
},
}
},
}
This setup should correctly inject the authority field into the token, allowing the middleware to access it properly.
Also, make sure to include this check in the middleware to prevent API requests from being intercepted:
!nextUrl.pathname.startsWith(appConfig.apiPrefix)
if (isSignedIn && nextUrl.pathname !== '/access-denied' && !nextUrl.pathname.startsWith(appConfig.apiPrefix)) {
We’ll include this fix and update our documentation in the next release to help prevent any future confusion. Thanks again for bringing this issue to our attention.
Sounds good. I also don’t want to ask unnecessary questions, but in this case it was the right thing to do.
One important thing remains, does the typing stay like this?
@types/next-auth.d.ts:
Because right now there’s still a small error:
“Property ‘authority’ does not exist on type ‘User | AdapterUser’. Property ‘authority’ does not exist on type ‘User’.ts(2339)”
This occurs at user.authority in auth.config.ts inside the async jwt callback.
No worries at all! You’ll still need the next-auth.d.ts file, and it should look like this:
import { DefaultSession, DefaultUser } from 'next-auth'
import { DefaultJWT } from 'next-auth/jwt'
declare module 'next-auth' {
interface Session {
user: {
id: string
authority: string[]
} & DefaultSession['user']
}
interface User extends DefaultUser {
authority: string[]
}
}
declare module 'next-auth/jwt' {
interface JWT extends DefaultJWT {
authority: string[]
}
}
Ahh, that makes sense. But now you can’t output more data from the session with just “user,” can you? For example, “{session?.user?.name || ‘Anonymous’}”.
Yes, you can. You can manipulate the returning from session
user: {
...session.user,
name: session?.user?.name || 'Anonymous',
id: token.sub,
authority: token.authority,
},
Sorry, that question was poorly phrased.
Here’s some context: after changing next-auth.d.ts, there are type errors all over the script.
For instance: “Property ‘name’ does not exist on type ‘(User & Record<string, any>) | {}’. Property ‘name’ does not exist on type ‘{}’.”
This error appears in the standard output of “{session?.user?.name || ‘Anonymous’}.
Btw I’m really surprised by the quick responses. Respect, keep up the good work!
Thanks, now we understand where your question coming from, since we re-declared the next-auth type in next-auth.d.ts, so we need to make some changes on type that we explicit in SessionContext.tsx & useCurrentSession.ts
here’s the new SessionContext.tsx & useCurrentSession.ts code
'use client'
import { createContext } from 'react'
import type { Session } from 'next-auth'
const SessionContext = createContext<Session | null>(null)
export default SessionContext
import { useContext } from 'react'
import SessionContext from '@/components/auth/AuthProvider/SessionContext'
const useCurrentSession = () => {
const context = useContext(SessionContext)
return {
session: context,
}
}
export default useCurrentSession
This should fix the type error. Thanks again for bringing this to our attention — it really helps us see where we still have room to improve.
Very clever! It makes sense. I have one last question on this topic. Would it be possible to modify the sidebar within the script, with minor changes, so that only the items you have authority over are rendered? Also, is this already built in?
Hi, the authority check is included in the SideNav, but embarrassingly, there was a small typo on line 98 of SideNav.tsx. Once corrected, it’ll work as expected. We’ll also include all these fixes in our next update.
Ahhh, unfortunately I didn’t find the mistake myself, but I noticed that the structure is definitely there. Always these little typos. Thank you very much! Have a nice day & thanks for your help. <3
No problem!, reach out any time if you encounter any issues.
Hey, I’m back for once. It’s not about a bug or anything, but could you maybe give me an example of how you use the notification, for example, based on the login? If not, that’s fine, then it will have to find out somehow. Thank you
Hi, no worries — you can either use the Toast component (https://ecme-next.themenate.net/ui-components/toast ), or combine the useTimeoutMessage hook with the Alert component to create a feedback message similar to the login page.
Here are the references:
- useTimeoutMessage: https://ecme-next.themenate.net/guide/utils-doc/use-time-out-message
- Alert: https://ecme-next.themenate.net/ui-components/alert
Hey! I forgot the thank you. I just wanted to quickly mention something I noticed about the authority logic. After making changes, the authority check now triggers before the 404 handling. For example, if a user enters a non-existent URL such as https://example.com/the-site-does-not-exist, the “Access Denied” page is displayed instead of the “Page Not Found” message.
Do you have any idea what could be causing this? This has been happening ever since we made the site role-based.
if (isSignedIn && nextUrl.pathname !== '/access-denied' && !nextUrl.pathname.startsWith(appConfig.apiPrefix)) {
const routeMeta = protectedRoutes[nextUrl.pathname]
const existingRoute = routeMeta
const includedRole = routeMeta?.authority.some((role) => ['user'].includes(role))
if (existingRoute && !includedRole) {
return Response.redirect(
new URL('/access-denied', nextUrl),
)
}
}
The ‘user’ is then hardcoded and cannot be ‘user’ or ‘admin’. This means that an ‘admin’ can no longer access any page, right?
Sorry, its our mistake, here’s the correct version
if (isSignedIn && nextUrl.pathname !== '/access-denied' && !nextUrl.pathname.startsWith(appConfig.apiPrefix)) {
const routeMeta = protectedRoutes[nextUrl.pathname]
const existingRoute = routeMeta
const includedRole = routeMeta?.authority.some((role) => req.auth?.user?.authority.includes(role))
if (existingRoute && !includedRole) {
return Response.redirect(
new URL('/access-denied', nextUrl),
)
}
}
Ahh very nice. Thank you
No problem!
Sup, quick report: Inside @types/auth.ts, there’s a small typo in the token type.
Thanks for telling, we will fix this in our next update as well!
You’re welcome! Would you prefer to receive it by email, or is this the right place to send it?
No problem, we’ve already noticed and fixed the typo. But if there’s something you’d prefer not to discuss publicly, it’s better to reach us via email.
Hi there! Awesome work, I really like it! Before I purchase the template, I want be sure about one thing: are the concepts from the preview included? To be honest, I’d like to use most of them and I don’t want to code them myself 
thank you!
Hi, thanks for interested on our template, the preview version was included in the download package, but we will still recommend to use the starter version for your project as the demo version included some code that for demo purposes only.
Hi Guys, the theme with react v19 will be available?
Hi, we are currently using react 19 for this template.
Oukey, Thanks
No problem!
I was thinking about buying this template, but I noticed several responsive issues =(
Hi, thanks for your feedback, would you mind to point out the responsive issues you discovered?
Very good looking, but do you have the base HTML version of this theme?
Thanks, however we have no plan to create a HTML version at the moment.
When using the Stacked Layout, there is no scrolling in stacked-side-nav-secondary
Hi, Thanks for the feedback! By default, stacked-side-nav-secondary doesn’t scroll, but we’ll add overflow support in the next update to handle longer menus better.
I have error
Console Error
Hydration failed because the server rendered HTML didn’t match the client. As a result this tree will be regenerated on the client. This can happen if a SSR-ed Client Component used:
- A server/client branch `if (typeof window !== ‘undefined’)`. - Variable input such as `Date.now()` or `Math.random()` which changes each time it’s called. - Date formatting in a user’s locale which doesn’t match the server. - External changing data without sending a snapshot of it along with the HTML. - Invalid HTML tag nesting.
It can also happen if the client has a browser extension installed which messes with the HTML before React loaded.
Hi, thanks for reaching out! Does this error occur on one of the existing pages or a custom page you’ve built? Please feel free to send us a message through our support mail: https://themeforest.net/item/ecme-nextjs-tailwind-admin-template-app-router/56475600/support — we’ll be happy to take a closer look and help you resolve it.
No i just npm install, npm run dev. Console Error
Hydration failed because the server rendered HTML didn’t match the client. As a result this tree will be regenerated on the client. This can happen if a SSR-ed Client Component used
Hi, we just tested it on our end and didn’t encounter any hydration error. would you mind to try again in incognito mode, or a browser without any extension installed? If you’re still seeing this issue, could you share more details about your setup or screenshot via our support mail?
Can I send you the picture? Can I have your email address?
Yes, you can send us via https://themeforest.net/item/ecme-nextjs-tailwind-admin-template-app-router/56475600/support
I have sent the image to your email address.
We just replied to your email, please check
Hi, I’m really interested in integrating this template into our project. However, I couldn’t find any mention of a Figma file, even in the paid options. Could you please let me know if a Figma design is available?
Thanks in advance!
Hi, thanks for your interest in our template. However, the Figma is not available for this template at the moment.
I would like to build a web application using your next.js template. I would allow users to create free accounts, manage their profiles, purchase credits, and obtain API keys. The actual core service (PDF generation) is an API on a separate subdomain, and usage of this API consumes the purchased credits. Is a regular license for the portal template sufficient, or is an extended license required because the portal is the means by which users pay for their credits? It’s more of a CV type of project, fully serverless (pdf generation on aws lambda) and website and database on google cloud run. I don’t expect to ever earn more than 100$ in total. No hard feelings if this use would fall under extended license, I’d totally understand and respect that.
Hi! Thanks for your interest in the template — your project sounds awesome!
Based on what you’ve described, an extended license would be required, as the template is being used in a product that facilitates or involves payment from end users.
Licensing can sometimes get a bit nuanced depending on the specifics, feel free to reach out to us via our support mail, if you’d like to discuss it further in more detail — happy to help you find the most suitable option.
support js version?
Yes, we have js version and ts version included in the package.
Wow! I just bought this Ecme template and I’m really happy with it. I’ve been looking for a nice admin panel for a while, and I can finally say I found it.
Things I love about this template:
It uses Next.js 15 and App Router which is awesome – I like staying current with tech and this template keeps my projects up-to-date.
The design is amazing! Clean but stylish, easy on the eyes. The Tailwind integration is a huge plus, I can make changes on the fly.
It has literally everything – tables, charts, forms… Everything I could think of comes ready to use.
The documentation is really well done – I set it up without any issues and started using it right away.
And the performance is great – pages load in the blink of an eye and work flawlessly on both mobile and desktop.
The only challenge I had was that it seemed a bit complex at first, but after reading the docs, I got used to it quickly.
In short, I definitely recommend this template. Money well spent, and it saved me tons of time. If you’re looking for something similar, go for it without hesitation.
Thank you so much for the amazing feedback! We are really glad to hear that you’re enjoying the template, If you ever have questions or encounters any issues, feel free to reach out anytime.
What’s the best way to follow/get updates? Is there a private Github repo we can get access to (I’ve purchased this)? Or do we just follow https://ecme-next.themenate.net/guide/changelog and then re-download from Themeforest after each new version? Hoping there is a repo, as that will be much easier.
I found the “lite” repo, but doesn’t seem like there is a paid access repo
Hi, you can refer to this guide for updating https://ecme-next.themenate.net/guide/documentation/updating
getting this message … earlier also it was pointed out by another buyer when this will be fixed? npm install npm warn deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. npm warn deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported npm warn deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported npm warn deprecated eslint@8.57.1: This version is no longer supported. Please see https://eslint.org/version-support for other options. npm warn deprecated @humanwhocodes/object-schema@2.0.3: Use @eslint/object-schema instead npm warn deprecated @humanwhocodes/config-array@0.13.0: Use @eslint/config-array instead
Hi! This issue stems from the underlying dependencies of ESLint v8, but no worries—we’ll be upgrading to v9 in our next update.
“npm warn deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.” – just an fyi of a dependency to get updated. That memory leak could cause problems.
Hi, Thanks for bringing this to our attention! We’ll review the dependency and see if an update or alternative solution is needed to prevent any potential issues.
It seems you have not protected routes by permission (protectedRoutes). if user does not have permission then redirect to ”/access-denied”
Hi, in the demo, there’s no role restriction for all the pages. However, we’ve already implemented role-based functionality in the source code for anyone who needs to enable it.
I tried changing the authority for some routers. Example with the router ”/concepts/projects/project-list” has authority: “marketing”, User has authority: “admin”, but still can access
Hi, it might need to tweak the middleware a bit for the route intercept. Please send us a support email, and we’ll guide you through implementing the role check intercept.
No problem! please send us along with your purchase ID.
Sure
What your email address I can send my purchase ID?
You can send us through our support email.
i can’t find your support email
You can send to this email jiasheng_93@hotmail.com
Tailwind version 4 ??
Yes, we are using tailwind 4 for this template.
any Figma files?
Hi, we have no figma file available at the moment.
Is there a backend for this or all of these are mockdata only? I am trying to add new user role but its not working..
Hi, the template uses mock data in the demo, so there isn’t a built-in ‘real’ backend.
if i buy it now without extend support will i get jsx support? in mid-april?
should this be separated from react js and next js?
https://themeforest.net/item/ecme-the-ultimate-react-tailwind-admin-template/54470284?s_rank=2Yes, vite version and nexjs version was separated, although both will support JS version in future’s, please make sure the version you want to purchase before proceeding.
