diff --git a/.changeset/chatty-kangaroos-rule.md b/.changeset/chatty-kangaroos-rule.md
new file mode 100644
index 000000000..962f4a1eb
--- /dev/null
+++ b/.changeset/chatty-kangaroos-rule.md
@@ -0,0 +1,119 @@
+---
+"@studiocms/dashboard": patch
+"@studiocms/auth": patch
+"@studiocms/core": patch
+"@studiocms/ui": patch
+"studiocms": patch
+---
+
+Auth system overhaul:
+
+## **`studiocms`**
+
+- Updated all Dependencies
+
+## **`@studiocms/auth`**
+
+- Update `astro:env` schema:
+    - `CMS_ENCRYPTION_KEY`: NEW - Required variable used for auth encryption, can be generated using `openssl rand --base64 16`.
+    - `CMS_GITHUB_REDIRECT_URI`: NEW - Optional variable for GitHub Redirect URI if using multiple redirect URIs with Github oAuth.
+- Removed `Luicia` based auth system and `Lucia-astrodb-adapter`
+- Removed old `authHelper`
+- Add new OAuthButton components
+    - `<OAuthButton />`
+    - `<OAuthButtonStack />`
+    - `oAuthButtonProviders.ts`
+- Add new `<AuthLayout />` component and CSS
+- Add new authentication library:
+    - Auth library is built using the lucia-next resources and will now be maintained under `@studiocms/auth` as its own full module
+    - Created Virtual module exports available during runtime
+- Add new login/signup backgrounds
+- Remove Middleware
+- Add `studiocms-logo.glb` for usage with New ThreeJS login/signup page
+- Update all Auth Routes
+- Update schema
+- Add new Scripts for ThreeJS
+- Update Stubs files and Utils
+- Refactor Integration to use new system.
+
+## **`@studiocms/core`**
+
+- Disable interactivity for `<Avatar />` component. (Will always show a empty profile icon until we setup the new system for the front-end)
+- Update table schema:
+    - `StudioCMSUsers`: Removed oAuth ID's from main user table
+
+    ```diff
+    export const StudioCMSUsers = defineTable({
+        columns: {
+            id: column.text({ primaryKey: true }),
+            url: column.text({ optional: true }),
+            name: column.text(),
+            email: column.text({ unique: true, optional: true }),
+            avatar: column.text({ optional: true }),
+    -	    githubId: column.number({ unique: true, optional: true }),
+    -	    githubURL: column.text({ optional: true }),
+    -	    discordId: column.text({ unique: true, optional: true }),
+    -	    googleId: column.text({ unique: true, optional: true }),
+    -	    auth0Id: column.text({ unique: true, optional: true }),
+            username: column.text(),
+            password: column.text({ optional: true }),
+            updatedAt: column.date({ default: NOW, optional: true }),
+            createdAt: column.date({ default: NOW, optional: true }),
+        },
+    });
+    ```
+
+    - `StudioCMSOAuthAccounts`: New table to handle all oAuth accounts and linking to Users
+
+    ```ts
+    export const StudioCMSOAuthAccounts = defineTable({
+        columns: {
+            provider: column.text(), // github, google, discord, auth0
+            providerUserId: column.text({ primaryKey: true }),
+            userId: column.text({ references: () => StudioCMSUsers.columns.id }),
+        },
+    });
+    ```
+
+    - `StudioCMSPermissions`: Updated to use direct reference to users table
+
+    ```ts
+    export const StudioCMSPermissions = defineTable({
+        columns: {
+            user: column.text({ references: () => StudioCMSUsers.columns.id }),
+            rank: column.text(),
+        },
+    });
+    ```
+
+    - `StudioCMSSiteConfig`: Added new options for login page
+
+    ```ts
+    export const StudioCMSSiteConfig = defineTable({
+        columns: {
+            id: column.number({ primaryKey: true }),
+            title: column.text(),
+            description: column.text(),
+            defaultOgImage: column.text({ optional: true }),
+            siteIcon: column.text({ optional: true }),
+            loginPageBackground: column.text({ default: 'studiocms-curves' }),
+            loginPageCustomImage: column.text({ optional: true }),
+        },
+    });
+    ```
+
+- Updated Routemap:
+    - All Auth api routes are now located at `yourhost.tld/studiocms_api/auth/*`
+
+- Updated Strings:
+    - Add new Encryption messages for the new `CMS_ENCRYPTION_KEY` variable
+
+- Removed now unused auth types.
+
+## **`@studiocms/dashboard`**
+
+- Refactor to utilize new `@studiocms/auth` lib for user verification
+
+## **`@studiocms/ui`**
+
+- Update `<Input />` component's available types
\ No newline at end of file
diff --git a/.vscode/settings.json b/.vscode/settings.json
index 450627957..44fcf1104 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -7,5 +7,6 @@
   "editor.defaultFormatter": "biomejs.biome",
   "[mdx]": {
     "editor.defaultFormatter": "esbenp.prettier-vscode"
-  }
+  },
+  "editor.gotoLocation.multipleDefinitions": "goto"
 }
diff --git a/biome.json b/biome.json
index 192101cf9..f5643ec91 100644
--- a/biome.json
+++ b/biome.json
@@ -8,7 +8,7 @@
   },
   "files": {
     "ignoreUnknown": true,
-    "ignore": ["**/.astro/**", "**/package.json", "**/dist/**", "**/ogBackgrounds/**"]
+    "ignore": ["**/.astro/**", "**/package.json", "**/dist/**"]
   },
   "formatter": {
     "lineWidth": 100,
diff --git a/packages/studiocms/package.json b/packages/studiocms/package.json
index cbe8b6377..a09334d7e 100644
--- a/packages/studiocms/package.json
+++ b/packages/studiocms/package.json
@@ -43,14 +43,6 @@
   },
   "type": "module",
   "dependencies": {
-    "@cloudinary/url-gen": "catalog:studiocms-imagehandler",
-    "@inox-tools/runtime-logger": "catalog:studiocms-shared",
-    "@markdoc/markdoc": "catalog:studiocms-shared",
-    "@matthiesenxyz/astrolace": "catalog:studiocms-shared",
-    "@matthiesenxyz/integration-utils": "catalog:studiocms-shared",
-    "@matthiesenxyz/unocss-preset-daisyui": "catalog:studiocms-shared",
-    "@noble/hashes": "catalog:studiocms-shared",
-    "@shikijs/transformers": "catalog:studiocms-renderer",
     "@studiocms/assets": "workspace:*",
     "@studiocms/auth": "workspace:*",
     "@studiocms/betaresources": "workspace:*",
@@ -60,23 +52,48 @@
     "@studiocms/imagehandler": "workspace:*",
     "@studiocms/renderers": "workspace:*",
     "@studiocms/robotstxt": "workspace:*",
-    "@unocss/astro": "catalog:studiocms-shared",
-    "@unocss/reset": "catalog:studiocms-shared",
+
     "astro-integration-kit": "catalog:",
-    "arctic": "catalog:studiocms-shared",
-    "daisyui": "catalog:studiocms-shared",
-    "lucia": "catalog:studiocms-shared",
-    "marked": "catalog:studiocms-shared",
+
+    "package-json": "catalog:studiocms",
+    "semver": "catalog:studiocms",
+
+    "mrmime": "catalog:studiocms-core",
+    "remark-rehype": "catalog:studiocms-core",
+    "mdast-util-to-hast": "catalog:studiocms-core",
+
+    "@oslojs/crypto": "catalog:studiocms-auth",
+    "@oslojs/encoding": "catalog:studiocms-auth",
+    "@oslojs/binary": "catalog:studiocms-auth",
+    "@types/bcryptjs": "catalog:studiocms-auth",
+    "bcryptjs": "catalog:studiocms-auth",
+    "@types/three": "catalog:studiocms-auth",
+    "arctic": "catalog:studiocms-auth",
+    "three": "catalog:studiocms-auth",
+
+    "@fontsource-variable/onest": "catalog:studiocms-shared",
+    "@inox-tools/runtime-logger": "catalog:studiocms-shared",
+    "@matthiesenxyz/astrodtsbuilder": "catalog:studiocms-shared",
+    "@matthiesenxyz/integration-utils": "catalog:studiocms-shared",
+    "rollup-plugin-copy": "catalog:studiocms-shared",
+
+    "marked": "catalog:studiocms-renderer",
     "marked-alert": "catalog:studiocms-renderer",
     "marked-emoji": "catalog:studiocms-renderer",
     "marked-footnote": "catalog:studiocms-renderer",
     "marked-shiki": "catalog:studiocms-renderer",
     "marked-smartypants": "catalog:studiocms-renderer",
-    "micromatch": "catalog:studiocms-shared",
-    "mrmime": "catalog:studiocms-shared",
-    "package-json": "catalog:studiocms",
-    "semver": "catalog:studiocms",
-    "shiki": "catalog:studiocms-shared",
+    "@markdoc/markdoc": "catalog:studiocms-renderer",
+    "shiki": "catalog:studiocms-renderer",
+    "@shikijs/transformers": "catalog:studiocms-renderer",
+
+    "@cloudinary/url-gen": "catalog:studiocms-imagehandler",
+
+    "@matthiesenxyz/astrolace": "catalog:studiocms-shared",
+    "@matthiesenxyz/unocss-preset-daisyui": "catalog:studiocms-shared",
+    "@unocss/astro": "catalog:studiocms-shared",
+    "@unocss/reset": "catalog:studiocms-shared",
+    "daisyui": "catalog:studiocms-shared",
     "unocss": "catalog:studiocms-shared"
   },
   "peerDependencies": {
@@ -92,7 +109,6 @@
   "devDependencies": {
     "vite": "catalog:",
     "typescript": "catalog:",
-    "@types/micromatch": "catalog:studiocms-shared",
     "@types/semver": "catalog:studiocms"
   }
 }
diff --git a/packages/studiocms_auth/env.d.ts b/packages/studiocms_auth/env.d.ts
index 7c8c624f5..86fd4d5bb 100644
--- a/packages/studiocms_auth/env.d.ts
+++ b/packages/studiocms_auth/env.d.ts
@@ -6,36 +6,3 @@ interface ImportMetaEnv {
 interface ImportMeta {
 	readonly env: ImportMetaEnv;
 }
-
-declare namespace App {
-	interface Locals {
-		isLoggedIn: boolean;
-		dbUser?: {
-			id: string;
-			url: string | null;
-			name: string;
-			email: string | null;
-			avatar: string | null;
-			githubId: number | null;
-			githubURL: string | null;
-			discordId: string | null;
-			googleId: string | null;
-			auth0Id: string | null;
-			username: string;
-			password: string | null;
-			updatedAt: Date | null;
-			createdAt: Date | null;
-		} | null;
-		user?: {
-			id: string;
-			username?: string;
-			githubId?: number;
-		} | null;
-		session?: {
-			id: string;
-			userId: string;
-			fresh: boolean;
-			expiresAt: Date;
-		} | null;
-	}
-}
diff --git a/packages/studiocms_auth/package.json b/packages/studiocms_auth/package.json
index 0d4fb3851..35f9c0d3b 100644
--- a/packages/studiocms_auth/package.json
+++ b/packages/studiocms_auth/package.json
@@ -30,32 +30,33 @@
     "src"
   ],
   "exports": {
-    ".": "./src/index.ts",
-    "./lucia": "./src/auth/index.ts"
+    ".": "./src/index.ts"
   },
   "type": "module",
   "dependencies": {
+    "@studiocms/core": "workspace:*",
+    "@studiocms/ui": "workspace:*",
+    "astro-integration-kit": "catalog:",
+    "@fontsource-variable/onest": "catalog:studiocms-shared",
     "@inox-tools/runtime-logger": "catalog:studiocms-shared",
-    "@matthiesenxyz/astrolace": "catalog:studiocms-shared",
     "@matthiesenxyz/astrodtsbuilder": "catalog:studiocms-shared",
     "@matthiesenxyz/integration-utils": "catalog:studiocms-shared",
-    "@noble/hashes": "catalog:studiocms-shared",
-    "@studiocms/assets": "workspace:*",
-    "@studiocms/core": "workspace:*",
-    "micromatch": "catalog:studiocms-shared",
-    "lucia": "catalog:studiocms-shared",
-    "arctic": "catalog:studiocms-shared",
-    "astro-integration-kit": "catalog:"
+    "rollup-plugin-copy": "catalog:studiocms-shared",
+    "@oslojs/binary": "catalog:studiocms-auth",
+    "@oslojs/crypto": "catalog:studiocms-auth",
+    "@oslojs/encoding": "catalog:studiocms-auth",
+    "@types/three": "catalog:studiocms-auth",
+    "arctic": "catalog:studiocms-auth",
+    "three": "catalog:studiocms-auth",
+    "@types/bcryptjs": "catalog:studiocms-auth",
+    "bcryptjs": "catalog:studiocms-auth"
   },
   "peerDependencies": {
-    "@studiocms/core": "workspace:*",
-    "@studiocms/dashboard": "workspace:*",
     "@astrojs/db": "catalog:min",
     "astro": "catalog:min"
   },
   "devDependencies": {
     "vite": "catalog:",
-    "typescript": "catalog:",
-    "@types/micromatch": "catalog:studiocms-shared"
+    "typescript": "catalog:"
   }
 }
diff --git a/packages/studiocms_auth/src/astroenv/env.ts b/packages/studiocms_auth/src/astroenv/env.ts
index 369f7b9ab..e72998b95 100644
--- a/packages/studiocms_auth/src/astroenv/env.ts
+++ b/packages/studiocms_auth/src/astroenv/env.ts
@@ -4,6 +4,12 @@ import { envField } from 'astro/config';
 export const astroENV: AstroConfig['experimental']['env'] = {
 	validateSecrets: true,
 	schema: {
+		// Auth Encryption Key
+		CMS_ENCRYPTION_KEY: envField.string({
+			context: 'server',
+			access: 'secret',
+			optional: false,
+		}),
 		// GitHub Auth Provider Environment Variables
 		CMS_GITHUB_CLIENT_ID: envField.string({
 			context: 'server',
@@ -15,6 +21,11 @@ export const astroENV: AstroConfig['experimental']['env'] = {
 			access: 'secret',
 			optional: true,
 		}),
+		CMS_GITHUB_REDIRECT_URI: envField.string({
+			context: 'server',
+			access: 'secret',
+			optional: true,
+		}),
 		// Discord Auth Provider Environment Variables
 		CMS_DISCORD_CLIENT_ID: envField.string({
 			context: 'server',
diff --git a/packages/studiocms_auth/src/auth/index.ts b/packages/studiocms_auth/src/auth/index.ts
deleted file mode 100644
index 8d99f5086..000000000
--- a/packages/studiocms_auth/src/auth/index.ts
+++ /dev/null
@@ -1,33 +0,0 @@
-import { db } from 'astro:db';
-import { tsSessionTable, tsUsers } from '@studiocms/core/db/tsTables';
-import { Lucia, TimeSpan } from 'lucia';
-import { AstroDBAdapter } from './lucia-astrodb-adapter';
-
-const adapter = new AstroDBAdapter(db, tsSessionTable, tsUsers);
-export const lucia = new Lucia(adapter, {
-	sessionExpiresIn: new TimeSpan(2, 'w'),
-	sessionCookie: {
-		attributes: {
-			secure: import.meta.env.PROD,
-		},
-	},
-	getUserAttributes: (attributes) => {
-		return {
-			// attributes has the type of DatabaseUserAttributes
-			id: attributes.id,
-			username: attributes.username,
-		};
-	},
-});
-
-declare module 'lucia' {
-	interface Register {
-		Lucia: typeof lucia;
-		DatabaseUserAttributes: DatabaseUserAttributes;
-	}
-}
-
-interface DatabaseUserAttributes {
-	username: string;
-	id: string;
-}
diff --git a/packages/studiocms_auth/src/auth/lucia-astrodb-adapter.ts b/packages/studiocms_auth/src/auth/lucia-astrodb-adapter.ts
deleted file mode 100644
index a66d82214..000000000
--- a/packages/studiocms_auth/src/auth/lucia-astrodb-adapter.ts
+++ /dev/null
@@ -1,179 +0,0 @@
-/// <reference types="@astrojs/db" />
-import { eq, lte } from 'astro:db';
-
-import type { Database, Table } from '@astrojs/db/runtime';
-import type { Adapter, DatabaseSession, DatabaseUser, UserId } from 'lucia';
-
-export class AstroDBAdapter implements Adapter {
-	private db: Database;
-
-	private sessionTable: SessionTable;
-	private userTable: UserTable;
-
-	constructor(db: Database, sessionTable: SessionTable, userTable: UserTable) {
-		this.db = db;
-		this.sessionTable = sessionTable;
-		this.userTable = userTable;
-	}
-
-	public async deleteSession(sessionId: string): Promise<void> {
-		await this.db.delete(this.sessionTable).where(eq(this.sessionTable.id, sessionId));
-	}
-
-	public async deleteUserSessions(userId: UserId): Promise<void> {
-		await this.db.delete(this.sessionTable).where(eq(this.sessionTable.userId, userId));
-	}
-
-	public async getSessionAndUser(
-		sessionId: string
-	): Promise<[session: DatabaseSession | null, user: DatabaseUser | null]> {
-		const result = await this.db
-			.select({
-				user: this.userTable,
-				session: this.sessionTable,
-			})
-			.from(this.sessionTable)
-			.innerJoin(this.userTable, eq(this.sessionTable.userId, this.userTable.id))
-			.where(eq(this.sessionTable.id, sessionId))
-			.get();
-		if (!result) return [null, null];
-		return [transformIntoDatabaseSession(result.session), transformIntoDatabaseUser(result.user)];
-	}
-
-	public async getUserSessions(userId: UserId): Promise<DatabaseSession[]> {
-		const result = await this.db
-			.select()
-			.from(this.sessionTable)
-			.where(eq(this.sessionTable.userId, userId))
-			.all();
-		return result.map((val) => {
-			return transformIntoDatabaseSession(val);
-		});
-	}
-
-	public async setSession(session: DatabaseSession): Promise<void> {
-		await this.db
-			.insert(this.sessionTable)
-			.values({
-				id: session.id,
-				userId: session.userId,
-				expiresAt: session.expiresAt,
-				...session.attributes,
-			})
-			.run();
-	}
-
-	public async updateSessionExpiration(sessionId: string, expiresAt: Date): Promise<void> {
-		await this.db
-			.update(this.sessionTable)
-			.set({
-				expiresAt: expiresAt,
-			})
-			.where(eq(this.sessionTable.id, sessionId))
-			.run();
-	}
-
-	public async deleteExpiredSessions(): Promise<void> {
-		await this.db.delete(this.sessionTable).where(lte(this.sessionTable.expiresAt, new Date()));
-	}
-}
-
-// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-function transformIntoDatabaseSession(raw: any): DatabaseSession {
-	const { id, userId, expiresAt, ...attributes } = raw;
-	return {
-		userId,
-		id,
-		expiresAt,
-		attributes,
-	};
-}
-
-// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-function transformIntoDatabaseUser(raw: any): DatabaseUser {
-	const { id, ...attributes } = raw;
-	return {
-		id,
-		attributes,
-	};
-}
-
-export type UserTable = Table<
-	// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-	any,
-	{
-		id: {
-			type: UserIdColumnType;
-			schema: {
-				unique: false;
-				// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-				deprecated: any;
-				// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-				name: any;
-				// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-				collection: any;
-				primaryKey: true;
-			};
-		};
-	}
->;
-
-export type SessionTable = Table<
-	// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-	any,
-	{
-		id: {
-			type: 'text';
-			schema: {
-				unique: false;
-				// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-				deprecated: any;
-				// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-				name: any;
-				// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-				collection: any;
-				primaryKey: true;
-			};
-		};
-		expiresAt: {
-			type: 'date';
-			schema: {
-				optional: false;
-				unique: false;
-				// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-				deprecated: any;
-				// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-				name: any;
-				// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-				collection: any;
-			};
-		};
-		userId: {
-			type: UserIdColumnType;
-			schema: {
-				unique: false;
-				deprecated: false;
-				// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-				name: any;
-				// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-				collection: any;
-				primaryKey: false;
-				optional: false;
-				references: {
-					type: UserIdColumnType;
-					schema: {
-						unique: false;
-						deprecated: false;
-						// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-						name: any;
-						// biome-ignore lint/suspicious/noExplicitAny: <explanation>
-						collection: any;
-						primaryKey: true;
-					};
-				};
-			};
-		};
-	}
->;
-
-type UserIdColumnType = UserId extends string ? 'text' : UserId extends number ? 'number' : never;
diff --git a/packages/studiocms_auth/src/components/OAuthButton.astro b/packages/studiocms_auth/src/components/OAuthButton.astro
new file mode 100644
index 000000000..d36d78531
--- /dev/null
+++ b/packages/studiocms_auth/src/components/OAuthButton.astro
@@ -0,0 +1,21 @@
+---
+import { Button } from '@studiocms/ui/components';
+
+interface Props {
+	href: string;
+	label: string;
+	image: string;
+}
+
+const { href, label, image } = Astro.props;
+---
+<Button as="a" href={href} variant="solid" size="lg">
+    <Fragment set:html={image} />
+    <span>{label}</span>
+</Button>
+
+<style>
+    .button {
+        color: var(--text-inverted) !important;
+    }
+</style>
\ No newline at end of file
diff --git a/packages/studiocms_auth/src/components/OAuthButtonStack.astro b/packages/studiocms_auth/src/components/OAuthButtonStack.astro
new file mode 100644
index 000000000..731c4f205
--- /dev/null
+++ b/packages/studiocms_auth/src/components/OAuthButtonStack.astro
@@ -0,0 +1,15 @@
+---
+import { Divider } from '@studiocms/ui/components';
+import OAuthButton from './OAuthButton.astro';
+import { providerData, showOAuth } from './oAuthButtonProviders';
+
+const shouldShowOAuth = showOAuth && providerData.some(({ enabled }) => enabled);
+---
+{ shouldShowOAuth && ( 
+	<Divider>or log in using</Divider>
+    <div class="button-stack">
+	{
+		providerData.map(({enabled, ...props}) => enabled && <OAuthButton {...props} />)
+	}
+    </div>
+)}
\ No newline at end of file
diff --git a/packages/studiocms_auth/src/components/StudioCMSLogoSVG.astro b/packages/studiocms_auth/src/components/StudioCMSLogoSVG.astro
new file mode 100644
index 000000000..639329a7c
--- /dev/null
+++ b/packages/studiocms_auth/src/components/StudioCMSLogoSVG.astro
@@ -0,0 +1,13 @@
+---
+import type { HTMLAttributes } from 'astro/types';
+
+interface Props extends HTMLAttributes<'svg'> {}
+
+const { class: className } = Astro.props;
+---
+
+<svg class:list={[className]} width="755" height="792" viewBox="0 0 755 792" fill="none" xmlns="http://www.w3.org/2000/svg">
+  <rect x="295" width="460" height="466" rx="32" fill="currentColor"/>
+  <path d="M272 434V166H180C162.327 166 148 180.327 148 198V597C148 614.673 162.327 629 180 629H577.5C595.173 629 609.5 614.673 609.5 597V490H328C297.072 490 272 464.928 272 434Z" fill="currentColor"/>
+  <path d="M124 597V329H32C14.3269 329 0 343.327 0 361V760C0 777.673 14.3269 792 32 792H429.5C447.173 792 461.5 777.673 461.5 760V653H180C149.072 653 124 627.928 124 597Z" fill="currentColor"/>
+</svg>
diff --git a/packages/studiocms_auth/src/components/oAuthButtonProviders.ts b/packages/studiocms_auth/src/components/oAuthButtonProviders.ts
new file mode 100644
index 000000000..ca56993a9
--- /dev/null
+++ b/packages/studiocms_auth/src/components/oAuthButtonProviders.ts
@@ -0,0 +1,57 @@
+import { authEnvCheck } from 'studiocms:auth/utils/authEnvCheck';
+import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
+import Config from 'virtual:studiocms/config';
+
+const {
+	dashboardConfig: {
+		AuthConfig: { providers },
+	},
+} = Config;
+
+const {
+	authLinks: { googleIndex, auth0Index, discordIndex, githubIndex },
+} = StudioCMSRoutes;
+
+const {
+	DISCORD: { ENABLED: discordEnabled },
+	GITHUB: { ENABLED: githubEnabled },
+	GOOGLE: { ENABLED: googleEnabled },
+	AUTH0: { ENABLED: auth0Enabled },
+	SHOW_OAUTH,
+} = await authEnvCheck(providers);
+
+export const showOAuth = SHOW_OAUTH;
+
+type ProviderData = {
+	enabled: boolean;
+	href: string;
+	label: string;
+	image: string;
+};
+
+export const providerData: ProviderData[] = [
+	{
+		enabled: githubEnabled,
+		href: githubIndex,
+		label: 'GitHub',
+		image: `<svg width="1.5rem" height="auto" viewBox="0 0 98 96" xmlns="http://www.w3.org/2000/svg" class="oauth-logo"><path fill-rule="evenodd" clip-rule="evenodd" d="M48.854 0C21.839 0 0 22 0 49.217c0 21.756 13.993 40.172 33.405 46.69 2.427.49 3.316-1.059 3.316-2.362 0-1.141-.08-5.052-.08-9.127-13.59 2.934-16.42-5.867-16.42-5.867-2.184-5.704-5.42-7.17-5.42-7.17-4.448-3.015.324-3.015.324-3.015 4.934.326 7.523 5.052 7.523 5.052 4.367 7.496 11.404 5.378 14.235 4.074.404-3.178 1.699-5.378 3.074-6.6-10.839-1.141-22.243-5.378-22.243-24.283 0-5.378 1.94-9.778 5.014-13.2-.485-1.222-2.184-6.275.486-13.038 0 0 4.125-1.304 13.426 5.052a46.97 46.97 0 0 1 12.214-1.63c4.125 0 8.33.571 12.213 1.63 9.302-6.356 13.427-5.052 13.427-5.052 2.67 6.763.97 11.816.485 13.038 3.155 3.422 5.015 7.822 5.015 13.2 0 18.905-11.404 23.06-22.324 24.283 1.78 1.548 3.316 4.481 3.316 9.126 0 6.6-.08 11.897-.08 13.526 0 1.304.89 2.853 3.316 2.364 19.412-6.52 33.405-24.935 33.405-46.691C97.707 22 75.788 0 48.854 0z" fill="currentColor"/></svg>`,
+	},
+	{
+		enabled: discordEnabled,
+		href: discordIndex,
+		label: 'Discord',
+		image: `<svg xmlns="http://www.w3.org/2000/svg" width="1.5rem" height="auto" viewBox="0 0 256 199" class="oauth-logo"><path fill="currentColor" d="M216.856 16.597A208.5 208.5 0 0 0 164.042 0c-2.275 4.113-4.933 9.645-6.766 14.046q-29.538-4.442-58.533 0c-1.832-4.4-4.55-9.933-6.846-14.046a207.8 207.8 0 0 0-52.855 16.638C5.618 67.147-3.443 116.4 1.087 164.956c22.169 16.555 43.653 26.612 64.775 33.193A161 161 0 0 0 79.735 175.3a136.4 136.4 0 0 1-21.846-10.632a109 109 0 0 0 5.356-4.237c42.122 19.702 87.89 19.702 129.51 0a132 132 0 0 0 5.355 4.237a136 136 0 0 1-21.886 10.653c4.006 8.02 8.638 15.67 13.873 22.848c21.142-6.58 42.646-16.637 64.815-33.213c5.316-56.288-9.08-105.09-38.056-148.36M85.474 135.095c-12.645 0-23.015-11.805-23.015-26.18s10.149-26.2 23.015-26.2s23.236 11.804 23.015 26.2c.02 14.375-10.148 26.18-23.015 26.18m85.051 0c-12.645 0-23.014-11.805-23.014-26.18s10.148-26.2 23.014-26.2c12.867 0 23.236 11.804 23.015 26.2c0 14.375-10.148 26.18-23.015 26.18"/></svg>`,
+	},
+	{
+		enabled: googleEnabled,
+		href: googleIndex,
+		label: 'Google',
+		image: `<svg xmlns="http://www.w3.org/2000/svg" width="1.5rem" height="auto" viewBox="0 0 256 262" class="oauth-logo"><path fill="#4285f4" d="M255.878 133.451c0-10.734-.871-18.567-2.756-26.69H130.55v48.448h71.947c-1.45 12.04-9.283 30.172-26.69 42.356l-.244 1.622l38.755 30.023l2.685.268c24.659-22.774 38.875-56.282 38.875-96.027"/><path fill="#34a853" d="M130.55 261.1c35.248 0 64.839-11.605 86.453-31.622l-41.196-31.913c-11.024 7.688-25.82 13.055-45.257 13.055c-34.523 0-63.824-22.773-74.269-54.25l-1.531.13l-40.298 31.187l-.527 1.465C35.393 231.798 79.49 261.1 130.55 261.1"/><path fill="#fbbc05" d="M56.281 156.37c-2.756-8.123-4.351-16.827-4.351-25.82c0-8.994 1.595-17.697 4.206-25.82l-.073-1.73L15.26 71.312l-1.335.635C5.077 89.644 0 109.517 0 130.55s5.077 40.905 13.925 58.602z"/><path fill="#eb4335" d="M130.55 50.479c24.514 0 41.05 10.589 50.479 19.438l36.844-35.974C195.245 12.91 165.798 0 130.55 0C79.49 0 35.393 29.301 13.925 71.947l42.211 32.783c10.59-31.477 39.891-54.251 74.414-54.251"/></svg>`,
+	},
+	{
+		enabled: auth0Enabled,
+		href: auth0Index,
+		label: 'Auth0',
+		image: `<svg xmlns="http://www.w3.org/2000/svg"  width="1.5rem" height="auto" viewBox="0 0 32 32" class="oauth-logo"><path fill="currentColor" d="M29.307 9.932L26.161 0H5.796L2.692 9.932c-1.802 5.75.042 12.271 5.089 16.021L16.01 32l8.208-6.068c5.005-3.75 6.911-10.25 5.089-16.021l-8.214 6.104l3.12 9.938l-8.208-6.13l-8.208 6.104l3.141-9.911l-8.25-6.063l10.177-.063l3.146-9.891l3.141 9.87z"/></svg>`,
+	},
+];
diff --git a/packages/studiocms_auth/src/helpers/authHelper.ts b/packages/studiocms_auth/src/helpers/authHelper.ts
deleted file mode 100644
index 1a5ae014b..000000000
--- a/packages/studiocms_auth/src/helpers/authHelper.ts
+++ /dev/null
@@ -1,76 +0,0 @@
-import { db, sql } from 'astro:db';
-import { tsPermissions } from '@studiocms/core/db/tsTables';
-import type { Session } from 'lucia';
-import { lucia } from '../auth';
-
-type authHelperResponse = {
-	id: string;
-	username: string | null;
-	name: string | null;
-	email: string | null;
-	avatar: string | null;
-	githubURL: string | null;
-	permissionLevel: 'admin' | 'editor' | 'visitor' | 'unknown';
-	currentUserSession: Session | undefined;
-};
-
-/**
- * # Auth Helper Function
- *
- * @param locals The Astro.locals object
- * @returns The current user data and session information and permission level
- */
-export default async function authHelper(locals: App.Locals): Promise<authHelperResponse> {
-	let user: authHelperResponse = {
-		id: '',
-		permissionLevel: 'unknown',
-		username: null,
-		name: null,
-		email: null,
-		avatar: null,
-		githubURL: null,
-		currentUserSession: undefined,
-	};
-
-	if (locals.isLoggedIn && locals.dbUser) {
-		let permissionLevel: 'admin' | 'editor' | 'visitor' | 'unknown' = 'unknown';
-		const permissions = await db
-			.select()
-			.from(tsPermissions)
-			.where(sql`lower(${tsPermissions.username}) = ${locals.dbUser.username.toLowerCase()}`)
-			.get();
-
-		if (
-			permissions &&
-			permissions.username.toLowerCase() === locals.dbUser.username.toLowerCase()
-		) {
-			switch (permissions.rank) {
-				case 'admin':
-					permissionLevel = 'admin';
-					break;
-				case 'editor':
-					permissionLevel = 'editor';
-					break;
-				case 'visitor':
-					permissionLevel = 'visitor';
-					break;
-				default:
-					permissionLevel = 'unknown';
-					break;
-			}
-		}
-
-		user = {
-			id: locals.dbUser.id,
-			username: locals.dbUser.username,
-			name: locals.dbUser.name,
-			email: locals.dbUser.email,
-			avatar: locals.dbUser.avatar,
-			githubURL: locals.dbUser.githubURL,
-			currentUserSession: (await lucia.getUserSessions(locals.dbUser.id))[0],
-			permissionLevel,
-		};
-	}
-
-	return user;
-}
diff --git a/packages/studiocms_auth/src/integration.ts b/packages/studiocms_auth/src/integration.ts
index 4b41f340b..9d2471ac6 100644
--- a/packages/studiocms_auth/src/integration.ts
+++ b/packages/studiocms_auth/src/integration.ts
@@ -1,21 +1,40 @@
 import { runtimeLogger } from '@inox-tools/runtime-logger';
 import { integrationLogger } from '@matthiesenxyz/integration-utils/astroUtils';
-import { AuthProviderLogStrings, DashboardStrings } from '@studiocms/core/strings';
+import { DashboardStrings } from '@studiocms/core/strings';
 import { addAstroEnvConfig } from '@studiocms/core/utils';
 import { addVirtualImports, createResolver, defineIntegration } from 'astro-integration-kit';
+import copy from 'rollup-plugin-copy';
 import { name } from '../package.json';
 import { astroENV } from './astroenv/env';
 import { StudioCMSAuthOptionsSchema } from './schema';
-import authConfigDTS from './stubs/auth-config';
-import authHelperDTS from './stubs/auth-helpers';
+import authLibDTS from './stubs/auth-lib';
+import authScriptsDTS from './stubs/auth-scripts';
+import authUtilsDTS from './stubs/auth-utils';
 import { checkEnvKeys } from './utils/checkENV';
-import { injectAuthRouteArray } from './utils/injectAuthRoutes';
-import { usernameAndPasswordAuthConfig } from './utils/studioauth-config';
+import { injectAuthAPIRoutes, injectAuthPageRoutes } from './utils/routeBuilder';
 
 export default defineIntegration({
 	name,
 	optionsSchema: StudioCMSAuthOptionsSchema,
-	setup({ name, options }) {
+	setup({
+		name,
+		options,
+		options: {
+			dashboardConfig: {
+				dashboardEnabled,
+				AuthConfig: {
+					providers: {
+						github: githubAPI,
+						discord: discordAPI,
+						google: googleAPI,
+						auth0: auth0API,
+						usernameAndPassword: usernameAndPasswordAPI,
+						usernameAndPasswordConfig: { allowUserRegistration },
+					},
+				},
+			},
+		},
+	}) {
 		// Create resolver relative to this file
 		const { resolve } = createResolver(import.meta.url);
 
@@ -23,7 +42,7 @@ export default defineIntegration({
 			hooks: {
 				'astro:config:setup': async (params) => {
 					// Destructure Params
-					const { logger } = params;
+					const { logger, updateConfig } = params;
 
 					// Log that Setup is Starting
 					integrationLogger(
@@ -40,132 +59,133 @@ export default defineIntegration({
 					// Update Astro Config with Environment Variables (`astro:env`)
 					addAstroEnvConfig(params, astroENV);
 
-					// If Username and Password Auth is enabled Verify the Auth Config File Exists and is setup!
-					usernameAndPasswordAuthConfig(params, { options, name });
-
 					// injectAuthHelper
 					addVirtualImports(params, {
 						name,
 						imports: {
-							'studiocms:auth/helpers': `export { default as authHelper } from '${resolve('./helpers/authHelper.ts')}'`,
+							'studiocms:auth/lib/encryption': `export * from '${resolve('./lib/encryption.ts')}'`,
+							'studiocms:auth/lib/password': `export * from '${resolve('./lib/password.ts')}'`,
+							'studiocms:auth/lib/rate-limit': `export * from '${resolve('./lib/rate-limit.ts')}'`,
+							'studiocms:auth/lib/session': `export * from '${resolve('./lib/session.ts')}'`,
+							'studiocms:auth/lib/types': `export * from '${resolve('./lib/types.ts')}'`,
+							'studiocms:auth/lib/user': `export * from '${resolve('./lib/user.ts')}'`,
+							'studiocms:auth/utils/authEnvCheck': `export * from '${resolve('./utils/authEnvCheck.ts')}'`,
+							'studiocms:auth/utils/validImages': `export * from '${resolve('./utils/validImages.ts')}'`,
+							'studiocms:auth/scripts/three': `import ${JSON.stringify(resolve('./scripts/three.ts'))}`,
+							'studiocms:auth/scripts/formListener': `export * from '${resolve('./scripts/formListener.ts')}'`,
 						},
 					});
 
-					// Inject Routes
-					injectAuthRouteArray(params, {
+					// Update Astro Config
+					updateConfig({
+						security: {
+							checkOrigin: true,
+						},
+						experimental: {
+							directRenderScript: true,
+						},
+						vite: {
+							optimizeDeps: {
+								exclude: ['astro:db', 'three'],
+							},
+							plugins: [
+								copy({
+									copyOnce: true,
+									hook: 'buildStart',
+									targets: [
+										{
+											src: resolve('./resources/*'),
+											dest: 'public/studiocms-auth/',
+										},
+									],
+								}),
+							],
+						},
+					});
+
+					// Inject API Routes
+					injectAuthAPIRoutes(params, {
 						options,
-						middleware: resolve('./middleware/index.ts'),
-						providerRoutes: [
+						routes: [
+							{
+								pattern: 'login',
+								entrypoint: resolve('./routes/api/login.ts'),
+								enabled: usernameAndPasswordAPI,
+							},
+							{
+								pattern: 'register',
+								entrypoint: resolve('./routes/api/register.ts'),
+								enabled: usernameAndPasswordAPI && allowUserRegistration,
+							},
 							{
-								enabled: options.dashboardConfig.AuthConfig.providers.github,
-								logs: AuthProviderLogStrings.githubLogs,
-								routes: [
-									{
-										pattern: 'login/github',
-										entrypoint: resolve('./routes/login/github/index.ts'),
-									},
-									{
-										pattern: 'login/github/callback',
-										entrypoint: resolve('./routes/login/github/callback.ts'),
-									},
-								],
+								pattern: 'github',
+								entrypoint: resolve('./routes/api/github/index.ts'),
+								enabled: githubAPI,
 							},
 							{
-								enabled: options.dashboardConfig.AuthConfig.providers.discord,
-								logs: AuthProviderLogStrings.discordLogs,
-								routes: [
-									{
-										pattern: 'login/discord',
-										entrypoint: resolve('./routes/login/discord/index.ts'),
-									},
-									{
-										pattern: 'login/discord/callback',
-										entrypoint: resolve('./routes/login/discord/callback.ts'),
-									},
-								],
+								pattern: 'github/callback',
+								entrypoint: resolve('./routes/api/github/callback.ts'),
+								enabled: githubAPI,
 							},
 							{
-								enabled: options.dashboardConfig.AuthConfig.providers.google,
-								logs: AuthProviderLogStrings.googleLogs,
-								routes: [
-									{
-										pattern: 'login/google',
-										entrypoint: resolve('./routes/login/google/index.ts'),
-									},
-									{
-										pattern: 'login/google/callback',
-										entrypoint: resolve('./routes/login/google/callback.ts'),
-									},
-								],
+								pattern: 'discord',
+								entrypoint: resolve('./routes/api/discord/index.ts'),
+								enabled: discordAPI,
 							},
 							{
-								enabled: options.dashboardConfig.AuthConfig.providers.auth0,
-								logs: AuthProviderLogStrings.auth0Logs,
-								routes: [
-									{
-										pattern: 'login/auth0',
-										entrypoint: resolve('./routes/login/auth0/index.ts'),
-									},
-									{
-										pattern: 'login/auth0/callback',
-										entrypoint: resolve('./routes/login/auth0/callback.ts'),
-									},
-								],
+								pattern: 'discord/callback',
+								entrypoint: resolve('./routes/api/discord/callback.ts'),
+								enabled: discordAPI,
 							},
 							{
-								enabled: options.dashboardConfig.AuthConfig.providers.usernameAndPassword,
-								logs: AuthProviderLogStrings.usernameAndPasswordLogs,
-								routes: [
-									{
-										pattern: 'login/api/login',
-										entrypoint: resolve('./routes/login/api/login.ts'),
-									},
-								],
+								pattern: 'google',
+								entrypoint: resolve('./routes/api/google/index.ts'),
+								enabled: googleAPI,
+							},
+							{
+								pattern: 'google/callback',
+								entrypoint: resolve('./routes/api/google/callback.ts'),
+								enabled: googleAPI,
+							},
+							{
+								pattern: 'auth0',
+								entrypoint: resolve('./routes/api/auth0/index.ts'),
+								enabled: auth0API,
+							},
+							{
+								pattern: 'auth0/callback',
+								entrypoint: resolve('./routes/api/auth0/callback.ts'),
+								enabled: auth0API,
+							},
+						],
+					});
+
+					injectAuthPageRoutes(params, {
+						options,
+						routes: [
+							{
+								pattern: 'login/',
+								entrypoint: resolve('./routes/login.astro'),
+								enabled: dashboardEnabled && !options.dbStartPage,
 							},
 							{
-								enabled:
-									options.dashboardConfig.AuthConfig.providers.usernameAndPassword &&
-									options.dashboardConfig.AuthConfig.providers.usernameAndPasswordConfig
-										.allowUserRegistration,
-								logs: AuthProviderLogStrings.allowUserRegistration,
-								routes: [
-									{
-										pattern: 'signup/',
-										entrypoint: resolve('./routes/login/signup.astro'),
-									},
-									{
-										pattern: 'login/api/register',
-										entrypoint: resolve('./routes/login/api/register.ts'),
-									},
-								],
+								pattern: 'logout/',
+								entrypoint: resolve('./routes/logout.ts'),
+								enabled: dashboardEnabled && !options.dbStartPage,
 							},
 							{
-								enabled:
-									options.dashboardConfig.dashboardEnabled &&
-									!options.dbStartPage &&
-									options.dashboardConfig.AuthConfig.enabled,
-								logs: {
-									enabledMessage: 'Auth Enabled, Injecting Login and Logout Pages',
-									disabledMessage: 'Auth Disabled',
-								},
-								routes: [
-									{
-										pattern: 'login/',
-										entrypoint: resolve('./routes/login/index.astro'),
-									},
-									{
-										pattern: 'logout/',
-										entrypoint: resolve('./routes/logout.ts'),
-									},
-								],
+								pattern: 'signup/',
+								entrypoint: resolve('./routes/signup.astro'),
+								enabled: usernameAndPasswordAPI && allowUserRegistration,
 							},
 						],
 					});
 				},
 				'astro:config:done': async ({ injectTypes }) => {
 					// Inject Types
-					injectTypes(authConfigDTS);
-					injectTypes(authHelperDTS);
+					injectTypes(authLibDTS);
+					injectTypes(authUtilsDTS);
+					injectTypes(authScriptsDTS);
 				},
 			},
 		};
diff --git a/packages/studiocms_auth/src/layouts/AuthLayout.astro b/packages/studiocms_auth/src/layouts/AuthLayout.astro
new file mode 100644
index 000000000..e378f984b
--- /dev/null
+++ b/packages/studiocms_auth/src/layouts/AuthLayout.astro
@@ -0,0 +1,106 @@
+---
+import '@fontsource-variable/onest/index.css';
+import '@studiocms/ui/css/global.css';
+import './authlayout.css';
+import { Image } from 'astro:assets';
+import { db, eq } from 'astro:db';
+import { validImages } from 'studiocms:auth/utils/validImages';
+import Config from 'virtual:studiocms/config';
+import version from 'virtual:studiocms/version';
+import onestWoff2 from '@fontsource-variable/onest/files/onest-latin-wght-normal.woff2?url';
+import { CMSSiteConfigId } from '@studiocms/core/consts';
+import { tsSiteConfig } from '@studiocms/core/db/tsTables';
+import { Toaster } from '@studiocms/ui/components';
+import OAuthButtonStack from '../components/OAuthButtonStack.astro';
+import StudioCMSLogoSVG from '../components/StudioCMSLogoSVG.astro';
+
+const {
+	dashboardConfig: { faviconURL },
+} = Config;
+
+interface Props {
+	title: string;
+	description: string;
+	lang?: string;
+}
+
+const { title, description, lang = 'en' } = Astro.props;
+
+// Get the site config
+const siteConfig = await db
+	.select()
+	.from(tsSiteConfig)
+	.where(eq(tsSiteConfig.id, CMSSiteConfigId))
+	.get();
+
+// Get the login page background and custom image from the site config
+const loginPageBackground = siteConfig?.loginPageBackground;
+const loginPageCustomImage = siteConfig?.loginPageCustomImage;
+
+const fallbackImageSrc = loginPageBackground === 'custom'
+	?	loginPageCustomImage
+	: validImages.find((x) => x.name !== 'custom' && x.name === loginPageBackground)?.dark; // TODO: Adapt to theme
+---
+<!doctype html>
+<html lang={lang} data-theme="dark">
+  <head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width,initial-scale=1" />
+    <link rel="icon" type="image/svg+xml" href={faviconURL} />
+    <link rel="preload" as="font" type="font/woff2" crossorigin="anonymous" href={onestWoff2} />
+    <meta name="generator" content={Astro.generator} />
+    <meta name="generator" content=`StudioCMS v${version}` />
+    <title>{title}</title>
+    <meta name="title" content={title} />
+    <meta name="description" content={description} />
+</head>
+  <body>
+	<Toaster />
+	<main>
+		<div id="canvas-container">
+			<div class="fallback-container">
+				<StudioCMSLogoSVG
+					class="static-logo"
+				/>
+				{typeof fallbackImageSrc === 'string' && (
+					<Image 
+						src={fallbackImageSrc || ''}
+						inferSize
+						alt="A fallback image displaying because the interactive wallpaper couldn't be loaded."
+						class={'fallback-image'}
+						quality={100}
+					/>
+				)}
+				{typeof fallbackImageSrc !== 'string' && !!fallbackImageSrc && (
+					<Image 
+						src={fallbackImageSrc}
+						alt="A fallback image displaying because the interactive wallpaper couldn't be loaded."
+						class={'fallback-image'}
+						quality={100}
+					/>
+				)}
+			</div>
+		</div>
+		<div class="login-form-container">
+
+			<slot name="header" />
+
+			<slot />
+			
+			<OAuthButtonStack />
+
+			<div class="form-footer">
+				<slot name="footer" />
+			</div>
+
+		</div>
+	</main>
+	<div 
+		style="display: none;" 
+		id="login-page-configs" 
+		data-pagebg={loginPageBackground} 
+		data-pagecustomimage={loginPageCustomImage}
+	/>
+  </body>
+  <script>import "studiocms:auth/scripts/three";</script>
+</html>
diff --git a/packages/studiocms_auth/src/layouts/authlayout.css b/packages/studiocms_auth/src/layouts/authlayout.css
new file mode 100644
index 000000000..1bcbfb7e5
--- /dev/null
+++ b/packages/studiocms_auth/src/layouts/authlayout.css
@@ -0,0 +1,164 @@
+* {
+	font-family: "Onest Variable", sans-serif;
+}
+
+html {
+	background: var(--background);
+	box-sizing: border-box;
+	color: var(--text);
+}
+
+html,
+body {
+	margin: 0;
+	padding: 0;
+}
+
+main {
+	display: flex;
+	flex-direction: row;
+	height: 100dvh;
+	width: 100dvw;
+	overflow: hidden;
+	color: var(--text);
+}
+
+#canvas {
+	height: 100%;
+	width: 100%;
+}
+
+#canvas-container,
+.login-form-container {
+	width: 50%;
+	height: 100%;
+	position: relative;
+}
+
+#canvas-container {
+	opacity: 0;
+	transition: all .15s ease;
+	overflow: hidden;
+}
+
+#canvas-container.loaded {
+	opacity: 1;
+}
+
+.tp-dfwv {
+	width: 300px !important;
+}
+
+.form-header h1,
+.form-header p {
+	text-align: center;
+}
+
+.form-header h1 {
+	margin: 0;
+}
+
+.form-header p,
+.form-footer p {
+	color: var(--text-muted);
+}
+
+.login-form-container {
+	border-left: 1px solid var(--border);
+	display: flex;
+	flex-direction: column;
+	align-items: center;
+	justify-content: center;
+	gap: 0.5rem;
+}
+
+.login-form-container > .divide-container,
+.login-form-container > .button-stack,
+.form,
+.form-header {
+	width: 50%;
+	display: flex;
+	flex-direction: column;
+	gap: .5rem;
+}
+
+#login-form > .button {
+	margin-top: .5rem;
+}
+
+.button {
+	align-items: center;
+	justify-content: center;
+	width: 100% !important;
+	text-align: center !important;
+	font-weight: 500 !important;
+	font-size: .925em !important;
+}
+
+@media screen and (max-width: 1100px) {
+	.login-form-container > .divide-container,
+	.login-form-container > .button-stack,
+	.form,
+	.form-header {
+		width: 75%;
+	}
+}
+
+@media screen and (max-width: 850px) {
+	.login-form-container > .divide-container,
+	.login-form-container > .button-stack,
+	.form,
+	.form-header {
+		width: 50%;
+	}
+
+	#canvas-container {
+		display: none;
+	}
+
+	.login-form-container {
+		width: 100%;
+		border: none;
+	}
+}
+
+@media screen and (max-width: 660px) {
+	.login-form-container > .divide-container,
+	.login-form-container > .button-stack,
+	.form,
+	.form-header {
+		width: 100%;
+	}
+
+	.login-form-container {
+		padding-left: 2rem;
+		padding-right: 2rem;
+	}
+}
+
+.fallback-container {
+	position: relative;
+}
+
+.fallback-image {
+	height: 100vh;
+	width: auto;
+}
+
+.fallback-container:has(+ canvas) {
+	display: none;
+}
+
+#canvas-container:not(:has(canvas)) {
+	display: flex;
+	align-items: center;
+	justify-content: center;
+}
+
+.static-logo {
+	position: absolute;
+	top: 50%;
+	left: 50%;
+	transform: translate(-50%, -50%);
+	height: 45%;
+}
diff --git a/packages/studiocms_auth/src/lib/encryption.ts b/packages/studiocms_auth/src/lib/encryption.ts
new file mode 100644
index 000000000..83bb9523a
--- /dev/null
+++ b/packages/studiocms_auth/src/lib/encryption.ts
@@ -0,0 +1,64 @@
+import { createCipheriv, createDecipheriv } from 'node:crypto';
+import { CMS_ENCRYPTION_KEY } from 'astro:env/server';
+import { DynamicBuffer } from '@oslojs/binary';
+import { decodeBase64 } from '@oslojs/encoding';
+
+const key = decodeBase64(CMS_ENCRYPTION_KEY);
+
+/**
+ * Encrypts the given data using AES-128-GCM encryption.
+ *
+ * @param data - The data to be encrypted as a Uint8Array.
+ * @returns The encrypted data as a Uint8Array, which includes the initialization vector (IV),
+ *          the encrypted content, and the authentication tag.
+ */
+export function encrypt(data: Uint8Array): Uint8Array {
+	const iv = new Uint8Array(16);
+	crypto.getRandomValues(iv);
+	const cipher = createCipheriv('aes-128-gcm', key, iv);
+	const encrypted = new DynamicBuffer(0);
+	encrypted.write(iv);
+	encrypted.write(cipher.update(data));
+	encrypted.write(cipher.final());
+	encrypted.write(cipher.getAuthTag());
+	return encrypted.bytes();
+}
+
+/**
+ * Encrypts a given string and returns the encrypted data as a Uint8Array.
+ *
+ * @param data - The string to be encrypted.
+ * @returns The encrypted data as a Uint8Array.
+ */
+export function encryptString(data: string): Uint8Array {
+	return encrypt(new TextEncoder().encode(data));
+}
+
+/**
+ * Decrypts the given encrypted data using AES-128-GCM.
+ *
+ * @param encrypted - The encrypted data as a Uint8Array. The data must be at least 33 bytes long.
+ * @returns The decrypted data as a Uint8Array.
+ * @throws Will throw an error if the encrypted data is less than 33 bytes.
+ */
+export function decrypt(encrypted: Uint8Array): Uint8Array {
+	if (encrypted.byteLength < 33) {
+		throw new Error('Invalid data');
+	}
+	const decipher = createDecipheriv('aes-128-gcm', key, encrypted.slice(0, 16));
+	decipher.setAuthTag(encrypted.slice(encrypted.byteLength - 16));
+	const decrypted = new DynamicBuffer(0);
+	decrypted.write(decipher.update(encrypted.slice(16, encrypted.byteLength - 16)));
+	decrypted.write(decipher.final());
+	return decrypted.bytes();
+}
+
+/**
+ * Decrypts the given Uint8Array data and returns the result as a string.
+ *
+ * @param data - The encrypted data as a Uint8Array.
+ * @returns The decrypted data as a string.
+ */
+export function decryptToString(data: Uint8Array): string {
+	return new TextDecoder().decode(decrypt(data));
+}
diff --git a/packages/studiocms_auth/src/lib/password.ts b/packages/studiocms_auth/src/lib/password.ts
new file mode 100644
index 000000000..11ce16d35
--- /dev/null
+++ b/packages/studiocms_auth/src/lib/password.ts
@@ -0,0 +1,67 @@
+import { checkIfUnsafe } from '@matthiesenxyz/integration-utils/securityUtils';
+import { sha1 } from '@oslojs/crypto/sha1';
+import { encodeHexLowerCase } from '@oslojs/encoding';
+import bcrypt from 'bcryptjs';
+
+/**
+ * Hashes a plain text password using bcrypt.
+ *
+ * @param password - The plain text password to hash.
+ * @returns A promise that resolves to the hashed password.
+ */
+export async function hashPassword(password: string): Promise<string> {
+	const hashedPassword = await bcrypt.hash(password, 10);
+	return hashedPassword;
+}
+
+/**
+ * Verifies if the provided password matches the hashed password.
+ *
+ * @param hash - The hashed password to compare against.
+ * @param password - The plain text password to verify.
+ * @returns A promise that resolves to a boolean indicating whether the password matches the hash.
+ */
+export async function verifyPasswordHash(hash: string, password: string): Promise<boolean> {
+	const passwordMatch = await bcrypt.compare(password, hash);
+	return passwordMatch;
+}
+
+/**
+ * Verifies the strength of a given password.
+ *
+ * The password must meet the following criteria:
+ * - Be between 6 and 255 characters in length.
+ * - Not be a known unsafe password.
+ * - Not be found in the pwned password database.
+ *
+ * @param password - The password to verify.
+ * @returns A promise that resolves to `true` if the password is strong/secure enough, otherwise `false`.
+ */
+export async function verifyPasswordStrength(password: string): Promise<boolean> {
+	// Password must be between 6 ~ 255 characters
+	if (password.length < 6 || password.length > 255) {
+		return false;
+	}
+
+	// Check if password is known unsafe password
+	const isUnsafe = checkIfUnsafe(password).password();
+	if (isUnsafe) {
+		return false;
+	}
+
+	// Check if password is in pwned password database
+	const hash = encodeHexLowerCase(sha1(new TextEncoder().encode(password)));
+	const hashPrefix = hash.slice(0, 5);
+	const response = await fetch(`https://api.pwnedpasswords.com/range/${hashPrefix}`);
+	const data = await response.text();
+	const lines = data.split('\n');
+	for (const line of lines) {
+		const hashSuffix = line.slice(0, 35).toLowerCase();
+		if (hash === hashPrefix + hashSuffix) {
+			return false;
+		}
+	}
+
+	// Password is strong/secure enough
+	return true;
+}
diff --git a/packages/studiocms_auth/src/lib/rate-limit.ts b/packages/studiocms_auth/src/lib/rate-limit.ts
new file mode 100644
index 000000000..0c94e005d
--- /dev/null
+++ b/packages/studiocms_auth/src/lib/rate-limit.ts
@@ -0,0 +1,249 @@
+import type { ExpiringBucket, RefillBucket, ThrottlingCounter } from './types';
+// TODO: Implement rate limiting for auth API routes
+
+/**
+ * Represents a token bucket that refills tokens at a specified interval.
+ * Used to control access to resources by limiting the number of tokens
+ * that can be consumed over time.
+ *
+ * @template _Key - The type of key used to identify individual token buckets.
+ */
+export class RefillingTokenBucket<_Key> {
+	/**
+	 * The maximum number of tokens that the bucket can hold.
+	 * @type {number}
+	 */
+	public max: number;
+
+	/**
+	 * The interval in seconds at which tokens are refilled.
+	 * @type {number}
+	 */
+	public refillIntervalSeconds: number;
+
+	/**
+	 * Initializes a new instance of the RefillingTokenBucket class.
+	 *
+	 * @param {number} max - The maximum number of tokens the bucket can hold.
+	 * @param {number} refillIntervalSeconds - The refill interval in seconds.
+	 */
+	constructor(max: number, refillIntervalSeconds: number) {
+		this.max = max;
+		this.refillIntervalSeconds = refillIntervalSeconds;
+	}
+
+	/**
+	 * A map storing individual token buckets associated with specific keys.
+	 * @private
+	 */
+	private storage = new Map<_Key, RefillBucket>();
+
+	/**
+	 * Checks if there are enough tokens available in the bucket for the specified key and cost.
+	 *
+	 * @param {_Key} key - The key associated with the token bucket.
+	 * @param {number} cost - The number of tokens required.
+	 * @returns {boolean} - Returns `true` if there are enough tokens; otherwise, `false`.
+	 */
+	public check(key: _Key, cost: number): boolean {
+		const bucket = this.storage.get(key) ?? null;
+		if (bucket === null) {
+			return true;
+		}
+		const now = Date.now();
+		const refill = Math.floor((now - bucket.refilledAt) / (this.refillIntervalSeconds * 1000));
+		if (refill > 0) {
+			return Math.min(bucket.count + refill, this.max) >= cost;
+		}
+		return bucket.count >= cost;
+	}
+
+	/**
+	 * Consumes tokens from the bucket for the specified key and cost.
+	 *
+	 * @param {_Key} key - The key associated with the token bucket.
+	 * @param {number} cost - The number of tokens to consume.
+	 * @returns {boolean} - Returns `true` if tokens were successfully consumed; otherwise, `false`.
+	 */
+	public consume(key: _Key, cost: number): boolean {
+		let bucket = this.storage.get(key) ?? null;
+		const now = Date.now();
+		if (bucket === null) {
+			bucket = {
+				count: this.max - cost,
+				refilledAt: now,
+			};
+			this.storage.set(key, bucket);
+			return true;
+		}
+		const refill = Math.floor((now - bucket.refilledAt) / (this.refillIntervalSeconds * 1000));
+		bucket.count = Math.min(bucket.count + refill, this.max);
+		bucket.refilledAt = now;
+		if (bucket.count < cost) {
+			return false;
+		}
+		bucket.count -= cost;
+		this.storage.set(key, bucket);
+		return true;
+	}
+}
+
+/**
+ * Represents a throttler that limits the frequency of actions performed with a specified key.
+ * Uses incremental timeouts to delay repeated actions.
+ *
+ * @template _Key - The type of key used to identify throttling counters.
+ */
+export class Throttler<_Key> {
+	/**
+	 * Array of timeout durations (in seconds) for each consecutive attempt.
+	 * @type {number[]}
+	 */
+	public timeoutSeconds: number[];
+
+	/**
+	 * A map storing individual throttling counters associated with specific keys.
+	 * @private
+	 */
+	private storage = new Map<_Key, ThrottlingCounter>();
+
+	/**
+	 * Initializes a new instance of the Throttler class.
+	 *
+	 * @param {number[]} timeoutSeconds - Array of timeout durations in seconds for each consecutive attempt.
+	 */
+	constructor(timeoutSeconds: number[]) {
+		this.timeoutSeconds = timeoutSeconds;
+	}
+
+	/**
+	 * Attempts to consume an action for the specified key.
+	 *
+	 * @param {_Key} key - The key associated with the throttling counter.
+	 * @returns {boolean} - Returns `true` if the action is allowed; otherwise, `false`.
+	 */
+	public consume(key: _Key): boolean {
+		let counter = this.storage.get(key) ?? null;
+		const now = Date.now();
+		if (counter === null) {
+			counter = {
+				timeout: 0,
+				updatedAt: now,
+			};
+			this.storage.set(key, counter);
+			return true;
+		}
+		// @ts-expect-error: Could be undefined
+		const allowed = now - counter.updatedAt >= this.timeoutSeconds[counter.timeout] * 1000;
+		if (!allowed) {
+			return false;
+		}
+		counter.updatedAt = now;
+		counter.timeout = Math.min(counter.timeout + 1, this.timeoutSeconds.length - 1);
+		this.storage.set(key, counter);
+		return true;
+	}
+
+	/**
+	 * Resets the throttling counter for a specified key.
+	 *
+	 * @param {_Key} key - The key associated with the throttling counter to reset.
+	 */
+	public reset(key: _Key): void {
+		this.storage.delete(key);
+	}
+}
+
+/**
+ * Represents a token bucket with tokens that expire after a specified duration.
+ * Used to control access to resources with tokens that reset after expiration.
+ *
+ * @template _Key - The type of key used to identify individual token buckets.
+ */
+export class ExpiringTokenBucket<_Key> {
+	/**
+	 * The maximum number of tokens the bucket can hold.
+	 * @type {number}
+	 */
+	public max: number;
+
+	/**
+	 * The duration (in seconds) after which tokens in the bucket expire.
+	 * @type {number}
+	 */
+	public expiresInSeconds: number;
+
+	/**
+	 * A map storing individual expiring token buckets associated with specific keys.
+	 * @private
+	 */
+	private storage = new Map<_Key, ExpiringBucket>();
+
+	/**
+	 * Initializes a new instance of the ExpiringTokenBucket class.
+	 *
+	 * @param {number} max - The maximum number of tokens the bucket can hold.
+	 * @param {number} expiresInSeconds - The duration in seconds after which tokens expire.
+	 */
+	constructor(max: number, expiresInSeconds: number) {
+		this.max = max;
+		this.expiresInSeconds = expiresInSeconds;
+	}
+
+	/**
+	 * Checks if there are enough tokens available in the bucket for the specified key and cost.
+	 *
+	 * @param {_Key} key - The key associated with the token bucket.
+	 * @param {number} cost - The number of tokens required.
+	 * @returns {boolean} - Returns `true` if there are enough tokens or if the tokens have expired; otherwise, `false`.
+	 */
+	public check(key: _Key, cost: number): boolean {
+		const bucket = this.storage.get(key) ?? null;
+		const now = Date.now();
+		if (bucket === null) {
+			return true;
+		}
+		if (now - bucket.createdAt >= this.expiresInSeconds * 1000) {
+			return true;
+		}
+		return bucket.count >= cost;
+	}
+
+	/**
+	 * Consumes tokens from the bucket for the specified key and cost.
+	 *
+	 * @param {_Key} key - The key associated with the token bucket.
+	 * @param {number} cost - The number of tokens to consume.
+	 * @returns {boolean} - Returns `true` if tokens were successfully consumed; otherwise, `false`.
+	 */
+	public consume(key: _Key, cost: number): boolean {
+		let bucket = this.storage.get(key) ?? null;
+		const now = Date.now();
+		if (bucket === null) {
+			bucket = {
+				count: this.max - cost,
+				createdAt: now,
+			};
+			this.storage.set(key, bucket);
+			return true;
+		}
+		if (now - bucket.createdAt >= this.expiresInSeconds * 1000) {
+			bucket.count = this.max;
+		}
+		if (bucket.count < cost) {
+			return false;
+		}
+		bucket.count -= cost;
+		this.storage.set(key, bucket);
+		return true;
+	}
+
+	/**
+	 * Resets the token bucket for a specified key, removing all tokens.
+	 *
+	 * @param {_Key} key - The key associated with the token bucket to reset.
+	 */
+	public reset(key: _Key): void {
+		this.storage.delete(key);
+	}
+}
diff --git a/packages/studiocms_auth/src/lib/session.ts b/packages/studiocms_auth/src/lib/session.ts
new file mode 100644
index 000000000..b34641ef0
--- /dev/null
+++ b/packages/studiocms_auth/src/lib/session.ts
@@ -0,0 +1,193 @@
+import { db, eq } from 'astro:db';
+import { sha256 } from '@oslojs/crypto/sha2';
+import { encodeBase32LowerCaseNoPadding, encodeHexLowerCase } from '@oslojs/encoding';
+import { tsSessionTable, tsUsers } from '@studiocms/core/db/tsTables';
+import type { APIContext, AstroGlobal } from 'astro';
+import type { SessionTable, SessionValidationResult, UserSession } from './types';
+
+/**
+ * Generates a session token.
+ *
+ * This function creates a random 20-byte array and encodes it using
+ * base32 encoding without padding. The resulting string is used as
+ * a session token.
+ *
+ * @returns {string} The generated session token.
+ */
+export function generateSessionToken(): string {
+	const bytes = new Uint8Array(20);
+	crypto.getRandomValues(bytes);
+	const token = encodeBase32LowerCaseNoPadding(bytes);
+	return token;
+}
+
+/**
+ * The session expiration time in milliseconds.
+ * This value represents 14 days.
+ */
+export const sessionExpTime = 1000 * 60 * 60 * 24 * 14;
+
+/**
+ * Represents half of the session expiration time.
+ * This value is used to determine the midpoint of the session's lifespan.
+ */
+const expTimeHalf = sessionExpTime / 2;
+
+/**
+ * Generates a new expiration date for a session.
+ *
+ * @returns {Date} The expiration date calculated by adding the session expiration time to the current date and time.
+ */
+export function makeExpirationDate(): Date {
+	return new Date(Date.now() + sessionExpTime);
+}
+
+/**
+ * The name of the cookie used to store the authentication session.
+ *
+ * @constant {string}
+ */
+export const sessionCookieName = 'auth_session';
+
+/**
+ * Creates a new session for a user.
+ *
+ * @param token - The token used to create the session.
+ * @param userId - The ID of the user for whom the session is being created.
+ * @returns A promise that resolves to the created session object.
+ */
+export async function createSession(token: string, userId: string): Promise<SessionTable> {
+	const sessionId = encodeHexLowerCase(sha256(new TextEncoder().encode(token)));
+	const session: SessionTable = {
+		id: sessionId,
+		userId,
+		expiresAt: new Date(Date.now() + sessionExpTime),
+	};
+	const insertedSession = await db
+		.insert(tsSessionTable)
+		.values(session)
+		.returning({
+			id: tsSessionTable.id,
+			userId: tsSessionTable.userId,
+			expiresAt: tsSessionTable.expiresAt,
+		})
+		.get();
+	return insertedSession;
+}
+
+/**
+ * Validates a session token by checking its existence and expiration in the database.
+ * If the session is valid but close to expiration, it extends the session expiration time.
+ * If the session is expired, it deletes the session from the database.
+ *
+ * @param token - The session token to validate.
+ * @returns A promise that resolves to an object containing the session and user information.
+ *          If the session is invalid or expired, both session and user will be null.
+ */
+export async function validateSessionToken(token: string): Promise<SessionValidationResult> {
+	const sessionId = encodeHexLowerCase(sha256(new TextEncoder().encode(token)));
+	const result = await db
+		.select({ user: tsUsers, session: tsSessionTable })
+		.from(tsSessionTable)
+		.innerJoin(tsUsers, eq(tsSessionTable.userId, tsUsers.id))
+		.where(eq(tsSessionTable.id, sessionId));
+
+	if (result.length < 1) {
+		return { session: null, user: null };
+	}
+
+	const userSession = result[0];
+
+	if (!userSession) {
+		return { session: null, user: null };
+	}
+
+	const { user, session }: UserSession = userSession;
+
+	if (Date.now() >= session.expiresAt.getTime()) {
+		await db.delete(tsSessionTable).where(eq(tsSessionTable.id, session.id));
+		return { session: null, user: null };
+	}
+
+	if (Date.now() >= session.expiresAt.getTime() - expTimeHalf) {
+		session.expiresAt = new Date(Date.now() + sessionExpTime);
+		await db
+			.update(tsSessionTable)
+			.set({ expiresAt: session.expiresAt })
+			.where(eq(tsSessionTable.id, session.id));
+	}
+
+	return { session, user };
+}
+
+/**
+ * Invalidates a session by deleting it from the database.
+ *
+ * @param sessionId - The unique identifier of the session to be invalidated.
+ * @returns A promise that resolves when the session has been successfully deleted.
+ */
+export async function invalidateSession(sessionId: string): Promise<void> {
+	await db.delete(tsSessionTable).where(eq(tsSessionTable.id, sessionId));
+}
+
+/**
+ * Sets a session token cookie in the provided API context.
+ *
+ * @param context - The API context where the cookie will be set.
+ * @param token - The session token to be stored in the cookie.
+ * @param expiresAt - The expiration date of the cookie.
+ */
+export function setSessionTokenCookie(context: APIContext, token: string, expiresAt: Date): void {
+	context.cookies.set(sessionCookieName, token, {
+		httpOnly: true,
+		sameSite: 'lax',
+		secure: import.meta.env.PROD,
+		expires: expiresAt,
+		path: '/',
+	});
+}
+
+/**
+ * Deletes the session token cookie by setting it with an empty value and a max age of 0.
+ *
+ * @param context - The context in which the cookie is being set. This can be either an APIContext or AstroGlobal.
+ */
+export function deleteSessionTokenCookie(context: APIContext | AstroGlobal): void {
+	context.cookies.set(sessionCookieName, '', {
+		httpOnly: true,
+		sameSite: 'lax',
+		secure: import.meta.env.PROD,
+		maxAge: 0,
+		path: '/',
+	});
+}
+
+/**
+ * Sets an OAuth session token cookie in the given API context.
+ *
+ * @param context - The API context which contains the cookies object.
+ * @param key - The name of the cookie to set.
+ * @param value - The value of the cookie to set.
+ */
+export function setOAuthSessionTokenCookie(context: APIContext, key: string, value: string): void {
+	context.cookies.set(key, value, {
+		path: '/',
+		secure: import.meta.env.PROD,
+		httpOnly: true,
+		maxAge: 60 * 10,
+		sameSite: 'lax',
+	});
+}
+
+/**
+ * Creates a new user session.
+ *
+ * @param userId - The ID of the user for whom the session is being created.
+ * @param context - The API context which includes request and response objects.
+ * @returns A promise that resolves when the session has been successfully created.
+ */
+export async function createUserSession(userId: string, context: APIContext): Promise<void> {
+	const sessionToken = generateSessionToken();
+	await createSession(sessionToken, userId);
+	setSessionTokenCookie(context, sessionToken, makeExpirationDate());
+}
diff --git a/packages/studiocms_auth/src/lib/types.ts b/packages/studiocms_auth/src/lib/types.ts
new file mode 100644
index 000000000..4d1ae5e7d
--- /dev/null
+++ b/packages/studiocms_auth/src/lib/types.ts
@@ -0,0 +1,131 @@
+/**
+ * Represents a user in the user table.
+ *
+ * @interface UserTable
+ * @property {string} id - The unique identifier for the user.
+ * @property {string | null} url - The URL of the user's profile.
+ * @property {string} name - The name of the user.
+ * @property {string | null} email - The email address of the user.
+ * @property {string | null} avatar - The URL of the user's avatar.
+ * @property {string} username - The username of the user.
+ * @property {string | null} password - The hashed password of the user.
+ * @property {Date | null} updatedAt - The date and time when the user was last updated.
+ * @property {Date | null} createdAt - The date and time when the user was created.
+ */
+export interface UserTable {
+	id: string;
+	url: string | null;
+	name: string;
+	email: string | null;
+	avatar: string | null;
+	username: string;
+	password: string | null;
+	updatedAt: Date | null;
+	createdAt: Date | null;
+}
+
+/**
+ * Represents a table of OAuth accounts.
+ *
+ * @interface OAuthAccountsTable
+ * @property {string} provider - The name of the OAuth provider (e.g., Google, Facebook).
+ * @property {string} providerUserId - The unique identifier for the user provided by the OAuth provider.
+ * @property {string} userId - The unique identifier for the user within the application.
+ */
+export interface OAuthAccountsTable {
+	provider: string;
+	providerUserId: string;
+	userId: string;
+}
+
+/**
+ * Represents a session table in the authentication system.
+ *
+ * @interface SessionTable
+ * @property {string} id - The unique identifier for the session.
+ * @property {string} userId - The unique identifier for the user associated with the session.
+ * @property {Date} expiresAt - The expiration date and time of the session.
+ */
+export interface SessionTable {
+	id: string;
+	userId: string;
+	expiresAt: Date;
+}
+
+/**
+ * Interface representing a table of user permissions.
+ *
+ * @property {string} user - The username of the individual.
+ * @property {string} rank - The rank or role assigned to the user.
+ */
+export interface PermissionsTable {
+	user: string;
+	rank: string;
+}
+
+/**
+ * Represents the session data for a user.
+ *
+ * @property {boolean} isLoggedIn - Indicates whether the user is logged in.
+ * @property {UserTable | null} user - The user data, or null if no user is logged in.
+ * @property {'owner' | 'admin' | 'editor' | 'visitor' | 'unknown'} permissionLevel - The permission level of the user.
+ */
+export type UserSessionData = {
+	isLoggedIn: boolean;
+	user: UserTable | null;
+	permissionLevel: 'owner' | 'admin' | 'editor' | 'visitor' | 'unknown';
+};
+
+/**
+ * Represents a user session which includes user information and session details.
+ *
+ * @property {UserTable} user - The user information.
+ * @property {SessionTable} session - The session details.
+ */
+export type UserSession = {
+	user: UserTable;
+	session: SessionTable;
+};
+
+/**
+ * Represents the result of a session validation.
+ *
+ * This type can either be a valid `UserSession` or an object indicating
+ * an invalid session with both `session` and `user` properties set to `null`.
+ */
+export type SessionValidationResult = UserSession | { session: null; user: null };
+
+/**
+ * Represents an individual refillable token bucket.
+ *
+ * @interface RefillBucket
+ * @property {number} count - The current token count in the bucket.
+ * @property {number} refilledAt - The last timestamp when tokens were refilled.
+ */
+export interface RefillBucket {
+	count: number;
+	refilledAt: number;
+}
+
+/**
+ * Represents a bucket with an expiration mechanism.
+ *
+ * @interface ExpiringBucket
+ * @property {number} count - The number of items in the bucket.
+ * @property {number} createdAt - The timestamp when the bucket was created.
+ */
+export interface ExpiringBucket {
+	count: number;
+	createdAt: number;
+}
+
+/**
+ * Interface representing a throttling counter.
+ *
+ * @property {number} timeout - The duration (in milliseconds) for which the throttling is applied.
+ * @property {number} updatedAt - The timestamp (in milliseconds since epoch) when the throttling counter was last updated.
+ */
+export interface ThrottlingCounter {
+	timeout: number;
+	updatedAt: number;
+}
diff --git a/packages/studiocms_auth/src/lib/user.ts b/packages/studiocms_auth/src/lib/user.ts
new file mode 100644
index 000000000..1bd324373
--- /dev/null
+++ b/packages/studiocms_auth/src/lib/user.ts
@@ -0,0 +1,301 @@
+import { db, eq } from 'astro:db';
+import { checkIfUnsafe } from '@matthiesenxyz/integration-utils/securityUtils';
+import { tsOAuthAccounts, tsPermissions, tsUsers } from '@studiocms/core/db/tsTables';
+import type { APIContext, AstroGlobal } from 'astro';
+import { hashPassword } from './password';
+import { deleteSessionTokenCookie, sessionCookieName, validateSessionToken } from './session';
+import type { UserSessionData, UserTable } from './types';
+
+/**
+ * Verifies if the provided username meets the required criteria.
+ *
+ * The username must:
+ * - Be between 3 and 32 characters in length.
+ * - Contain only lowercase letters, numbers, hyphens (-), and underscores (_).
+ * - Not be considered unsafe.
+ *
+ * @param username - The username to verify.
+ * @returns `true` if the username is valid, `false` otherwise.
+ */
+export function verifyUsernameInput(username: string): boolean {
+	// Check if the username is between 3 and 32 characters
+	if (username.length < 3 || username.length > 32) {
+		return false;
+	}
+
+	// Check if the username only contains lowercase letters, numbers, -, and _
+	if (!/^[a-z0-9_-]+$/.test(username)) {
+		return false;
+	}
+
+	// Check if the username is unsafe
+	if (checkIfUnsafe(username).username()) {
+		return false;
+	}
+
+	return true;
+}
+
+/**
+ * Creates a user avatar URL based on the provided email.
+ *
+ * This function takes an email address, processes it to generate a unique hash,
+ * and returns a URL for the user's avatar using the Libravatar service.
+ *
+ * @param email - The email address of the user.
+ * @returns A promise that resolves to the URL of the user's avatar.
+ */
+export async function createUserAvatar(email: string) {
+	// trim and lowercase the email
+	const safeemail = email.trim().toLowerCase();
+	// encode as (utf-8) Uint8Array
+	const msgUint8 = new TextEncoder().encode(safeemail);
+	// hash the message
+	const hashBuffer = await crypto.subtle.digest('SHA-256', msgUint8);
+	// convert buffer to byte array
+	const hashArray = Array.from(new Uint8Array(hashBuffer));
+	// convert bytes to hex string
+	const hashHex = hashArray.map((b) => b.toString(16).padStart(2, '0')).join('');
+	// return the gravatar url
+	return `https://seccdn.libravatar.org/avatar/${hashHex}?s=400&d=retro`;
+}
+
+/**
+ * Creates a new local user with the provided details.
+ *
+ * @param name - The full name of the user.
+ * @param username - The username for the user.
+ * @param email - The email address of the user.
+ * @param password - The password for the user.
+ * @returns A promise that resolves to the newly created user record.
+ */
+export async function createLocalUser(
+	name: string,
+	username: string,
+	email: string,
+	password: string
+): Promise<UserTable> {
+	const passwordHash = await hashPassword(password);
+
+	const avatar = await createUserAvatar(email);
+
+	const newUserData: typeof tsUsers.$inferInsert = {
+		id: crypto.randomUUID(),
+		name,
+		username,
+		email,
+		password: passwordHash,
+		createdAt: new Date(),
+		avatar,
+	};
+
+	const newUser = await db.insert(tsUsers).values(newUserData).returning().get();
+
+	return newUser;
+}
+
+/**
+ * Creates a new user with OAuth credentials.
+ *
+ * @param userFields - The fields required to create a new user.
+ * @param oAuthFields - The OAuth provider information, including the provider name and provider user ID.
+ * @returns The newly created user object or an error object if the creation fails.
+ */
+export async function createOAuthUser(
+	userFields: typeof tsUsers.$inferInsert,
+	oAuthFields: { provider: string; providerUserId: string }
+) {
+	try {
+		const newUser = await db.insert(tsUsers).values(userFields).returning().get();
+
+		await db.insert(tsOAuthAccounts).values({
+			userId: newUser.id,
+			provider: oAuthFields.provider,
+			providerUserId: oAuthFields.providerUserId,
+		});
+
+		return newUser;
+	} catch (error) {
+		console.error(error);
+		return { error: 'Error creating user' };
+	}
+}
+
+/**
+ * The name of the cookie used for linking a new OAuth account.
+ * This constant is used to identify the specific cookie that handles
+ * the linking process for new OAuth accounts.
+ */
+export const LinkNewOAuthCookieName = 'link-new-o-auth';
+
+/**
+ * Updates the password for a user.
+ *
+ * This function hashes the provided password and updates the user's password
+ * in the database with the hashed password.
+ *
+ * @param userId - The unique identifier of the user whose password is to be updated.
+ * @param password - The new password to be set for the user.
+ * @returns A promise that resolves when the password has been successfully updated.
+ */
+export async function updateUserPassword(userId: string, password: string): Promise<void> {
+	const passwordHash = await hashPassword(password);
+
+	await db.update(tsUsers).set({ password: passwordHash }).where(eq(tsUsers.id, userId));
+}
+
+/**
+ * Retrieves the password hash for a given user by their user ID.
+ *
+ * @param userId - The unique identifier of the user whose password hash is to be retrieved.
+ * @returns A promise that resolves to the password hash of the user.
+ * @throws Will throw an error if the user is not found or if the user does not have a password.
+ */
+export async function getUserPasswordHash(userId: string): Promise<string> {
+	const user = await db.select().from(tsUsers).where(eq(tsUsers.id, userId)).get();
+
+	if (!user) {
+		throw new Error('User not found');
+	}
+
+	if (!user.password) {
+		throw new Error('User has no password');
+	}
+
+	return user.password;
+}
+
+/**
+ * Retrieves a user from the database based on their email address.
+ *
+ * @param email - The email address of the user to retrieve.
+ * @returns A promise that resolves to the user data if found, or null if no user is found with the given email.
+ */
+export async function getUserFromEmail(email: string): Promise<UserTable | null> {
+	return (await db.select().from(tsUsers).where(eq(tsUsers.email, email)).get()) ?? null;
+}
+
+/**
+ * Retrieves user session data based on the provided Astro context.
+ *
+ * @param Astro - The Astro global object or API context containing cookies.
+ * @returns A promise that resolves to the user session data.
+ *
+ * The function performs the following steps:
+ * 1. Extracts the session token from cookies.
+ * 2. If no session token is found, returns an object indicating the user is not logged in.
+ * 3. Validates the session token.
+ * 4. If the session is invalid, deletes the session token cookie and returns an object indicating the user is not logged in.
+ * 5. If the user is not found, returns an object indicating the user is not logged in.
+ * 6. Retrieves the user's permission level from the database.
+ * 7. Returns an object containing the user's login status, user information, and permission level.
+ */
+export async function getUserData(Astro: AstroGlobal | APIContext): Promise<UserSessionData> {
+	const { cookies } = Astro;
+
+	const sessionToken = cookies.get(sessionCookieName)?.value ?? null;
+
+	if (!sessionToken) {
+		return { isLoggedIn: false, user: null, permissionLevel: 'unknown' };
+	}
+
+	const { session, user } = await validateSessionToken(sessionToken);
+
+	if (session === null) {
+		deleteSessionTokenCookie(Astro);
+		return { isLoggedIn: false, user: null, permissionLevel: 'unknown' };
+	}
+
+	if (!user || user === null) {
+		return { isLoggedIn: false, user: null, permissionLevel: 'unknown' };
+	}
+
+	const result = await db.select().from(tsPermissions).where(eq(tsPermissions.user, user.id)).get();
+
+	if (!result) {
+		return { isLoggedIn: true, user, permissionLevel: 'unknown' };
+	}
+
+	let permissionLevel: UserSessionData['permissionLevel'] = 'unknown';
+
+	switch (result.rank) {
+		case 'owner':
+			permissionLevel = 'owner';
+			break;
+		case 'admin':
+			permissionLevel = 'admin';
+			break;
+		case 'editor':
+			permissionLevel = 'editor';
+			break;
+		case 'visitor':
+			permissionLevel = 'visitor';
+			break;
+		default:
+			permissionLevel = 'unknown';
+			break;
+	}
+
+	return {
+		isLoggedIn: true,
+		user,
+		permissionLevel,
+	};
+}
+
+/**
+ * An array of available permission ranks for users.
+ *
+ * The permission ranks are defined as a constant tuple and include the following values:
+ * - 'owner': The highest level of permission, typically the creator or primary administrator.
+ * - 'admin': A high level of permission, usually for users who manage the system.
+ * - 'editor': A mid-level permission, for users who can modify content.
+ * - 'visitor': A low-level permission, for users who can view content but not modify it.
+ * - 'unknown': A default or fallback permission rank for users with undefined roles.
+ */
+const availablePermissionRanks = ['owner', 'admin', 'editor', 'visitor', 'unknown'] as const;
+
+/**
+ * Represents the available permission ranks for a user.
+ *
+ * This type is derived from the `availablePermissionRanks` array,
+ * and it includes all the possible values that a user can have as a permission rank.
+ */
+type AvailablePermissionRanks = (typeof availablePermissionRanks)[number];
+
+/**
+ * A mapping of permission ranks to their respective allowed roles.
+ *
+ * This map defines the hierarchy of permissions, where each rank includes
+ * all the roles of the ranks below it. For example, an 'admin' has the roles
+ * of both 'owner' and 'admin', while an 'editor' has the roles of 'owner',
+ * 'admin', and 'editor'.
+ *
+ * @property {string[]} owner - The 'owner' rank, which includes only the 'owner' role.
+ * @property {string[]} admin - The 'admin' rank, which includes 'owner' and 'admin' roles.
+ * @property {string[]} editor - The 'editor' rank, which includes 'owner', 'admin', and 'editor' roles.
+ * @property {string[]} visitor - The 'visitor' rank, which includes 'owner', 'admin', 'editor', and 'visitor' roles.
+ * @property {string[]} unknown - The 'unknown' rank, which includes all roles: 'owner', 'admin', 'editor', 'visitor', and 'unknown'.
+ */
+export const permissionRanksMap: Record<AvailablePermissionRanks, string[]> = {
+	owner: ['owner'],
+	admin: ['owner', 'admin'],
+	editor: ['owner', 'admin', 'editor'],
+	visitor: ['owner', 'admin', 'editor', 'visitor'],
+	unknown: ['owner', 'admin', 'editor', 'visitor', 'unknown'],
+};
+
+/**
+ * Verifies if the user's permission level meets the required permission rank.
+ *
+ * @param userData - The session data of the user, which includes their permission level.
+ * @param requiredPermission - The required permission rank to be verified against the user's permission level.
+ * @returns A promise that resolves to a boolean indicating whether the user's permission level meets the required rank.
+ */
+export async function verifyUserPermissionLevel(
+	userData: UserSessionData,
+	requiredPermission: AvailablePermissionRanks
+): Promise<boolean> {
+	const { permissionLevel } = userData;
+	return permissionRanksMap[requiredPermission].includes(permissionLevel);
+}
diff --git a/packages/studiocms_auth/src/loginBackgrounds/studiocms-blobs-dark.png b/packages/studiocms_auth/src/loginBackgrounds/studiocms-blobs-dark.png
new file mode 100644
index 000000000..d085cf696
Binary files /dev/null and b/packages/studiocms_auth/src/loginBackgrounds/studiocms-blobs-dark.png differ
diff --git a/packages/studiocms_auth/src/loginBackgrounds/studiocms-blobs-light.png b/packages/studiocms_auth/src/loginBackgrounds/studiocms-blobs-light.png
new file mode 100644
index 000000000..dbe8fffe3
Binary files /dev/null and b/packages/studiocms_auth/src/loginBackgrounds/studiocms-blobs-light.png differ
diff --git a/packages/studiocms_auth/src/loginBackgrounds/studiocms-blocks-dark.png b/packages/studiocms_auth/src/loginBackgrounds/studiocms-blocks-dark.png
new file mode 100644
index 000000000..20e55363e
Binary files /dev/null and b/packages/studiocms_auth/src/loginBackgrounds/studiocms-blocks-dark.png differ
diff --git a/packages/studiocms_auth/src/loginBackgrounds/studiocms-blocks-light.png b/packages/studiocms_auth/src/loginBackgrounds/studiocms-blocks-light.png
new file mode 100644
index 000000000..25a1c4b52
Binary files /dev/null and b/packages/studiocms_auth/src/loginBackgrounds/studiocms-blocks-light.png differ
diff --git a/packages/studiocms_auth/src/loginBackgrounds/studiocms-curves-dark.png b/packages/studiocms_auth/src/loginBackgrounds/studiocms-curves-dark.png
new file mode 100644
index 000000000..6c70d627b
Binary files /dev/null and b/packages/studiocms_auth/src/loginBackgrounds/studiocms-curves-dark.png differ
diff --git a/packages/studiocms_auth/src/loginBackgrounds/studiocms-curves-light.png b/packages/studiocms_auth/src/loginBackgrounds/studiocms-curves-light.png
new file mode 100644
index 000000000..b0e9c5ff8
Binary files /dev/null and b/packages/studiocms_auth/src/loginBackgrounds/studiocms-curves-light.png differ
diff --git a/packages/studiocms_auth/src/middleware/index.ts b/packages/studiocms_auth/src/middleware/index.ts
deleted file mode 100644
index 8cf4cbf35..000000000
--- a/packages/studiocms_auth/src/middleware/index.ts
+++ /dev/null
@@ -1,100 +0,0 @@
-import { logger } from '@it-astro:logger:studiocms-auth';
-import { db, eq } from 'astro:db';
-import Config from 'virtual:studiocms/config';
-import { tsUsers } from '@studiocms/core/db/tsTables';
-import { removeLeadingTrailingSlashes } from '@studiocms/core/lib';
-import type { MiddlewareHandler } from 'astro';
-import { verifyRequestOrigin } from 'lucia';
-import { lucia } from '../auth';
-import { defineMiddlewareRouter } from './router';
-
-const {
-	dashboardConfig: {
-		developerConfig: { testingAndDemoMode },
-		dashboardRouteOverride,
-	},
-} = Config;
-
-// Get the dashboard route
-const dashboardRoute = dashboardRouteOverride
-	? removeLeadingTrailingSlashes(dashboardRouteOverride)
-	: 'dashboard';
-
-// Define the middleware router
-const router: Record<string, MiddlewareHandler> = {};
-
-// Route for all paths
-router['/**'] = async (context, next) => {
-	if (context.request.method !== 'GET') {
-		const originHeader = context.request.headers.get('Origin');
-		const hostHeader = context.request.headers.get('Host');
-		if (!originHeader || !hostHeader || !verifyRequestOrigin(originHeader, [hostHeader])) {
-			return new Response(null, {
-				status: 403,
-			});
-		}
-	}
-
-	const sessionId = context.cookies.get(lucia.sessionCookieName)?.value ?? null;
-
-	const locals = context.locals;
-
-	locals.isLoggedIn = false;
-	if (!sessionId) {
-		locals.user = null;
-		locals.session = null;
-		return next();
-	}
-
-	const { session, user } = await lucia.validateSession(sessionId);
-
-	if (!session || session === null) {
-		const sessionCookie = lucia.createBlankSessionCookie();
-		context.cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-		return next();
-	}
-
-	const isSessionFresh = session.expiresAt.getTime() > new Date().getTime();
-	session.fresh = isSessionFresh;
-
-	if (session.fresh) {
-		const sessionCookie = lucia.createSessionCookie(session.id);
-		context.cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-		const dbUser = await db.select().from(tsUsers).where(eq(tsUsers.id, user.id)).get();
-
-		locals.dbUser = dbUser || null;
-		locals.isLoggedIn = true;
-	} else if (session && !session.fresh) {
-		const sessionCookie = lucia.createBlankSessionCookie();
-		await lucia.invalidateSession(session.id);
-		context.cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-	}
-
-	locals.session = session;
-	locals.user = user;
-
-	return next();
-};
-
-// Route for all paths except login and signup
-router[`/${dashboardRoute}/!(login|signup)**`] = async (context, next) => {
-	const locals = context.locals;
-
-	if (!testingAndDemoMode) {
-		if (!locals.isLoggedIn) {
-			logger.info('User is not logged in... Redirecting to login page');
-			return new Response(null, {
-				status: 302,
-				headers: {
-					Location: `/${dashboardRoute}/login`,
-				},
-			});
-		}
-	} else {
-		logger.info('Testing and Demo mode is enabled. Skipping login check');
-	}
-
-	return next();
-};
-
-export const onRequest = defineMiddlewareRouter(router);
diff --git a/packages/studiocms_auth/src/middleware/router.ts b/packages/studiocms_auth/src/middleware/router.ts
deleted file mode 100644
index 7a23040e0..000000000
--- a/packages/studiocms_auth/src/middleware/router.ts
+++ /dev/null
@@ -1,14 +0,0 @@
-import type { MiddlewareHandler } from 'astro';
-import { defineMiddleware, sequence } from 'astro/middleware';
-import micromatch from 'micromatch';
-
-export function defineMiddlewareRouter(router: Record<string, MiddlewareHandler>) {
-	const entries = Object.entries(router);
-	return defineMiddleware((context, next) => {
-		return sequence(
-			...entries
-				.filter(([path]) => micromatch.isMatch(context.url.pathname, path))
-				.map(([_, handler]) => handler)
-		)(context, next);
-	});
-}
diff --git a/packages/studiocms_auth/src/resources/studiocms-logo.glb b/packages/studiocms_auth/src/resources/studiocms-logo.glb
new file mode 100644
index 000000000..0decc36fb
Binary files /dev/null and b/packages/studiocms_auth/src/resources/studiocms-logo.glb differ
diff --git a/packages/studiocms_auth/src/routes/api/auth0/callback.ts b/packages/studiocms_auth/src/routes/api/auth0/callback.ts
new file mode 100644
index 000000000..dd8e3d935
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/auth0/callback.ts
@@ -0,0 +1,158 @@
+import { logger } from '@it-astro:logger:studiocms-auth';
+import { and, db, eq } from 'astro:db';
+import { createUserSession } from 'studiocms:auth/lib/session';
+import { LinkNewOAuthCookieName, createOAuthUser, getUserData } from 'studiocms:auth/lib/user';
+import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
+import { tsOAuthAccounts, tsUsers } from '@studiocms/core/db/tsTables';
+import { OAuth2RequestError, type OAuth2Tokens } from 'arctic';
+import type { APIContext, APIRoute } from 'astro';
+import { type Auth0User, ProviderCookieName, ProviderID, auth0, getClientDomain } from './shared';
+
+const {
+	authLinks: { loginURL },
+	mainLinks: { dashboardIndex },
+} = StudioCMSRoutes;
+
+export const GET: APIRoute = async (context: APIContext): Promise<Response> => {
+	const { url, cookies, redirect } = context;
+
+	const code = url.searchParams.get('code');
+	const state = url.searchParams.get('state');
+	const storedState = cookies.get(ProviderCookieName)?.value ?? null;
+
+	const CLIENT_DOMAIN = getClientDomain();
+
+	if (!code || !state || !storedState || state !== storedState) {
+		return redirect(loginURL);
+	}
+
+	let tokens: OAuth2Tokens;
+
+	try {
+		tokens = await auth0.validateAuthorizationCode(code);
+
+		const auth0Response = await fetch(`${CLIENT_DOMAIN}/userinfo`, {
+			headers: {
+				Authorization: `Bearer ${tokens.accessToken}`,
+			},
+		});
+
+		const auth0User: Auth0User = await auth0Response.json();
+		const auth0UserId = auth0User.sub;
+		const auth0Username = auth0User.nickname;
+
+		// FIRST-TIME-SETUP
+		// if (STUDIOCMS_FIRST_TIME_SETUP) {
+		// 	// TODO: Add first-time setup logic here
+		// }
+
+		const existingoAuthAccount = await db
+			.select()
+			.from(tsOAuthAccounts)
+			.where(
+				and(
+					eq(tsOAuthAccounts.provider, ProviderID),
+					eq(tsOAuthAccounts.providerUserId, auth0UserId)
+				)
+			)
+			.get();
+
+		if (existingoAuthAccount) {
+			const user = await db
+				.select()
+				.from(tsUsers)
+				.where(eq(tsUsers.id, existingoAuthAccount.userId))
+				.get();
+
+			if (!user) {
+				return new Response('User not found', {
+					status: 404,
+				});
+			}
+
+			await createUserSession(user.id, context);
+
+			return redirect(dashboardIndex);
+		}
+
+		const loggedInUser = await getUserData(context);
+		const linkNewOAuth = !!cookies.get(LinkNewOAuthCookieName)?.value;
+
+		if (loggedInUser.user && linkNewOAuth) {
+			const exisitingUser = await db
+				.select()
+				.from(tsUsers)
+				.where(eq(tsUsers.id, loggedInUser.user.id))
+				.get();
+
+			if (exisitingUser) {
+				await db.insert(tsOAuthAccounts).values({
+					provider: ProviderID,
+					providerUserId: auth0UserId,
+					userId: exisitingUser.id,
+				});
+
+				await createUserSession(exisitingUser.id, context);
+
+				return redirect(dashboardIndex);
+			}
+		}
+
+		const newUser = await createOAuthUser(
+			{
+				id: crypto.randomUUID(),
+				username: auth0Username,
+				name: auth0User.name,
+				email: auth0User.email,
+				avatar: auth0User.picture,
+				createdAt: new Date(),
+			},
+			{ provider: ProviderID, providerUserId: auth0UserId }
+		);
+
+		if ('error' in newUser) {
+			return new Response('Error creating user', { status: 500 });
+		}
+
+		await createUserSession(newUser.id, context);
+
+		return redirect(dashboardIndex);
+	} catch (e) {
+		// the specific error message depends on the provider
+		if (e instanceof OAuth2RequestError) {
+			// invalid code
+			const code = e.code;
+			logger.error(`OAuth2RequestError in Auth0 OAuth callback: ${code}`);
+			return new Response(code, {
+				status: 400,
+			});
+		}
+		logger.error(`Unexpected error in Auth0 OAuth callback: ${e}`);
+		return new Response(null, {
+			status: 500,
+		});
+	}
+};
+
+export const OPTIONS: APIRoute = async () => {
+	return new Response(null, {
+		status: 204,
+		statusText: 'No Content',
+		headers: {
+			Allow: 'OPTIONS, GET',
+			'ALLOW-ACCESS-CONTROL-ORIGIN': '*',
+			'Cache-Control': 'public, max-age=604800, immutable',
+			Date: new Date().toUTCString(),
+		},
+	});
+};
+
+export const ALL: APIRoute = async () => {
+	return new Response(null, {
+		status: 405,
+		statusText: 'Method Not Allowed',
+		headers: {
+			'ACCESS-CONTROL-ALLOW-ORIGIN': '*',
+		},
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/api/auth0/index.ts b/packages/studiocms_auth/src/routes/api/auth0/index.ts
new file mode 100644
index 000000000..b0feaa225
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/auth0/index.ts
@@ -0,0 +1,39 @@
+import { setOAuthSessionTokenCookie } from 'studiocms:auth/lib/session';
+import { generateState } from 'arctic';
+import type { APIContext, APIRoute } from 'astro';
+import { ProviderCookieName, auth0 } from './shared';
+
+export const GET: APIRoute = async (context: APIContext) => {
+	const state = generateState();
+
+	const scopes = ['profile', 'email'];
+
+	const url = auth0.createAuthorizationURL(state, scopes);
+
+	setOAuthSessionTokenCookie(context, ProviderCookieName, state);
+
+	return context.redirect(url.toString());
+};
+
+export const OPTIONS: APIRoute = async () => {
+	return new Response(null, {
+		status: 204,
+		statusText: 'No Content',
+		headers: {
+			Allow: 'OPTIONS, GET',
+			'ALLOW-ACCESS-CONTROL-ORIGIN': '*',
+			'Cache-Control': 'public, max-age=604800, immutable',
+			Date: new Date().toUTCString(),
+		},
+	});
+};
+
+export const ALL: APIRoute = async () => {
+	return new Response(null, {
+		status: 405,
+		statusText: 'Method Not Allowed',
+		headers: {
+			'ACCESS-CONTROL-ALLOW-ORIGIN': '*',
+		},
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/api/auth0/shared.ts b/packages/studiocms_auth/src/routes/api/auth0/shared.ts
new file mode 100644
index 000000000..1e36a449f
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/auth0/shared.ts
@@ -0,0 +1,37 @@
+import { authEnvCheck } from 'studiocms:auth/utils/authEnvCheck';
+import Config from 'virtual:studiocms/config';
+import { Auth0 } from 'arctic';
+
+export const {
+	AUTH0: { CLIENT_ID, CLIENT_SECRET, DOMAIN, REDIRECT_URI },
+} = await authEnvCheck(Config.dashboardConfig.AuthConfig.providers);
+
+export const getClientDomain = () => {
+	const cleanDomainslash = DOMAIN ? DOMAIN.replace(/^\//, '') : '';
+
+	const NoHTTPDOMAIN = cleanDomainslash.replace(/http:\/\//, '').replace(/https:\/\//, '');
+
+	return `https://${NoHTTPDOMAIN}`;
+};
+
+const CLIENT = () => {
+	return {
+		DOMAIN: getClientDomain(),
+		ID: CLIENT_ID || '',
+		SECRET: CLIENT_SECRET || '',
+		URI: REDIRECT_URI || '',
+	};
+};
+
+export const ProviderID = 'auth0';
+export const ProviderCookieName = 'auth0_oauth_state';
+
+export const auth0 = new Auth0(CLIENT().DOMAIN, CLIENT().ID, CLIENT().SECRET, CLIENT().URI);
+
+export interface Auth0User {
+	sub: string;
+	name: string;
+	email: string;
+	picture: string;
+	nickname: string;
+}
diff --git a/packages/studiocms_auth/src/routes/api/discord/callback.ts b/packages/studiocms_auth/src/routes/api/discord/callback.ts
new file mode 100644
index 000000000..1abfd674e
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/discord/callback.ts
@@ -0,0 +1,158 @@
+import { logger } from '@it-astro:logger:studiocms-auth';
+import { and, db, eq } from 'astro:db';
+import { createUserSession } from 'studiocms:auth/lib/session';
+import { LinkNewOAuthCookieName, createOAuthUser, getUserData } from 'studiocms:auth/lib/user';
+import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
+import { tsOAuthAccounts, tsUsers } from '@studiocms/core/db/tsTables';
+import { OAuth2RequestError, type OAuth2Tokens } from 'arctic';
+import type { APIContext, APIRoute } from 'astro';
+import { type DiscordUser, ProviderCookieName, ProviderID, discord } from './shared';
+
+const {
+	authLinks: { loginURL },
+	mainLinks: { dashboardIndex },
+} = StudioCMSRoutes;
+
+export const GET: APIRoute = async (context: APIContext): Promise<Response> => {
+	const { url, cookies, redirect } = context;
+
+	const code = url.searchParams.get('code');
+	const state = url.searchParams.get('state');
+	const storedState = cookies.get(ProviderCookieName)?.value ?? null;
+
+	if (!code || !state || !storedState || state !== storedState) {
+		return redirect(loginURL);
+	}
+
+	let tokens: OAuth2Tokens;
+
+	try {
+		tokens = await discord.validateAuthorizationCode(code);
+
+		const discordResponse = await fetch('https://discord.com/api/users/@me', {
+			headers: {
+				Authorization: `Bearer ${tokens.accessToken}`,
+			},
+		});
+
+		const discordUser: DiscordUser = await discordResponse.json();
+		const discordUserId = discordUser.id;
+		const discordUsername = discordUser.username;
+
+		// FIRST-TIME-SETUP
+		// if (STUDIOCMS_FIRST_TIME_SETUP) {
+		//  // TODO: Add first-time setup logic here
+		// }
+
+		const existingoAuthAccount = await db
+			.select()
+			.from(tsOAuthAccounts)
+			.where(
+				and(
+					eq(tsOAuthAccounts.provider, ProviderID),
+					eq(tsOAuthAccounts.providerUserId, discordUserId)
+				)
+			)
+			.get();
+
+		if (existingoAuthAccount) {
+			const user = await db
+				.select()
+				.from(tsUsers)
+				.where(eq(tsUsers.id, existingoAuthAccount.userId))
+				.get();
+
+			if (!user) {
+				return new Response('User not found', {
+					status: 404,
+				});
+			}
+
+			await createUserSession(user.id, context);
+
+			return redirect(dashboardIndex);
+		}
+
+		const loggedInUser = await getUserData(context);
+		const linkNewOAuth = !!cookies.get(LinkNewOAuthCookieName)?.value;
+
+		if (loggedInUser.user && linkNewOAuth) {
+			const existingUser = await db
+				.select()
+				.from(tsUsers)
+				.where(eq(tsUsers.id, loggedInUser.user.id))
+				.get();
+
+			if (existingUser) {
+				await db.insert(tsOAuthAccounts).values({
+					provider: ProviderID,
+					providerUserId: discordUserId,
+					userId: existingUser.id,
+				});
+
+				await createUserSession(existingUser.id, context);
+
+				return redirect(dashboardIndex);
+			}
+		}
+
+		const avatar_url = `https://cdn.discordapp.com/avatars/${discordUserId}/${discordUser.avatar}.png`;
+
+		const newUser = await createOAuthUser(
+			{
+				id: crypto.randomUUID(),
+				username: discordUsername,
+				name: discordUser.global_name ?? discordUsername,
+				email: discordUser.email,
+				avatar: avatar_url,
+				createdAt: new Date(),
+			},
+			{ provider: ProviderID, providerUserId: discordUserId }
+		);
+
+		if ('error' in newUser) {
+			return new Response('Error creating user', { status: 500 });
+		}
+
+		await createUserSession(newUser.id, context);
+
+		return redirect(dashboardIndex);
+	} catch (e) {
+		// the specific error message depends on the provider
+		if (e instanceof OAuth2RequestError) {
+			// invalid code
+			const code = e.code;
+			logger.error(`OAuth2RequestError in Discord OAuth callback: ${code}`);
+			return new Response(code, {
+				status: 400,
+			});
+		}
+		logger.error(`Unexpected error in Discord OAuth callback: ${e}`);
+		return new Response(null, {
+			status: 500,
+		});
+	}
+};
+
+export const OPTIONS: APIRoute = async () => {
+	return new Response(null, {
+		status: 204,
+		statusText: 'No Content',
+		headers: {
+			Allow: 'OPTIONS, GET',
+			'ALLOW-ACCESS-CONTROL-ORIGIN': '*',
+			'Cache-Control': 'public, max-age=604800, immutable',
+			Date: new Date().toUTCString(),
+		},
+	});
+};
+
+export const ALL: APIRoute = async () => {
+	return new Response(null, {
+		status: 405,
+		statusText: 'Method Not Allowed',
+		headers: {
+			'ACCESS-CONTROL-ALLOW-ORIGIN': '*',
+		},
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/api/discord/index.ts b/packages/studiocms_auth/src/routes/api/discord/index.ts
new file mode 100644
index 000000000..6b839be5d
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/discord/index.ts
@@ -0,0 +1,39 @@
+import { setOAuthSessionTokenCookie } from 'studiocms:auth/lib/session';
+import { generateState } from 'arctic';
+import type { APIContext, APIRoute } from 'astro';
+import { ProviderCookieName, discord } from './shared';
+
+export const GET: APIRoute = async (context: APIContext) => {
+	const state = generateState();
+
+	const scopes = ['identify', 'email'];
+
+	const url: URL = discord.createAuthorizationURL(state, scopes);
+
+	setOAuthSessionTokenCookie(context, ProviderCookieName, state);
+
+	return context.redirect(url.toString());
+};
+
+export const OPTIONS: APIRoute = async () => {
+	return new Response(null, {
+		status: 204,
+		statusText: 'No Content',
+		headers: {
+			Allow: 'OPTIONS, GET',
+			'ALLOW-ACCESS-CONTROL-ORIGIN': '*',
+			'Cache-Control': 'public, max-age=604800, immutable',
+			Date: new Date().toUTCString(),
+		},
+	});
+};
+
+export const ALL: APIRoute = async () => {
+	return new Response(null, {
+		status: 405,
+		statusText: 'Method Not Allowed',
+		headers: {
+			'ACCESS-CONTROL-ALLOW-ORIGIN': '*',
+		},
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/api/discord/shared.ts b/packages/studiocms_auth/src/routes/api/discord/shared.ts
new file mode 100644
index 000000000..f9223e314
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/discord/shared.ts
@@ -0,0 +1,28 @@
+import { authEnvCheck } from 'studiocms:auth/utils/authEnvCheck';
+import Config from 'virtual:studiocms/config';
+import { Discord } from 'arctic';
+
+export const {
+	DISCORD: { CLIENT_ID, CLIENT_SECRET, REDIRECT_URI },
+} = await authEnvCheck(Config.dashboardConfig.AuthConfig.providers);
+
+const CLIENT = () => {
+	return {
+		ID: CLIENT_ID || '',
+		SECRET: CLIENT_SECRET || '',
+		URI: REDIRECT_URI || '',
+	};
+};
+
+export const ProviderID = 'discord';
+export const ProviderCookieName = 'discord_oauth_state';
+
+export const discord = new Discord(CLIENT().ID, CLIENT().SECRET, CLIENT().URI);
+
+export interface DiscordUser {
+	id: string;
+	avatar: string;
+	username: string;
+	global_name: string;
+	email: string;
+}
diff --git a/packages/studiocms_auth/src/routes/api/github/callback.ts b/packages/studiocms_auth/src/routes/api/github/callback.ts
new file mode 100644
index 000000000..8b19d8500
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/github/callback.ts
@@ -0,0 +1,155 @@
+import { logger } from '@it-astro:logger:studiocms-auth';
+import { and, db, eq } from 'astro:db';
+import { createUserSession } from 'studiocms:auth/lib/session';
+import { LinkNewOAuthCookieName, createOAuthUser, getUserData } from 'studiocms:auth/lib/user';
+import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
+import { tsOAuthAccounts, tsUsers } from '@studiocms/core/db/tsTables';
+import { OAuth2RequestError, type OAuth2Tokens } from 'arctic';
+import type { APIContext, APIRoute } from 'astro';
+import { type GitHubUser, ProviderCookieName, ProviderID, github } from './shared';
+
+const {
+	authLinks: { loginURL },
+	mainLinks: { dashboardIndex },
+} = StudioCMSRoutes;
+
+export const GET: APIRoute = async (context: APIContext): Promise<Response> => {
+	const { url, cookies, redirect } = context;
+
+	const code = url.searchParams.get('code');
+	const state = url.searchParams.get('state');
+	const storedState = cookies.get(ProviderCookieName)?.value ?? null;
+
+	if (!code || !state || !storedState || state !== storedState) {
+		return redirect(loginURL);
+	}
+
+	let tokens: OAuth2Tokens;
+
+	try {
+		tokens = await github.validateAuthorizationCode(code);
+
+		const githubUserResponse = await fetch('https://api.github.com/user', {
+			headers: {
+				Authorization: `Bearer ${tokens.accessToken}`,
+			},
+		});
+
+		const githubUser: GitHubUser = await githubUserResponse.json();
+		const githubUserId = githubUser.id;
+		const githubUsername = githubUser.login;
+
+		// FIRST-TIME-SETUP
+		// if (STUDIOCMS_FIRST_TIME_SETUP) {
+		// 	// TODO: Add first-time setup logic here
+		// }
+
+		const existingoAuthAccount = await db
+			.select()
+			.from(tsOAuthAccounts)
+			.where(
+				and(
+					eq(tsOAuthAccounts.provider, ProviderID),
+					eq(tsOAuthAccounts.providerUserId, `${githubUserId}`)
+				)
+			)
+			.get();
+
+		if (existingoAuthAccount) {
+			const user = await db
+				.select()
+				.from(tsUsers)
+				.where(eq(tsUsers.id, existingoAuthAccount.userId))
+				.get();
+
+			if (!user) {
+				return new Response('User not found', {
+					status: 404,
+				});
+			}
+
+			await createUserSession(user.id, context);
+
+			return redirect(dashboardIndex);
+		}
+
+		const loggedInUser = await getUserData(context);
+		const linkNewOAuth = !!cookies.get(LinkNewOAuthCookieName)?.value;
+
+		if (loggedInUser.user && linkNewOAuth) {
+			const existingUser = await db
+				.select()
+				.from(tsUsers)
+				.where(eq(tsUsers.id, loggedInUser.user.id))
+				.get();
+
+			if (existingUser) {
+				await db.insert(tsOAuthAccounts).values({
+					provider: ProviderID,
+					providerUserId: `${githubUserId}`,
+					userId: existingUser.id,
+				});
+
+				await createUserSession(existingUser.id, context);
+
+				return redirect(dashboardIndex);
+			}
+		}
+
+		const newUser = await createOAuthUser(
+			{
+				id: crypto.randomUUID(),
+				username: githubUsername,
+				email: githubUser.email,
+				name: githubUser.name,
+				avatar: githubUser.avatar_url,
+				createdAt: new Date(),
+				url: githubUser.blog,
+			},
+			{ provider: ProviderID, providerUserId: `${githubUserId}` }
+		);
+
+		if ('error' in newUser) {
+			return new Response('Error creating user', { status: 500 });
+		}
+
+		await createUserSession(newUser.id, context);
+
+		return redirect(dashboardIndex);
+	} catch (e) {
+		if (e instanceof OAuth2RequestError) {
+			const code = e.code;
+			logger.error(`OAuth2RequestError in GitHub OAuth callback: ${code}`);
+			return new Response(code, {
+				status: 400,
+			});
+		}
+		logger.error(`Unexpected error in GitHub OAuth callback: ${e}`);
+		return new Response(null, {
+			status: 400,
+		});
+	}
+};
+
+export const OPTIONS: APIRoute = async () => {
+	return new Response(null, {
+		status: 204,
+		statusText: 'No Content',
+		headers: {
+			Allow: 'OPTIONS, GET',
+			'ALLOW-ACCESS-CONTROL-ORIGIN': '*',
+			'Cache-Control': 'public, max-age=604800, immutable',
+			Date: new Date().toUTCString(),
+		},
+	});
+};
+
+export const ALL: APIRoute = async () => {
+	return new Response(null, {
+		status: 405,
+		statusText: 'Method Not Allowed',
+		headers: {
+			'ACCESS-CONTROL-ALLOW-ORIGIN': '*',
+		},
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/api/github/index.ts b/packages/studiocms_auth/src/routes/api/github/index.ts
new file mode 100644
index 000000000..10f5597b8
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/github/index.ts
@@ -0,0 +1,44 @@
+import { setOAuthSessionTokenCookie } from 'studiocms:auth/lib/session';
+import { generateState } from 'arctic';
+import type { APIContext, APIRoute } from 'astro';
+import { ProviderCookieName, github } from './shared';
+
+export const GET: APIRoute = async (context: APIContext) => {
+	// generate a random state
+	const state = generateState();
+
+	// scopes for the GitHub OAuth2 request
+	const scopes = ['user:email', 'repo'];
+
+	// create the GitHub OAuth2 authorization URL
+	const url = github.createAuthorizationURL(state, scopes);
+
+	// set the state cookie
+	setOAuthSessionTokenCookie(context, ProviderCookieName, state);
+
+	// redirect the user to the GitHub OAuth2 authorization URL
+	return context.redirect(url.toString());
+};
+
+export const OPTIONS: APIRoute = async () => {
+	return new Response(null, {
+		status: 204,
+		statusText: 'No Content',
+		headers: {
+			Allow: 'OPTIONS, GET',
+			'ALLOW-ACCESS-CONTROL-ORIGIN': '*',
+			'Cache-Control': 'public, max-age=604800, immutable',
+			Date: new Date().toUTCString(),
+		},
+	});
+};
+
+export const ALL: APIRoute = async () => {
+	return new Response(null, {
+		status: 405,
+		statusText: 'Method Not Allowed',
+		headers: {
+			'ACCESS-CONTROL-ALLOW-ORIGIN': '*',
+		},
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/api/github/shared.ts b/packages/studiocms_auth/src/routes/api/github/shared.ts
new file mode 100644
index 000000000..04343c075
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/github/shared.ts
@@ -0,0 +1,30 @@
+import { authEnvCheck } from 'studiocms:auth/utils/authEnvCheck';
+import Config from 'virtual:studiocms/config';
+import { GitHub } from 'arctic';
+
+const {
+	GITHUB: { CLIENT_ID, CLIENT_SECRET, REDIRECT_URI },
+} = await authEnvCheck(Config.dashboardConfig.AuthConfig.providers);
+
+const CLIENT = () => {
+	return {
+		ID: CLIENT_ID || '',
+		SECRET: CLIENT_SECRET || '',
+		URI: REDIRECT_URI || null,
+	};
+};
+
+export const ProviderID = 'github';
+export const ProviderCookieName = 'github_oauth_state';
+
+export const github = new GitHub(CLIENT().ID, CLIENT().SECRET, CLIENT().URI);
+
+export interface GitHubUser {
+	id: number;
+	html_url: string;
+	login: string;
+	avatar_url: string;
+	name: string;
+	blog: string;
+	email: string;
+}
diff --git a/packages/studiocms_auth/src/routes/api/google/callback.ts b/packages/studiocms_auth/src/routes/api/google/callback.ts
new file mode 100644
index 000000000..7369093c8
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/google/callback.ts
@@ -0,0 +1,161 @@
+import { logger } from '@it-astro:logger:studiocms-auth';
+import { and, db, eq } from 'astro:db';
+import { createUserSession } from 'studiocms:auth/lib/session';
+import { LinkNewOAuthCookieName, createOAuthUser, getUserData } from 'studiocms:auth/lib/user';
+import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
+import { tsOAuthAccounts, tsUsers } from '@studiocms/core/db/tsTables';
+import { OAuth2RequestError, type OAuth2Tokens } from 'arctic';
+import type { APIContext, APIRoute } from 'astro';
+import {
+	type GoogleUser,
+	ProviderCodeVerifier,
+	ProviderCookieName,
+	ProviderID,
+	google,
+} from './shared';
+
+const {
+	authLinks: { loginURL },
+	mainLinks: { dashboardIndex },
+} = StudioCMSRoutes;
+
+export const GET: APIRoute = async (context: APIContext): Promise<Response> => {
+	const { url, cookies, redirect } = context;
+
+	const code = url.searchParams.get('code');
+	const state = url.searchParams.get('state');
+	const codeVerifier = cookies.get(ProviderCodeVerifier)?.value ?? null;
+	const storedState = cookies.get(ProviderCookieName)?.value ?? null;
+
+	if (!code || !storedState || !codeVerifier || state !== storedState) {
+		return redirect(loginURL);
+	}
+
+	let tokens: OAuth2Tokens;
+
+	try {
+		tokens = await google.validateAuthorizationCode(code, codeVerifier);
+
+		const googleUserResponse = await fetch('https://openidconnect.googleapis.com/v1/userinfo', {
+			headers: {
+				Authorization: `Bearer ${tokens.accessToken}`,
+			},
+		});
+
+		const googleUser: GoogleUser = await googleUserResponse.json();
+		const googleUserId = googleUser.sub;
+		const googleUsername = googleUser.name;
+
+		// FIRST-TIME-SETUP
+		// if (STUDIOCMS_FIRST_TIME_SETUP) {
+		//  // TODO: Add first-time setup logic
+		// }
+
+		const existingoAuthAccount = await db
+			.select()
+			.from(tsOAuthAccounts)
+			.where(
+				and(
+					eq(tsOAuthAccounts.provider, ProviderID),
+					eq(tsOAuthAccounts.providerUserId, googleUserId)
+				)
+			)
+			.get();
+
+		if (existingoAuthAccount) {
+			const user = await db
+				.select()
+				.from(tsUsers)
+				.where(eq(tsUsers.id, existingoAuthAccount.userId))
+				.get();
+
+			if (!user) {
+				return new Response('User not found', { status: 404 });
+			}
+
+			await createUserSession(user.id, context);
+
+			return redirect(dashboardIndex);
+		}
+
+		const loggedInUser = await getUserData(context);
+		const linkNewOAuth = !!cookies.get(LinkNewOAuthCookieName)?.value;
+
+		if (loggedInUser.user && linkNewOAuth) {
+			const existingUser = await db
+				.select()
+				.from(tsUsers)
+				.where(eq(tsUsers.id, loggedInUser.user.id))
+				.get();
+
+			if (existingUser) {
+				await db.insert(tsOAuthAccounts).values({
+					userId: existingUser.id,
+					provider: ProviderID,
+					providerUserId: googleUserId,
+				});
+
+				await createUserSession(existingUser.id, context);
+
+				return redirect(dashboardIndex);
+			}
+		}
+
+		const newUser = await createOAuthUser(
+			{
+				id: crypto.randomUUID(),
+				username: googleUsername,
+				email: googleUser.email,
+				name: googleUser.name,
+				avatar: googleUser.picture,
+				createdAt: new Date(),
+			},
+			{ provider: ProviderID, providerUserId: googleUserId }
+		);
+
+		if ('error' in newUser) {
+			return new Response('Error creating user', { status: 500 });
+		}
+
+		await createUserSession(newUser.id, context);
+
+		return redirect(dashboardIndex);
+	} catch (e) {
+		// the specific error message depends on the provider
+		if (e instanceof OAuth2RequestError) {
+			// invalid code
+			const code = e.code;
+			logger.error(`OAuth2RequestError in Google OAuth callback: ${code}`);
+			return new Response(code, {
+				status: 400,
+			});
+		}
+		logger.error(`Unexpected error in Google OAuth callback: ${e}`);
+		return new Response(null, {
+			status: 500,
+		});
+	}
+};
+
+export const OPTIONS: APIRoute = async () => {
+	return new Response(null, {
+		status: 204,
+		statusText: 'No Content',
+		headers: {
+			Allow: 'OPTIONS, GET',
+			'ALLOW-ACCESS-CONTROL-ORIGIN': '*',
+			'Cache-Control': 'public, max-age=604800, immutable',
+			Date: new Date().toUTCString(),
+		},
+	});
+};
+
+export const ALL: APIRoute = async () => {
+	return new Response(null, {
+		status: 405,
+		statusText: 'Method Not Allowed',
+		headers: {
+			'ACCESS-CONTROL-ALLOW-ORIGIN': '*',
+		},
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/api/google/index.ts b/packages/studiocms_auth/src/routes/api/google/index.ts
new file mode 100644
index 000000000..5a897997f
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/google/index.ts
@@ -0,0 +1,43 @@
+import { setOAuthSessionTokenCookie } from 'studiocms:auth/lib/session';
+import { generateCodeVerifier, generateState } from 'arctic';
+import type { APIContext, APIRoute } from 'astro';
+import { ProviderCodeVerifier, ProviderCookieName, google } from './shared';
+
+export const GET: APIRoute = async (context: APIContext) => {
+	const state = generateState();
+
+	const codeVerifier = generateCodeVerifier();
+
+	const scopes = ['profile', 'email'];
+
+	const url = google.createAuthorizationURL(state, codeVerifier, scopes);
+
+	setOAuthSessionTokenCookie(context, ProviderCookieName, state);
+
+	setOAuthSessionTokenCookie(context, ProviderCodeVerifier, codeVerifier);
+
+	return context.redirect(url.toString());
+};
+
+export const OPTIONS: APIRoute = async () => {
+	return new Response(null, {
+		status: 204,
+		statusText: 'No Content',
+		headers: {
+			Allow: 'OPTIONS, GET',
+			'ALLOW-ACCESS-CONTROL-ORIGIN': '*',
+			'Cache-Control': 'public, max-age=604800, immutable',
+			Date: new Date().toUTCString(),
+		},
+	});
+};
+
+export const ALL: APIRoute = async () => {
+	return new Response(null, {
+		status: 405,
+		statusText: 'Method Not Allowed',
+		headers: {
+			'ACCESS-CONTROL-ALLOW-ORIGIN': '*',
+		},
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/api/google/shared.ts b/packages/studiocms_auth/src/routes/api/google/shared.ts
new file mode 100644
index 000000000..e0ed0bcc3
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/google/shared.ts
@@ -0,0 +1,28 @@
+import { authEnvCheck } from 'studiocms:auth/utils/authEnvCheck';
+import Config from 'virtual:studiocms/config';
+import { Google } from 'arctic';
+
+export const {
+	GOOGLE: { CLIENT_ID, CLIENT_SECRET, REDIRECT_URI },
+} = await authEnvCheck(Config.dashboardConfig.AuthConfig.providers);
+
+const CLIENT = () => {
+	return {
+		ID: CLIENT_ID || '',
+		SECRET: CLIENT_SECRET || '',
+		URI: REDIRECT_URI || '',
+	};
+};
+
+export const ProviderID = 'google';
+export const ProviderCookieName = 'google_oauth_state';
+export const ProviderCodeVerifier = 'google_oauth_code_verifier';
+
+export const google = new Google(CLIENT().ID, CLIENT().SECRET, CLIENT().URI);
+
+export interface GoogleUser {
+	sub: string;
+	picture: string;
+	name: string;
+	email: string;
+}
diff --git a/packages/studiocms_auth/src/routes/api/login.ts b/packages/studiocms_auth/src/routes/api/login.ts
new file mode 100644
index 000000000..3a50c1c88
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/login.ts
@@ -0,0 +1,68 @@
+import { db, eq } from 'astro:db';
+import { verifyPasswordHash } from 'studiocms:auth/lib/password';
+import { createUserSession } from 'studiocms:auth/lib/session';
+import { tsUsers } from '@studiocms/core/db/tsTables';
+import type { APIContext, APIRoute } from 'astro';
+import { badFormDataEntry, parseFormDataEntryToString } from './shared';
+
+export const POST: APIRoute = async (context: APIContext): Promise<Response> => {
+	// Get the form data
+	const formData = await context.request.formData();
+
+	// Get the username and password from the form data
+	const username = parseFormDataEntryToString(formData, 'username');
+	const password = parseFormDataEntryToString(formData, 'password');
+
+	// If the username or password is missing, return an error
+	if (!username || !password) {
+		return badFormDataEntry('Username or password is missing');
+	}
+
+	// Get the user from the database
+	const existingUser = await db.select().from(tsUsers).where(eq(tsUsers.username, username)).get();
+
+	// If the user does not exist, return an error
+	if (!existingUser) {
+		return badFormDataEntry('Invalid Username or Password');
+	}
+
+	// Check if the user has a password or is using a oAuth login
+	if (!existingUser.password) {
+		return badFormDataEntry('User is using a oAuth login');
+	}
+
+	// Verify the password
+	const validPassword = await verifyPasswordHash(existingUser.password, password);
+
+	// If the password is invalid, return an error
+	if (!validPassword) {
+		return badFormDataEntry('Invalid Username or Password');
+	}
+
+	await createUserSession(existingUser.id, context);
+
+	return new Response();
+};
+
+export const OPTIONS: APIRoute = async () => {
+	return new Response(null, {
+		status: 204,
+		statusText: 'No Content',
+		headers: {
+			Allow: 'OPTIONS, POST',
+			'ALLOW-ACCESS-CONTROL-ORIGIN': '*',
+			'Cache-Control': 'public, max-age=604800, immutable',
+			Date: new Date().toUTCString(),
+		},
+	});
+};
+
+export const ALL: APIRoute = async () => {
+	return new Response(null, {
+		status: 405,
+		statusText: 'Method Not Allowed',
+		headers: {
+			'ACCESS-CONTROL-ALLOW-ORIGIN': '*',
+		},
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/api/register.ts b/packages/studiocms_auth/src/routes/api/register.ts
new file mode 100644
index 000000000..2fa9a0c13
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/register.ts
@@ -0,0 +1,102 @@
+import { db, eq } from 'astro:db';
+import { verifyPasswordStrength } from 'studiocms:auth/lib/password';
+import { createUserSession } from 'studiocms:auth/lib/session';
+import { createLocalUser, verifyUsernameInput } from 'studiocms:auth/lib/user';
+import { tsUsers } from '@studiocms/core/db/tsTables';
+import type { APIContext, APIRoute } from 'astro';
+import { z } from 'astro/zod';
+import { badFormDataEntry, parseFormDataEntryToString } from './shared';
+
+export const POST: APIRoute = async (context: APIContext): Promise<Response> => {
+	// Get the form data
+	const formData = await context.request.formData();
+
+	// Get the username and password from the form data
+	const username = parseFormDataEntryToString(formData, 'username');
+	const password = parseFormDataEntryToString(formData, 'password');
+
+	// If the username or password is missing, return an error
+	if (!username || !password) {
+		return badFormDataEntry('Username or password is missing');
+	}
+
+	// If the username is invalid, return an error
+	if (verifyUsernameInput(username) !== true) {
+		return badFormDataEntry(
+			'Invalid Username: Username must be between 3 and 20 characters, only contain lowercase letters, numbers, -, and _ as well as not be a commonly used username (admin, root, etc.)'
+		);
+	}
+
+	// If the password is invalid, return an error
+	if ((await verifyPasswordStrength(password)) !== true) {
+		return badFormDataEntry(
+			'Invalid Password: Password must be between 6 and 255 characters, not be a known unsafe password, and not be in the pwned password database'
+		);
+	}
+
+	// Get the email and display name from the form data
+	const email = parseFormDataEntryToString(formData, 'email');
+	const name = parseFormDataEntryToString(formData, 'displayname');
+
+	// If the email or display name is missing, return an error
+	if (!email || !name) {
+		return badFormDataEntry('Email or display name is missing');
+	}
+
+	// If the email is invalid, return an error
+	const checkemail = z.coerce
+		.string()
+		.email({ message: 'Email address is invalid' })
+		.safeParse(email);
+
+	if (!checkemail.success) {
+		return badFormDataEntry(checkemail.error.message);
+	}
+
+	// Check if the username/email is already used
+	const existingUsername = await db
+		.select()
+		.from(tsUsers)
+		.where(eq(tsUsers.username, username))
+		.get();
+
+	const existingEmail = await db
+		.select()
+		.from(tsUsers)
+		.where(eq(tsUsers.email, checkemail.data))
+		.get();
+
+	if (existingUsername || existingEmail) {
+		return badFormDataEntry('Username or email is already in use');
+	}
+
+	// Create a new user
+	const newUser = await createLocalUser(name, username, email, password);
+
+	await createUserSession(newUser.id, context);
+
+	return new Response();
+};
+
+export const OPTIONS: APIRoute = async () => {
+	return new Response(null, {
+		status: 204,
+		statusText: 'No Content',
+		headers: {
+			Allow: 'OPTIONS, POST',
+			'ALLOW-ACCESS-CONTROL-ORIGIN': '*',
+			'Cache-Control': 'public, max-age=604800, immutable',
+			Date: new Date().toUTCString(),
+		},
+	});
+};
+
+export const ALL: APIRoute = async () => {
+	return new Response(null, {
+		status: 405,
+		statusText: 'Method Not Allowed',
+		headers: {
+			'ACCESS-CONTROL-ALLOW-ORIGIN': '*',
+		},
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/api/shared.ts b/packages/studiocms_auth/src/routes/api/shared.ts
new file mode 100644
index 000000000..6b525bc34
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/api/shared.ts
@@ -0,0 +1,16 @@
+export function parseFormDataEntryToString(formData: FormData, key: string): string | null {
+	const value = formData.get(key);
+	if (typeof value !== 'string') {
+		return null;
+	}
+	return value;
+}
+
+export const badFormDataEntry = (message?: string | undefined): Response => {
+	const error = message || 'Invalid form data';
+
+	return new Response(JSON.stringify({ error }), {
+		status: 400,
+		statusText: 'Bad Request',
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/components/OauthProviders.astro b/packages/studiocms_auth/src/routes/components/OauthProviders.astro
deleted file mode 100644
index ca3d41811..000000000
--- a/packages/studiocms_auth/src/routes/components/OauthProviders.astro
+++ /dev/null
@@ -1,96 +0,0 @@
----
-import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
-import type Config from 'virtual:studiocms/config';
-import { Button, Icon } from '@matthiesenxyz/astrolace/components';
-import auth0Logo from '@studiocms/assets/svgs/auth0-logo.svg';
-import discordLogo from '@studiocms/assets/svgs/discord-logo.svg';
-import githubLogo from '@studiocms/assets/svgs/github-logo.svg';
-import googleLogo from '@studiocms/assets/svgs/google-logo.svg';
-import { authEnvCheck } from '../../utils/authEnvCheck';
-
-type Props = {
-	dashboardConfig: typeof Config.dashboardConfig;
-};
-
-const {
-	dashboardConfig: {
-		AuthConfig: { providers },
-	},
-} = Astro.props;
-
-const {
-	authLinks: { auth0Index, discordIndex, githubIndex, googleIndex },
-} = StudioCMSRoutes;
-
-const {
-	DISCORD: { ENABLED: discordEnabled },
-	GITHUB: { ENABLED: githubEnabled },
-	GOOGLE: { ENABLED: googleEnabled },
-	AUTH0: { ENABLED: auth0Enabled },
-	SHOW_OAUTH,
-	SHOW_PROVIDER_ERROR,
-} = await authEnvCheck(providers);
----
-{SHOW_OAUTH && ( 
-        <div class="bg-base-300 rounded-lg p-6 grid grid-cols-1 md:grid-cols-2 gap-4">
-    
-            {/* <!-- GitHub Provider --> */}
-            { githubEnabled && (
-                <Button 
-                    variant="default" 
-                    href={githubIndex} 
-                    outline 
-                    pill>
-                    <Icon src={githubLogo.src} slot="prefix" class="w-24px h-24px" />
-                    <span class="font-bold text-base text-lg">Sign in with GitHub</span>
-                </Button>
-            )}
-            {/* <!-- End of GitHub Provider --> */}
-
-            {/* <!-- Discord Provider --> */}
-            { discordEnabled && (
-                <Button 
-                    variant="default" 
-                    href={discordIndex}
-                    outline 
-                    pill>
-                        <Icon src={discordLogo.src} slot="prefix" class="w-24px h-24px" />
-                        <span class="font-bold text-base text-lg">Sign in with Discord</span>
-                </Button>
-            )}
-            {/* <!-- End of Discord Provider --> */}
-
-            {/* <!-- Google Provider --> */}
-            { googleEnabled && (
-                <Button 
-                    variant="default" 
-                    href={googleIndex} 
-                    outline 
-                    pill>
-                    <Icon src={googleLogo.src} slot="prefix" class="w-24px h-24px" />
-                    <span class="font-bold text-base text-lg">Sign in with Google</span>
-                </Button>
-            )}
-            {/* <!-- End of Google Provider --> */}
-
-            {/* <!-- Auth0 Provider --> */}
-            { auth0Enabled && (
-                <Button 
-                    variant="default" 
-                    href={auth0Index} 
-                    outline 
-                    pill>
-                    <Icon src={auth0Logo.src} slot="prefix" class="w-24px h-24px" />
-                    <span class="font-bold text-base text-lg">Sign in with Auth0</span>
-                </Button>
-            )}
-            {/* <!-- End of Auth0 Provider --> */}
-    
-        </div>
-)}
-
-{SHOW_PROVIDER_ERROR && (
-    <div class="bg-base-300 rounded-lg p-4 text-center">
-        <p>No Login provider configured. Please contact your administrator.</p>
-    </div>
-)}
diff --git a/packages/studiocms_auth/src/routes/login.astro b/packages/studiocms_auth/src/routes/login.astro
new file mode 100644
index 000000000..dee096fe7
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/login.astro
@@ -0,0 +1,75 @@
+---
+import { getUserData } from 'studiocms:auth/lib/user';
+import { authEnvCheck } from 'studiocms:auth/utils/authEnvCheck';
+import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
+import Config from 'virtual:studiocms/config';
+import { Button, Input } from '@studiocms/ui/components';
+import AuthLayout from '../layouts/AuthLayout.astro';
+import { hashPassword } from '../lib/password';
+
+const {
+	dashboardConfig: {
+		AuthConfig: {
+			providers,
+			providers: {
+				usernameAndPassword,
+				usernameAndPasswordConfig: { allowUserRegistration },
+			},
+		},
+	},
+} = Config;
+
+const {
+	authLinks: { loginAPI, signupURL },
+	mainLinks: { dashboardIndex },
+} = StudioCMSRoutes;
+
+const { SHOW_OAUTH } = await authEnvCheck(providers);
+
+let paragraph: string;
+
+if (usernameAndPassword && SHOW_OAUTH) {
+	paragraph = 'Enter your username & password or log in using one of the options below.';
+} else if (usernameAndPassword && !SHOW_OAUTH) {
+	paragraph = 'Enter your username & password.';
+} else if (!usernameAndPassword && SHOW_OAUTH) {
+	paragraph = 'Log in using one of the options below.';
+} else {
+	paragraph = 'No Login provider configured. Please contact your administrator.';
+}
+
+const user = await getUserData(Astro);
+
+if (user.isLoggedIn) {
+	return Astro.redirect(dashboardIndex);
+}
+---
+<AuthLayout title="Login Page" description="Login Page">
+
+    <div slot="header" class="form-header">
+        <h1>Login</h1>
+        <p>{paragraph}</p>
+    </div>
+
+    { usernameAndPassword && (
+        <form class="form" id="login-form" method="post" action={loginAPI}>
+
+            <Input label="Username" name="username" type="text" />
+            <Input label="Password" name="password" type='password' />
+
+            <Button as="button" type="submit" color='primary' size='md' variant='solid'><span>Log In</span></Button>
+        </form>
+    )}
+
+    { allowUserRegistration && (
+        <p slot="footer">Don't have an account? <a href={signupURL}>Register here!</a></p>
+    )}
+
+</AuthLayout>
+
+<script>
+    import { formListener } from 'studiocms:auth/scripts/formListener';
+    const loginForm = document.getElementById('login-form') as HTMLFormElement;
+
+    loginForm.addEventListener('submit', (event) => formListener(event, loginForm, 'login'));
+</script>
\ No newline at end of file
diff --git a/packages/studiocms_auth/src/routes/login/api/login.ts b/packages/studiocms_auth/src/routes/login/api/login.ts
deleted file mode 100644
index e7ef9afd6..000000000
--- a/packages/studiocms_auth/src/routes/login/api/login.ts
+++ /dev/null
@@ -1,65 +0,0 @@
-import { db, eq } from 'astro:db';
-import AuthSecurityConfig from 'studiocms:auth/config';
-import { scryptAsync } from '@noble/hashes/scrypt';
-import { tsUsers } from '@studiocms/core/db/tsTables';
-import { lucia } from '../../../auth';
-
-const { salt: ScryptSalt, opts: ScryptOpts } = AuthSecurityConfig;
-
-import type { APIContext } from 'astro';
-
-export async function POST(context: APIContext): Promise<Response> {
-	const formData = await context.request.formData();
-	const username = formData.get('username');
-	if (
-		typeof username !== 'string' ||
-		username.length < 3 ||
-		username.length > 31 ||
-		!/^[a-z0-9_-]+$/.test(username)
-	) {
-		return new Response(JSON.stringify({ error: 'Invalid username' }), {
-			status: 400,
-		});
-	}
-	const password = formData.get('password');
-	if (typeof password !== 'string' || password.length < 6 || password.length > 255) {
-		return new Response(JSON.stringify({ error: 'Invalid password' }), {
-			status: 400,
-		});
-	}
-
-	const existingUser = await db.select().from(tsUsers).where(eq(tsUsers.username, username)).get();
-
-	if (!existingUser) {
-		return new Response(
-			JSON.stringify({
-				error: 'Incorrect username or password',
-			}),
-			{
-				status: 400,
-			}
-		);
-	}
-
-	const serverToken = await scryptAsync(existingUser.id, ScryptSalt, ScryptOpts);
-	const hashedPassword = await scryptAsync(password, serverToken, ScryptOpts);
-	const hashedPasswordString = Buffer.from(hashedPassword.buffer).toString();
-	const validPassword = hashedPasswordString === existingUser.password;
-
-	if (!validPassword) {
-		return new Response(
-			JSON.stringify({
-				error: 'Incorrect username or password',
-			}),
-			{
-				status: 400,
-			}
-		);
-	}
-
-	const session = await lucia.createSession(existingUser.id, {});
-	const sessionCookie = lucia.createSessionCookie(session.id);
-	context.cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-
-	return new Response();
-}
diff --git a/packages/studiocms_auth/src/routes/login/api/register.ts b/packages/studiocms_auth/src/routes/login/api/register.ts
deleted file mode 100644
index 9cfec4373..000000000
--- a/packages/studiocms_auth/src/routes/login/api/register.ts
+++ /dev/null
@@ -1,148 +0,0 @@
-import { randomUUID } from 'node:crypto';
-import { db, eq } from 'astro:db';
-import AuthSecurityConfig from 'studiocms:auth/config';
-import { checkIfUnsafe } from '@matthiesenxyz/integration-utils/securityUtils';
-import { scryptAsync } from '@noble/hashes/scrypt';
-import { tsUsers } from '@studiocms/core/db/tsTables';
-import type { APIContext } from 'astro';
-import { z } from 'astro/zod';
-import { lucia } from '../../../auth';
-
-const { salt: ScryptSalt, opts: ScryptOpts } = AuthSecurityConfig;
-
-export async function POST(context: APIContext): Promise<Response> {
-	const formData = await context.request.formData();
-	const username = formData.get('username');
-	// username must be between 3 ~ 31 characters, and only consists of lowercase letters, 0-9, -, and _
-	// keep in mind some database (e.g. mysql) are case insensitive
-	if (
-		typeof username !== 'string' ||
-		username.length < 3 ||
-		username.length > 31 ||
-		!/^[a-z0-9_-]+$/.test(username) ||
-		checkIfUnsafe(username).username()
-	) {
-		return new Response(
-			JSON.stringify({
-				error: 'Invalid username',
-			}),
-			{
-				status: 400,
-			}
-		);
-	}
-	const password = formData.get('password');
-	if (
-		typeof password !== 'string' ||
-		password.length < 6 ||
-		password.length > 255 ||
-		checkIfUnsafe(password).password()
-	) {
-		return new Response(
-			JSON.stringify({
-				error: 'Invalid password',
-			}),
-			{
-				status: 400,
-			}
-		);
-	}
-
-	const emailFormData = formData.get('email');
-	const checkemail = z.coerce
-		.string()
-		.email({ message: 'Email address is invalid' })
-		.safeParse(emailFormData);
-	if (!checkemail.success) {
-		return new Response(
-			JSON.stringify({
-				error: 'Invalid email',
-			}),
-			{
-				status: 400,
-			}
-		);
-	}
-
-	const name = formData.get('displayname');
-
-	const existingUsername = await db
-		.select()
-		.from(tsUsers)
-		.where(eq(tsUsers.username, username))
-		.get();
-	const existingEmail = await db
-		.select()
-		.from(tsUsers)
-		.where(eq(tsUsers.email, checkemail.data))
-		.get();
-
-	if (existingUsername || existingEmail) {
-		return new Response(
-			JSON.stringify({
-				error: 'Username/Email already used',
-			}),
-			{
-				status: 400,
-			}
-		);
-	}
-
-	// Make a gravatar Avatar from the email
-	async function createGravatar(email: string) {
-		// trim and lowercase the email
-		const safeemail = email.trim().toLowerCase();
-		// encode as (utf-8) Uint8Array
-		const msgUint8 = new TextEncoder().encode(safeemail);
-		// hash the message
-		const hashBuffer = await crypto.subtle.digest('SHA-256', msgUint8);
-		// convert buffer to byte array
-		const hashArray = Array.from(new Uint8Array(hashBuffer));
-		// convert bytes to hex string
-		const hashHex = hashArray.map((b) => b.toString(16).padStart(2, '0')).join('');
-		// return the gravatar url
-		return `https://www.gravatar.com/avatar/${hashHex}?s=400&d=mp`;
-	}
-	const avatar = await createGravatar(checkemail.data);
-
-	const newUserId = await db
-		.insert(tsUsers)
-		.values({
-			id: randomUUID(),
-			name: name as string,
-			email: checkemail.data,
-			username,
-			avatar,
-		})
-		.returning({ id: tsUsers.id })
-		.get();
-
-	const serverToken = await scryptAsync(newUserId.id, ScryptSalt, ScryptOpts);
-	const newUser = await db.select().from(tsUsers).where(eq(tsUsers.username, username)).get();
-	const hashedPassword = await scryptAsync(password, serverToken, ScryptOpts);
-	const hashedPasswordString = Buffer.from(hashedPassword.buffer).toString();
-
-	if (!newUser) {
-		return new Response(
-			JSON.stringify({
-				error: 'User Error',
-			}),
-			{
-				status: 400,
-			}
-		);
-	}
-
-	await db
-		.update(tsUsers)
-		.set({
-			password: hashedPasswordString,
-		})
-		.where(eq(tsUsers.id, newUser.id));
-
-	const session = await lucia.createSession(newUser.id, {});
-	const sessionCookie = lucia.createSessionCookie(session.id);
-	context.cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-
-	return new Response();
-}
diff --git a/packages/studiocms_auth/src/routes/login/auth0/callback.ts b/packages/studiocms_auth/src/routes/login/auth0/callback.ts
deleted file mode 100644
index 0257746fb..000000000
--- a/packages/studiocms_auth/src/routes/login/auth0/callback.ts
+++ /dev/null
@@ -1,122 +0,0 @@
-import { randomUUID } from 'node:crypto';
-import { db, eq } from 'astro:db';
-import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
-import Config from 'virtual:studiocms/config';
-import { tsUsers } from '@studiocms/core/db/tsTables';
-import { Auth0, type Auth0Tokens, OAuth2RequestError } from 'arctic';
-import type { APIContext } from 'astro';
-import { lucia } from '../../../auth';
-import { authEnvCheck } from '../../../utils/authEnvCheck';
-
-const {
-	dashboardConfig: {
-		AuthConfig: { providers },
-	},
-} = Config;
-
-const {
-	AUTH0: { CLIENT_ID, CLIENT_SECRET, DOMAIN, REDIRECT_URI },
-} = await authEnvCheck(providers);
-const {
-	authLinks: { loginURL },
-	mainLinks: { dashboardIndex },
-} = StudioCMSRoutes;
-
-export async function GET(context: APIContext): Promise<Response> {
-	const { url, cookies, redirect } = context;
-
-	const cleanDomainslash = DOMAIN ? DOMAIN.replace(/^\//, '') : '';
-	const NoHTTPDOMAIN = cleanDomainslash.replace(/http:\/\//, '').replace(/https:\/\//, '');
-	const clientDomain = `https://${NoHTTPDOMAIN}`;
-
-	const auth0 = new Auth0(
-		clientDomain,
-		CLIENT_ID ? CLIENT_ID : '',
-		CLIENT_SECRET ? CLIENT_SECRET : '',
-		REDIRECT_URI ? REDIRECT_URI : ''
-	);
-
-	const code = url.searchParams.get('code');
-	const state = url.searchParams.get('state');
-	const storedState = cookies.get('auth0_oauth_state')?.value ?? null;
-	if (!code || !state || !storedState || state !== storedState) {
-		return redirect(loginURL);
-	}
-
-	try {
-		const tokens: Auth0Tokens = await auth0.validateAuthorizationCode(code);
-		const auth0Response = await fetch(`${clientDomain}/userinfo`, {
-			headers: {
-				Authorization: `Bearer ${tokens.accessToken}`,
-			},
-		});
-
-		const auth0User: Auth0User = await auth0Response.json();
-		const { sub: auth0Id, name, nickname: username, email, picture: avatar } = auth0User;
-
-		const existingUser = await db.select().from(tsUsers).where(eq(tsUsers.auth0Id, auth0Id)).get();
-
-		if (existingUser) {
-			const session = await lucia.createSession(existingUser.id, {});
-			const sessionCookie = lucia.createSessionCookie(session.id);
-			cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-			return redirect(dashboardIndex);
-		}
-
-		const existingUserName = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.username, username))
-			.get();
-		const existingUserByEmail = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.email, email))
-			.get();
-
-		if (existingUserName || existingUserByEmail) {
-			return new Response('User already exists', {
-				status: 400,
-			});
-		}
-		const createdUser = await db
-			.insert(tsUsers)
-			.values({
-				id: randomUUID(),
-				auth0Id,
-				username,
-				name: name ?? username,
-				email,
-				avatar,
-			})
-			.returning({ id: tsUsers.id })
-			.get();
-
-		const session = await lucia.createSession(createdUser.id, {});
-
-		const sessionCookie = lucia.createSessionCookie(session.id);
-
-		cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-		return redirect(dashboardIndex);
-	} catch (e) {
-		// the specific error message depends on the provider
-		if (e instanceof OAuth2RequestError) {
-			// invalid code
-			return new Response(null, {
-				status: 400,
-			});
-		}
-		console.error(e);
-		return new Response(null, {
-			status: 500,
-		});
-	}
-}
-
-interface Auth0User {
-	sub: string;
-	name: string;
-	email: string;
-	picture: string;
-	nickname: string;
-}
diff --git a/packages/studiocms_auth/src/routes/login/auth0/index.ts b/packages/studiocms_auth/src/routes/login/auth0/index.ts
deleted file mode 100644
index cf0d3436d..000000000
--- a/packages/studiocms_auth/src/routes/login/auth0/index.ts
+++ /dev/null
@@ -1,36 +0,0 @@
-import Config from 'virtual:studiocms/config';
-import { generateState } from 'arctic';
-import { Auth0 } from 'arctic';
-import type { APIRoute } from 'astro';
-import { authEnvCheck } from '../../../utils/authEnvCheck';
-
-const {
-	AUTH0: { CLIENT_ID, CLIENT_SECRET, DOMAIN, REDIRECT_URI },
-} = await authEnvCheck(Config.dashboardConfig.AuthConfig.providers);
-
-const cleanDomainslash = DOMAIN ? DOMAIN.replace(/^\//, '') : '';
-const NoHTTPDOMAIN = cleanDomainslash.replace(/http:\/\//, '').replace(/https:\/\//, '');
-const clientDomain = `https://${NoHTTPDOMAIN}`;
-
-export const GET: APIRoute = async ({ redirect, cookies }) => {
-	const auth0 = new Auth0(
-		clientDomain,
-		CLIENT_ID ? CLIENT_ID : '',
-		CLIENT_SECRET ? CLIENT_SECRET : '',
-		REDIRECT_URI ? REDIRECT_URI : ''
-	);
-	const state = generateState();
-	const url = await auth0.createAuthorizationURL(state, {
-		scopes: ['profile', 'email'],
-	});
-
-	cookies.set('auth0_oauth_state', state, {
-		path: import.meta.env.BASE_URL,
-		secure: import.meta.env.PROD,
-		httpOnly: true,
-		maxAge: 60 * 10,
-		sameSite: 'lax',
-	});
-
-	return redirect(url.toString());
-};
diff --git a/packages/studiocms_auth/src/routes/login/discord/callback.ts b/packages/studiocms_auth/src/routes/login/discord/callback.ts
deleted file mode 100644
index 30b660908..000000000
--- a/packages/studiocms_auth/src/routes/login/discord/callback.ts
+++ /dev/null
@@ -1,124 +0,0 @@
-import { randomUUID } from 'node:crypto';
-import { db, eq } from 'astro:db';
-import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
-import Config from 'virtual:studiocms/config';
-import { tsUsers } from '@studiocms/core/db/tsTables';
-import { Discord, type DiscordTokens, OAuth2RequestError } from 'arctic';
-import type { APIContext } from 'astro';
-import { lucia } from '../../../auth';
-import { authEnvCheck } from '../../../utils/authEnvCheck';
-
-const {
-	dashboardConfig: {
-		AuthConfig: { providers },
-	},
-} = Config;
-
-const {
-	DISCORD: { CLIENT_ID, CLIENT_SECRET, REDIRECT_URI },
-} = await authEnvCheck(providers);
-const {
-	authLinks: { loginURL },
-	mainLinks: { dashboardIndex },
-} = StudioCMSRoutes;
-
-export async function GET(context: APIContext): Promise<Response> {
-	const { url, cookies, redirect } = context;
-
-	const discord = new Discord(
-		CLIENT_ID ? CLIENT_ID : '',
-		CLIENT_SECRET ? CLIENT_SECRET : '',
-		REDIRECT_URI ? REDIRECT_URI : ''
-	);
-
-	const code = url.searchParams.get('code');
-	const state = url.searchParams.get('state');
-	const storedState = cookies.get('discord_oauth_state')?.value ?? null;
-	if (!code || !state || !storedState || state !== storedState) {
-		return redirect(loginURL);
-	}
-
-	try {
-		const tokens: DiscordTokens = await discord.validateAuthorizationCode(code);
-		const discordResponse = await fetch('https://discord.com/api/users/@me', {
-			headers: {
-				Authorization: `Bearer ${tokens.accessToken}`,
-			},
-		});
-
-		const discordUser: DiscordUser = await discordResponse.json();
-
-		const { id: discordId, avatar: avatarHash, username, global_name, email } = discordUser;
-
-		const avatar = `https://cdn.discordapp.com/avatars/${discordId}/${avatarHash}.png`;
-
-		const existingUserById = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.discordId, discordId))
-			.get();
-
-		if (existingUserById) {
-			const session = await lucia.createSession(existingUserById.id, {});
-			const sessionCookie = lucia.createSessionCookie(session.id);
-			cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-			return redirect(dashboardIndex);
-		}
-
-		const existingUserByUsername = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.username, username))
-			.get();
-		const existingUserByEmail = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.email, email))
-			.get();
-
-		if (existingUserByUsername || existingUserByEmail) {
-			return new Response('User already exists', {
-				status: 400,
-			});
-		}
-		const createdUser = await db
-			.insert(tsUsers)
-			.values({
-				id: randomUUID(),
-				discordId,
-				username,
-				name: global_name ?? username,
-				email,
-				avatar,
-			})
-			.returning({ id: tsUsers.id })
-			.get();
-
-		const session = await lucia.createSession(createdUser.id, {});
-
-		const sessionCookie = lucia.createSessionCookie(session.id);
-
-		cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-		return redirect(dashboardIndex);
-	} catch (e) {
-		// the specific error message depends on the provider
-		if (e instanceof OAuth2RequestError) {
-			// invalid code
-			return new Response(null, {
-				status: 400,
-			});
-		}
-		console.error(e);
-		return new Response(null, {
-			status: 500,
-		});
-	}
-}
-
-interface DiscordUser {
-	id: string;
-	avatar: string;
-	username: string;
-	global_name: string;
-	email: string;
-}
diff --git a/packages/studiocms_auth/src/routes/login/discord/index.ts b/packages/studiocms_auth/src/routes/login/discord/index.ts
deleted file mode 100644
index 989ee22ea..000000000
--- a/packages/studiocms_auth/src/routes/login/discord/index.ts
+++ /dev/null
@@ -1,28 +0,0 @@
-import Config from 'virtual:studiocms/config';
-import { generateState } from 'arctic';
-import { Discord } from 'arctic';
-import type { APIRoute } from 'astro';
-import { authEnvCheck } from '../../../utils/authEnvCheck';
-
-const {
-	DISCORD: { CLIENT_ID, CLIENT_SECRET, REDIRECT_URI },
-} = await authEnvCheck(Config.dashboardConfig.AuthConfig.providers);
-export const GET: APIRoute = async ({ redirect, cookies }) => {
-	const discord = new Discord(
-		CLIENT_ID ? CLIENT_ID : '',
-		CLIENT_SECRET ? CLIENT_SECRET : '',
-		REDIRECT_URI ? REDIRECT_URI : ''
-	);
-
-	const state = generateState();
-	const url: URL = await discord.createAuthorizationURL(state, { scopes: ['identify', 'email'] });
-
-	cookies.set('discord_oauth_state', state, {
-		path: import.meta.env.BASE_URL,
-		secure: import.meta.env.PROD,
-		httpOnly: true,
-		maxAge: 60 * 10,
-	});
-
-	return redirect(url.toString());
-};
diff --git a/packages/studiocms_auth/src/routes/login/github/callback.ts b/packages/studiocms_auth/src/routes/login/github/callback.ts
deleted file mode 100644
index 95c64faef..000000000
--- a/packages/studiocms_auth/src/routes/login/github/callback.ts
+++ /dev/null
@@ -1,127 +0,0 @@
-import { randomUUID } from 'node:crypto';
-import { db, eq } from 'astro:db';
-import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
-import Config from 'virtual:studiocms/config';
-import { tsUsers } from '@studiocms/core/db/tsTables';
-import { GitHub, OAuth2RequestError } from 'arctic';
-import type { APIContext } from 'astro';
-import { lucia } from '../../../auth';
-import { authEnvCheck } from '../../../utils/authEnvCheck';
-
-const {
-	dashboardConfig: {
-		AuthConfig: { providers },
-	},
-} = Config;
-
-const {
-	GITHUB: { CLIENT_ID, CLIENT_SECRET },
-} = await authEnvCheck(providers);
-const {
-	authLinks: { loginURL },
-	mainLinks: { dashboardIndex },
-} = StudioCMSRoutes;
-
-export async function GET(context: APIContext): Promise<Response> {
-	const { url, cookies, redirect } = context;
-
-	const github = new GitHub(CLIENT_ID ? CLIENT_ID : '', CLIENT_SECRET ? CLIENT_SECRET : '');
-
-	const code = url.searchParams.get('code');
-	const state = url.searchParams.get('state');
-	const storedState = cookies.get('github_oauth_state')?.value ?? null;
-	if (!code || !state || !storedState || state !== storedState) {
-		return redirect(loginURL);
-	}
-
-	try {
-		const tokens = await github.validateAuthorizationCode(code);
-		const githubUserResponse = await fetch('https://api.github.com/user', {
-			headers: {
-				Authorization: `Bearer ${tokens.accessToken}`,
-			},
-		});
-
-		const githubUser: GitHubUser = await githubUserResponse.json();
-		const {
-			id: githubId,
-			html_url: githubURL,
-			login: username,
-			name,
-			email,
-			avatar_url: avatar,
-		} = githubUser;
-
-		const existingUser = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.githubId, githubId))
-			.get();
-
-		if (existingUser) {
-			const session = await lucia.createSession(existingUser.id, {});
-			const sessionCookie = lucia.createSessionCookie(session.id);
-			cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-			return redirect(dashboardIndex);
-		}
-
-		const existingUserName = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.username, username))
-			.get();
-		const existingUserByEmail = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.email, email))
-			.get();
-
-		if (existingUserName || existingUserByEmail) {
-			return new Response('User already exists', {
-				status: 400,
-			});
-		}
-		const createdUser = await db
-			.insert(tsUsers)
-			.values({
-				id: randomUUID(),
-				githubId,
-				githubURL,
-				username,
-				name: name ?? username,
-				email,
-				avatar,
-			})
-			.returning({ id: tsUsers.id })
-			.get();
-
-		const session = await lucia.createSession(createdUser.id, {});
-
-		const sessionCookie = lucia.createSessionCookie(session.id);
-
-		cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-		return redirect(dashboardIndex);
-	} catch (e) {
-		// the specific error message depends on the provider
-		if (e instanceof OAuth2RequestError) {
-			// invalid code
-			return new Response(null, {
-				status: 400,
-			});
-		}
-		console.error(e);
-		return new Response(null, {
-			status: 500,
-		});
-	}
-}
-
-interface GitHubUser {
-	id: number;
-	html_url: string;
-	login: string;
-	avatar_url: string;
-	name: string;
-	blog: string;
-	email: string;
-}
diff --git a/packages/studiocms_auth/src/routes/login/github/index.ts b/packages/studiocms_auth/src/routes/login/github/index.ts
deleted file mode 100644
index ef00bcedc..000000000
--- a/packages/studiocms_auth/src/routes/login/github/index.ts
+++ /dev/null
@@ -1,25 +0,0 @@
-import Config from 'virtual:studiocms/config';
-import { generateState } from 'arctic';
-import { GitHub } from 'arctic';
-import type { APIRoute } from 'astro';
-import { authEnvCheck } from '../../../utils/authEnvCheck';
-
-const {
-	GITHUB: { CLIENT_ID, CLIENT_SECRET },
-} = await authEnvCheck(Config.dashboardConfig.AuthConfig.providers);
-
-export const GET: APIRoute = async ({ redirect, cookies }) => {
-	const github = new GitHub(CLIENT_ID ? CLIENT_ID : '', CLIENT_SECRET ? CLIENT_SECRET : '');
-	const state = generateState();
-	const url = await github.createAuthorizationURL(state);
-
-	cookies.set('github_oauth_state', state, {
-		path: import.meta.env.BASE_URL,
-		secure: import.meta.env.PROD,
-		httpOnly: true,
-		maxAge: 60 * 10,
-		sameSite: 'lax',
-	});
-
-	return redirect(url.toString());
-};
diff --git a/packages/studiocms_auth/src/routes/login/google/callback.ts b/packages/studiocms_auth/src/routes/login/google/callback.ts
deleted file mode 100644
index c017f28b1..000000000
--- a/packages/studiocms_auth/src/routes/login/google/callback.ts
+++ /dev/null
@@ -1,125 +0,0 @@
-import { randomUUID } from 'node:crypto';
-import { db, eq } from 'astro:db';
-import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
-import Config from 'virtual:studiocms/config';
-import { tsUsers } from '@studiocms/core/db/tsTables';
-import { Google, OAuth2RequestError } from 'arctic';
-import type { APIContext } from 'astro';
-import { lucia } from '../../../auth';
-import { authEnvCheck } from '../../../utils/authEnvCheck';
-
-const {
-	dashboardConfig: {
-		AuthConfig: { providers },
-	},
-} = Config;
-
-const {
-	authLinks: { loginURL },
-	mainLinks: { dashboardIndex },
-} = StudioCMSRoutes;
-const {
-	GOOGLE: { CLIENT_ID, CLIENT_SECRET, REDIRECT_URI },
-} = await authEnvCheck(providers);
-
-export async function GET(context: APIContext): Promise<Response> {
-	const { url, cookies, redirect } = context;
-
-	const google = new Google(
-		CLIENT_ID ? CLIENT_ID : '',
-		CLIENT_SECRET ? CLIENT_SECRET : '',
-		REDIRECT_URI ? REDIRECT_URI : ''
-	);
-
-	const code = url.searchParams.get('code');
-	const state = url.searchParams.get('state');
-	const storedCodeVerifier = cookies.get('google_oauth_code_verifier')?.value ?? null;
-	const storedState = cookies.get('google_oauth_state')?.value ?? null;
-	if (!code || !storedState || !storedCodeVerifier || state !== storedState) {
-		return redirect(loginURL);
-	}
-
-	try {
-		const tokens = await google.validateAuthorizationCode(code, storedCodeVerifier);
-
-		const response = await fetch('https://openidconnect.googleapis.com/v1/userinfo', {
-			headers: {
-				Authorization: `Bearer ${tokens.accessToken}`,
-			},
-		});
-		const googleUser: GoogleUser = await response.json();
-		const { sub: googleId, picture: avatar, name, email } = googleUser;
-
-		const existingUser = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.googleId, googleId))
-			.get();
-
-		if (existingUser) {
-			const session = await lucia.createSession(existingUser.id, {});
-			const sessionCookie = lucia.createSessionCookie(session.id);
-			cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-			return redirect(dashboardIndex);
-		}
-
-		// Google does not provide a username, so we create one based on the name
-		const fixname = name.replace(/\s/g, '').toLowerCase();
-		const username = `g_${fixname}`;
-
-		const existingUserName = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.username, username))
-			.get();
-		const existingUserByEmail = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.email, email))
-			.get();
-
-		if (existingUserName || existingUserByEmail) {
-			return new Response('User already exists', {
-				status: 400,
-			});
-		}
-		const createdUser = await db
-			.insert(tsUsers)
-			.values({
-				id: randomUUID(),
-				googleId,
-				username,
-				name,
-				email,
-				avatar,
-			})
-			.returning({ id: tsUsers.id })
-			.get();
-
-		const session = await lucia.createSession(createdUser.id, {});
-
-		const sessionCookie = lucia.createSessionCookie(session.id);
-
-		cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
-		return redirect(dashboardIndex);
-	} catch (e) {
-		// the specific error message depends on the provider
-		if (e instanceof OAuth2RequestError) {
-			// invalid code
-			return new Response(null, {
-				status: 400,
-			});
-		}
-		console.error(e);
-		return new Response(null, {
-			status: 500,
-		});
-	}
-}
-
-interface GoogleUser {
-	sub: string;
-	picture: string;
-	name: string;
-	email: string;
-}
diff --git a/packages/studiocms_auth/src/routes/login/google/index.ts b/packages/studiocms_auth/src/routes/login/google/index.ts
deleted file mode 100644
index fec525333..000000000
--- a/packages/studiocms_auth/src/routes/login/google/index.ts
+++ /dev/null
@@ -1,39 +0,0 @@
-import Config from 'virtual:studiocms/config';
-import { Google, generateCodeVerifier, generateState } from 'arctic';
-import type { APIRoute } from 'astro';
-import { authEnvCheck } from '../../../utils/authEnvCheck';
-
-const {
-	GOOGLE: { CLIENT_ID, CLIENT_SECRET, REDIRECT_URI },
-} = await authEnvCheck(Config.dashboardConfig.AuthConfig.providers);
-
-export const GET: APIRoute = async ({ redirect, cookies }) => {
-	const google = new Google(
-		CLIENT_ID ? CLIENT_ID : '',
-		CLIENT_SECRET ? CLIENT_SECRET : '',
-		REDIRECT_URI ? REDIRECT_URI : ''
-	);
-	const state = generateState();
-	const codeVerifier = generateCodeVerifier();
-	const url = await google.createAuthorizationURL(state, codeVerifier, {
-		scopes: ['profile', 'email'],
-	});
-
-	// store state verifier as cookie
-	cookies.set('google_oauth_state', state, {
-		secure: import.meta.env.PROD, // set to false in localhost
-		path: import.meta.env.BASE_URL,
-		httpOnly: true,
-		maxAge: 60 * 10, // 10 min
-	});
-
-	// store code verifier as cookie
-	cookies.set('google_oauth_code_verifier', codeVerifier, {
-		secure: import.meta.env.PROD, // set to false in localhost
-		path: import.meta.env.BASE_URL,
-		httpOnly: true,
-		maxAge: 60 * 10, // 10 min
-	});
-
-	return redirect(url.toString());
-};
diff --git a/packages/studiocms_auth/src/routes/login/index.astro b/packages/studiocms_auth/src/routes/login/index.astro
deleted file mode 100644
index f83387419..000000000
--- a/packages/studiocms_auth/src/routes/login/index.astro
+++ /dev/null
@@ -1,122 +0,0 @@
----
-import { getSiteConfig } from 'studiocms:helpers/contentHelper';
-import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
-import Config from 'virtual:studiocms/config';
-import { Alert, Button, Divider, Icon, Input } from '@matthiesenxyz/astrolace/components';
-import check2Circle from '@studiocms/assets/svgs/check2-circle.svg';
-import exclamationOctogon from '@studiocms/assets/svgs/exclamation-octagon.svg';
-import loginSvg from '@studiocms/assets/svgs/login.svg';
-import { Layout } from '@studiocms/dashboard/components';
-import { makePageTitle } from '@studiocms/dashboard/utils';
-import OauthProviders from '../components/OauthProviders.astro';
-
-const {
-	dashboardConfig,
-	dashboardConfig: {
-		AuthConfig: {
-			providers: {
-				usernameAndPassword,
-				usernameAndPasswordConfig: { allowUserRegistration },
-			},
-		},
-	},
-} = Config;
-
-const contextConfig = await getSiteConfig();
-const {
-	authLinks: { loginAPI, signupURL },
-	mainLinks: { dashboardIndex },
-} = StudioCMSRoutes;
-
-const locals = Astro.locals;
-
-if (locals.isLoggedIn) {
-	return Astro.redirect(dashboardIndex);
-}
----
-
-<Layout title={makePageTitle("Login Page", contextConfig)} description="Login Page" sideBarActiveItemID='login' includeSidebar={false}>
-  <div class="px-10 pb-12 mt-5 flex flex-col content-center items-center">
-
-      <div class="text-5xl font-bold">Login</div>
-      <div class="py-2">
-          <span class="text-lg">
-            To access this site, you need to log in!
-          </span>
-      </div>
-
-      <Divider />
-
-      <OauthProviders dashboardConfig={dashboardConfig} />
-
-      { usernameAndPassword && (
-        <div class="py-8">
-          <div class="bg-base-300 p-8 rounded-lg md:w-[32rem]">
-
-            <form method="post" id="login-form" action={loginAPI}>
-
-                <Input name="username" id="username" label='Username' />
-
-                <Divider />
-
-                <Input type="password" name="password" id="password" label="Password" password-toggle />
-
-                <Divider />
-
-              <div class="flex flex-col items-center justify-center">
-                <Button variant="primary" type="submit" outline>Continue <Icon slot="suffix" src={loginSvg.src}/></Button>
-
-                { allowUserRegistration && (
-                      <a href={signupURL} class="py-4 text-lg">Don't have an account? Register here!</a>
-                )}
-              </div>
-
-            </form>
-
-          </div>
-        </div> 
-      )}
-
-      <Alert id="form-error" variant="danger" duration={4000} closable>
-        <Icon slot="icon" src={exclamationOctogon.src} />
-        <strong>Something went wrong!</strong>
-        <Divider />
-        <div id="form-error-message"></div>
-      </Alert>
-      <Alert id="form-success" variant="success" duration={4000} closable>
-        <Icon slot="icon" src={check2Circle.src} />
-        <strong>Success!</strong>
-        <Divider />
-        <div id="form-success-message"></div>
-      </Alert>
-
-  </div>
-</Layout>
-
-<script is:inline>
-	const alertElement = document.getElementById("form-error");
-  const errorMessageElement = document.getElementById("form-error-message");
-	const successAlertElement = document.getElementById("form-success");
-  const successMessageElement = document.getElementById("form-success-message");
-  const formElement = document.getElementById('login-form');
-
-	formElement.addEventListener("submit", async (e) => {
-		e.preventDefault();
-		errorMessageElement.innerText = "";
-		const formElement = e.target;
-		const response = await fetch(formElement.action, {
-			method: formElement.method,
-			body: new FormData(formElement)
-		});
-		if (response.ok) {
-      successMessageElement.innerText = "Login successful! Redirecting...";
-      successAlertElement.toast();
-      setTimeout(() => {
-        window.location.reload();
-      }, 2000)
-		} else {
-			errorMessageElement.innerText = (await response.json()).error;
-      alertElement.toast();
-		}
-	});
-</script>
\ No newline at end of file
diff --git a/packages/studiocms_auth/src/routes/login/signup.astro b/packages/studiocms_auth/src/routes/login/signup.astro
deleted file mode 100644
index da5291114..000000000
--- a/packages/studiocms_auth/src/routes/login/signup.astro
+++ /dev/null
@@ -1,116 +0,0 @@
----
-import { getSiteConfig } from 'studiocms:helpers/contentHelper';
-import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
-import Config from 'virtual:studiocms/config';
-import { Alert, Button, Divider, Icon, Input } from '@matthiesenxyz/astrolace/components';
-import check2Circle from '@studiocms/assets/svgs/check2-circle.svg';
-import exclamationOctogon from '@studiocms/assets/svgs/exclamation-octagon.svg';
-import loginSvg from '@studiocms/assets/svgs/login.svg';
-import { Layout } from '@studiocms/dashboard/components';
-import { makePageTitle } from '@studiocms/dashboard/utils';
-import OauthProviders from '../components/OauthProviders.astro';
-
-const { dashboardConfig } = Config;
-const {
-	authLinks: { loginURL, registerAPI },
-	mainLinks: { dashboardIndex },
-} = StudioCMSRoutes;
-
-const contextConfig = await getSiteConfig();
-const locals = Astro.locals;
-
-if (locals.isLoggedIn) {
-	return Astro.redirect(dashboardIndex);
-}
----
-
-<Layout title={makePageTitle("Registration", contextConfig)} description="Registration Page" sideBarActiveItemID='login' includeSidebar={false}>
-  <div class="px-10 pb-12 mt-5 flex flex-col content-center items-center">
-
-      <div class="text-5xl font-bold">Registration Page</div>
-      <div class="py-2">
-          <span class="text-lg">
-            Create an account or sign in to continue.
-          </span>
-      </div>
-
-      <Divider />
-
-      <OauthProviders dashboardConfig={dashboardConfig} />
-
-        <div class="py-8">
-          <div class="bg-base-300 p-8 rounded-lg md:w-[32rem]">
-
-          <form method="post" id="signup-form" action={registerAPI}>
-
-            <Input name="username" id="username" label='Username' />
-
-            <Divider />
-
-            <Input name="email" id="email" label='Email' />
-
-            <Divider />
-
-            <Input name="displayname" id="displayname" label='Display Name' />
-
-            <Divider />
-
-            <Input type="password" name="password" id="password" label="Password" password-toggle />
-
-            <Divider />
-
-            <div class="flex flex-col items-center justify-center">
-              <Button variant="success" type="submit" outline>Continue <Icon slot="suffix" src={loginSvg.src} /></Button>
-              <a href={loginURL} class="py-4 text-lg">Already have an account? Sign in!</a>
-            </div>
-
-
-          </form>
-
-          </div>
-        </div>
-
-      <Alert id="form-error" variant="danger" duration={4000} closable>
-        <Icon slot="icon" name={exclamationOctogon.src} />
-        <strong>Something went wrong!</strong>
-        <Divider />
-        <div id="form-error-message"></div>
-      </sl-alert>
-      <Alert id="form-success" variant="success" duration={4000} closable>
-        <Icon slot="icon" name={check2Circle.src} />
-        <strong>Success!</strong>
-        <Divider />
-        <div id="form-success-message"></div>
-      </Alert>
-
-
-  </div>
-</Layout>
-
-<script is:inline>
-	const alertElement = document.getElementById("form-error");
-  const errorMessageElement = document.getElementById("form-error-message");
-	const successAlertElement = document.getElementById("form-success");
-  const successMessageElement = document.getElementById("form-success-message");
-  const formElement = document.getElementById('signup-form');
-
-	formElement.addEventListener("submit", async (e) => {
-		e.preventDefault();
-		errorMessageElement.innerText = "";
-		const formElement = e.target;
-		const response = await fetch(formElement.action, {
-			method: formElement.method,
-			body: new FormData(formElement)
-		});
-		if (response.ok) {
-      successMessageElement.innerText = "Account Creation Successful! Redirecting...";
-      successAlertElement.toast();
-      setTimeout(() => {
-        window.location.reload();
-      }, 2000)
-		} else {
-			errorMessageElement.innerText = (await response.json()).error;
-      alertElement.toast();
-		}
-	});
-</script>
\ No newline at end of file
diff --git a/packages/studiocms_auth/src/routes/logout.ts b/packages/studiocms_auth/src/routes/logout.ts
index 708eb7dd4..386541866 100644
--- a/packages/studiocms_auth/src/routes/logout.ts
+++ b/packages/studiocms_auth/src/routes/logout.ts
@@ -1,40 +1,72 @@
+import {
+	deleteSessionTokenCookie,
+	invalidateSession,
+	sessionCookieName,
+	validateSessionToken,
+} from 'studiocms:auth/lib/session';
 import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
-import type { APIContext } from 'astro';
-import { lucia } from '../auth';
+import type { APIContext, APIRoute } from 'astro';
 
 const {
 	authLinks: { loginURL },
 	mainLinks: { baseSiteURL },
 } = StudioCMSRoutes;
 
-export async function GET(context: APIContext): Promise<Response> {
+export const GET: APIRoute = async (context: APIContext): Promise<Response> => {
 	return context.redirect(baseSiteURL);
-}
+};
 
-export async function POST(context: APIContext): Promise<Response> {
-	// Map the Locals type from the schema
-	const locals = context.locals;
+export const POST: APIRoute = async (context: APIContext): Promise<Response> => {
+	const { cookies, redirect } = context;
 
-	// If the user is not logged in, redirect to the login page
-	if (!locals.session) {
-		return context.redirect(loginURL);
+	// Get the current session cookie
+	const sessionToken = cookies.get(sessionCookieName)?.value ?? null;
+
+	// If there is no session token, redirect to the login page
+	if (!sessionToken) {
+		return redirect(loginURL);
 	}
 
-	// Invalidate the session and create a new session cookie
-	await lucia.invalidateSession(locals.session.id);
+	const { session, user } = await validateSessionToken(sessionToken);
 
-	// Create a new session cookie
-	const sessionCookie = lucia.createBlankSessionCookie();
+	// If there is no session, redirect to the login page
+	if (session === null) {
+		deleteSessionTokenCookie(context);
+		return redirect(loginURL);
+	}
 
-	// Set the cookie in the context
-	context.cookies.set(sessionCookie.name, sessionCookie.value, sessionCookie.attributes);
+	// If there is no user, redirect to the login page
+	if (!user || user === null) {
+		return redirect(loginURL);
+	}
 
-	// Set the locals to the default values
-	locals.session = null;
-	locals.isLoggedIn = false;
-	locals.user = null;
-	locals.dbUser = null;
+	// Invalidate the session and delete the session token cookie
+	await invalidateSession(user.id);
+	deleteSessionTokenCookie(context);
 
 	// Redirect to the base site URL
-	return context.redirect(baseSiteURL);
-}
+	return redirect(baseSiteURL);
+};
+
+export const OPTIONS: APIRoute = async () => {
+	return new Response(null, {
+		status: 204,
+		statusText: 'No Content',
+		headers: {
+			Allow: 'OPTIONS, GET, POST',
+			'ALLOW-ACCESS-CONTROL-ORIGIN': '*',
+			'Cache-Control': 'public, max-age=604800, immutable',
+			Date: new Date().toUTCString(),
+		},
+	});
+};
+
+export const ALL: APIRoute = async () => {
+	return new Response(null, {
+		status: 405,
+		statusText: 'Method Not Allowed',
+		headers: {
+			'ACCESS-CONTROL-ALLOW-ORIGIN': '*',
+		},
+	});
+};
diff --git a/packages/studiocms_auth/src/routes/signup.astro b/packages/studiocms_auth/src/routes/signup.astro
new file mode 100644
index 000000000..227a1000d
--- /dev/null
+++ b/packages/studiocms_auth/src/routes/signup.astro
@@ -0,0 +1,77 @@
+---
+import { getUserData } from 'studiocms:auth/lib/user';
+import { authEnvCheck } from 'studiocms:auth/utils/authEnvCheck';
+import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
+import Config from 'virtual:studiocms/config';
+import { Button, Input } from '@studiocms/ui/components';
+import AuthLayout from '../layouts/AuthLayout.astro';
+
+const {
+	dashboardConfig: {
+		AuthConfig: {
+			providers,
+			providers: {
+				usernameAndPassword,
+				usernameAndPasswordConfig: { allowUserRegistration },
+			},
+		},
+	},
+} = Config;
+
+const {
+	authLinks: { loginAPI, loginURL },
+	mainLinks: { dashboardIndex },
+} = StudioCMSRoutes;
+
+const { SHOW_OAUTH } = await authEnvCheck(providers);
+
+let paragraph: string;
+
+if (usernameAndPassword && SHOW_OAUTH) {
+	paragraph = 'Create an account or log in using one of the options below.';
+} else if (usernameAndPassword && !SHOW_OAUTH) {
+	paragraph = 'Create an account using the form below.';
+} else if (!usernameAndPassword && SHOW_OAUTH) {
+	paragraph = 'Log in using one of the options below.';
+} else {
+	paragraph = 'No Login provider configured. Please contact your administrator.';
+}
+
+const user = await getUserData(Astro);
+
+if (user.isLoggedIn) {
+	return Astro.redirect(dashboardIndex);
+}
+---
+<AuthLayout title="Signup Page" description="Signup Page">
+    
+    <div slot="header" class="form-header">
+        <h1>Sign up</h1>
+        <p>{paragraph}</p>
+    </div>
+
+    { usernameAndPassword && (
+        <form class="form" id="signup-form" method="post" action={loginAPI}>
+
+            <Input label="Username" name="username" type="text" />
+            <Input label="Email" name="email" type="email" />
+            <Input label="Display Name" name="displayname" type="text" />
+            <Input label="Password" name="password" type="password" />
+            <Input label="Confirm Password" name="confirm-password" type="password" />
+
+            <Button type="submit" as="button" type="submit" color='primary' variant='solid'>Create Account</Button>
+        </form>
+    )}
+
+    { allowUserRegistration && (
+        <p slot="footer">Already have an account? <a href={loginURL}>Sign in!</a></p>
+    )}
+
+</AuthLayout>
+
+<script>
+    import { formListener } from 'studiocms:auth/scripts/formListener';
+    const signupForm = document.getElementById('signup-form') as HTMLFormElement;
+
+    signupForm.addEventListener('submit', async (event) => formListener(event, signupForm, 'register'));
+</script>
\ No newline at end of file
diff --git a/packages/studiocms_auth/src/schema.ts b/packages/studiocms_auth/src/schema.ts
index 095d22fac..42b042bb5 100644
--- a/packages/studiocms_auth/src/schema.ts
+++ b/packages/studiocms_auth/src/schema.ts
@@ -13,4 +13,4 @@ export const StudioCMSAuthOptionsSchema = z.object({
 /**
  * StudioCMS Auth Integration Options Type
  */
-export type StudioCMSAuthOptions = z.infer<typeof StudioCMSAuthOptionsSchema>;
+export type StudioCMSAuthOptions = typeof StudioCMSAuthOptionsSchema._output;
diff --git a/packages/studiocms_auth/src/scripts/formListener.ts b/packages/studiocms_auth/src/scripts/formListener.ts
new file mode 100644
index 000000000..925a7cdd6
--- /dev/null
+++ b/packages/studiocms_auth/src/scripts/formListener.ts
@@ -0,0 +1,49 @@
+import { toast } from '@studiocms/ui/components';
+
+export async function formListener(
+	event: SubmitEvent,
+	form: HTMLFormElement,
+	type: 'login' | 'register'
+) {
+	event.preventDefault();
+
+	if (type === 'register') {
+		const password = form.querySelector('input[name="password"]') as HTMLInputElement;
+		const confirmPassword = form.querySelector(
+			'input[name="confirm-password"]'
+		) as HTMLInputElement;
+
+		if (password.value !== confirmPassword.value) {
+			toast({
+				title: 'Passwords do not match!',
+				type: 'danger',
+				description: 'Please make sure your passwords match.',
+				closeButton: true,
+				persistent: true,
+			});
+			return;
+		}
+	}
+
+	const response = await fetch(form.action, {
+		method: form.method,
+		body: new FormData(form),
+	});
+	if (response.ok) {
+		toast({
+			title: `${type === 'login' ? 'Login' : 'Registration'} successful!`,
+			type: 'success',
+			description: 'Redirecting...',
+		});
+		window.location.reload();
+	} else {
+		const data = await response.json();
+		toast({
+			title: 'Something went wrong!',
+			type: 'danger',
+			description: data.error,
+			closeButton: true,
+			persistent: true,
+		});
+	}
+}
diff --git a/packages/studiocms_auth/src/scripts/three.ts b/packages/studiocms_auth/src/scripts/three.ts
new file mode 100644
index 000000000..f26fbd6a7
--- /dev/null
+++ b/packages/studiocms_auth/src/scripts/three.ts
@@ -0,0 +1,367 @@
+import * as THREE from 'three';
+import { GLTFLoader } from 'three/addons/loaders/GLTFLoader.js';
+import { EffectComposer } from 'three/addons/postprocessing/EffectComposer.js';
+import { OutlinePass } from 'three/addons/postprocessing/OutlinePass.js';
+import { RenderPass } from 'three/addons/postprocessing/RenderPass.js';
+import { fitModelToViewport } from '../scripts/utils/fitModelToViewport';
+import { validImages } from '../utils/validImages';
+
+// Get the current configuration for the login page
+const loginPageBackground = document.getElementById('login-page-configs')?.dataset.pagebg;
+const loginPageCustomImage = document.getElementById('login-page-configs')?.dataset.pagecustomimage;
+const currentMode = document.documentElement.dataset.theme || 'dark';
+
+/**
+ * A valid image that can be used as a background for the StudioCMS Logo.
+ */
+type ValidImage = (typeof validImages)[number];
+
+/**
+ * The parameters for the background image.
+ */
+type BackgroundParams = {
+	background: ValidImage['name'];
+	customImageHref: string;
+	mode: 'light' | 'dark';
+};
+
+/**
+ * Parses the background image config.
+ * @param imageName The name of the image to parse.
+ */
+function parseBackgroundImageConfig(imageName?: string | undefined): ValidImage['name'] {
+	// If the image name is not provided, use the default image
+	if (!imageName) {
+		return 'studiocms-curves';
+	}
+
+	// Check if the image name is one of the valid images (built-in or custom)
+	if (imageName) {
+		return imageName as ValidImage['name'];
+	}
+
+	// Use the default image if the image name is invalid
+	// (i.e. someone tampered with the actual database)
+	return 'studiocms-curves';
+}
+
+function parseToString(value: string | undefined | null): string {
+	return value || '';
+}
+
+/**
+ * The parameters for the background image config.
+ */
+const backgroundConfig: BackgroundParams = {
+	background: parseBackgroundImageConfig(loginPageBackground),
+	customImageHref: parseToString(loginPageCustomImage),
+	mode: currentMode as 'light' | 'dark',
+};
+
+/**
+ * Gets the background config based on the parameters.
+ * @param config The config to get the background for.
+ */
+function getBackgroundConfig(config: BackgroundParams): ValidImage {
+	return validImages.find((image) => image.name === config.background) || validImages[0];
+}
+
+/**
+ * Selects the background based on the image.
+ * @param image The image to select the background for.
+ * @param params The parameters to select the background for.
+ */
+function bgSelector(image: ValidImage, params: BackgroundParams) {
+	return image.format === 'web'
+		? params.customImageHref
+		: params.mode === 'dark'
+			? image.dark.src
+			: image.light.src;
+}
+
+/**
+ * Creates the StudioCMS Logo along with its background in a specified container.
+ */
+class StudioCMS3DLogo {
+	canvasContainer: HTMLDivElement;
+	scene: THREE.Scene;
+	camera: THREE.PerspectiveCamera;
+	renderer: THREE.WebGLRenderer;
+	model: THREE.Group<THREE.Object3DEventMap> | undefined;
+	mouseX = 0;
+	mouseY = 0;
+	time: THREE.Clock;
+	composer: EffectComposer;
+	outlinePass: OutlinePass | undefined;
+	outlinedObjects: THREE.Group<THREE.Object3DEventMap>[] = [];
+	defaultComputedCameraZ: number | undefined;
+	BackgroundMesh: THREE.Mesh | undefined;
+	frustumHeight: number | undefined;
+
+	/**
+	 * Creates the StudioCMS Logo along with its background in a specified container.
+	 * @param containerEl The container that the canvas is placed in.
+	 * @param outlineColor Color of the outline for the StudioCMS logo
+	 * @param reducedMotion Whether the user prefers reduced motion or not
+	 */
+	constructor(
+		containerEl: HTMLDivElement,
+		outlineColor: THREE.Color,
+		reducedMotion: boolean,
+		image: ValidImage
+	) {
+		this.scene = new THREE.Scene();
+		this.scene.background = new THREE.Color(0x101010);
+
+		this.camera = new THREE.PerspectiveCamera(
+			75,
+			window.innerWidth / 2 / window.innerHeight,
+			0.01,
+			10000
+		);
+
+		this.renderer = new THREE.WebGLRenderer({
+			antialias: false,
+			failIfMajorPerformanceCaveat: true,
+		});
+		this.renderer.setSize(window.innerWidth / 2, window.innerHeight);
+		this.renderer.setPixelRatio(window.devicePixelRatio * 2);
+		this.renderer.setClearColor(0x101010, 1);
+		this.renderer.setAnimationLoop(this.animate);
+
+		this.canvasContainer = containerEl;
+		this.canvasContainer.appendChild(this.renderer.domElement);
+
+		this.time = new THREE.Clock(true);
+
+		this.composer = new EffectComposer(this.renderer);
+
+		// Light 2, the sequel to light, now available
+		const light2 = new THREE.AmbientLight(0x606060);
+		this.scene.add(light2);
+
+		const renderScene = new RenderPass(this.scene, this.camera);
+		this.composer.addPass(renderScene);
+
+		this.loadLogoModel();
+		this.addPostProcessing(true, outlineColor);
+
+		this.addBackgroundImage(image || validImages[0]);
+
+		this.initListeners(reducedMotion);
+		this.registerLoadingCallback();
+	}
+
+	animate = () => {
+		if (this.model && this.canvasContainer) {
+			// Movement courtesy of Otterlord, easing courtesy of Louis Escher
+			const targetRotationX =
+				this.mouseY === 0
+					? Math.PI / 2
+					: 0.1 * ((this.mouseY / window.innerHeight) * Math.PI - Math.PI / 2) + Math.PI / 2;
+			const targetRotationY =
+				this.mouseX === 0
+					? 0
+					: 0.1 * ((this.mouseX / (window.innerWidth / 2)) * Math.PI - Math.PI / 2);
+
+			const lerpFactor = 0.035;
+
+			this.model.rotation.x = THREE.MathUtils.lerp(
+				this.model.rotation.x,
+				targetRotationX,
+				lerpFactor
+			);
+			this.model.rotation.y = THREE.MathUtils.lerp(this.model.rotation.y, 0, lerpFactor);
+			this.model.rotation.z = THREE.MathUtils.lerp(
+				this.model.rotation.z,
+				-targetRotationY,
+				lerpFactor
+			);
+		}
+
+		this.composer.render();
+	};
+
+	loadLogoModel = () => {
+		const loader = new GLTFLoader();
+
+		// Load the GLTF Model from the public dir & apply the material to all children
+		loader.loadAsync('/studiocms-auth/studiocms-logo.glb').then((gltf) => {
+			this.model = gltf.scene;
+
+			this.model.traverse((child) => {
+				const isMesh = child instanceof THREE.Mesh;
+
+				if (!isMesh) return;
+
+				const material = new THREE.MeshPhysicalMaterial({
+					color: '#ffffff',
+					roughness: 0.6,
+					transmission: 1,
+					opacity: 1,
+					transparent: true,
+					thickness: 0.5,
+					envMapIntensity: 1,
+					clearcoat: 1,
+					clearcoatRoughness: 0.2,
+					metalness: 0,
+				});
+
+				child.material = material;
+			});
+
+			this.scene.add(this.model);
+
+			this.model.rotation.set(Math.PI / 2, 0, 0);
+
+			// Fit the model into the camera viewport
+			this.defaultComputedCameraZ = fitModelToViewport(this.model, this.camera);
+
+			// Push to array for outline to be added
+			this.outlinedObjects.push(this.model);
+		});
+	};
+
+	addPostProcessing = (outlines: boolean, outlineColor: THREE.Color) => {
+		if (outlines) this.addOutlines(outlineColor);
+	};
+
+	addOutlines = (outlineColor: THREE.Color) => {
+		this.outlinePass = new OutlinePass(
+			new THREE.Vector2(window.innerWidth / 2, window.innerHeight),
+			this.scene,
+			this.camera
+		);
+
+		this.outlinePass.selectedObjects = this.outlinedObjects;
+		this.outlinePass.edgeStrength = 1.5;
+		this.outlinePass.edgeGlow = 0;
+		this.outlinePass.edgeThickness = 0.0000000001;
+		this.outlinePass.pulsePeriod = 0;
+		this.outlinePass.visibleEdgeColor.set(outlineColor);
+		this.outlinePass.hiddenEdgeColor.set(new THREE.Color(0xffffff));
+
+		this.composer.addPass(this.outlinePass);
+	};
+
+	addBackgroundImage = (image: ValidImage) => {
+		const bgPositionZ = -5;
+
+		// Height of the viewcone
+		if (!this.frustumHeight) {
+			this.frustumHeight =
+				9 *
+				Math.tan(THREE.MathUtils.degToRad(this.camera.fov / 2)) *
+				Math.abs(this.camera.position.z - bgPositionZ);
+		}
+
+		const loader = new THREE.TextureLoader();
+		loader.loadAsync(bgSelector(image, backgroundConfig)).then((texture) => {
+			// biome-ignore lint/style/noNonNullAssertion: <explanation>
+			const planeHeight = this.frustumHeight!;
+			const planeWidth = planeHeight * (texture.source.data.width / texture.source.data.height);
+
+			const bgGeo = new THREE.PlaneGeometry(planeWidth, planeHeight);
+			const bgMat = new THREE.MeshBasicMaterial({ map: texture });
+
+			this.BackgroundMesh = new THREE.Mesh(bgGeo, bgMat);
+
+			this.BackgroundMesh.position.set(0, 0, bgPositionZ);
+			this.scene.add(this.BackgroundMesh);
+		});
+	};
+
+	initListeners = (reducedMotion: boolean) => {
+		this.initResizeListener();
+
+		if (!reducedMotion) {
+			this.initMouseMoveListener();
+		}
+	};
+
+	initResizeListener = () => {
+		window.addEventListener('resize', () => {
+			if (window.innerWidth > 850) {
+				this.camera.aspect = window.innerWidth / 2 / window.innerHeight;
+				this.camera.updateProjectionMatrix();
+
+				this.renderer.setSize(window.innerWidth / 2, window.innerHeight);
+				this.composer.setSize(window.innerWidth / 2, window.innerHeight);
+
+				// Move camera for smaller logo if necessary
+				if (window.innerWidth < 1100 && this.defaultComputedCameraZ) {
+					this.camera.position.set(
+						this.camera.position.x,
+						this.camera.position.y,
+						this.defaultComputedCameraZ + 5
+					);
+				} else if (window.innerWidth >= 1100 && this.defaultComputedCameraZ) {
+					this.camera.position.set(
+						this.camera.position.x,
+						this.camera.position.y,
+						this.defaultComputedCameraZ
+					);
+				}
+			}
+		});
+	};
+
+	initMouseMoveListener = () => {
+		// Mouse move event listener to capture and update mouse coordinates
+		document.addEventListener('mousemove', (ev) => {
+			this.mouseX = ev.clientX;
+			this.mouseY = ev.clientY;
+		});
+	};
+
+	registerLoadingCallback = () => {
+		THREE.DefaultLoadingManager.onLoad = () => {
+			this.canvasContainer.classList.add('loaded');
+		};
+	};
+
+	recomputeGlassMaterial = () => {
+		if (!this.model) return;
+
+		this.model.traverse((child) => {
+			const isMesh = child instanceof THREE.Mesh;
+
+			if (!isMesh) return;
+
+			const material = new THREE.MeshPhysicalMaterial({
+				color: '#ffffff',
+				roughness: 0.6,
+				transmission: 1,
+				opacity: 1,
+				transparent: true,
+				thickness: 0.5,
+				envMapIntensity: 1,
+				clearcoat: 1,
+				clearcoatRoughness: 0.2,
+				metalness: 0,
+			});
+
+			child.material = material;
+		});
+	};
+}
+
+// biome-ignore lint/style/noNonNullAssertion: <explanation>
+const logoContainer = document.querySelector<HTMLDivElement>('#canvas-container')!;
+const usingReducedMotion = window.matchMedia('(prefers-reduced-motion: reduce)').matches === true;
+const smallScreen = window.matchMedia('(max-width: 850px)').matches === true;
+
+if (!smallScreen) {
+	try {
+		new StudioCMS3DLogo(
+			logoContainer,
+			new THREE.Color(0xaa87f4),
+			usingReducedMotion,
+			getBackgroundConfig(backgroundConfig)
+		);
+	} catch (err) {
+		console.error("ERROR: Couldn't create StudioCMS3DLogo", err);
+		logoContainer.classList.add('loaded');
+		// TODO: Show static image instead (configured background plus non-transparent logo in the same position, allow for custom bgs)
+	}
+}
diff --git a/packages/studiocms_auth/src/scripts/utils/fitModelToViewport.ts b/packages/studiocms_auth/src/scripts/utils/fitModelToViewport.ts
new file mode 100644
index 000000000..c956040b0
--- /dev/null
+++ b/packages/studiocms_auth/src/scripts/utils/fitModelToViewport.ts
@@ -0,0 +1,36 @@
+import * as THREE from 'three';
+
+/**
+ * Takes in a GLTF model and fits it into a camera's viewport.
+ * @param model The model to fit
+ * @param camera The camera to fit the model into
+ */
+function fitModelToViewport(
+	model: THREE.Group<THREE.Object3DEventMap>,
+	camera: THREE.PerspectiveCamera
+): number {
+	// Grab object's bounding box info
+	const box = new THREE.Box3().setFromObject(model);
+	const center = box.getCenter(new THREE.Vector3());
+	const size = box.getSize(new THREE.Vector3());
+
+	// Adjust model position relative to the center of the bounding box
+	model.position.x += model.position.x - center.x;
+	model.position.y += model.position.y - center.y;
+	model.position.z += model.position.z - center.z;
+
+	// Change the camera's position to fit the model
+	const maxDim = Math.max(size.x, size.y, size.z);
+	const fov = camera.fov * (Math.PI / 180);
+	let cameraZ = Math.abs(maxDim / 2 / Math.tan(fov / 2));
+
+	// Change distance from camera to model
+	cameraZ *= 2.5;
+	camera.position.z = cameraZ;
+
+	camera.updateProjectionMatrix();
+
+	return cameraZ;
+}
+
+export { fitModelToViewport };
diff --git a/packages/studiocms_auth/src/stubs/auth-config.ts b/packages/studiocms_auth/src/stubs/auth-config.ts
deleted file mode 100644
index 08fcdcd09..000000000
--- a/packages/studiocms_auth/src/stubs/auth-config.ts
+++ /dev/null
@@ -1,29 +0,0 @@
-import DTSBuilder from '@matthiesenxyz/astrodtsbuilder';
-
-const authConfig = DTSBuilder();
-
-authConfig.addSingleLineNote(
-	'This file is generated by StudioCMS and should not be modified manually.'
-);
-
-authConfig.addModule('studiocms:auth/config', {
-	defaultExport: {
-		singleLineDescription: 'Auth Security Config for Username and Password Authentication.',
-		typeDef: `{
-		salt: string | Uint8Array;
-		opts: {
-			N: number;
-			r: number;
-			p: number;
-			dkLen?: number;
-			asyncTick?: number;
-			maxmem?: number;
-			onProgress?: (progress: number) => void;
-		};
-	}`,
-	},
-});
-
-const dtsFile = authConfig.makeAstroInjectedType('auth-config.d.ts');
-
-export default dtsFile;
diff --git a/packages/studiocms_auth/src/stubs/auth-helpers.ts b/packages/studiocms_auth/src/stubs/auth-helpers.ts
deleted file mode 100644
index 57e0a45ae..000000000
--- a/packages/studiocms_auth/src/stubs/auth-helpers.ts
+++ /dev/null
@@ -1,36 +0,0 @@
-import DTSBuilder from '@matthiesenxyz/astrodtsbuilder';
-import { createResolver } from 'astro-integration-kit';
-
-const { resolve } = createResolver(import.meta.url);
-
-const authHelper = DTSBuilder();
-
-authHelper.addSingleLineNote(
-	'This file is generated by StudioCMS and should not be modified manually.'
-);
-
-authHelper.addModule('studiocms:auth/helpers', {
-	namedExports: [
-		{
-			multiLineDescription: [
-				'# Auth Helper Function',
-				'',
-				'@param locals The Astro.locals object',
-				'@returns The current user data and session information',
-				'',
-				'@example',
-				'---',
-				"import { authHelper } from 'studiocms:auth/helpers'",
-				'',
-				'const { id, username, name, email, avatar, githubURL, permissionLevel, currentUserSession } = await authHelper(Astro.locals)',
-				'---',
-			],
-			name: 'authHelper',
-			typeDef: `typeof import('${resolve('../helpers/authHelper.ts')}').default`,
-		},
-	],
-});
-
-const dtsFile = authHelper.makeAstroInjectedType('auth-helper.d.ts');
-
-export default dtsFile;
diff --git a/packages/studiocms_auth/src/stubs/auth-lib.ts b/packages/studiocms_auth/src/stubs/auth-lib.ts
new file mode 100644
index 000000000..b6b48b968
--- /dev/null
+++ b/packages/studiocms_auth/src/stubs/auth-lib.ts
@@ -0,0 +1,527 @@
+import DTSBuilder from '@matthiesenxyz/astrodtsbuilder';
+import { createResolver } from 'astro-integration-kit';
+
+const { resolve } = createResolver(import.meta.url);
+
+const authLib = DTSBuilder();
+
+authLib.addSingleLineNote(
+	'This file is generated by StudioCMS and should not be modified manually.'
+);
+
+authLib.addModule('studiocms:auth/lib/encription', {
+	namedExports: [
+		{
+			name: 'encrypt',
+			typeDef: `typeof import('${resolve('../lib/encryption.ts')}').encrypt`,
+			multiLineDescription: [
+				'Encrypts the given data using AES-128-GCM encryption.',
+				'',
+				'@param data - The data to be encrypted as a Uint8Array.',
+				'@returns The encrypted data as a Uint8Array, which includes the initialization vector (IV), the encrypted content, and the authentication tag.',
+			],
+		},
+		{
+			name: 'encryptString',
+			typeDef: `typeof import('${resolve('../lib/encryption.ts')}').encryptString`,
+			multiLineDescription: [
+				'Encrypts a given string and returns the encrypted data as a Uint8Array.',
+				'',
+				'@param data - The string to be encrypted.',
+				'@returns The encrypted data as a Uint8Array.',
+			],
+		},
+		{
+			name: 'decrypt',
+			typeDef: `typeof import('${resolve('../lib/encryption.ts')}').decrypt`,
+			multiLineDescription: [
+				'Decrypts the given encrypted data using AES-128-GCM.',
+				'',
+				'@param encrypted - The encrypted data as a Uint8Array. The data must be at least 33 bytes long.',
+				'@returns The decrypted data as a Uint8Array.',
+				'@throws Will throw an error if the encrypted data is less than 33 bytes.',
+			],
+		},
+		{
+			name: 'decryptToString',
+			typeDef: `typeof import('${resolve('../lib/encryption.ts')}').decryptToString`,
+			multiLineDescription: [
+				'Decrypts the given Uint8Array data and returns the result as a string.',
+				'',
+				'@param data - The encrypted data as a Uint8Array.',
+				'@returns The decrypted data as a string.',
+			],
+		},
+	],
+});
+
+authLib.addModule('studiocms:auth/lib/password', {
+	namedExports: [
+		{
+			name: 'hashPassword',
+			typeDef: `typeof import('${resolve('../lib/password.ts')}').hashPassword`,
+			multiLineDescription: [
+				'Hashes a plain text password using bcrypt.',
+				'',
+				'@param password - The plain text password to hash.',
+				'@returns A promise that resolves to the hashed password.',
+			],
+		},
+		{
+			name: 'verifyPasswordHash',
+			typeDef: `typeof import('${resolve('../lib/password.ts')}').verifyPasswordHash`,
+			multiLineDescription: [
+				'Verifies if the provided password matches the hashed password.',
+				'',
+				'@param hash - The hashed password to compare against.',
+				'@param password - The plain text password to verify.',
+				'@returns A promise that resolves to a boolean indicating whether the password matches the hash.',
+			],
+		},
+		{
+			name: 'verifyPasswordStrength',
+			typeDef: `typeof import('${resolve('../lib/password.ts')}').verifyPasswordStrength`,
+			multiLineDescription: [
+				'Verifies the strength of a given password.',
+				'',
+				'The password must meet the following criteria:',
+				'- Be between 6 and 255 characters in length.',
+				'- Not be a known unsafe password.',
+				'- Not be found in the pwned password database.',
+				'',
+				'@param password - The password to verify.',
+				'@returns A promise that resolves to `true` if the password is strong/secure enough, otherwise `false`.',
+			],
+		},
+	],
+});
+
+authLib.addUnformattedString(`declare module 'studiocms:auth/lib/rate-limit' {
+	/**
+	 * Represents a token bucket that refills tokens at a specified interval.
+	 * Used to control access to resources by limiting the number of tokens
+	 * that can be consumed over time.
+	 *
+	 * @template _Key - The type of key used to identify individual token buckets.
+	 */
+	export class RefillingTokenBucket<_Key> {
+		/**
+		 * The maximum number of tokens that the bucket can hold.
+		 * @type {number}
+		 */
+		public max: number;
+		/**
+		 * The interval in seconds at which tokens are refilled.
+		 * @type {number}
+		 */
+		public refillIntervalSeconds: number;
+		/**
+		 * Initializes a new instance of the RefillingTokenBucket class.
+		 *
+		 * @param {number} max - The maximum number of tokens the bucket can hold.
+		 * @param {number} refillIntervalSeconds - The refill interval in seconds.
+		 */
+		constructor(max: number, refillIntervalSeconds: number);
+		/**
+		 * A map storing individual token buckets associated with specific keys.
+		 * @private
+		 */
+		private storage;
+		/**
+		 * Checks if there are enough tokens available in the bucket for the specified key and cost.
+		 *
+		 * @param {_Key} key - The key associated with the token bucket.
+		 * @param {number} cost - The number of tokens required.
+		 * @returns {boolean} - Returns 'true' if there are enough tokens; otherwise, 'false'.
+		 */
+		public check(key: _Key, cost: number): boolean;
+		/**
+		 * Consumes tokens from the bucket for the specified key and cost.
+		 *
+		 * @param {_Key} key - The key associated with the token bucket.
+		 * @param {number} cost - The number of tokens to consume.
+		 * @returns {boolean} - Returns 'true' if tokens were successfully consumed; otherwise, 'false'.
+		 */
+		public consume(key: _Key, cost: number): boolean;
+	}
+
+	/**
+	 * Represents a throttler that limits the frequency of actions performed with a specified key.
+	 * Uses incremental timeouts to delay repeated actions.
+	 *
+	 * @template _Key - The type of key used to identify throttling counters.
+	 */
+	export class Throttler<_Key> {
+		/**
+		 * Array of timeout durations (in seconds) for each consecutive attempt.
+		 * @type {number[]}
+		 */
+		public timeoutSeconds: number[];
+		/**
+		 * A map storing individual throttling counters associated with specific keys.
+		 * @private
+		 */
+		private storage;
+		/**
+		 * Initializes a new instance of the Throttler class.
+		 *
+		 * @param {number[]} timeoutSeconds - Array of timeout durations in seconds for each consecutive attempt.
+		 */
+		constructor(timeoutSeconds: number[]);
+		/**
+		 * Attempts to consume an action for the specified key.
+		 *
+		 * @param {_Key} key - The key associated with the throttling counter.
+		 * @returns {boolean} - Returns 'true' if the action is allowed; otherwise, 'false'.
+		 */
+		public consume(key: _Key): boolean;
+		/**
+		 * Resets the throttling counter for a specified key.
+		 *
+		 * @param {_Key} key - The key associated with the throttling counter to reset.
+		 */
+		public reset(key: _Key): void;
+	}
+
+	/**
+	 * Represents a token bucket with tokens that expire after a specified duration.
+	 * Used to control access to resources with tokens that reset after expiration.
+	 *
+	 * @template _Key - The type of key used to identify individual token buckets.
+	 */
+	export class ExpiringTokenBucket<_Key> {
+		/**
+		 * The maximum number of tokens the bucket can hold.
+		 * @type {number}
+		 */
+		public max: number;
+		/**
+		 * The duration (in seconds) after which tokens in the bucket expire.
+		 * @type {number}
+		 */
+		public expirationSeconds: number;
+		/**
+		 * A map storing individual expiring token buckets associated with specific keys.
+		 * @private
+		 */
+		constructor(max: number, expirationSeconds: number);
+		/**
+		 * Initializes a new instance of the ExpiringTokenBucket class.
+		 *
+		 * @param {number} max - The maximum number of tokens the bucket can hold.
+		 * @param {number} expiresInSeconds - The duration in seconds after which tokens expire.
+		 */
+		private storage;
+		/**
+		 * Checks if there are enough tokens available in the bucket for the specified key and cost.
+		 *
+		 * @param {_Key} key - The key associated with the token bucket.
+		 * @param {number} cost - The number of tokens required.
+		 * @returns {boolean} - Returns 'true' if there are enough tokens or if the tokens have expired; otherwise, 'false'.
+		 */
+		public check(key: _Key, cost: number): boolean;
+		/**
+		 * Consumes tokens from the bucket for the specified key and cost.
+		 *
+		 * @param {_Key} key - The key associated with the token bucket.
+		 * @param {number} cost - The number of tokens to consume.
+		 * @returns {boolean} - Returns 'true' if tokens were successfully consumed; otherwise, 'false'.
+		 */
+		public consume(key: _Key, cost: number): boolean;
+		/**
+		 * Resets the token bucket for a specified key, removing all tokens.
+		 *
+		 * @param {_Key} key - The key associated with the token bucket to reset.
+		 */
+		public reset(key: _Key): void;
+	}
+}`);
+
+authLib.addModule('studiocms:auth/lib/session', {
+	namedExports: [
+		{
+			name: 'generateSessionToken',
+			typeDef: `typeof import('${resolve('../lib/session.ts')}').generateSessionToken`,
+			multiLineDescription: [
+				'Generates a new session token.',
+				'',
+				'@returns The generated session token as a string.',
+			],
+		},
+		{
+			name: 'sessionCookieName',
+			typeDef: `typeof import('${resolve('../lib/session.ts')}').sessionCookieName`,
+			multiLineDescription: [
+				'The name of the cookie used to store the authentication session.',
+				'',
+				'@constant {string}',
+			],
+		},
+		{
+			name: 'createSession',
+			typeDef: `typeof import('${resolve('../lib/session.ts')}').createSession`,
+			multiLineDescription: [
+				'Creates a new session for a user.',
+				'',
+				'@param token - The token used to create the session.',
+				'@param userId - The ID of the user for whom the session is being created.',
+				'@returns A promise that resolves to the created session object.',
+			],
+		},
+		{
+			name: 'validateSessionToken',
+			typeDef: `typeof import('${resolve('../lib/session.ts')}').validateSessionToken`,
+			multiLineDescription: [
+				'Validates a session token by checking its existence and expiration in the database.',
+				'If the session is valid but close to expiration, it extends the session expiration time.',
+				'If the session is expired, it deletes the session from the database.',
+				'',
+				'@param token - The session token to validate.',
+				'@returns A promise that resolves to an object containing the session and user information. If the session is invalid or expired, both session and user will be null.',
+			],
+		},
+		{
+			name: 'invalidateSession',
+			typeDef: `typeof import('${resolve('../lib/session.ts')}').invalidateSession`,
+			multiLineDescription: [
+				'Invalidates a session by deleting it from the database.',
+				'',
+				'@param token - The session token to invalidate.',
+				'@returns A promise that resolves to `true` if the session was successfully invalidated; otherwise, `false`.',
+			],
+		},
+		{
+			name: 'setSessionTokenCookie',
+			typeDef: `typeof import('${resolve('../lib/session.ts')}').setSessionTokenCookie`,
+			multiLineDescription: [
+				'Sets the session token cookie in the response object.',
+				'',
+				'@param context - The context object containing the request and response objects.',
+				'@param token - The session token to set in the cookie.',
+				'@param expiresAt - The expiration date and time of the session token.',
+			],
+		},
+		{
+			name: 'deleteSessionTokenCookie',
+			typeDef: `typeof import('${resolve('../lib/session.ts')}').deleteSessionTokenCookie`,
+			multiLineDescription: [
+				'Deletes the session token cookie from the response object.',
+				'',
+				'@param context - The context object containing the request and response objects.',
+			],
+		},
+		{
+			name: 'setOAuthSessionTokenCookie',
+			typeDef: `typeof import('${resolve('../lib/session.ts')}').setOAuthSessionTokenCookie`,
+			multiLineDescription: [
+				'Sets the OAuth session token cookie in the response object.',
+				'',
+				'@param context - The context object containing the request and response objects.',
+				'@param key - The name of the cookie to set.',
+				'@param expiresAt - The expiration date and time of the session token.',
+			],
+		},
+		{
+			name: 'makeExpirationDate',
+			typeDef: `typeof import('${resolve('../lib/session.ts')}').makeExpirationDate`,
+			multiLineDescription: [
+				'Generates a new expiration date for a session.',
+				'',
+				'@returns The expiration date calculated by adding the session expiration time to the current date and time.',
+			],
+		},
+		{
+			name: 'sessionExpTime',
+			typeDef: `typeof import('${resolve('../lib/session.ts')}').sessionExpTime`,
+			multiLineDescription: [
+				'The session expiration time in milliseconds.',
+				'This value represents 14 days.',
+			],
+		},
+		{
+			name: 'createUserSession',
+			typeDef: `typeof import('${resolve('../lib/session.ts')}').createUserSession`,
+			multiLineDescription: [
+				'Creates a new user session.',
+				'',
+				'@param userId - The ID of the user to create the session for.',
+				'@param context - The context object containing the request and response objects.',
+				'@returns A promise that resolves to the created session object.',
+			],
+		},
+	],
+});
+
+authLib.addModule('studiocms:auth/lib/types', {
+	typeExports: [
+		{
+			name: 'UserTable',
+			typeDef: `import('${resolve('../lib/types.ts')}').UserTable`,
+			multiLineDescription: [
+				'Represents a user in the database.',
+				'',
+				'@interface UserTable',
+				'@property {string} id - The unique identifier for the user.',
+				"@property {string | null} url - The URL of the user's profile.",
+				'@property {string} name - The name of the user.',
+				'@property {string | null} email - The email address of the user.',
+				"@property {string | null} avatar - The URL of the user's avatar.",
+				'@property {string} username - The username of the user.',
+				'@property {string | null} password - The hashed password of the user.',
+				'@property {Date | null} updatedAt - The date and time when the user was last updated.',
+				'@property {Date | null} createdAt - The date and time when the user was created.',
+			],
+		},
+		{
+			name: 'SessionTable',
+			typeDef: `import('${resolve('../lib/types.ts')}').SessionTable`,
+			multiLineDescription: [
+				'Represents a session in the database.',
+				'',
+				'@interface SessionTable',
+				'@property {string} id - The unique identifier for the session.',
+				'@property {string} userId - The unique identifier for the user associated with the session.',
+				'@property {Date} expiresAt - The expiration date and time of the session.',
+			],
+		},
+		{
+			name: 'OAuthAccountsTable',
+			typeDef: `import('${resolve('../lib/types.ts')}').OAuthAccountsTable`,
+			multiLineDescription: [
+				'Represents a table of OAuth accounts.',
+				'',
+				'@interface OAuthAccountsTable',
+				'@property {string} provider - The name of the OAuth provider (e.g., Google, Facebook).',
+				'@property {string} providerUserId - The unique identifier for the user provided by the OAuth provider.',
+				'@property {string} userId - The unique identifier for the user within the application.',
+			],
+		},
+		{
+			name: 'PermissionsTable',
+			typeDef: `import('${resolve('../lib/types.ts')}').PermissionsTable`,
+			multiLineDescription: [
+				'Interface representing a table of user permissions.',
+				'',
+				'@interface PermissionsTable',
+				'@property {string} user - The username of the individual.',
+				'@property {string} rank - The rank or role assigned to the user.',
+			],
+		},
+		{
+			name: 'UserSessionData',
+			typeDef: `import('${resolve('../lib/types.ts')}').UserSessionData`,
+			multiLineDescription: [
+				'Represents the session data for a user.',
+				'',
+				'@property {boolean} isLoggedIn - Indicates whether the user is logged in.',
+				'@property {UserTable | null} user - The user data, or null if no user is logged in.',
+				"@property {'owner' | 'admin' | 'editor' | 'visitor' | 'unknown'} permissionLevel - The permission level of the user.",
+			],
+		},
+		{
+			name: 'UserSession',
+			typeDef: `import('${resolve('../lib/types.ts')}').UserSession`,
+			multiLineDescription: [
+				'Represents a user session which includes user information and session details.',
+				'',
+				'@property {UserTable} user - The user data.',
+				'@property {SessionTable} session - The session data.',
+			],
+		},
+		{
+			name: 'SessionValidationResult',
+			typeDef: `import('${resolve('../lib/types.ts')}').SessionValidationResult`,
+			multiLineDescription: [
+				'Represents the result of validating a session token.',
+				'',
+				'This type can either be a valid `UserSession` or an object indicating an invalid session with both `session` and `user` properties set to `null`.',
+			],
+		},
+		{
+			name: 'RefillBucket',
+			typeDef: `import('${resolve('../lib/types.ts')}').RefillBucket`,
+			multiLineDescription: [
+				'Represents an individual refillable token bucket.',
+				'',
+				'@interface RefillBucket',
+				'@property {number} count - The current token count in the bucket.',
+				'@property {number} refillAt - The time at which the bucket was last refilled.',
+			],
+		},
+		{
+			name: 'ExpiringBucket',
+			typeDef: `import('${resolve('../lib/types.ts')}').ExpiringBucket`,
+			multiLineDescription: [
+				'Represents a bucket with an expiration mechanism.',
+				'',
+				'@interface ExpiringBucket',
+				'@property {number} count - The current token count in the bucket.',
+				'@property {number} createdAt - The timestamp when the bucket was created.',
+			],
+		},
+		{
+			name: 'ThrottlingCounter',
+			typeDef: `import('${resolve('../lib/types.ts')}').ThrottlingCounter`,
+			multiLineDescription: [
+				'Interface representing a throttling counter.',
+				'',
+				'@interface ThrottlingCounter',
+				'@property {number} timeout - The duration (in milliseconds) for which the throttling is applied.',
+				'@property {number} updatedAt - The timestamp (in milliseconds since epoch) when the throttling counter was last updated.',
+			],
+		},
+	],
+});
+
+authLib.addModule('studiocms:auth/lib/user', {
+	namedExports: [
+		{
+			name: 'verifyUsernameInput',
+			typeDef: `typeof import('${resolve('../lib/user.ts')}').verifyUsernameInput`,
+		},
+		{
+			name: 'createUserAvatar',
+			typeDef: `typeof import('${resolve('../lib/user.ts')}').createUserAvatar`,
+		},
+		{
+			name: 'createLocalUser',
+			typeDef: `typeof import('${resolve('../lib/user.ts')}').createLocalUser`,
+		},
+		{
+			name: 'createOAuthUser',
+			typeDef: `typeof import('${resolve('../lib/user.ts')}').createOAuthUser`,
+		},
+		{
+			name: 'updateUserPassword',
+			typeDef: `typeof import('${resolve('../lib/user.ts')}').updateUserPassword`,
+		},
+		{
+			name: 'getUserPasswordHash',
+			typeDef: `typeof import('${resolve('../lib/user.ts')}').getUserPasswordHash`,
+		},
+		{
+			name: 'getUserFromEmail',
+			typeDef: `typeof import('${resolve('../lib/user.ts')}').getUserFromEmail`,
+		},
+		{
+			name: 'getUserData',
+			typeDef: `typeof import('${resolve('../lib/user.ts')}').getUserData`,
+		},
+		{
+			name: 'permissionRanksMap',
+			typeDef: `typeof import('${resolve('../lib/user.ts')}').permissionRanksMap`,
+		},
+		{
+			name: 'verifyUserPermissionLevel',
+			typeDef: `typeof import('${resolve('../lib/user.ts')}').verifyUserPermissionLevel`,
+		},
+		{
+			name: 'LinkNewOAuthCookieName',
+			typeDef: `typeof import('${resolve('../lib/user.ts')}').LinkNewOAuthCookieName`,
+		},
+	],
+});
+
+const dtsFile = authLib.makeAstroInjectedType('auth-lib.d.ts');
+
+export default dtsFile;
diff --git a/packages/studiocms_auth/src/stubs/auth-scripts.ts b/packages/studiocms_auth/src/stubs/auth-scripts.ts
new file mode 100644
index 000000000..140bdd329
--- /dev/null
+++ b/packages/studiocms_auth/src/stubs/auth-scripts.ts
@@ -0,0 +1,33 @@
+import DTSBuilder from '@matthiesenxyz/astrodtsbuilder';
+import { createResolver } from 'astro-integration-kit';
+
+const { resolve } = createResolver(import.meta.url);
+
+const authScripts = DTSBuilder();
+
+authScripts.addSingleLineNote(
+	'This file is generated by StudioCMS and should not be modified manually.'
+);
+
+authScripts.addModule('studiocms:auth/scripts/three', {
+	defaultExport: {
+		typeDef: 'any',
+		multiLineDescription: [
+			'This module should be imported within a script tag.',
+			'@example <script>import "studiocms:auth/scripts/three";</script>',
+		],
+	},
+});
+
+authScripts.addModule('studiocms:auth/scripts/formListener', {
+	namedExports: [
+		{
+			name: 'formListener',
+			typeDef: `typeof import('${resolve('../scripts/formListener.ts')}').formListener`,
+		},
+	],
+});
+
+const dtsFile = authScripts.makeAstroInjectedType('auth-scripts.d.ts');
+
+export default dtsFile;
diff --git a/packages/studiocms_auth/src/stubs/auth-utils.ts b/packages/studiocms_auth/src/stubs/auth-utils.ts
new file mode 100644
index 000000000..82704f596
--- /dev/null
+++ b/packages/studiocms_auth/src/stubs/auth-utils.ts
@@ -0,0 +1,23 @@
+import DTSBuilder from '@matthiesenxyz/astrodtsbuilder';
+import { createResolver } from 'astro-integration-kit';
+
+const { resolve } = createResolver(import.meta.url);
+
+const authUtils = DTSBuilder();
+
+authUtils.addSingleLineNote(
+	'This file is generated by StudioCMS and should not be modified manually.'
+);
+
+authUtils.addModule('studiocms:auth/utils/authEnvCheck', {
+	namedExports: [
+		{
+			name: 'authEnvCheck',
+			typeDef: `typeof import('${resolve('../utils/authEnvCheck.ts')}').authEnvCheck`,
+		},
+	],
+});
+
+const dtsFile = authUtils.makeAstroInjectedType('auth-utils.d.ts');
+
+export default dtsFile;
diff --git a/packages/studiocms_auth/src/utils/authEnvCheck.ts b/packages/studiocms_auth/src/utils/authEnvCheck.ts
index b9b2c2606..8c35ab359 100644
--- a/packages/studiocms_auth/src/utils/authEnvCheck.ts
+++ b/packages/studiocms_auth/src/utils/authEnvCheck.ts
@@ -12,6 +12,7 @@ const AUTHKEYS = {
 	GITHUB: {
 		CLIENT_ID: getSecret('CMS_GITHUB_CLIENT_ID'),
 		CLIENT_SECRET: getSecret('CMS_GITHUB_CLIENT_SECRET'),
+		REDIRECT_URI: getSecret('CMS_GITHUB_REDIRECT_URI'),
 	},
 	DISCORD: {
 		CLIENT_ID: getSecret('CMS_DISCORD_CLIENT_ID'),
@@ -36,6 +37,7 @@ type AuthEnvCheckReponse = {
 		ENABLED: boolean;
 		CLIENT_ID: string | undefined;
 		CLIENT_SECRET: string | undefined;
+		REDIRECT_URI: string | undefined;
 	};
 	DISCORD: {
 		ENABLED: boolean;
@@ -115,6 +117,7 @@ export async function authEnvCheck(providers: Providers): Promise<AuthEnvCheckRe
 			ENABLED: GITHUBENABLED,
 			CLIENT_ID: AUTHKEYS.GITHUB.CLIENT_ID,
 			CLIENT_SECRET: AUTHKEYS.GITHUB.CLIENT_SECRET,
+			REDIRECT_URI: AUTHKEYS.GITHUB.REDIRECT_URI,
 		},
 		DISCORD: {
 			ENABLED: DISCORDENABLED,
diff --git a/packages/studiocms_auth/src/utils/checkENV.ts b/packages/studiocms_auth/src/utils/checkENV.ts
index 19478916d..bd9b7c018 100644
--- a/packages/studiocms_auth/src/utils/checkENV.ts
+++ b/packages/studiocms_auth/src/utils/checkENV.ts
@@ -4,9 +4,25 @@ import type { AstroIntegrationLogger } from 'astro';
 import { loadEnv } from 'vite';
 import type { StudioCMSAuthOptions } from '../schema';
 
-const KeyList = {
+const env = loadEnv('all', process.cwd(), 'CMS');
+
+type KeyListType = Record<
+	string,
+	{
+		Keys: string[];
+		optionalKeys?: string[];
+		messages: { CheckMessage: string; ErrorMessage: string };
+	}
+>;
+
+const keyList: KeyListType = {
+	EncryptionKey: {
+		Keys: ['CMS_ENCRYPTION_KEY'],
+		messages: CheckENVStrings.EncryptionMessages,
+	},
 	Github: {
 		Keys: ['CMS_GITHUB_CLIENT_ID', 'CMS_GITHUB_CLIENT_SECRET'],
+		optionalKeys: ['CMS_GITHUB_REDIRECT_URI'],
 		messages: CheckENVStrings.GithubMessages,
 	},
 	Discord: {
@@ -28,7 +44,34 @@ const KeyList = {
 	},
 };
 
-const env = loadEnv('all', process.cwd(), 'CMS');
+function matchAvailableProviders(providers: {
+	github: boolean;
+	discord: boolean;
+	google: boolean;
+	auth0: boolean;
+}) {
+	const { github, discord, google, auth0 } = providers;
+
+	const enabledProviders = ['EncryptionKey'];
+
+	if (github) {
+		enabledProviders.push('Github');
+	}
+
+	if (discord) {
+		enabledProviders.push('Discord');
+	}
+
+	if (google) {
+		enabledProviders.push('Google');
+	}
+
+	if (auth0) {
+		enabledProviders.push('Auth0');
+	}
+
+	return enabledProviders;
+}
 
 export const checkEnvKeys = async (
 	logger: AstroIntegrationLogger,
@@ -44,90 +87,44 @@ export const checkEnvKeys = async (
 	const infoLogger = (message: string) => {
 		integrationLogger({ logger, logLevel: 'info', verbose }, message);
 	};
+
 	const warnLogger = (message: string) => {
-		integrationLogger({ logger, logLevel: 'warn', verbose }, message);
+		integrationLogger({ logger, logLevel: 'warn', verbose: true }, message);
 	};
 
 	infoLogger(CheckENVStrings.CheckStart);
 
-	const { github, discord, google, auth0 } = providers;
-
-	const {
-		Github: GithubKeys,
-		Discord: DiscordKeys,
-		Google: GoogleKeys,
-		Auth0: Auth0Keys,
-	} = KeyList;
+	const enabledProviders = matchAvailableProviders(providers);
 
-	// List of all currently missing keys
-	const missingKeys: string[] = [];
+	for (const provider of enabledProviders) {
+		const ProviderItem = keyList[provider];
 
-	// Check for Github Environment Variables
-	const missingGithubKeys: string[] = [];
-	if (github) {
-		infoLogger(GithubKeys.messages.CheckMessage);
-		// biome-ignore lint/complexity/noForEach: This is a simple loop
-		GithubKeys.Keys.forEach((key) => {
-			if (!env[key]) {
-				missingGithubKeys.push(key);
-				missingKeys.push(key);
-			}
-		});
-		if (missingGithubKeys.length > 0) {
-			warnLogger(`${GithubKeys.messages.ErrorMessage} ${missingGithubKeys.join(', ')}`);
+		if (!ProviderItem) {
+			continue;
 		}
-	}
 
-	// Check for Discord Environment Variables
-	const missingDiscordKeys: string[] = [];
-	if (discord) {
-		infoLogger(DiscordKeys.messages.CheckMessage);
-		// biome-ignore lint/complexity/noForEach: This is a simple loop
-		DiscordKeys.Keys.forEach((key) => {
+		const { messages, Keys, optionalKeys } = ProviderItem;
+
+		infoLogger(messages.CheckMessage);
+
+		const missingProviderKeys: string[] = [];
+
+		for (const key of Keys) {
 			if (!env[key]) {
-				missingDiscordKeys.push(key);
-				missingKeys.push(key);
+				missingProviderKeys.push(key);
 			}
-		});
-		if (missingDiscordKeys.length > 0) {
-			warnLogger(`${DiscordKeys.messages.ErrorMessage} ${missingDiscordKeys.join(', ')}`);
 		}
-	}
 
-	// Check for Google Environment Variables
-	const missingGoogleKeys: string[] = [];
-	if (google) {
-		infoLogger(GoogleKeys.messages.CheckMessage);
-		// biome-ignore lint/complexity/noForEach: This is a simple loop
-		GoogleKeys.Keys.forEach((key) => {
+		for (const key of optionalKeys || []) {
 			if (!env[key]) {
-				missingGoogleKeys.push(key);
-				missingKeys.push(key);
+				warnLogger(`The following optional key is missing and may or may not be required: ${key}`);
 			}
-		});
-		if (missingGoogleKeys.length > 0) {
-			warnLogger(`${GoogleKeys.messages.ErrorMessage} ${missingGoogleKeys.join(', ')}`);
 		}
-	}
 
-	// Check for Auth0 Environment Variables
-	const missingAuth0Keys: string[] = [];
-	if (auth0) {
-		infoLogger(Auth0Keys.messages.CheckMessage);
-		// biome-ignore lint/complexity/noForEach: This is a simple loop
-		Auth0Keys.Keys.forEach((key) => {
-			if (!env[key]) {
-				missingAuth0Keys.push(key);
-				missingKeys.push(key);
-			}
-		});
-		if (missingAuth0Keys.length > 0) {
-			warnLogger(`${Auth0Keys.messages.ErrorMessage} ${missingAuth0Keys.join(', ')}`);
+		if (missingProviderKeys.length > 0) {
+			warnLogger(`${messages.ErrorMessage} ${missingProviderKeys.join(', ')}`);
 		}
 	}
 
-	// If all Environment Variables are set log an info message
-	if (missingKeys.length === 0) {
-		infoLogger(CheckENVStrings.CheckComplete);
-	}
+	infoLogger(CheckENVStrings.CheckComplete);
 };
diff --git a/packages/studiocms_auth/src/utils/injectAuthRoutes.ts b/packages/studiocms_auth/src/utils/injectAuthRoutes.ts
deleted file mode 100644
index 4c401baea..000000000
--- a/packages/studiocms_auth/src/utils/injectAuthRoutes.ts
+++ /dev/null
@@ -1,123 +0,0 @@
-import { integrationLogger } from '@matthiesenxyz/integration-utils/astroUtils';
-import { removeLeadingTrailingSlashes } from '@studiocms/core/lib';
-import { DashboardStrings } from '@studiocms/core/strings';
-import { defineUtility } from 'astro-integration-kit';
-import type { StudioCMSAuthOptions } from '../schema';
-
-export const injectAuthRouteArray = defineUtility('astro:config:setup')(
-	(
-		params,
-		opts: {
-			options: StudioCMSAuthOptions;
-			middleware: string;
-			providerRoutes: {
-				enabled: boolean;
-				logs: {
-					enabledMessage: string;
-					disabledMessage: string;
-				};
-				routes: {
-					pattern: string;
-					entrypoint: string;
-				}[];
-			}[];
-		}
-	) => {
-		const { injectRoute, addMiddleware, logger } = params;
-		const {
-			options: {
-				dashboardConfig: {
-					dashboardEnabled,
-					dashboardRouteOverride,
-					developerConfig: { testingAndDemoMode },
-					AuthConfig: { enabled },
-				},
-				dbStartPage,
-			},
-			options,
-		} = opts;
-
-		const { middleware, providerRoutes } = opts;
-
-		if (dashboardEnabled && !dbStartPage) {
-			// Log that the Dashboard is enabled
-			integrationLogger(
-				{ logger, logLevel: 'info', verbose: options.verbose },
-				DashboardStrings.DashboardEnabled
-			);
-		} else {
-			// Log that the Dashboard is disabled
-			integrationLogger(
-				{ logger, logLevel: 'info', verbose: options.verbose },
-				DashboardStrings.DashboardDisabled
-			);
-		}
-
-		if (enabled) {
-			// Log that the Auth is enabled
-			integrationLogger(
-				{ logger, logLevel: 'info', verbose: options.verbose },
-				DashboardStrings.AuthEnabled
-			);
-
-			// If Testing and Demo Mode is enabled, log that it is enabled
-			if (testingAndDemoMode) {
-				integrationLogger(
-					{ logger, logLevel: 'info', verbose: options.verbose },
-					DashboardStrings.TestAndDemo
-				);
-			}
-
-			// Add Middleware for Auth Session Handling
-			integrationLogger(
-				{ logger, logLevel: 'info', verbose: options.verbose },
-				DashboardStrings.Middleware
-			);
-			addMiddleware({
-				entrypoint: middleware,
-				order: 'pre',
-			});
-
-			// Make the Default Dashboard Route
-			const defaultDashboardRoute = dashboardRouteOverride
-				? removeLeadingTrailingSlashes(dashboardRouteOverride)
-				: 'dashboard';
-
-			// Utility Function to Make a Dashboard Route
-			const makeDashboardRoute = (path: string) => {
-				return `${defaultDashboardRoute}/${path}`;
-			};
-
-			// Log that the Auth Routes are being injected
-			integrationLogger(
-				{ logger, logLevel: 'info', verbose: options.verbose },
-				DashboardStrings.AuthRoutes
-			);
-
-			// Inject Auth Provider Routes
-			for (const provider of providerRoutes) {
-				const { enabled, logs, routes } = provider;
-
-				if (enabled) {
-					const { enabledMessage } = logs;
-
-					integrationLogger({ logger, logLevel: 'info', verbose: options.verbose }, enabledMessage);
-
-					for (const route of routes) {
-						const { pattern, entrypoint } = route;
-
-						injectRoute({
-							pattern: makeDashboardRoute(pattern),
-							entrypoint,
-						});
-					}
-				}
-			}
-		} else if (!enabled) {
-			integrationLogger(
-				{ logger, logLevel: 'info', verbose: options.verbose },
-				DashboardStrings.AuthDisabled
-			);
-		}
-	}
-);
diff --git a/packages/studiocms_auth/src/utils/routeBuilder.ts b/packages/studiocms_auth/src/utils/routeBuilder.ts
new file mode 100644
index 000000000..3bb12a4c7
--- /dev/null
+++ b/packages/studiocms_auth/src/utils/routeBuilder.ts
@@ -0,0 +1,156 @@
+import { integrationLogger } from '@matthiesenxyz/integration-utils/astroUtils';
+import { removeLeadingTrailingSlashes } from '@studiocms/core/lib';
+import { DashboardStrings } from '@studiocms/core/strings';
+import { defineUtility } from 'astro-integration-kit';
+import type { StudioCMSAuthOptions } from '../schema';
+
+export const makeStudioCMSAuthAPIRoute = (route: string) => {
+	return `studiocms_api/auth/${route}`;
+};
+
+export const makeDashboardRoute = (route: string, options: StudioCMSAuthOptions) => {
+	// Get the dashboard route override from the options
+	const {
+		dashboardConfig: { dashboardRouteOverride },
+	} = options;
+
+	// Get the default dashboard route if the override is not set
+	const defaultDashboardRoute = dashboardRouteOverride
+		? removeLeadingTrailingSlashes(dashboardRouteOverride)
+		: 'dashboard';
+
+	return `${defaultDashboardRoute}/${route}`;
+};
+
+export const injectAuthAPIRoutes = defineUtility('astro:config:setup')(
+	(
+		params,
+		opts: {
+			options: StudioCMSAuthOptions;
+			routes: {
+				enabled: boolean;
+				pattern: string;
+				entrypoint: string;
+			}[];
+		}
+	) => {
+		const { injectRoute, logger } = params;
+
+		const {
+			options: {
+				verbose,
+				dashboardConfig: {
+					dashboardEnabled,
+					AuthConfig: { enabled: authEnabled },
+					developerConfig: { testingAndDemoMode },
+				},
+			},
+			routes,
+		} = opts;
+
+		// Check if the Dashboard is enabled
+		if (dashboardEnabled) {
+			// Log that the Dashboard is enabled
+			integrationLogger({ logger, logLevel: 'info', verbose }, DashboardStrings.DashboardEnabled);
+		} else {
+			// Log that the Dashboard is disabled
+			integrationLogger({ logger, logLevel: 'info', verbose }, DashboardStrings.DashboardDisabled);
+		}
+
+		if (!authEnabled) {
+			// Log that the Auth is disabled
+			integrationLogger({ logger, logLevel: 'info', verbose }, DashboardStrings.AuthDisabled);
+			return;
+		}
+
+		// Log that the Auth is enabled
+		integrationLogger({ logger, logLevel: 'info', verbose }, DashboardStrings.AuthEnabled);
+
+		// If Testing and Demo Mode is enabled, log that it is enabled
+		if (testingAndDemoMode) {
+			integrationLogger({ logger, logLevel: 'info', verbose }, DashboardStrings.TestAndDemo);
+		}
+
+		// Inject the API routes
+		for (const route of routes) {
+			const { enabled, pattern, entrypoint } = route;
+
+			if (!enabled) {
+				continue;
+			}
+
+			injectRoute({
+				pattern: makeStudioCMSAuthAPIRoute(pattern),
+				entrypoint,
+				prerender: false,
+			});
+		}
+	}
+);
+
+export const injectAuthPageRoutes = defineUtility('astro:config:setup')(
+	(
+		params,
+		opts: {
+			options: StudioCMSAuthOptions;
+			routes: {
+				enabled: boolean;
+				pattern: string;
+				entrypoint: string;
+			}[];
+		}
+	) => {
+		const { injectRoute, logger } = params;
+
+		const {
+			options: {
+				verbose,
+				dashboardConfig: {
+					dashboardEnabled,
+					AuthConfig: { enabled: authEnabled },
+					developerConfig: { testingAndDemoMode },
+				},
+			},
+			options,
+			routes,
+		} = opts;
+
+		// Check if the Dashboard is enabled
+		if (dashboardEnabled) {
+			// Log that the Dashboard is enabled
+			integrationLogger({ logger, logLevel: 'info', verbose }, DashboardStrings.DashboardEnabled);
+		} else {
+			// Log that the Dashboard is disabled
+			integrationLogger({ logger, logLevel: 'info', verbose }, DashboardStrings.DashboardDisabled);
+		}
+
+		if (!authEnabled) {
+			// Log that the Auth is disabled
+			integrationLogger({ logger, logLevel: 'info', verbose }, DashboardStrings.AuthDisabled);
+			return;
+		}
+
+		// Log that the Auth is enabled
+		integrationLogger({ logger, logLevel: 'info', verbose }, DashboardStrings.AuthEnabled);
+
+		// If Testing and Demo Mode is enabled, log that it is enabled
+		if (testingAndDemoMode) {
+			integrationLogger({ logger, logLevel: 'info', verbose }, DashboardStrings.TestAndDemo);
+		}
+
+		// Inject the API routes
+		for (const route of routes) {
+			const { enabled, pattern, entrypoint } = route;
+
+			if (!enabled) {
+				continue;
+			}
+
+			injectRoute({
+				pattern: makeDashboardRoute(pattern, options),
+				entrypoint,
+				prerender: false, // TODO: Change this to true once hybrid mode is ready
+			});
+		}
+	}
+);
diff --git a/packages/studiocms_auth/src/utils/studioauth-config.ts b/packages/studiocms_auth/src/utils/studioauth-config.ts
deleted file mode 100644
index 2b8b0cf86..000000000
--- a/packages/studiocms_auth/src/utils/studioauth-config.ts
+++ /dev/null
@@ -1,177 +0,0 @@
-import { randomUUID } from 'node:crypto';
-import { readFileSync, writeFile } from 'node:fs';
-import { integrationLogger } from '@matthiesenxyz/integration-utils/astroUtils';
-import { authConfigStrings } from '@studiocms/core/strings';
-import type { AuthConfigMap, usernameAndPasswordConfig } from '@studiocms/core/types';
-import { addVirtualImports, createResolver, defineUtility } from 'astro-integration-kit';
-import type { StudioCMSAuthOptions } from '../schema';
-
-/**
- * Get the URL to the StudioCMS auth config file
- */
-export function getStudioAuthConfigFileUrl(projectRootUrl: URL | string) {
-	return new URL('./studiocms-auth.config.json', projectRootUrl);
-}
-
-// Username and Password Config
-/**
- * Check if the salt is defined in the studiocms-auth.config.json file
- *
- * File is stored in the root of the user's project as studiocms-auth.config.json
- *
- * @see https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#scrypt
- * @see https://words.filippo.io/the-scrypt-parameters/
- *
- * @example
- * {
- * 	"salt": "salt", //Uint8Array | string
- * 	"opts": {
- * 		"cpu_mem": 2 ** 12, //NUMBER
- * 		"block_size": 8, //NUMBER
- * 		"parallelization": 1, //NUMBER
- * 		"output_key_length": 32 //NUMBER
- *      "asyncTick": 10, //NUMBER
- * 		"max_mem": 1024 ** 3 + 1024 //NUMBER
- *   },
- * }
- */
-export const usernameAndPasswordAuthConfig = defineUtility('astro:config:setup')(
-	async (
-		params,
-		opts: {
-			options: StudioCMSAuthOptions;
-			name: string;
-		}
-	) => {
-		const { addWatchFile, config, logger } = params;
-		const { name, options } = opts;
-
-		const {
-			dbStartPage,
-			dashboardConfig: {
-				dashboardEnabled,
-				AuthConfig: { enabled: authEnabled },
-			},
-		} = options;
-
-		const enabled = dashboardEnabled && authEnabled;
-
-		if (dbStartPage || enabled) {
-			integrationLogger(
-				{ logger, logLevel: 'info', verbose: options.verbose },
-				authConfigStrings.configSetup
-			);
-
-			// Watch the StudioCMS Auth Config File for changes (including creation/deletion)
-			addWatchFile(getStudioAuthConfigFileUrl(config.root));
-
-			const { resolve: AstroProjectRoot } = createResolver(config.root.pathname);
-
-			let VirtualAuthSecurity: usernameAndPasswordConfig;
-
-			const authFileOptsDefaults: AuthConfigMap['opts'] = {
-				cpu_mem: 2 ** 12,
-				block_size: 8,
-				parallelization: 1,
-				output_key_length: 32,
-				asyncTick: 10,
-				max_mem: 1024 ** 3 + 1024,
-			};
-
-			const userPassAuthConfigDefaults: usernameAndPasswordConfig['opts'] = {
-				N: 2 ** 12,
-				r: 8,
-				p: 1,
-				dkLen: 32,
-				asyncTick: 10,
-				maxmem: 1024 ** 3 + 1024,
-			};
-
-			// Resolve Options
-			try {
-				integrationLogger(
-					{ logger, logLevel: 'info', verbose: options.verbose },
-					authConfigStrings.readConfig
-				);
-				const authConfigFileJsonRAW = readFileSync(
-					AstroProjectRoot('./studiocms-auth.config.json'),
-					{ encoding: 'utf-8' }
-				);
-
-				const authConfigFileParsed: AuthConfigMap = JSON.parse(authConfigFileJsonRAW);
-
-				if (!authConfigFileParsed.salt) {
-					return integrationLogger(
-						{ logger, logLevel: 'error', verbose: true },
-						authConfigStrings.saltMissing
-					);
-				}
-
-				const authConfigMap = {
-					salt: authConfigFileParsed.salt,
-					opts: {
-						N: authConfigFileParsed.opts.cpu_mem || 2 ** 12,
-						r: authConfigFileParsed.opts.block_size || 8,
-						p: authConfigFileParsed.opts.parallelization || 1,
-						dkLen: authConfigFileParsed.opts.output_key_length || 32,
-						asyncTick: authConfigFileParsed.opts.asyncTick || 10,
-						maxmem: authConfigFileParsed.opts.max_mem || 1024 ** 3 + 1024,
-					},
-				};
-
-				VirtualAuthSecurity = authConfigMap;
-			} catch (error) {
-				integrationLogger(
-					{ logger, logLevel: 'error', verbose: true },
-					authConfigStrings.eRC.part1 + error + authConfigStrings.eRC.part2
-				);
-
-				const newSalt = randomUUID();
-				VirtualAuthSecurity = { salt: newSalt, opts: userPassAuthConfigDefaults };
-
-				const newAuthOutput: AuthConfigMap = {
-					salt: newSalt,
-					opts: authFileOptsDefaults,
-				};
-
-				const newAuthOutputString = JSON.stringify(newAuthOutput, null, 2);
-
-				integrationLogger(
-					{ logger, logLevel: 'info', verbose: options.verbose },
-					authConfigStrings.newSalt
-				);
-				writeFile(
-					AstroProjectRoot('./studiocms-auth.config.json'),
-					newAuthOutputString,
-					{ encoding: 'utf-8' },
-					(err) => {
-						if (err) {
-							return integrationLogger(
-								{ logger, logLevel: 'error', verbose: true },
-								authConfigStrings.writeFileError + err
-							);
-						}
-						return integrationLogger(
-							{ logger, logLevel: 'info', verbose: options.verbose },
-							authConfigStrings.newConfig + newSalt
-						);
-					}
-				);
-			}
-
-			const VirtualAuthSecImport = `export default ${JSON.stringify(VirtualAuthSecurity)}`;
-
-			addVirtualImports(params, {
-				name,
-				imports: {
-					'studiocms:auth/config': VirtualAuthSecImport,
-				},
-			});
-
-			integrationLogger(
-				{ logger, logLevel: 'info', verbose: options.verbose },
-				authConfigStrings.configComplete
-			);
-		}
-	}
-);
diff --git a/packages/studiocms_auth/src/utils/validImages.ts b/packages/studiocms_auth/src/utils/validImages.ts
new file mode 100644
index 000000000..c03c064d6
--- /dev/null
+++ b/packages/studiocms_auth/src/utils/validImages.ts
@@ -0,0 +1,38 @@
+import studiocmsBlobsDark from '../loginBackgrounds/studiocms-blobs-dark.png';
+import studiocmsBlobsLight from '../loginBackgrounds/studiocms-blobs-light.png';
+import studiocmsBlocksDark from '../loginBackgrounds/studiocms-blocks-dark.png';
+import studiocmsBlocksLight from '../loginBackgrounds/studiocms-blocks-light.png';
+import studiocmsCurvesDark from '../loginBackgrounds/studiocms-curves-dark.png';
+import studiocmsCurvesLight from '../loginBackgrounds/studiocms-curves-light.png';
+
+/**
+ * The valid images that can be used as a background for the StudioCMS Logo.
+ */
+const validImages = [
+	{
+		name: 'studiocms-blobs',
+		format: 'png',
+		light: studiocmsBlobsLight,
+		dark: studiocmsBlobsDark,
+	},
+	{
+		name: 'studiocms-blocks',
+		format: 'png',
+		light: studiocmsBlocksLight,
+		dark: studiocmsBlocksDark,
+	},
+	{
+		name: 'studiocms-curves',
+		format: 'png',
+		light: studiocmsCurvesLight,
+		dark: studiocmsCurvesDark,
+	},
+	{ 
+		name: 'custom', 
+		format: 'web',
+		light: null,
+		dark: null,
+	},
+] as const;
+
+export { validImages };
diff --git a/packages/studiocms_auth/tsconfig.json b/packages/studiocms_auth/tsconfig.json
index eef2ee650..6a0caec63 100644
--- a/packages/studiocms_auth/tsconfig.json
+++ b/packages/studiocms_auth/tsconfig.json
@@ -31,14 +31,5 @@
       "path": "../studiocms_dashboard"
     }
   ],
-  "include": [
-    "./package.json",
-    "../../playgrounds/node/**/*",
-    "../../playgrounds/node/.astro/**/*",
-    "../studiocms_assets/**/*",
-    "../studiocms_core/**/*",
-    "../studiocms_dashboard/**/*",
-    "./**/*",
-    "./src/**/*.json"
-  ]
+  "include": ["./package.json", "../../playgrounds/node/.astro/**/*", "./**/*", "./src/**/*.json"]
 }
diff --git a/packages/studiocms_auth/virtuals.d.ts b/packages/studiocms_auth/virtuals.d.ts
index 57e710ffe..c82be0ab8 100644
--- a/packages/studiocms_auth/virtuals.d.ts
+++ b/packages/studiocms_auth/virtuals.d.ts
@@ -1,3 +1,109 @@
+declare module 'studiocms:auth/lib/encryption' {
+	export const encrypt: typeof import('./src/lib/encryption').encrypt;
+	export const encryptString: typeof import('./src/lib/encryption').encryptString;
+	export const decrypt: typeof import('./src/lib/encryption').decrypt;
+	export const decryptToString: typeof import('./src/lib/encryption').decryptToString;
+}
+
+declare module 'studiocms:auth/lib/password' {
+	export const hashPassword: typeof import('./src/lib/password').hashPassword;
+	export const verifyPasswordHash: typeof import('./src/lib/password').verifyPasswordHash;
+	export const verifyPasswordStrength: typeof import('./src/lib/password').verifyPasswordStrength;
+}
+
+declare module 'studiocms:auth/lib/rate-limit' {
+	export class RefillingTokenBucket<_Key> {
+		public max: number;
+		public refillIntervalSeconds: number;
+		constructor(max: number, refillIntervalSeconds: number);
+		private storage;
+		public check(key: _Key, cost: number): boolean;
+		public consume(key: _Key, cost: number): boolean;
+	}
+
+	export class Throttler<_Key> {
+		public timeoutSeconds: number[];
+		private storage;
+		constructor(timeoutSeconds: number[]);
+		public consume(key: _Key): boolean;
+	}
+
+	export class ExpiringTokenBucket<_Key> {
+		public max: number;
+		public expirationSeconds: number;
+		constructor(max: number, expirationSeconds: number);
+		private storage;
+		public check(key: _Key, cost: number): boolean;
+		public consume(key: _Key, cost: number): boolean;
+	}
+}
+
+declare module 'studiocms:auth/lib/session' {
+	export const generateSessionToken: typeof import('./src/lib/session').generateSessionToken;
+	export const sessionCookieName: typeof import('./src/lib/session').sessionCookieName;
+	export const createSession: typeof import('./src/lib/session').createSession;
+	export const validateSessionToken: typeof import('./src/lib/session').validateSessionToken;
+	export const invalidateSession: typeof import('./src/lib/session').invalidateSession;
+	export const setSessionTokenCookie: typeof import('./src/lib/session').setSessionTokenCookie;
+	export const deleteSessionTokenCookie: typeof import('./src/lib/session').deleteSessionTokenCookie;
+	export const setOAuthSessionTokenCookie: typeof import('./src/lib/session').setOAuthSessionTokenCookie;
+	export const makeExpirationDate: typeof import('./src/lib/session').makeExpirationDate;
+	export const sessionExpTime: typeof import('./src/lib/session').sessionExpTime;
+	export const createUserSession: typeof import('./src/lib/session').createUserSession;
+}
+
+declare module 'studiocms:auth/lib/types' {
+	export type UserTable = import('./src/lib/types').UserTable;
+	export type SessionTable = import('./src/lib/types').SessionTable;
+	export type OAuthAccountsTable = import('./src/lib/types').OAuthAccountsTable;
+	export type PermissionsTable = import('./src/lib/types').PermissionsTable;
+	export type UserSessionData = import('./src/lib/types').UserSessionData;
+	export type UserSession = import('./src/lib/types').UserSession;
+	export type SessionValidationResult = import('./src/lib/types').SessionValidationResult;
+	export type RefillBucket = import('./src/lib/types').RefillBucket;
+	export type ExpiringBucket = import('./src/lib/types').ExpiringBucket;
+	export type ThrottlingCounter = import('./src/lib/types').ThrottlingCounter;
+}
+
+declare module 'studiocms:auth/lib/user' {
+	export const verifyUsernameInput: typeof import('./src/lib/user').verifyUsernameInput;
+	export const createUserAvatar: typeof import('./src/lib/user').createUserAvatar;
+	export const createLocalUser: typeof import('./src/lib/user').createLocalUser;
+	export const createOAuthUser: typeof import('./src/lib/user').createOAuthUser;
+	export const updateUserPassword: typeof import('./src/lib/user').updateUserPassword;
+	export const getUserPasswordHash: typeof import('./src/lib/user').getUserPasswordHash;
+	export const getUserFromEmail: typeof import('./src/lib/user').getUserFromEmail;
+	export const getUserData: typeof import('./src/lib/user').getUserData;
+	export const permissionRanksMap: typeof import('./src/lib/user').permissionRanksMap;
+	export const verifyUserPermissionLevel: typeof import('./src/lib/user').verifyUserPermissionLevel;
+	export const LinkNewOAuthCookieName: typeof import('./src/lib/user').LinkNewOAuthCookieName;
+}
+
+declare module 'studiocms:auth/utils/authEnvCheck' {
+	export const authEnvCheck: typeof import('./src/utils/authEnvCheck').authEnvCheck;
+}
+
+declare module 'studiocms:auth/utils/validImages' {
+	export const validImages: typeof import('./src/utils/validImages').validImages;
+}
+
+declare module 'studiocms:auth/scripts/three' {
+	/**
+	 * This module should be imported within a script tag.
+	 * @example <script>import "studiocms:auth/scripts/three";</script>
+	 */
+
+	// biome-ignore lint/suspicious/noExplicitAny: this is a module without exports, see example above for usage. (The export is not real and this is just to present the module in the type definitions)
+	const mod: any;
+	export default mod;
+}
+
+declare module 'studiocms:auth/scripts/formListener' {
+	export const formListener: typeof import('./src/scripts/formListener').formListener;
+}
+
+// // // // // End of Auth Module // // // // //
+
 /**
  * # DEV TIP
  *
@@ -12,10 +118,15 @@
  * }
  */
 declare module 'virtual:studiocms/config' {
-	const Config: import('@studiocms/core/schemas').StudioCMSOptions;
+	const Config: import('@studiocms/core/schemas').StudioCMSConfig;
 	export default Config;
 }
 
+declare module 'virtual:studiocms/version' {
+	const version: string;
+	export default version;
+}
+
 declare module 'virtual:studiocms/astromdremarkConfig' {
 	const markdownConfig: import('astro').AstroConfig['markdown'];
 	export default markdownConfig;
@@ -28,11 +139,6 @@ declare module 'virtual:studiocms/pluginSystem' {
 	export const customRenderers: string[];
 }
 
-declare module 'studiocms:auth/config' {
-	const AuthSecurityConfig: import('@studiocms/core/types').usernameAndPasswordConfig;
-	export default AuthSecurityConfig;
-}
-
 declare module 'studiocms:components' {
 	export const Avatar: typeof import('@studiocms/core/components').Avatar;
 	export const FormattedDate: typeof import('@studiocms/core/components').FormattedDate;
diff --git a/packages/studiocms_betaresources/package.json b/packages/studiocms_betaresources/package.json
index 34d5545f0..85d7cd51d 100644
--- a/packages/studiocms_betaresources/package.json
+++ b/packages/studiocms_betaresources/package.json
@@ -37,8 +37,7 @@
     "@studiocms/assets": "workspace:*"
   },
   "peerDependencies": {
-    "astro": "catalog:min",
-    "@studiocms/core": "workspace:*"
+    "astro": "catalog:min"
   },
   "devDependencies": {
     "vite": "catalog:",
diff --git a/packages/studiocms_core/package.json b/packages/studiocms_core/package.json
index 8260f98ea..2ce85b67d 100644
--- a/packages/studiocms_core/package.json
+++ b/packages/studiocms_core/package.json
@@ -46,20 +46,19 @@
   },
   "type": "module",
   "dependencies": {
-    "@markdoc/markdoc": "catalog:studiocms-shared",
-    "@matthiesenxyz/astrolace": "catalog:studiocms-shared",
-    "@matthiesenxyz/astrodtsbuilder": "catalog:studiocms-shared",
-    "@matthiesenxyz/integration-utils": "catalog:studiocms-shared",
-    "@noble/hashes": "catalog:studiocms-shared",
     "@studiocms/robotstxt": "workspace:*",
     "astro-integration-kit": "catalog:",
-    "lucia": "catalog:studiocms-shared",
-    "marked": "catalog:studiocms-shared",
-    "mrmime": "catalog:studiocms-shared",
-    "shiki": "catalog:studiocms-shared",
-    "unified": "catalog:studiocms-shared",
+    "@markdoc/markdoc": "catalog:studiocms-renderer",
+    "marked": "catalog:studiocms-renderer",
+    "shiki": "catalog:studiocms-renderer",
+    "mrmime": "catalog:studiocms-core",
+    "unified": "catalog:studiocms-core",
     "remark-rehype": "catalog:studiocms-core",
-    "mdast-util-to-hast": "catalog:studiocms-core"
+    "mdast-util-to-hast": "catalog:studiocms-core",
+    "@matthiesenxyz/astrodtsbuilder": "catalog:studiocms-shared",
+    "@matthiesenxyz/integration-utils": "catalog:studiocms-shared",
+
+    "@matthiesenxyz/astrolace": "catalog:studiocms-shared"
   },
   "peerDependencies": {
     "@astrojs/db": "catalog:min",
diff --git a/packages/studiocms_core/src/components/Avatar.astro b/packages/studiocms_core/src/components/Avatar.astro
index 4114e5b87..3f5e02275 100644
--- a/packages/studiocms_core/src/components/Avatar.astro
+++ b/packages/studiocms_core/src/components/Avatar.astro
@@ -1,20 +1,22 @@
 ---
 import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
-import Config from 'virtual:studiocms/config';
+// import Config from 'virtual:studiocms/config';
 import profileImg from './avatar.webp';
 
+// const {
+// 	dashboardConfig: {
+// 		AuthConfig: { enabled },
+// 	},
+// } = Config;
 const {
-	dashboardConfig: {
-		AuthConfig: { enabled },
-	},
-} = Config;
-const {
-	mainLinks: { dashboardIndex },
+	// mainLinks: { dashboardIndex },
 	authLinks: { loginURL },
 } = StudioCMSRoutes;
-const { isLoggedIn, dbUser: userProfile } = Astro.locals;
+// const { isLoggedIn, dbUser: userProfile } = Astro.locals;
+
+// TODO: Update this to use the new auth system
 ---
-{ enabled !== false && (isLoggedIn ? (
+{/* enabled !== false && (isLoggedIn ? (
     <a href={dashboardIndex} title="User Dashboard">
         <img
             src={userProfile?.avatar||profileImg.src}
@@ -23,6 +25,7 @@ const { isLoggedIn, dbUser: userProfile } = Astro.locals;
             height="64" />
         </a>
     ) : (
+     */
         <a href={loginURL} title="Login">
         <img 
             src={profileImg.src} 
@@ -30,7 +33,7 @@ const { isLoggedIn, dbUser: userProfile } = Astro.locals;
             width="64" 
             height="64" />
         </a>
-    ))
+    /* )) 
 }
 { enabled === false && (
     <a href="#" aria-disabled="true" title="Please Edit your database through your provider's dashboard">
@@ -40,4 +43,4 @@ const { isLoggedIn, dbUser: userProfile } = Astro.locals;
             width="64" 
             height="64" />	
     </a>
-)}
\ No newline at end of file
+)*/}
\ No newline at end of file
diff --git a/packages/studiocms_core/src/db/config.ts b/packages/studiocms_core/src/db/config.ts
index 28be127af..9d69c0065 100644
--- a/packages/studiocms_core/src/db/config.ts
+++ b/packages/studiocms_core/src/db/config.ts
@@ -1,6 +1,7 @@
 /// <reference types="@astrojs/db" />
 import { defineDb } from 'astro:db';
 import {
+	StudioCMSOAuthAccounts,
 	StudioCMSPageContent,
 	StudioCMSPageData,
 	StudioCMSPageDataCategories,
@@ -22,5 +23,6 @@ export default defineDb({
 		StudioCMSSessionTable,
 		StudioCMSSiteConfig,
 		StudioCMSUsers,
+		StudioCMSOAuthAccounts,
 	},
 });
diff --git a/packages/studiocms_core/src/db/tables.ts b/packages/studiocms_core/src/db/tables.ts
index 2ba60b045..29fbbf38f 100644
--- a/packages/studiocms_core/src/db/tables.ts
+++ b/packages/studiocms_core/src/db/tables.ts
@@ -9,11 +9,6 @@ export const StudioCMSUsers = defineTable({
 		name: column.text(),
 		email: column.text({ unique: true, optional: true }),
 		avatar: column.text({ optional: true }),
-		githubId: column.number({ unique: true, optional: true }),
-		githubURL: column.text({ optional: true }),
-		discordId: column.text({ unique: true, optional: true }),
-		googleId: column.text({ unique: true, optional: true }),
-		auth0Id: column.text({ unique: true, optional: true }),
 		username: column.text(),
 		password: column.text({ optional: true }),
 		updatedAt: column.date({ default: NOW, optional: true }),
@@ -21,6 +16,14 @@ export const StudioCMSUsers = defineTable({
 	},
 });
 
+export const StudioCMSOAuthAccounts = defineTable({
+	columns: {
+		provider: column.text(), // github, google, discord, auth0
+		providerUserId: column.text({ primaryKey: true }),
+		userId: column.text({ references: () => StudioCMSUsers.columns.id }),
+	},
+});
+
 /** StudioCMS - Session Table for Astro DB */
 export const StudioCMSSessionTable = defineTable({
 	columns: {
@@ -30,6 +33,14 @@ export const StudioCMSSessionTable = defineTable({
 	},
 });
 
+/** StudioCMS - Permissions Table for Astro DB */
+export const StudioCMSPermissions = defineTable({
+	columns: {
+		user: column.text({ references: () => StudioCMSUsers.columns.id }),
+		rank: column.text(),
+	},
+});
+
 /** StudioCMS - Pages Data Table for Astro DB */
 export const StudioCMSPageData = defineTable({
 	columns: {
@@ -90,13 +101,7 @@ export const StudioCMSSiteConfig = defineTable({
 		description: column.text(),
 		defaultOgImage: column.text({ optional: true }),
 		siteIcon: column.text({ optional: true }),
-	},
-});
-
-/** StudioCMS - Permissions Table for Astro DB */
-export const StudioCMSPermissions = defineTable({
-	columns: {
-		username: column.text(),
-		rank: column.text(),
+		loginPageBackground: column.text({ default: 'studiocms-curves' }),
+		loginPageCustomImage: column.text({ optional: true }),
 	},
 });
diff --git a/packages/studiocms_core/src/db/tsTables.ts b/packages/studiocms_core/src/db/tsTables.ts
index 9fac4e3b4..90255357d 100644
--- a/packages/studiocms_core/src/db/tsTables.ts
+++ b/packages/studiocms_core/src/db/tsTables.ts
@@ -1,5 +1,6 @@
 import { asDrizzleTable } from '@astrojs/db/utils';
 import {
+	StudioCMSOAuthAccounts,
 	StudioCMSPageContent,
 	StudioCMSPageData,
 	StudioCMSPageDataCategories,
@@ -60,3 +61,9 @@ export const tsSiteConfig = asDrizzleTable('StudioCMSSiteConfig', StudioCMSSiteC
  * @description Exported TypeSafe Table definition for use in StudioCMS Integrations
  */
 export const tsUsers = asDrizzleTable('StudioCMSUsers', StudioCMSUsers);
+
+/**
+ * # StudioCMS - OAuth Accounts Table
+ * @description Exported TypeSafe Table definition for use in StudioCMS Integrations
+ */
+export const tsOAuthAccounts = asDrizzleTable('StudioCMSOAuthAccounts', StudioCMSOAuthAccounts);
diff --git a/packages/studiocms_core/src/helpers/routemap.ts b/packages/studiocms_core/src/helpers/routemap.ts
index f1406e0f3..c554990d4 100644
--- a/packages/studiocms_core/src/helpers/routemap.ts
+++ b/packages/studiocms_core/src/helpers/routemap.ts
@@ -31,6 +31,10 @@ export async function makeAPIDashboardRoute(route: string): Promise<string> {
 	return await urlGenFactory(true, `api/${route}`, dashboardRouteOverride);
 }
 
+export async function makeStudioCMSAPIRoute(route: string): Promise<string> {
+	return await urlGenFactory(false, `studiocms_api/${route}`);
+}
+
 export const StudioCMSRoutes = {
 	mainLinks: {
 		baseSiteURL: await makeNonDashboardRoute(),
@@ -44,30 +48,30 @@ export const StudioCMSRoutes = {
 	authLinks: {
 		loginURL: await makeDashboardRoute('login'),
 		logoutURL: await makeDashboardRoute('logout'),
-		signupURL: await makeDashboardRoute('signup/'),
-		loginAPI: await makeDashboardRoute('login/api/login'),
-		registerAPI: await makeDashboardRoute('login/api/register'),
-		githubIndex: await makeDashboardRoute('login/github'),
-		githubCallback: await makeDashboardRoute('login/github/callback'),
-		discordIndex: await makeDashboardRoute('login/discord'),
-		discordCallback: await makeDashboardRoute('login/discord/callback'),
-		googleIndex: await makeDashboardRoute('login/google'),
-		googleCallback: await makeDashboardRoute('login/google/callback'),
-		auth0Index: await makeDashboardRoute('login/auth0'),
-		auth0Callback: await makeDashboardRoute('login/auth0/callback'),
+		signupURL: await makeDashboardRoute('signup'),
+		loginAPI: await makeStudioCMSAPIRoute('auth/login'), // /studiocms_api/auth/login
+		registerAPI: await makeStudioCMSAPIRoute('auth/register'), // /studiocms_api/auth/register
+		githubIndex: await makeStudioCMSAPIRoute('auth/github'), // /studiocms_api/auth/github
+		githubCallback: await makeStudioCMSAPIRoute('auth/github/callback'), // /studiocms_api/auth/github/callback
+		discordIndex: await makeStudioCMSAPIRoute('auth/discord'), // /studiocms_api/auth/discord
+		discordCallback: await makeStudioCMSAPIRoute('auth/discord/callback'), // /studiocms_api/auth/discord/callback
+		googleIndex: await makeStudioCMSAPIRoute('auth/google'), // /studiocms_api/auth/google
+		googleCallback: await makeStudioCMSAPIRoute('auth/google/callback'), // /studiocms_api/auth/google/callback
+		auth0Index: await makeStudioCMSAPIRoute('auth/auth0'), // /studiocms_api/auth/auth0
+		auth0Callback: await makeStudioCMSAPIRoute('auth/auth0/callback'), // /studiocms_api/auth/auth0/callback
 	},
 	endpointLinks: {
 		partials: {
-			livePreviewBox: await makeAPIDashboardRoute('liverender'),
+			livePreviewBox: await makeAPIDashboardRoute('liverender'), // /studiocms_api/render/preview
 		},
 		config: {
-			siteConfig: await makeAPIDashboardRoute('config/site'),
-			adminConfig: await makeAPIDashboardRoute('config/admin'),
+			siteConfig: await makeAPIDashboardRoute('config/site'), // /studiocms_api/config/site
+			adminConfig: await makeAPIDashboardRoute('config/admin'), // /studiocms_api/config/admin
 		},
 		pages: {
-			createPages: await makeAPIDashboardRoute('pages/create'),
-			editPages: await makeAPIDashboardRoute('pages/edit'),
-			deletePages: await makeAPIDashboardRoute('pages/delete'),
+			createPages: await makeAPIDashboardRoute('pages/create'), // /studiocms_api/pages/create
+			editPages: await makeAPIDashboardRoute('pages/edit'), // /studiocms_api/pages/edit
+			deletePages: await makeAPIDashboardRoute('pages/delete'), // /studiocms_api/pages/delete
 		},
 	},
 };
diff --git a/packages/studiocms_core/src/schemas/config/auth.ts b/packages/studiocms_core/src/schemas/config/auth.ts
index 4df9a43b2..40c76738c 100644
--- a/packages/studiocms_core/src/schemas/config/auth.ts
+++ b/packages/studiocms_core/src/schemas/config/auth.ts
@@ -18,7 +18,7 @@ const localUsernameAndPasswordConfig = z
 export const authProviderSchema = z
 	.object({
 		/**
-		 * GitHub Auth Provider - Powered by Lucia
+		 * GitHub Auth Provider - Powered by Arctic
 		 *
 		 * Requires a GitHub OAuth App to be created and configured using ENV Variables
 		 *
@@ -26,7 +26,7 @@ export const authProviderSchema = z
 		 */
 		github: z.boolean().optional().default(true),
 		/**
-		 * Discord Auth Provider - Powered by Lucia
+		 * Discord Auth Provider - Powered by Arctic
 		 *
 		 * Requires a Discord OAuth App to be created and configured using ENV Variables
 		 *
@@ -34,7 +34,7 @@ export const authProviderSchema = z
 		 */
 		discord: z.boolean().optional().default(false),
 		/**
-		 * Google Auth Provider - Powered by Lucia
+		 * Google Auth Provider - Powered by Arctic
 		 *
 		 * Requires a Google OAuth App to be created and configured using ENV Variables
 		 *
@@ -42,7 +42,7 @@ export const authProviderSchema = z
 		 */
 		google: z.boolean().optional().default(false),
 		/**
-		 * Auth0 Auth Provider - Powered by Lucia
+		 * Auth0 Auth Provider - Powered by Arctic
 		 *
 		 * Requires an Auth0 Application to be created and configured using ENV Variables
 		 *
@@ -50,7 +50,7 @@ export const authProviderSchema = z
 		 */
 		auth0: z.boolean().optional().default(false),
 		/**
-		 * Username and Password Auth Provider - Powered by Lucia
+		 * Username and Password Auth Provider
 		 *
 		 */
 		usernameAndPassword: z.boolean().optional().default(true),
diff --git a/packages/studiocms_core/src/strings.ts b/packages/studiocms_core/src/strings.ts
index 2e968f6d7..e3c52828a 100644
--- a/packages/studiocms_core/src/strings.ts
+++ b/packages/studiocms_core/src/strings.ts
@@ -129,6 +129,10 @@ export const CheckENVStrings = {
 		ErrorMessage:
 			'The Following Auth0 Keys are Missing and are Required for the Auth0 Authentication to work:',
 	},
+	EncryptionMessages: {
+		CheckMessage: 'Checking Encryption Key...',
+		ErrorMessage: 'The CMS_ENCRYPTION_KEY is Missing and is Required for StudioCMS to work:',
+	},
 };
 
 export const authConfigStrings = {
diff --git a/packages/studiocms_core/src/types/auth-types.ts b/packages/studiocms_core/src/types/auth-types.ts
deleted file mode 100644
index f4dcab8ac..000000000
--- a/packages/studiocms_core/src/types/auth-types.ts
+++ /dev/null
@@ -1,30 +0,0 @@
-import type { ScryptOpts } from '@noble/hashes/scrypt';
-import type { Input } from '@noble/hashes/utils';
-
-/**
- * Username and Password Configuration Type
- */
-export type usernameAndPasswordConfig = {
-	salt: Input;
-	opts: ScryptOpts;
-};
-
-/**
- * Auth Configuration Type
- */
-export type ScryptOptsRemap = {
-	cpu_mem: number;
-	block_size: number;
-	parallelization: number;
-	output_key_length?: number;
-	asyncTick?: number;
-	max_mem?: number;
-};
-
-/**
- * Auth Configuration Map Type
- */
-export type AuthConfigMap = {
-	salt: string;
-	opts: ScryptOptsRemap;
-};
diff --git a/packages/studiocms_core/src/types/index.ts b/packages/studiocms_core/src/types/index.ts
index 71d3bd8ef..f29883d46 100644
--- a/packages/studiocms_core/src/types/index.ts
+++ b/packages/studiocms_core/src/types/index.ts
@@ -1,4 +1,3 @@
-export * from './auth-types';
 export * from './dbtypehelpers';
 export * from './pluginOptions';
 export * from './sideBarLinkType';
diff --git a/packages/studiocms_dashboard/package.json b/packages/studiocms_dashboard/package.json
index f96f38f25..4edc404a9 100644
--- a/packages/studiocms_dashboard/package.json
+++ b/packages/studiocms_dashboard/package.json
@@ -36,24 +36,26 @@
   },
   "type": "module",
   "dependencies": {
-    "@inox-tools/runtime-logger": "catalog:studiocms-shared",
-    "@matthiesenxyz/astrodtsbuilder": "catalog:studiocms-shared",
-    "@matthiesenxyz/integration-utils": "catalog:studiocms-shared",
-    "@matthiesenxyz/unocss-preset-daisyui": "catalog:studiocms-shared",
-    "@matthiesenxyz/astrolace": "catalog:studiocms-shared",
     "@studiocms/assets": "workspace:*",
     "@studiocms/betaresources": "workspace:*",
     "@studiocms/core": "workspace:*",
     "@studiocms/renderers": "workspace:*",
-    "@noble/hashes": "catalog:studiocms-shared",
-    "@unocss/astro": "catalog:studiocms-shared",
-    "@unocss/reset": "catalog:studiocms-shared",
     "astro-integration-kit": "catalog:",
+    "@inox-tools/runtime-logger": "catalog:studiocms-shared",
+    "@matthiesenxyz/astrodtsbuilder": "catalog:studiocms-shared",
+    "@matthiesenxyz/integration-utils": "catalog:studiocms-shared",
+
+    "@matthiesenxyz/unocss-preset-daisyui": "catalog:studiocms-shared",
+    "@matthiesenxyz/astrolace": "catalog:studiocms-shared",
     "daisyui": "catalog:studiocms-shared",
-    "unocss": "catalog:studiocms-shared"
+    "unocss": "catalog:studiocms-shared",
+    "@unocss/astro": "catalog:studiocms-shared",
+    "@unocss/reset": "catalog:studiocms-shared"
   },
   "peerDependencies": {
-    "astro": "catalog:min"
+    "astro": "catalog:min",
+    "@astrojs/db": "catalog:",
+    "@astrojs/web-vitals": "catalog:"
   },
   "devDependencies": {
     "vite": "catalog:",
diff --git a/packages/studiocms_dashboard/src/components/Header.astro b/packages/studiocms_dashboard/src/components/Header.astro
index 44ce1e11d..af4b63d2f 100644
--- a/packages/studiocms_dashboard/src/components/Header.astro
+++ b/packages/studiocms_dashboard/src/components/Header.astro
@@ -1,5 +1,5 @@
 ---
-import { authHelper } from 'studiocms:auth/helpers';
+import { getUserData } from 'studiocms:auth/lib/user';
 import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
 import { Avatar, Button, Divider, Drawer, IconButton } from '@matthiesenxyz/astrolace/components';
 import githubLogo from '@studiocms/assets/svgs/github-logo.svg';
@@ -8,6 +8,13 @@ import personFillIcon from '@studiocms/assets/svgs/person-fill.svg';
 import type { StudioCMSSocials } from '@studiocms/core/consts';
 import { SideBarMenu, ThemeToggleButton } from '../components';
 
+const user = await getUserData(Astro);
+
+const { permissionLevel, user: userData } = user;
+
+const name = userData?.name;
+const avatar = userData?.avatar;
+
 type Props = { studioCMSSocials: StudioCMSSocials };
 const {
 	studioCMSSocials: { github: githubURL },
@@ -15,7 +22,6 @@ const {
 const {
 	mainLinks: { dashboardIndex },
 } = StudioCMSRoutes;
-const { avatar, name, permissionLevel } = await authHelper(Astro.locals);
 
 let useName: string;
 
diff --git a/packages/studiocms_dashboard/src/components/PageListTable.astro b/packages/studiocms_dashboard/src/components/PageListTable.astro
index d06dc4d44..3f8c38498 100644
--- a/packages/studiocms_dashboard/src/components/PageListTable.astro
+++ b/packages/studiocms_dashboard/src/components/PageListTable.astro
@@ -54,7 +54,7 @@ const { permissionLevel, pages } = Astro.props;
                             </Button>
                         </td>
                         <td class="px-6 py-4">
-                            { permissionLevel === 'admin' && (
+                            { (permissionLevel === 'admin' || permissionLevel === 'owner') && (
                                 <Button variant="danger" href={await getDeleteRoute(page.id)} size="small" pill outline>
                                     Delete
                                 </Button> )
diff --git a/packages/studiocms_dashboard/src/components/SideBar.astro b/packages/studiocms_dashboard/src/components/SideBar.astro
index e3604829c..5f70fdb50 100644
--- a/packages/studiocms_dashboard/src/components/SideBar.astro
+++ b/packages/studiocms_dashboard/src/components/SideBar.astro
@@ -1,14 +1,27 @@
 ---
-import { authHelper } from 'studiocms:auth/helpers';
+// import { authHelper } from 'studiocms:auth/helpers';
 import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
 import { Avatar, Tooltip } from '@matthiesenxyz/astrolace/components';
 import personFillIcon from '@studiocms/assets/svgs/person-fill.svg';
 import type { StudioCMSSocials } from '@studiocms/core/consts';
 import { SideBarFooter, SideBarMenu } from '../components';
 
+import { getUserData } from 'studiocms:auth/lib/user';
+
+const user = await getUserData(Astro);
+
+// if (!user.user) {
+// 	return Astro.redirect(StudioCMSRoutes.authLinks.loginURL);
+// }
+
+const { permissionLevel, user: userData } = user;
+
+const name = userData?.name;
+const avatar = userData?.avatar;
+
 type Props = { studioCMSSocials: StudioCMSSocials };
 const { studioCMSSocials } = Astro.props as Props;
-const { avatar, name, permissionLevel } = await authHelper(Astro.locals);
+// const { avatar, name, permissionLevel } = await authHelper(Astro.locals);
 const {
 	mainLinks: { dashboardIndex },
 } = StudioCMSRoutes;
diff --git a/packages/studiocms_dashboard/src/components/SideBarMenu.astro b/packages/studiocms_dashboard/src/components/SideBarMenu.astro
index b36a69513..e3b1e7ea1 100644
--- a/packages/studiocms_dashboard/src/components/SideBarMenu.astro
+++ b/packages/studiocms_dashboard/src/components/SideBarMenu.astro
@@ -1,10 +1,13 @@
 ---
-import { authHelper } from 'studiocms:auth/helpers';
 import { StudioCMSRoutes, sideBarLinkMap } from 'studiocms:helpers/routemap';
 import Config from 'virtual:studiocms/config';
 import { Button, Details, Icon } from '@matthiesenxyz/astrolace/components';
 import boxArrowLeft from '@studiocms/assets/svgs/box-arrow-left.svg';
 
+import { getUserData, verifyUserPermissionLevel } from 'studiocms:auth/lib/user';
+
+const user = await getUserData(Astro);
+
 const {
 	dashboardConfig: {
 		developerConfig: { testingAndDemoMode },
@@ -14,18 +17,13 @@ const {
 	authLinks: { logoutURL },
 } = StudioCMSRoutes;
 const sideBarLinks = sideBarLinkMap;
-const { permissionLevel } = await authHelper(Astro.locals);
 ---
 
 <div class="menu menu-md grow shrink">
 
-    { sideBarLinks.map(({ id, href, text, minPermissionLevel, icon, type, dropdownItems }) => {
+    { sideBarLinks.map(async ({ id, href, text, minPermissionLevel, icon, type, dropdownItems }) => {
         if ( type === "link" ) {
-            if ( minPermissionLevel === "unknown" && ( 
-                permissionLevel === "unknown" || 
-                permissionLevel === "admin" || 
-                permissionLevel === "editor" || 
-                permissionLevel === "visitor" ) ) {
+            if ( minPermissionLevel === "unknown" && (await verifyUserPermissionLevel(user, "unknown"))) {
                 return (
                     <Button variant="default" size="medium" class="py-1" style="width: 100%; padding-right: 1rem; padding-left: 1rem;" id={id} href={href} outline >
                         <Icon slot="prefix" src={icon} />
@@ -33,10 +31,7 @@ const { permissionLevel } = await authHelper(Astro.locals);
                     </Button>
                 );
             }
-            if ( minPermissionLevel === "visitor" && ( 
-                permissionLevel === "admin" || 
-                permissionLevel === "editor" || 
-                permissionLevel === "visitor" ) ) {
+            if ( minPermissionLevel === "visitor" && (await verifyUserPermissionLevel(user, "visitor")) ) {
                 return (
                     <Button variant="success" size="medium" class="py-1" style="width: 100%; padding-right: 1rem; padding-left: 1rem;" id={id} href={href} outline >
                         <Icon slot="prefix" src={icon} />
@@ -47,10 +42,7 @@ const { permissionLevel } = await authHelper(Astro.locals);
             if ((
                 testingAndDemoMode || 
                 minPermissionLevel === "editor"
-                ) && (
-                permissionLevel === "editor" || 
-                permissionLevel === "admin" || 
-                testingAndDemoMode )) {
+                ) && (await verifyUserPermissionLevel(user, "editor")) || testingAndDemoMode) {
                 return (
                     <Button variant="primary" size="medium" class="py-1" style="width: 100%; padding-right: 1rem; padding-left: 1rem;" id={id} href={href} outline >
                         <Icon slot="prefix" src={icon} />
@@ -61,9 +53,7 @@ const { permissionLevel } = await authHelper(Astro.locals);
             if (( 
                 testingAndDemoMode || 
                 minPermissionLevel === "admin" 
-                ) && ( 
-                permissionLevel === "admin" || 
-                testingAndDemoMode )) {
+                ) && (await verifyUserPermissionLevel(user, "admin")) || testingAndDemoMode) {
                 return (
                     <Button variant="warning" size="medium" class="py-1" style="width: 100%; padding-right: 1rem; padding-left: 1rem;" id={id} href={href} outline >
                         <Icon slot="prefix" src={icon} />
@@ -74,24 +64,16 @@ const { permissionLevel } = await authHelper(Astro.locals);
         }
 
         if ( type === "dropdown" ) {
-            if ( minPermissionLevel === "unknown" && ( 
-                permissionLevel === "unknown" || 
-                permissionLevel === "admin" || 
-                permissionLevel === "editor" || 
-                permissionLevel === "visitor" ) ) {
+            if ( minPermissionLevel === "unknown" && (await verifyUserPermissionLevel(user, "unknown")) ) {
                 return (
                     <Details style="width: 100%; padding-right: 1rem; padding-left: 1rem;">
                         <div class="py-3 text-base" slot="summary" id={id}>
                         <Icon slot="prefix" class="inline" src={icon}/>{text}</div>
 
                         { 
-                            dropdownItems && dropdownItems.length > 0 && dropdownItems.map(({ id, href, text, minPermissionLevel, icon, type, }) => {
+                            dropdownItems && dropdownItems.length > 0 && dropdownItems.map(async ({ id, href, text, minPermissionLevel, icon, type, }) => {
                                 if ( type === "link" ) {
-                                    if ( minPermissionLevel === "unknown" && ( 
-                                        permissionLevel === "unknown" || 
-                                        permissionLevel === "admin" || 
-                                        permissionLevel === "editor" || 
-                                        permissionLevel === "visitor" ) ) {
+                                    if ( minPermissionLevel === "unknown" && (await verifyUserPermissionLevel(user, "unknown")) || testingAndDemoMode) {
                                         return (
                                             <Button 
                                                 variant="default" 
@@ -109,10 +91,7 @@ const { permissionLevel } = await authHelper(Astro.locals);
                                     if ((
                                         testingAndDemoMode || 
                                         minPermissionLevel === "editor"
-                                        ) && (
-                                        permissionLevel === "editor" || 
-                                        permissionLevel === "admin" || 
-                                        testingAndDemoMode )) {
+                                        ) && (await verifyUserPermissionLevel(user, "editor")) || testingAndDemoMode) {
                                         return (
                                             <Button 
                                                 variant="default" 
@@ -130,9 +109,7 @@ const { permissionLevel } = await authHelper(Astro.locals);
                                     if (( 
                                         testingAndDemoMode || 
                                         minPermissionLevel === "admin" 
-                                        ) && ( 
-                                        permissionLevel === "admin" || 
-                                        testingAndDemoMode )) {
+                                        ) && (await verifyUserPermissionLevel(user, "admin")) || testingAndDemoMode) {
                                         return (
                                             <Button 
                                                 variant="default" 
@@ -157,22 +134,15 @@ const { permissionLevel } = await authHelper(Astro.locals);
             if ((
                 testingAndDemoMode || 
                 minPermissionLevel === "editor"
-                ) && (
-                permissionLevel === "editor" || 
-                permissionLevel === "admin" || 
-                testingAndDemoMode )) {
+                ) && (await verifyUserPermissionLevel(user, "editor")) || testingAndDemoMode) {
                 return (
                     <Details style="width: 100%; padding-right: 1rem; padding-left: 1rem;">
                         <div class="py-3 text-base flex items-center" slot="summary" id={id}>
                         <Icon class="px-2 object-center" src={icon}/> {text}</div>
                         { 
-                            dropdownItems && dropdownItems.length > 0 && dropdownItems.map(({ id, href, text, minPermissionLevel, icon, type, }) => {
+                            dropdownItems && dropdownItems.length > 0 && dropdownItems.map(async ({ id, href, text, minPermissionLevel, icon, type, }) => {
                                 if ( type === "link" ) {
-                                    if ( minPermissionLevel === "unknown" && ( 
-                                        permissionLevel === "unknown" || 
-                                        permissionLevel === "admin" || 
-                                        permissionLevel === "editor" || 
-                                        permissionLevel === "visitor" ) ) {
+                                    if ( minPermissionLevel === "unknown" && (await verifyUserPermissionLevel(user, "unknown")) || testingAndDemoMode) {
                                         return (
                                             <Button variant="default" size="medium" class="py-1" style="width: 100%; padding-right: 1rem; padding-left: 1rem;" id={id} href={href}>
                                                 <Icon slot="prefix" src={icon} />
@@ -183,10 +153,7 @@ const { permissionLevel } = await authHelper(Astro.locals);
                                     if ((
                                         testingAndDemoMode || 
                                         minPermissionLevel === "editor"
-                                        ) && (
-                                        permissionLevel === "editor" || 
-                                        permissionLevel === "admin" || 
-                                        testingAndDemoMode )) {
+                                        ) && (await verifyUserPermissionLevel(user, "editor")) || testingAndDemoMode) {
                                         return (
                                             <Button variant="default" size="medium" class="py-1" style="width: 100%; padding-right: 1rem; padding-left: 1rem;" id={id} href={href}>
                                                 <Icon slot="prefix" src={icon} />
@@ -197,9 +164,7 @@ const { permissionLevel } = await authHelper(Astro.locals);
                                     if (( 
                                         testingAndDemoMode || 
                                         minPermissionLevel === "admin" 
-                                        ) && ( 
-                                        permissionLevel === "admin" || 
-                                        testingAndDemoMode )) {
+                                        ) && (await verifyUserPermissionLevel(user, "admin")) || testingAndDemoMode) {
                                         return (
                                             <Button variant="default" size="medium" class="py-1" style="width: 100%; padding-right: 1rem; padding-left: 1rem;" id={id} href={href}>
                                                 <Icon slot="prefix" src={icon} />
@@ -217,21 +182,15 @@ const { permissionLevel } = await authHelper(Astro.locals);
             if (( 
                 testingAndDemoMode || 
                 minPermissionLevel === "admin" 
-                ) && ( 
-                permissionLevel === "admin" || 
-                testingAndDemoMode )) {
+                ) && (await verifyUserPermissionLevel(user, "admin")) || testingAndDemoMode) {
                 return (
                     <Details style="width: 100%; padding-right: 1rem; padding-left: 1rem;">
                         <div class="py-3 text-base flex items-center" slot="summary" id={id}>
                         <Icon slot="prefix" class="align-text-center inline" src={icon} />{text}</div>
                         { 
-                            dropdownItems && dropdownItems.length > 0 && dropdownItems.map(({ id, href, text, minPermissionLevel, icon, type, }) => {
+                            dropdownItems && dropdownItems.length > 0 && dropdownItems.map(async ({ id, href, text, minPermissionLevel, icon, type, }) => {
                                 if ( type === "link" ) {
-                                    if ( minPermissionLevel === "unknown" && ( 
-                                        permissionLevel === "unknown" || 
-                                        permissionLevel === "admin" || 
-                                        permissionLevel === "editor" || 
-                                        permissionLevel === "visitor" ) ) {
+                                    if ( minPermissionLevel === "unknown" && (await verifyUserPermissionLevel(user, "unknown")) || testingAndDemoMode ) {
                                         return (
                                             <Button variant="default" size="medium" class="py-1" style="width: 100%; padding-right: 1rem; padding-left: 1rem;" id={id} href={href}>
                                                 <Icon slot="prefix" src={icon} />
@@ -242,10 +201,7 @@ const { permissionLevel } = await authHelper(Astro.locals);
                                     if ((
                                         testingAndDemoMode || 
                                         minPermissionLevel === "editor"
-                                        ) && (
-                                        permissionLevel === "editor" || 
-                                        permissionLevel === "admin" || 
-                                        testingAndDemoMode )) {
+                                        ) && (await verifyUserPermissionLevel(user, "editor")) || testingAndDemoMode) {
                                         return (
                                             <Button variant="default" size="medium" class="py-1" style="width: 100%; padding-right: 1rem; padding-left: 1rem;" id={id} href={href}>
                                                 <Icon slot="prefix" src={icon} />
@@ -256,9 +212,7 @@ const { permissionLevel } = await authHelper(Astro.locals);
                                     if (( 
                                         testingAndDemoMode || 
                                         minPermissionLevel === "admin" 
-                                        ) && ( 
-                                        permissionLevel === "admin" || 
-                                        testingAndDemoMode )) {
+                                        ) && (await verifyUserPermissionLevel(user, "admin")) || testingAndDemoMode) {
                                         return (
                                             <Button variant="default" size="medium" class="py-1" style="width: 100%; padding-right: 1rem; padding-left: 1rem;" id={id} href={href}>
                                                 <Icon slot="prefix" src={icon} />
diff --git a/packages/studiocms_dashboard/src/firstTimeSetupRoutes/main.astro b/packages/studiocms_dashboard/src/firstTimeSetupRoutes/main.astro
index 29aeee9ca..952ac7a2f 100644
--- a/packages/studiocms_dashboard/src/firstTimeSetupRoutes/main.astro
+++ b/packages/studiocms_dashboard/src/firstTimeSetupRoutes/main.astro
@@ -60,18 +60,18 @@ import { makePageTitle } from '../utils';
 
             <Divider />
 
-            <Input name="og-image" id="og-image" label="OG Image URL" placeholder="Coming Soon" disabled />
+            <Input name="og-image" id="og-image" label="OG Image URL" placeholder="Coming Soon" />
 
             <Divider />
 
-            <Switch name="local-setup" id="local-setup" value="1" size="medium" help-text="Would you like to setup a local Admin User or OAuth User?">
+            <Switch name="local-setup" id="local-setup" value="1" checked size="medium" help-text="Would you like to setup a local Admin User or OAuth User?">
               <div class="textlabelinput">
                 <Icon src={personExclamation.src} />
-                Setup Local Admin User?
+                Setup Local Admin User? (OAuth system disabled)
               </div>
             </Switch>
             
-            <Details id="local-admin">
+            <Details id="local-admin" open>
               <div class="textlabelinput" slot="summary">
                 <Icon src={personAdd.src} /> 
                 Local Admin Setup
@@ -85,10 +85,14 @@ import { makePageTitle } from '../utils';
 
               <Divider />
 
+              <Input name="local-admin-email" id="local-admin-email" label="Email for Primary Admin" />
+
+              <Divider />
+
               <Input type="password" name="local-admin-password" id="local-admin-password" label="Password" password-toggle />
             </Details>
 
-            <Details id="oauth-admin" open>
+            <Details id="oauth-admin" disabled>
               <div class="textlabelinput" slot="summary"><Icon src={personRolodex.src} /> oAuth Admin Setup</div>
               <Input name="oauth-admin-name" id="oauth-admin-name" placeholder="Username of Primary Admin (ex. GithubUsername)" label='Username of Primary Admin (ex. GithubUsername)' helpText='( Just set one, You can add more later )' />
             </Details>
diff --git a/packages/studiocms_dashboard/src/routes/api/config/admin.ts b/packages/studiocms_dashboard/src/routes/api/config/admin.ts
index c7ce0c37f..170e9d7ab 100644
--- a/packages/studiocms_dashboard/src/routes/api/config/admin.ts
+++ b/packages/studiocms_dashboard/src/routes/api/config/admin.ts
@@ -1,11 +1,13 @@
 import { logger } from '@it-astro:logger:studiocms-dashboard';
 import { db } from 'astro:db';
-import { authHelper } from 'studiocms:auth/helpers';
+// import { authHelper } from 'studiocms:auth/helpers';
 import Config from 'virtual:studiocms/config';
 import { tsPermissions } from '@studiocms/core/db/tsTables';
 import type { APIContext } from 'astro';
 import { simpleResponse } from '../../../utils/simpleResponse';
 
+import { getUserData } from 'studiocms:auth/lib/user';
+
 const {
 	dashboardConfig: {
 		developerConfig: { testingAndDemoMode },
@@ -20,16 +22,17 @@ export async function POST(context: APIContext): Promise<Response> {
 	}
 
 	// Map Locals
-	const locals = context.locals;
+	// const locals = context.locals;
+	const userdata = await getUserData(context);
 
 	// Check if user is logged in
-	if (!locals.isLoggedIn) {
+	if (!userdata.isLoggedIn) {
 		return simpleResponse(403, 'Unauthorized');
 	}
 
 	// Check if user has permission
-	if (locals.isLoggedIn) {
-		const { permissionLevel } = await authHelper(locals);
+	if (userdata.isLoggedIn) {
+		const { permissionLevel } = userdata;
 		if (permissionLevel !== 'admin') {
 			return simpleResponse(403, 'Unauthorized');
 		}
@@ -49,7 +52,7 @@ export async function POST(context: APIContext): Promise<Response> {
 	// Check if User already exists
 	const currentAdmins = await db.select().from(tsPermissions);
 	for (const admin of currentAdmins) {
-		if (admin.username === newUser) {
+		if (admin.user === newUser) {
 			logger.error('Admin already exists');
 			return simpleResponse(400, 'Admin already exists');
 		}
@@ -57,7 +60,7 @@ export async function POST(context: APIContext): Promise<Response> {
 
 	// Update Database
 	try {
-		await db.insert(tsPermissions).values({ username: newUser, rank: rank }).returning();
+		await db.insert(tsPermissions).values({ user: newUser, rank: rank }).returning();
 	} catch (error) {
 		// Log error
 		if (error instanceof Error) {
diff --git a/packages/studiocms_dashboard/src/routes/api/config/site.ts b/packages/studiocms_dashboard/src/routes/api/config/site.ts
index 1c83c262f..42fd2e6ef 100644
--- a/packages/studiocms_dashboard/src/routes/api/config/site.ts
+++ b/packages/studiocms_dashboard/src/routes/api/config/site.ts
@@ -1,10 +1,12 @@
 import { logger } from '@it-astro:logger:studiocms-dashboard';
-import { authHelper } from 'studiocms:auth/helpers';
+// import { authHelper } from 'studiocms:auth/helpers';
 import Config from 'virtual:studiocms/config';
 import type { APIContext } from 'astro';
 import { astroDb } from '../../../utils/astroDb';
 import { simpleResponse } from '../../../utils/simpleResponse';
 
+import { getUserData } from 'studiocms:auth/lib/user';
+
 const {
 	dashboardConfig: {
 		developerConfig: { testingAndDemoMode },
@@ -19,16 +21,17 @@ export async function POST(context: APIContext): Promise<Response> {
 	}
 
 	// Map Locals
-	const locals = context.locals;
+	// const locals = context.locals;
+	const userdata = await getUserData(context);
 
 	// Check if user is logged in
-	if (!locals.isLoggedIn) {
+	if (!userdata.isLoggedIn) {
 		return simpleResponse(403, 'Unauthorized');
 	}
 
 	// Check if user has permission
-	if (locals.isLoggedIn) {
-		const { permissionLevel } = await authHelper(locals);
+	if (userdata.isLoggedIn) {
+		const { permissionLevel } = userdata;
 		if (permissionLevel !== 'admin') {
 			return simpleResponse(403, 'Unauthorized');
 		}
diff --git a/packages/studiocms_dashboard/src/routes/api/firstTimeSetup.ts b/packages/studiocms_dashboard/src/routes/api/firstTimeSetup.ts
index 4ed9ed960..04ad1b376 100644
--- a/packages/studiocms_dashboard/src/routes/api/firstTimeSetup.ts
+++ b/packages/studiocms_dashboard/src/routes/api/firstTimeSetup.ts
@@ -1,129 +1,142 @@
-import { randomUUID } from 'node:crypto';
 import { db, eq } from 'astro:db';
-import AuthSecurityConfig from 'studiocms:auth/config';
-import { checkIfUnsafe } from '@matthiesenxyz/integration-utils/securityUtils';
-import { scryptAsync } from '@noble/hashes/scrypt';
+import { verifyPasswordStrength } from 'studiocms:auth/lib/password';
+import { createLocalUser, verifyUsernameInput } from 'studiocms:auth/lib/user';
 import { CMSSiteConfigId } from '@studiocms/core/consts';
 import {
 	tsPageContent,
 	tsPageData,
 	tsPermissions,
 	tsSiteConfig,
-	tsUsers,
 } from '@studiocms/core/db/tsTables';
 import type { APIContext } from 'astro';
 
-const { salt: ScryptSalt, opts: ScryptOpts } = AuthSecurityConfig;
+function parseFormDataEntryToString(formData: FormData, key: string): string | null {
+	const value = formData.get(key);
+	if (typeof value !== 'string') {
+		return null;
+	}
+	return value;
+}
+
+function parseFormDataBoolean(formData: FormData, key: string): boolean {
+	const value = formData.get(key);
+	if (typeof value === 'string' && value === '1') {
+		return true;
+	}
+	return false;
+}
+
+const HERO_IMAGE =
+	'https://images.unsplash.com/photo-1707343843982-f8275f3994c5?q=80&w=1032&auto=format&fit=crop&ixlib=rb-4.0.3&ixid=M3wxMjA3fDF8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8fA%3D%3D';
+const LOREM_IPSUM =
+	'## Hello World \nLorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.';
 
 export async function POST(context: APIContext): Promise<Response> {
+	// Get the form data
 	const formData = await context.request.formData();
 
-	const setupLocalAdmin = formData.get('local-setup');
-
-	if (setupLocalAdmin === '1') {
-		const username = formData.get('local-admin-name')?.toString();
-		// username must be between 3 ~ 31 characters, and only consists of lowercase letters, 0-9, -, and _
-		// keep in mind some database (e.g. mysql) are case insensitive
-		if (
-			typeof username !== 'string' ||
-			username.length < 3 ||
-			username.length > 31 ||
-			!/^[a-z0-9_-]+$/.test(username) ||
-			checkIfUnsafe(username).username()
-		) {
+	// Parse the form data
+	const setupLocalAdmin = parseFormDataBoolean(formData, 'local-setup');
+	const title = parseFormDataEntryToString(formData, 'title');
+	const description = parseFormDataEntryToString(formData, 'description');
+	const ogImage = parseFormDataEntryToString(formData, 'ogImage');
+	const username = parseFormDataEntryToString(formData, 'local-admin-name');
+	const password = parseFormDataEntryToString(formData, 'local-admin-password');
+	const name = parseFormDataEntryToString(formData, 'local-admin-display-name');
+	const email = parseFormDataEntryToString(formData, 'local-admin-email') || 'admin@example.com';
+	const oAuthAdmin = parseFormDataEntryToString(formData, 'oauth-admin-name');
+
+	// Set the default og image to the hero image if not provided
+	const DefaultHeroOrUserSetOgImage = ogImage || HERO_IMAGE;
+
+	// Generate the page IDs
+	const homePageID = crypto.randomUUID();
+	const aboutPageID = crypto.randomUUID();
+
+	if (!title || !description) {
+		return new Response(
+			JSON.stringify({
+				error: 'Missing Data: Title and Description are required',
+			}),
+			{
+				status: 400,
+			}
+		);
+	}
+
+	if (setupLocalAdmin) {
+		if (!username || !password || !name) {
 			return new Response(
 				JSON.stringify({
-					error: 'Invalid username',
+					error: 'Missing Data',
 				}),
 				{
 					status: 400,
 				}
 			);
 		}
-		const password = formData.get('local-admin-password');
-		if (
-			typeof password !== 'string' ||
-			password.length < 6 ||
-			password.length > 255 ||
-			checkIfUnsafe(password).password()
-		) {
+
+		if (verifyUsernameInput(username) !== true) {
 			return new Response(
 				JSON.stringify({
-					error: 'Invalid password',
+					error:
+						'Invalid Username: Username must be between 3 and 20 characters, only contain lowercase letters, numbers, -, and _ as well as not be a commonly used username (admin, root, etc.)',
 				}),
 				{
 					status: 400,
 				}
 			);
 		}
-		const name = formData.get('local-admin-display-name');
-
-		const existingUser = await db
-			.select()
-			.from(tsUsers)
-			.where(eq(tsUsers.username, username))
-			.get();
 
-		if (existingUser) {
+		if ((await verifyPasswordStrength(password)) !== true) {
 			return new Response(
 				JSON.stringify({
-					error: 'User Error',
+					error:
+						'Invalid Password: Password must be between 6 and 255 characters, not be a known unsafe password, and not be in the pwned password database',
 				}),
 				{
 					status: 400,
 				}
 			);
 		}
-		const newCreatedUser = await db
-			.insert(tsUsers)
-			.values({
-				id: randomUUID(),
-				name: name as string,
-				username,
-			})
-			.returning({ id: tsUsers.id })
-			.get();
-
-		const serverToken = await scryptAsync(newCreatedUser.id, ScryptSalt, ScryptOpts);
-		const newUser = await db.select().from(tsUsers).where(eq(tsUsers.username, username)).get();
-		const hashedPassword = await scryptAsync(password, serverToken, ScryptOpts);
-		const hashedPasswordString = Buffer.from(hashedPassword.buffer).toString();
-
-		if (!newUser) {
+
+		try {
+			// Create the new user
+			const newUser = await createLocalUser(name, username, email, password);
+
+			// Insert the new user into the permissions table
+			await db.insert(tsPermissions).values({
+				user: newUser.id,
+				rank: 'owner',
+			});
+		} catch (error) {
 			return new Response(
 				JSON.stringify({
-					error: 'User Error',
+					error: 'Error creating user',
 				}),
 				{
 					status: 400,
 				}
 			);
 		}
-
-		await db
-			.update(tsUsers)
-			.set({
-				password: hashedPasswordString,
-			})
-			.where(eq(tsUsers.id, newUser.id));
-
-		await db.insert(tsPermissions).values({
-			username: username,
-			rank: 'admin',
-		});
 	} else {
-		const oAuthAdmin = formData.get('oauth-admin-name');
-
-		await db.insert(tsPermissions).values({
-			username: oAuthAdmin as string,
-			rank: 'admin',
-		});
+		if (!oAuthAdmin || oAuthAdmin) {
+			return new Response(
+				JSON.stringify({
+					error: 'oAuth Admin setup not yet implemented',
+				}),
+				{
+					status: 400,
+				}
+			);
+		}
+		// TODO: Implement new OAuth admin setup
+		// await db.insert(tsPermissions).values({
+		// 	username: oAuthAdmin as string,
+		// 	rank: 'admin',
+		// });
 	}
 
-	const title = formData.get('title');
-	const description = formData.get('description');
-	// const ogImage = formData.get('ogImage'); // TODO: Implement this
-
 	const Config = await db
 		.select()
 		.from(tsSiteConfig)
@@ -133,7 +146,8 @@ export async function POST(context: APIContext): Promise<Response> {
 	if (Config) {
 		return new Response(
 			JSON.stringify({
-				error: 'Config Error: Already Exists',
+				error:
+					'Config already exists, please delete the existing config to run setup again. Or create a new database.',
 			}),
 			{
 				status: 400,
@@ -145,8 +159,9 @@ export async function POST(context: APIContext): Promise<Response> {
 	await db
 		.insert(tsSiteConfig)
 		.values({
-			title: title as string,
-			description: description as string,
+			title: title,
+			description: description,
+			defaultOgImage: DefaultHeroOrUserSetOgImage,
 		})
 		.catch(() => {
 			return new Response(
@@ -159,59 +174,52 @@ export async function POST(context: APIContext): Promise<Response> {
 			);
 		});
 
-	const HERO_IMAGE =
-		'https://images.unsplash.com/photo-1707343843982-f8275f3994c5?q=80&w=1032&auto=format&fit=crop&ixlib=rb-4.0.3&ixid=M3wxMjA3fDF8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8fA%3D%3D';
-	const LOREM_IPSUM =
-		'## Hello World \nLorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.';
-
-	await db.insert(tsPageData).values([
-		{
-			id: randomUUID(),
-			title: 'Home',
-			slug: 'index',
-			showOnNav: true,
-			contentLang: 'default',
-			description: 'Index page',
-			heroImage: HERO_IMAGE,
-		},
-		{
-			id: randomUUID(),
-			title: 'About',
-			slug: 'about',
-			showOnNav: true,
-			contentLang: 'default',
-			description: 'About page',
-			heroImage: HERO_IMAGE,
-		},
-	]);
-
-	const index = await db.select().from(tsPageData).where(eq(tsPageData.slug, 'index')).get();
-	const about = await db.select().from(tsPageData).where(eq(tsPageData.slug, 'about')).get();
-
-	if (!index || !about) {
-		return new Response(
-			JSON.stringify({
-				error: 'Page Data Error',
-			}),
+	await db
+		.insert(tsPageData)
+		.values([
 			{
-				status: 400,
-			}
-		);
-	}
+				id: homePageID,
+				title: 'Home',
+				slug: 'index',
+				showOnNav: true,
+				contentLang: 'default',
+				description: 'Index page',
+				heroImage: DefaultHeroOrUserSetOgImage,
+			},
+			{
+				id: aboutPageID,
+				title: 'About',
+				slug: 'about',
+				showOnNav: true,
+				contentLang: 'default',
+				description: 'About page',
+				heroImage: DefaultHeroOrUserSetOgImage,
+			},
+		])
+		.catch(() => {
+			return new Response(
+				JSON.stringify({
+					error: 'Page Data Error',
+				}),
+				{
+					status: 400,
+				}
+			);
+		});
 
 	// Insert Page Content
 	await db
 		.insert(tsPageContent)
 		.values([
 			{
-				id: randomUUID(),
-				contentId: index.id,
+				id: crypto.randomUUID(),
+				contentId: homePageID,
 				contentLang: 'default',
 				content: LOREM_IPSUM,
 			},
 			{
-				id: randomUUID(),
-				contentId: about.id,
+				id: crypto.randomUUID(),
+				contentId: aboutPageID,
 				contentLang: 'default',
 				content: LOREM_IPSUM,
 			},
diff --git a/packages/studiocms_dashboard/src/routes/api/pages/create.ts b/packages/studiocms_dashboard/src/routes/api/pages/create.ts
index b78afc037..ced1f6cba 100644
--- a/packages/studiocms_dashboard/src/routes/api/pages/create.ts
+++ b/packages/studiocms_dashboard/src/routes/api/pages/create.ts
@@ -1,10 +1,12 @@
 import { logger } from '@it-astro:logger:studiocms-dashboard';
-import { authHelper } from 'studiocms:auth/helpers';
+// import { authHelper } from 'studiocms:auth/helpers';
 import Config from 'virtual:studiocms/config';
 import type { APIContext } from 'astro';
 import { astroDb } from '../../../utils/astroDb';
 import { simpleResponse } from '../../../utils/simpleResponse';
 
+import { getUserData } from 'studiocms:auth/lib/user';
+
 const {
 	dashboardConfig: {
 		developerConfig: { testingAndDemoMode },
@@ -19,16 +21,17 @@ export async function POST(context: APIContext): Promise<Response> {
 	}
 
 	// Map Locals
-	const locals = context.locals;
+	// const locals = context.locals;
+	const userdata = await getUserData(context);
 
 	// Check if user is logged in
-	if (!locals.isLoggedIn) {
+	if (!userdata.isLoggedIn) {
 		return simpleResponse(403, 'Unauthorized');
 	}
 
 	// Check if user has permission
-	if (locals.isLoggedIn) {
-		const { permissionLevel } = await authHelper(locals);
+	if (userdata.isLoggedIn) {
+		const { permissionLevel } = userdata;
 		if (permissionLevel !== 'admin' && permissionLevel !== 'editor') {
 			return simpleResponse(403, 'Unauthorized');
 		}
diff --git a/packages/studiocms_dashboard/src/routes/api/pages/delete.ts b/packages/studiocms_dashboard/src/routes/api/pages/delete.ts
index 2ab7a3f8c..15fc2fdfb 100644
--- a/packages/studiocms_dashboard/src/routes/api/pages/delete.ts
+++ b/packages/studiocms_dashboard/src/routes/api/pages/delete.ts
@@ -1,10 +1,12 @@
 import { logger } from '@it-astro:logger:studiocms-dashboard';
-import { authHelper } from 'studiocms:auth/helpers';
+// import { authHelper } from 'studiocms:auth/helpers';
 import Config from 'virtual:studiocms/config';
 import type { APIContext } from 'astro';
 import { astroDb } from '../../../utils/astroDb';
 import { simpleResponse } from '../../../utils/simpleResponse';
 
+import { getUserData } from 'studiocms:auth/lib/user';
+
 const {
 	dashboardConfig: {
 		developerConfig: { testingAndDemoMode },
@@ -19,16 +21,17 @@ export async function POST(context: APIContext): Promise<Response> {
 	}
 
 	// Map Locals
-	const locals = context.locals;
+	// const locals = context.locals;
+	const userdata = await getUserData(context);
 
 	// Check if user is logged in
-	if (!locals.isLoggedIn) {
+	if (!userdata.isLoggedIn) {
 		return simpleResponse(403, 'Unauthorized');
 	}
 
 	// Check if user has permission
-	if (locals.isLoggedIn) {
-		const { permissionLevel } = await authHelper(locals);
+	if (userdata.isLoggedIn) {
+		const { permissionLevel } = userdata;
 		if (permissionLevel !== 'admin' && permissionLevel !== 'editor') {
 			return simpleResponse(403, 'Unauthorized');
 		}
diff --git a/packages/studiocms_dashboard/src/routes/api/pages/edit.ts b/packages/studiocms_dashboard/src/routes/api/pages/edit.ts
index 6eac6c111..fd1390503 100644
--- a/packages/studiocms_dashboard/src/routes/api/pages/edit.ts
+++ b/packages/studiocms_dashboard/src/routes/api/pages/edit.ts
@@ -1,10 +1,12 @@
 import { logger } from '@it-astro:logger:studiocms-dashboard';
-import { authHelper } from 'studiocms:auth/helpers';
+// import { authHelper } from 'studiocms:auth/helpers';
 import Config from 'virtual:studiocms/config';
 import type { APIContext } from 'astro';
 import { astroDb } from '../../../utils/astroDb';
 import { simpleResponse } from '../../../utils/simpleResponse';
 
+import { getUserData } from 'studiocms:auth/lib/user';
+
 const {
 	dashboardConfig: {
 		developerConfig: { testingAndDemoMode },
@@ -19,16 +21,17 @@ export async function POST(context: APIContext): Promise<Response> {
 	}
 
 	// Map Locals
-	const locals = context.locals;
+	// const locals = context.locals;
+	const userdata = await getUserData(context);
 
 	// Check if user is logged in
-	if (!locals.isLoggedIn) {
+	if (!userdata.isLoggedIn) {
 		return simpleResponse(403, 'Unauthorized');
 	}
 
 	// Check if user has permission
-	if (locals.isLoggedIn) {
-		const { permissionLevel } = await authHelper(locals);
+	if (userdata.isLoggedIn) {
+		const { permissionLevel } = userdata;
 		if (permissionLevel !== 'admin' && permissionLevel !== 'editor') {
 			return simpleResponse(403, 'Unauthorized');
 		}
diff --git a/packages/studiocms_dashboard/src/routes/configuration/admins.astro b/packages/studiocms_dashboard/src/routes/configuration/admins.astro
index 7058a5f8d..af95c53a3 100644
--- a/packages/studiocms_dashboard/src/routes/configuration/admins.astro
+++ b/packages/studiocms_dashboard/src/routes/configuration/admins.astro
@@ -1,6 +1,5 @@
 ---
 import { logger } from '@it-astro:logger:studiocms-dashboard';
-import { authHelper } from 'studiocms:auth/helpers';
 import { getPermissionsList, getSiteConfig } from 'studiocms:helpers/contentHelper';
 import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
 import {
@@ -19,6 +18,14 @@ import { Layout } from '../../components';
 import CrumbStack from '../../components/CrumbStack.astro';
 import { makePageTitle } from '../../utils/makePageTitle';
 
+import { getUserData, verifyUserPermissionLevel } from 'studiocms:auth/lib/user';
+
+const user = await getUserData(Astro);
+
+if (!user.user) {
+	return Astro.redirect(StudioCMSRoutes.authLinks.loginURL);
+}
+
 const {
 	mainLinks: { dashboardIndex, siteConfiguration, configurationAdmins },
 	endpointLinks: {
@@ -28,10 +35,9 @@ const {
 
 const adminList = await getPermissionsList();
 const contextConfig = await getSiteConfig();
-const { permissionLevel } = await authHelper(Astro.locals);
 
 // Check Permission Level
-if (permissionLevel !== 'admin') {
+if (!verifyUserPermissionLevel(user, 'admin')) {
 	logger.info('User is not an admin. Redirecting to profile page.');
 	return Astro.redirect(StudioCMSRoutes.mainLinks.userProfile);
 }
diff --git a/packages/studiocms_dashboard/src/routes/configuration/index.astro b/packages/studiocms_dashboard/src/routes/configuration/index.astro
index 1699a1864..9c5961bfd 100644
--- a/packages/studiocms_dashboard/src/routes/configuration/index.astro
+++ b/packages/studiocms_dashboard/src/routes/configuration/index.astro
@@ -1,6 +1,5 @@
 ---
 import { logger } from '@it-astro:logger:studiocms-dashboard';
-import { authHelper } from 'studiocms:auth/helpers';
 import { getSiteConfig } from 'studiocms:helpers/contentHelper';
 import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
 import { Alert, Button, Divider, Icon, Input } from '@matthiesenxyz/astrolace/components';
@@ -10,6 +9,14 @@ import { Layout } from '../../components';
 import CrumbStack from '../../components/CrumbStack.astro';
 import { makePageTitle } from '../../utils/makePageTitle';
 
+import { getUserData, verifyUserPermissionLevel } from 'studiocms:auth/lib/user';
+
+const user = await getUserData(Astro);
+
+if (!user.user) {
+	return Astro.redirect(StudioCMSRoutes.authLinks.loginURL);
+}
+
 const {
 	mainLinks: { dashboardIndex, siteConfiguration, configurationAdmins },
 	endpointLinks: {
@@ -18,10 +25,9 @@ const {
 } = StudioCMSRoutes;
 
 const contextConfig = await getSiteConfig();
-const { permissionLevel } = await authHelper(Astro.locals);
 
 // Check Permission Level
-if (permissionLevel !== 'admin') {
+if (!verifyUserPermissionLevel(user, 'admin')) {
 	logger.info('User is not an admin. Redirecting to profile page.');
 	return Astro.redirect(StudioCMSRoutes.mainLinks.userProfile);
 }
diff --git a/packages/studiocms_dashboard/src/routes/create-page.astro b/packages/studiocms_dashboard/src/routes/create-page.astro
index c08e46640..d306ddbd3 100644
--- a/packages/studiocms_dashboard/src/routes/create-page.astro
+++ b/packages/studiocms_dashboard/src/routes/create-page.astro
@@ -1,6 +1,5 @@
 ---
 import { logger } from '@it-astro:logger:studiocms-dashboard';
-import { authHelper } from 'studiocms:auth/helpers';
 import { getSiteConfig } from 'studiocms:helpers/contentHelper';
 import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
 import { Layout } from '../components';
@@ -8,6 +7,14 @@ import CrumbStack from '../components/CrumbStack.astro';
 import PageEditAndCreateForm from '../components/PageEditAndCreateForm.astro';
 import { makePageTitle } from '../utils/makePageTitle';
 
+import { getUserData, verifyUserPermissionLevel } from 'studiocms:auth/lib/user';
+
+const user = await getUserData(Astro);
+
+if (!user.user) {
+	return Astro.redirect(StudioCMSRoutes.authLinks.loginURL);
+}
+
 const {
 	mainLinks: { dashboardIndex, pageNew, pageEdit },
 	endpointLinks: {
@@ -17,10 +24,9 @@ const {
 } = StudioCMSRoutes;
 
 const contextConfig = await getSiteConfig();
-const { permissionLevel } = await authHelper(Astro.locals);
 
 // Check Permission Level
-if (permissionLevel !== 'admin' && permissionLevel !== 'editor') {
+if (!verifyUserPermissionLevel(user, 'editor')) {
 	logger.info('User is not an admin or editor. Redirecting to profile page.');
 	return Astro.redirect(StudioCMSRoutes.mainLinks.userProfile);
 }
diff --git a/packages/studiocms_dashboard/src/routes/delete-pages/[...id].astro b/packages/studiocms_dashboard/src/routes/delete-pages/[...id].astro
index f73d5ce7b..4f2649a14 100644
--- a/packages/studiocms_dashboard/src/routes/delete-pages/[...id].astro
+++ b/packages/studiocms_dashboard/src/routes/delete-pages/[...id].astro
@@ -1,6 +1,5 @@
 ---
 import { logger } from '@it-astro:logger:studiocms-dashboard';
-import { authHelper } from 'studiocms:auth/helpers';
 import { getPageById, getSiteConfig } from 'studiocms:helpers/contentHelper';
 import { StudioCMSRoutes, getDeleteRoute } from 'studiocms:helpers/routemap';
 import {
@@ -17,6 +16,14 @@ import { Layout } from '../../components';
 import CrumbStack from '../../components/CrumbStack.astro';
 import { makePageTitle } from '../../utils/makePageTitle';
 
+import { getUserData, verifyUserPermissionLevel } from 'studiocms:auth/lib/user';
+
+const user = await getUserData(Astro);
+
+if (!user.user) {
+	return Astro.redirect(StudioCMSRoutes.authLinks.loginURL);
+}
+
 const {
 	mainLinks: { dashboardIndex, pageEdit },
 	endpointLinks: {
@@ -37,10 +44,9 @@ if (!page) {
 }
 
 const deleteURL = await getDeleteRoute(id);
-const { permissionLevel } = await authHelper(Astro.locals);
 
 // Check Permission Level
-if (permissionLevel !== 'admin' && permissionLevel !== 'editor') {
+if (!verifyUserPermissionLevel(user, 'editor')) {
 	logger.info('User is not an admin or editor. Redirecting to profile page.');
 	return Astro.redirect(StudioCMSRoutes.mainLinks.userProfile);
 }
diff --git a/packages/studiocms_dashboard/src/routes/edit-pages/[...id].astro b/packages/studiocms_dashboard/src/routes/edit-pages/[...id].astro
index 96dbbea16..bd914740b 100644
--- a/packages/studiocms_dashboard/src/routes/edit-pages/[...id].astro
+++ b/packages/studiocms_dashboard/src/routes/edit-pages/[...id].astro
@@ -1,6 +1,5 @@
 ---
 import { logger } from '@it-astro:logger:studiocms-dashboard';
-import { authHelper } from 'studiocms:auth/helpers';
 import { getPageById, getSiteConfig } from 'studiocms:helpers/contentHelper';
 import { StudioCMSRoutes, getEditRoute } from 'studiocms:helpers/routemap';
 import { Layout } from '../../components';
@@ -8,6 +7,14 @@ import CrumbStack from '../../components/CrumbStack.astro';
 import PageEditAndCreateForm from '../../components/PageEditAndCreateForm.astro';
 import { makePageTitle } from '../../utils/makePageTitle';
 
+import { getUserData, verifyUserPermissionLevel } from 'studiocms:auth/lib/user';
+
+const user = await getUserData(Astro);
+
+if (!user.user) {
+	return Astro.redirect(StudioCMSRoutes.authLinks.loginURL);
+}
+
 const {
 	mainLinks: { dashboardIndex, pageEdit },
 	endpointLinks: {
@@ -29,10 +36,9 @@ if (!pageData.id) {
 }
 
 const editRoute = await getEditRoute(id);
-const { permissionLevel } = await authHelper(Astro.locals);
 
 // Check Permission Level
-if (permissionLevel !== 'admin' && permissionLevel !== 'editor') {
+if (!verifyUserPermissionLevel(user, 'editor')) {
 	logger.info('User is not an admin or editor. Redirecting to profile page.');
 	return Astro.redirect(StudioCMSRoutes.mainLinks.userProfile);
 }
diff --git a/packages/studiocms_dashboard/src/routes/index.astro b/packages/studiocms_dashboard/src/routes/index.astro
index 820a09e78..95518de42 100644
--- a/packages/studiocms_dashboard/src/routes/index.astro
+++ b/packages/studiocms_dashboard/src/routes/index.astro
@@ -1,7 +1,6 @@
 ---
 import { logger } from '@it-astro:logger:studiocms-dashboard';
 import { getWebVitals } from 'studiocms-dashboard:web-vitals';
-import { authHelper } from 'studiocms:auth/helpers';
 import { getSiteConfig } from 'studiocms:helpers/contentHelper';
 import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
 import { Alert, Card, Details, Divider, Icon } from '@matthiesenxyz/astrolace/components';
@@ -13,18 +12,25 @@ import DashboardButtons from '../components/DashboardButtons.astro';
 import WebVitalPanel from '../components/WebVitalPanel.astro';
 import { makePageTitle } from '../utils/makePageTitle';
 
+import { getUserData, verifyUserPermissionLevel } from 'studiocms:auth/lib/user';
+
+const user = await getUserData(Astro);
+
+if (!user.user) {
+	return Astro.redirect(StudioCMSRoutes.authLinks.loginURL);
+}
+
 const {
 	mainLinks: { dashboardIndex },
 } = StudioCMSRoutes;
 
 const contextConfig = await getSiteConfig();
-const { permissionLevel } = await authHelper(Astro.locals);
 
 // Get the web vitals
 const webVitals = await getWebVitals();
 
 // Check Permission Level
-if (permissionLevel !== 'admin' && permissionLevel !== 'editor') {
+if (!verifyUserPermissionLevel(user, 'editor')) {
 	logger.info('User is not an admin or editor. Redirecting to profile page.');
 	return Astro.redirect(StudioCMSRoutes.mainLinks.userProfile);
 }
diff --git a/packages/studiocms_dashboard/src/routes/page-list.astro b/packages/studiocms_dashboard/src/routes/page-list.astro
index 91041effc..155672693 100644
--- a/packages/studiocms_dashboard/src/routes/page-list.astro
+++ b/packages/studiocms_dashboard/src/routes/page-list.astro
@@ -1,6 +1,5 @@
 ---
 import { logger } from '@it-astro:logger:studiocms-dashboard';
-import { authHelper } from 'studiocms:auth/helpers';
 import { getPageList, getSiteConfig } from 'studiocms:helpers/contentHelper';
 import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
 import { Layout } from '../components';
@@ -8,16 +7,25 @@ import CrumbStack from '../components/CrumbStack.astro';
 import PageListTable from '../components/PageListTable.astro';
 import { makePageTitle } from '../utils';
 
+import { getUserData, verifyUserPermissionLevel } from 'studiocms:auth/lib/user';
+
+const user = await getUserData(Astro);
+
+if (!user.user) {
+	return Astro.redirect(StudioCMSRoutes.authLinks.loginURL);
+}
+
+const { permissionLevel } = user;
+
 const {
 	mainLinks: { dashboardIndex, pageEdit },
 } = StudioCMSRoutes;
 
 const contextConfig = await getSiteConfig();
 const pages = await getPageList();
-const { permissionLevel } = await authHelper(Astro.locals);
 
 // Check Permission Level
-if (permissionLevel !== 'admin' && permissionLevel !== 'editor') {
+if (!verifyUserPermissionLevel(user, 'editor')) {
 	logger.info('User is not an admin or editor. Redirecting to profile page.');
 	return Astro.redirect(StudioCMSRoutes.mainLinks.userProfile);
 }
diff --git a/packages/studiocms_dashboard/src/routes/profile.astro b/packages/studiocms_dashboard/src/routes/profile.astro
index 88a246f66..949cd8b0d 100644
--- a/packages/studiocms_dashboard/src/routes/profile.astro
+++ b/packages/studiocms_dashboard/src/routes/profile.astro
@@ -1,5 +1,4 @@
 ---
-import { authHelper } from 'studiocms:auth/helpers';
 import { getSiteConfig } from 'studiocms:helpers/contentHelper';
 import { StudioCMSRoutes } from 'studiocms:helpers/routemap';
 import { Card, Divider } from '@matthiesenxyz/astrolace/components';
@@ -8,14 +7,24 @@ import { Layout } from '../components';
 import CrumbStack from '../components/CrumbStack.astro';
 import { makePageTitle } from '../utils';
 
+import { getUserData } from 'studiocms:auth/lib/user';
+
+const user = await getUserData(Astro);
+
+if (!user.user) {
+	return Astro.redirect(StudioCMSRoutes.authLinks.loginURL);
+}
+
+const {
+	permissionLevel,
+	user: { name, username, url },
+} = user;
+
 const {
 	mainLinks: { dashboardIndex, userProfile },
 } = StudioCMSRoutes;
 
 const contextConfig = await getSiteConfig();
-const { permissionLevel, name, username, currentUserSession, githubURL } = await authHelper(
-	Astro.locals
-);
 ---
 
 <Layout 
@@ -49,17 +58,12 @@ const { permissionLevel, name, username, currentUserSession, githubURL } = await
                     <strong>Role:</strong> {toPascalCase(permissionLevel)}
                 </span>
                 <Divider />
-                { githubURL && (
+                { url && (
                     <span class="text-lg">
-                        <strong>GitHub:</strong> <a class="text-blue" href={githubURL}>{username}</a>
+                        <strong>Url:</strong> <a class="text-blue" href={url}>{url}</a>
                     </span>
                 <Divider />
                 )}
-                <span class="text-lg">
-                    { currentUserSession && (
-                        <><strong>Session Expires:</strong> {new Date(currentUserSession.expiresAt).toLocaleString()}</>
-                    ) } 
-                </span>
             </div>
         </Card>
 
diff --git a/packages/studiocms_dashboard/src/utils/webVital.ts b/packages/studiocms_dashboard/src/utils/webVital.ts
index 0b6722206..32b8680c3 100644
--- a/packages/studiocms_dashboard/src/utils/webVital.ts
+++ b/packages/studiocms_dashboard/src/utils/webVital.ts
@@ -1,5 +1,6 @@
 import { logger } from '@it-astro:logger:studiocms-dashboard';
-import { AstrojsWebVitals_Metric, db } from 'astro:db';
+import { column, db, defineTable } from 'astro:db';
+import { asDrizzleTable } from '@astrojs/db/utils';
 
 export type WebVitalsResponseItem = {
 	id: string;
@@ -11,26 +12,38 @@ export type WebVitalsResponseItem = {
 	timestamp: Date;
 };
 
-export async function getWebVitals(): Promise<WebVitalsResponseItem[]> {
-	// Check if AstrojsWebVitals exists
-	if (!AstrojsWebVitals_Metric) {
-		logger.warn(
-			'@astrojs/web-vitals table not found.  If you have not installed the package you can disregard this warning.'
-		);
-		return [] as WebVitalsResponseItem[];
-	}
+// Table definition from `@astrojs/web-vitals` db-config
+const Metric = defineTable({
+	columns: {
+		pathname: column.text(),
+		route: column.text(),
+		name: column.text(),
+		id: column.text({ primaryKey: true }),
+		value: column.number(),
+		rating: column.text(),
+		timestamp: column.date(),
+	},
+	deprecated: Boolean(process.env.DEPRECATE_WEB_VITALS) ?? false,
+});
 
+const tsMetric = asDrizzleTable('AstrojsWebVitals_Metric', Metric);
+
+export async function getWebVitals(): Promise<WebVitalsResponseItem[]> {
 	try {
-		// Execute the database query
-		const webVitals: WebVitalsResponseItem[] = await db.select().from(AstrojsWebVitals_Metric);
+		const AstroDB = await import('astro:db');
 
-		// Return the results if successful
-		return webVitals;
+		if ('AstrojsWebVitals_Metric' in AstroDB) {
+			if (AstroDB.AstrojsWebVitals_Metric) {
+				const webVitals = await db.select().from(tsMetric);
+				return webVitals as WebVitalsResponseItem[];
+			}
+		}
 	} catch (error) {
-		// Log the error for debugging purposes
 		logger.error(
 			`Error getting @astrojs/web-vitals table data.  If you have not installed the package you can disregard this error.\n - ${error}`
 		);
 		return [] as WebVitalsResponseItem[];
 	}
+
+	return [] as WebVitalsResponseItem[];
 }
diff --git a/packages/studiocms_dashboard/tsconfig.json b/packages/studiocms_dashboard/tsconfig.json
index a98360473..0d73211ac 100644
--- a/packages/studiocms_dashboard/tsconfig.json
+++ b/packages/studiocms_dashboard/tsconfig.json
@@ -38,7 +38,6 @@
   ],
   "include": [
     "./package.json",
-    "../../playgrounds/node/**/*",
     "../../playgrounds/node/.astro/**/*",
     "../studiocms_assets/**/*",
     "../studiocms_betaresources/**/*",
diff --git a/packages/studiocms_dashboard/virtuals.d.ts b/packages/studiocms_dashboard/virtuals.d.ts
index 31400319d..b178d6132 100644
--- a/packages/studiocms_dashboard/virtuals.d.ts
+++ b/packages/studiocms_dashboard/virtuals.d.ts
@@ -1,3 +1,5 @@
+/// <reference types="../studiocms_auth/virtuals.d.ts" />
+
 /**
  * # DEV TIP
  *
@@ -42,11 +44,6 @@ interface Window {
 	};
 }
 
-declare module 'studiocms:auth/config' {
-	const AuthSecurityConfig: import('@studiocms/core/types').usernameAndPasswordConfig;
-	export default AuthSecurityConfig;
-}
-
 declare module 'studiocms:components' {
 	export const Avatar: typeof import('@studiocms/core/components').Avatar;
 	export const FormattedDate: typeof import('@studiocms/core/components').FormattedDate;
diff --git a/packages/studiocms_devapps/package.json b/packages/studiocms_devapps/package.json
index f37ea6049..247c9e6b6 100644
--- a/packages/studiocms_devapps/package.json
+++ b/packages/studiocms_devapps/package.json
@@ -39,13 +39,13 @@
   "type": "module",
   "dependencies": {
     "@studiocms/core": "workspace:*",
-    "@libsql/client": "^0.14.0",
     "astro-integration-kit": "catalog:",
-    "cheerio": "^1.0.0",
-    "@types/cheerio": "^0.22.35",
-    "turndown": "^7.2.0",
-    "@types/turndown": "^5.0.5",
-    "html-entities": "^2.5.2"
+    "@libsql/client": "catalog:studiocms-devapps",
+    "cheerio": "catalog:studiocms-devapps",
+    "@types/cheerio": "catalog:studiocms-devapps",
+    "turndown": "catalog:studiocms-devapps",
+    "@types/turndown": "catalog:studiocms-devapps",
+    "html-entities": "catalog:studiocms-devapps"
   },
   "peerDependencies": {
     "@astrojs/db": "catalog:min",
diff --git a/packages/studiocms_renderers/package.json b/packages/studiocms_renderers/package.json
index 55771f302..daaead392 100644
--- a/packages/studiocms_renderers/package.json
+++ b/packages/studiocms_renderers/package.json
@@ -38,30 +38,30 @@
   },
   "type": "module",
   "dependencies": {
+    "@studiocms/core": "workspace:*",
+    "astro-integration-kit": "catalog:",
     "@astrojs/markdown-remark": "catalog:",
     "@inox-tools/runtime-logger": "catalog:studiocms-shared",
     "@matthiesenxyz/astrodtsbuilder": "catalog:studiocms-shared",
     "@matthiesenxyz/integration-utils": "catalog:studiocms-shared",
-    "@markdoc/markdoc": "catalog:studiocms-shared",
+    "@markdoc/markdoc": "catalog:studiocms-renderer",
     "@mdx-js/mdx": "catalog:studiocms-renderer",
     "@shikijs/transformers": "catalog:studiocms-renderer",
-    "@studiocms/core": "workspace:*",
-    "astro-integration-kit": "catalog:",
-    "marked": "catalog:studiocms-shared",
+    "marked": "catalog:studiocms-renderer",
     "marked-alert": "catalog:studiocms-renderer",
     "marked-emoji": "catalog:studiocms-renderer",
     "marked-footnote": "catalog:studiocms-renderer",
     "marked-shiki": "catalog:studiocms-renderer",
     "marked-smartypants": "catalog:studiocms-renderer",
-    "shiki": "catalog:studiocms-shared",
-    "react-dom": "catalog:studiocms-shared",
-    "react": "catalog:studiocms-shared",
+    "shiki": "catalog:studiocms-renderer",
+    "react-dom": "catalog:studiocms-renderer",
+    "react": "catalog:studiocms-renderer",
     "remark-gfm": "catalog:studiocms-renderer",
     "rehype-highlight": "catalog:studiocms-renderer",
-    "unified": "catalog:studiocms-shared"
+    "unified": "catalog:studiocms-core"
   },
   "peerDependencies": {
-    "@astrojs/react": "catalog:studiocms-shared",
+    "@astrojs/react": "catalog:",
     "astro": "catalog:min"
   },
   "peerDependenciesMeta": {
@@ -70,8 +70,8 @@
     }
   },
   "devDependencies": {
-    "@types/react-dom": "catalog:studiocms-shared",
-    "@types/react": "catalog:studiocms-shared",
+    "@types/react-dom": "catalog:studiocms-renderer",
+    "@types/react": "catalog:studiocms-renderer",
     "vite": "catalog:",
     "typescript": "catalog:"
   }
diff --git a/packages/studiocms_ui/package.json b/packages/studiocms_ui/package.json
index 5f52f76b3..c3b43036f 100644
--- a/packages/studiocms_ui/package.json
+++ b/packages/studiocms_ui/package.json
@@ -36,7 +36,7 @@
     "./types": "./src/types/index.ts"
   },
   "dependencies": {
-    "@fontsource-variable/onest": "5.1.0"
+    "@fontsource-variable/onest": "catalog:studiocms-shared"
   },
   "peerDependencies": {
     "astro": "catalog:min"
diff --git a/packages/studiocms_ui/src/components/Input.astro b/packages/studiocms_ui/src/components/Input.astro
index e9623b025..c509e8c9b 100644
--- a/packages/studiocms_ui/src/components/Input.astro
+++ b/packages/studiocms_ui/src/components/Input.astro
@@ -3,7 +3,7 @@ import { generateID } from '../utils/generateID';
 
 type Props = {
 	label?: string;
-	type?: 'text' | 'password';
+	type?: 'text' | 'password' | 'email' | 'number' | 'tel' | 'url';
 	placeholder?: string;
 	isRequired?: boolean;
 	name?: string;
diff --git a/playgrounds/node/.env.demo b/playgrounds/node/.env.demo
index aa3b67dcd..2271078e5 100644
--- a/playgrounds/node/.env.demo
+++ b/playgrounds/node/.env.demo
@@ -2,27 +2,30 @@
 ASTRO_DB_REMOTE_URL=libsql://your-database.turso.io
 ASTRO_DB_APP_TOKEN=
 
+# Auth encryption key
+CMS_ENCRYPTION_KEY="..." # openssl rand --base64 16
+
 # credentials for GitHub OAuth
+# OPTIONAL: Github redirect URI is optional, and only required if you have multiple redirect URIs
 CMS_GITHUB_CLIENT_ID=
 CMS_GITHUB_CLIENT_SECRET=
-# Github Callback URL `http://localhost:4321/dashboard/login/github/callback`
-# Github callback URL is NOT AN ENV VARIABLE!
+CMS_GITHUB_REDIRECT_URI=http://localhost:4321/studiocms_api/auth/github/callback
 
 # credentials for Discord OAuth
 CMS_DISCORD_CLIENT_ID=
 CMS_DISCORD_CLIENT_SECRET=
-CMS_DISCORD_REDIRECT_URI=http://localhost:4321/dashboard/login/discord/callback
+CMS_DISCORD_REDIRECT_URI=http://localhost:4321/studiocms_api/auth/discord/callback
 
 # credentials for Google OAuth
 CMS_GOOGLE_CLIENT_ID=
 CMS_GOOGLE_CLIENT_SECRET=
-CMS_GOOGLE_REDIRECT_URI=http://localhost:4321/dashboard/login/google/callback
+CMS_GOOGLE_REDIRECT_URI=http://localhost:4321/studiocms_api/auth/google/callback
 
 # credentials for auth0 OAuth
 CMS_AUTH0_CLIENT_ID=
 CMS_AUTH0_CLIENT_SECRET=
 CMS_AUTH0_DOMAIN=
-CMS_AUTH0_REDIRECT_URI=http://localhost:4321/dashboard/login/auth0/callback
+CMS_AUTH0_REDIRECT_URI=http://localhost:4321/studiocms_api/auth/auth0/callback
 
 ## Cloudinary Javascript SDK
 CMS_CLOUDINARY_CLOUDNAME="demo"
\ No newline at end of file
diff --git a/playgrounds/node/astro.config.mts b/playgrounds/node/astro.config.mts
index 3190f7424..83023579b 100644
--- a/playgrounds/node/astro.config.mts
+++ b/playgrounds/node/astro.config.mts
@@ -1,6 +1,6 @@
 import db from '@astrojs/db';
 import node from '@astrojs/node';
-import webvitals from '@astrojs/web-vitals';
+// import webvitals from '@astrojs/web-vitals';
 import studioCMSBlog from '@studiocms/blog';
 import devapps from '@studiocms/devapps';
 import { defineConfig } from 'astro/config';
@@ -14,7 +14,7 @@ export default defineConfig({
 	adapter: node({ mode: 'standalone' }),
 	integrations: [
 		db(),
-		webvitals(),
+		// webvitals(),
 		studioCMS(), // StudioCMS Integration options can be found in `studiocms.config.mjs`
 		studioCMSBlog({
 			config: {
diff --git a/playgrounds/node/public/studiocms-auth/logo-adaptive.svg b/playgrounds/node/public/studiocms-auth/logo-adaptive.svg
new file mode 100644
index 000000000..026c91ce2
--- /dev/null
+++ b/playgrounds/node/public/studiocms-auth/logo-adaptive.svg
@@ -0,0 +1,5 @@
+<svg width="755" height="792" viewBox="0 0 755 792" fill="none" xmlns="http://www.w3.org/2000/svg">
+  <rect x="295" width="460" height="466" rx="32" fill="currentColor"/>
+  <path d="M272 434V166H180C162.327 166 148 180.327 148 198V597C148 614.673 162.327 629 180 629H577.5C595.173 629 609.5 614.673 609.5 597V490H328C297.072 490 272 464.928 272 434Z" fill="currentColor"/>
+  <path d="M124 597V329H32C14.3269 329 0 343.327 0 361V760C0 777.673 14.3269 792 32 792H429.5C447.173 792 461.5 777.673 461.5 760V653H180C149.072 653 124 627.928 124 597Z" fill="currentColor"/>
+</svg>
\ No newline at end of file
diff --git a/playgrounds/node/public/studiocms-auth/studiocms-logo.glb b/playgrounds/node/public/studiocms-auth/studiocms-logo.glb
new file mode 100644
index 000000000..0decc36fb
Binary files /dev/null and b/playgrounds/node/public/studiocms-auth/studiocms-logo.glb differ
diff --git a/playgrounds/node/studiocms-auth.config.json b/playgrounds/node/studiocms-auth.config.json
deleted file mode 100644
index 69ddb0705..000000000
--- a/playgrounds/node/studiocms-auth.config.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-  "salt": "77304539-0a90-4af9-8d5f-f19a72c3aa83",
-  "opts": {
-    "cpu_mem": 4096,
-    "block_size": 8,
-    "parallelization": 1,
-    "output_key_length": 32,
-    "asyncTick": 10,
-    "max_mem": 1073742848
-  }
-}
diff --git a/playgrounds/ui/package.json b/playgrounds/ui/package.json
index a7001b658..09a0460e2 100644
--- a/playgrounds/ui/package.json
+++ b/playgrounds/ui/package.json
@@ -18,6 +18,6 @@
     "@astrojs/node": "catalog:",
     "astro": "catalog:",
     "@studiocms/ui": "workspace:*",
-    "@fontsource-variable/onest": "5.1.0"
+    "@fontsource-variable/onest": "catalog:studiocms-shared"
   }
 }
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index fb7b1f533..ed25aba40 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -18,6 +18,9 @@ catalogs:
     '@astrojs/node':
       specifier: ^8.3.4
       version: 8.3.4
+    '@astrojs/react':
+      specifier: ^3.6.2
+      version: 3.6.2
     '@astrojs/rss':
       specifier: ^4.0.7
       version: 4.0.7
@@ -58,9 +61,18 @@ catalogs:
     '@lorenzo_lewis/starlight-utils':
       specifier: ^0.2.0
       version: 0.2.0
+    '@shikijs/transformers':
+      specifier: ^1.22.0
+      version: 1.22.0
+    '@shikijs/twoslash':
+      specifier: ^1.22.0
+      version: 1.22.0
     '@types/hast':
       specifier: ^3.0.4
       version: 3.0.4
+    '@types/html-escaper':
+      specifier: ^3.0.2
+      version: 3.0.2
     astro-embed:
       specifier: ^0.7.4
       version: 0.7.4
@@ -70,12 +82,48 @@ catalogs:
     hast-util-select:
       specifier: ^6.0.3
       version: 6.0.3
+    hast-util-to-string:
+      specifier: ^3.0.1
+      version: 3.0.1
+    hastscript:
+      specifier: ^9.0.0
+      version: 9.0.0
+    html-escaper:
+      specifier: ^3.0.3
+      version: 3.0.3
+    mdast-util-from-markdown:
+      specifier: ^2.0.1
+      version: 2.0.1
+    mdast-util-gfm:
+      specifier: ^3.0.0
+      version: 3.0.0
+    mdast-util-to-hast:
+      specifier: ^13.2.0
+      version: 13.2.0
     p-retry:
       specifier: ^6.2.0
       version: 6.2.0
     rehype:
       specifier: ^13.0.2
       version: 13.0.2
+    rehype-autolink-headings:
+      specifier: ^7.1.0
+      version: 7.1.0
+    rehype-external-links:
+      specifier: ^3.0.0
+      version: 3.0.0
+    rehype-slug:
+      specifier: ^6.0.0
+      version: 6.0.0
+    shiki:
+      specifier: ^1.22.0
+      version: 1.22.0
+    shiki-transformer-color-highlight:
+      specifier: ^0.2.0
+      version: 0.2.0
+    starlight-image-zoom:
+      specifier: ^0.8.0
+      version: 0.8.0
     starlight-typedoc:
       specifier: ^0.16.0
       version: 0.16.0
@@ -86,15 +134,27 @@ catalogs:
       specifier: ^4.2.9
       version: 4.2.9
   landing:
+    '@resvg/resvg-js':
+      specifier: ^2.6.2
+      version: 2.6.2
     '@tailwindcss/typography':
       specifier: ^0.5.15
       version: 0.5.15
     astro-icon:
       specifier: ^1.1.1
       version: 1.1.1
+    html-entities:
+      specifier: ^2.5.2
+      version: 2.5.2
     motion:
       specifier: ^10.18.0
       version: 10.18.0
+    satori:
+      specifier: ^0.11.1
+      version: 0.11.1
+    satori-html:
+      specifier: ^0.3.2
+      version: 0.3.2
     tailwind-merge:
       specifier: ^2.5.4
       version: 2.5.4
@@ -121,24 +181,86 @@ catalogs:
     semver:
       specifier: ^7.6.3
       version: 7.6.3
+  studiocms-auth:
+    '@oslojs/binary':
+      specifier: ^1.0.0
+      version: 1.0.0
+    '@oslojs/crypto':
+      specifier: ^1.0.1
+      version: 1.0.1
+    '@oslojs/encoding':
+      specifier: ^1.1.0
+      version: 1.1.0
+    '@types/bcryptjs':
+      specifier: ^2.4.6
+      version: 2.4.6
+    '@types/three':
+      specifier: 0.169.0
+      version: 0.169.0
+    arctic:
+      specifier: ^2.0.1
+      version: 2.0.1
+    bcryptjs:
+      specifier: ^2.4.3
+      version: 2.4.3
+    three:
+      specifier: 0.170.0
+      version: 0.170.0
   studiocms-core:
     mdast-util-to-hast:
       specifier: ^13.2.0
       version: 13.2.0
+    mrmime:
+      specifier: ^2.0.0
+      version: 2.0.0
     remark-rehype:
       specifier: ^11.1.0
       version: 11.1.0
+    unified:
+      specifier: ^11.0.5
+      version: 11.0.5
+  studiocms-devapps:
+    '@libsql/client':
+      specifier: ^0.14.0
+      version: 0.14.0
+    '@types/cheerio':
+      specifier: ^0.22.35
+      version: 0.22.35
+    '@types/turndown':
+      specifier: ^5.0.5
+      version: 5.0.5
+    cheerio:
+      specifier: ^1.0.0
+      version: 1.0.0
+    html-entities:
+      specifier: ^2.5.2
+      version: 2.5.2
+    turndown:
+      specifier: ^7.2.0
+      version: 7.2.0
   studiocms-imagehandler:
     '@cloudinary/url-gen':
       specifier: ^1.21.0
       version: 1.21.0
   studiocms-renderer:
+    '@markdoc/markdoc':
+      specifier: ^0.4.0
+      version: 0.4.0
     '@mdx-js/mdx':
       specifier: ^3.0.1
       version: 3.0.1
     '@shikijs/transformers':
       specifier: ^1.14.1
       version: 1.14.1
+    '@types/react':
+      specifier: ^18.3.5
+      version: 18.3.5
+    '@types/react-dom':
+      specifier: ^18.3.0
+      version: 18.3.0
+    marked:
+      specifier: ^13.0.2
+      version: 13.0.3
     marked-alert:
       specifier: ^2.0.1
       version: 2.0.1
@@ -154,16 +276,22 @@ catalogs:
     marked-smartypants:
       specifier: ^1.1.7
       version: 1.1.7
+    react:
+      specifier: ^18.3.1
+      version: 18.3.1
+    react-dom:
+      specifier: ^18.3.1
+      version: 18.3.1
     rehype-highlight:
       specifier: ^7.0.0
       version: 7.0.0
     remark-gfm:
       specifier: ^4.0.0
       version: 4.0.0
+    shiki:
+      specifier: ^1.14.1
+      version: 1.22.0
   studiocms-shared:
-    '@astrojs/react':
-      specifier: ^3.6.2
-      version: 3.6.2
     '@fontsource-variable/onest':
       specifier: 5.1.0
       version: 5.1.0
@@ -173,9 +301,6 @@ catalogs:
     '@inox-tools/runtime-logger':
       specifier: ^0.3.4
       version: 0.3.4
-    '@markdoc/markdoc':
-      specifier: ^0.4.0
-      version: 0.4.0
     '@matthiesenxyz/astrodtsbuilder':
       specifier: ^0.1.2
       version: 0.1.2
@@ -188,54 +313,18 @@ catalogs:
     '@matthiesenxyz/unocss-preset-daisyui':
       specifier: ^0.1.2
       version: 0.1.2
-    '@noble/hashes':
-      specifier: ^1.5.0
-      version: 1.5.0
-    '@types/micromatch':
-      specifier: ^4.0.9
-      version: 4.0.9
-    '@types/react':
-      specifier: ^18.3.5
-      version: 18.3.5
-    '@types/react-dom':
-      specifier: ^18.3.0
-      version: 18.3.0
     '@unocss/astro':
       specifier: ^0.62.3
       version: 0.62.3
     '@unocss/reset':
       specifier: ^0.62.3
       version: 0.62.3
-    arctic:
-      specifier: ^1.9.1
-      version: 1.9.2
     daisyui:
       specifier: ^4.12.10
       version: 4.12.10
-    lucia:
-      specifier: ^3.2.0
-      version: 3.2.0
-    marked:
-      specifier: ^13.0.2
-      version: 13.0.3
-    micromatch:
-      specifier: ^4.0.8
-      version: 4.0.8
-    mrmime:
-      specifier: ^2.0.0
-      version: 2.0.0
-    react:
-      specifier: ^18.3.1
-      version: 18.3.1
-    react-dom:
-      specifier: ^18.3.1
-      version: 18.3.1
-    shiki:
-      specifier: ^1.14.1
-      version: 1.14.1
-    unified:
-      specifier: ^11.0.5
-      version: 11.0.5
+    rollup-plugin-copy:
+      specifier: ^3.5.0
+      version: 3.5.0
     unocss:
       specifier: ^0.62.3
       version: 0.62.3
@@ -271,12 +360,18 @@ importers:
       '@cloudinary/url-gen':
         specifier: catalog:studiocms-imagehandler
         version: 1.21.0
+      '@fontsource-variable/onest':
+        specifier: catalog:studiocms-shared
+        version: 5.1.0
       '@inox-tools/runtime-logger':
         specifier: catalog:studiocms-shared
         version: 0.3.4(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
       '@markdoc/markdoc':
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-renderer
         version: 0.4.0(@types/react@18.3.5)(react@18.3.1)
+      '@matthiesenxyz/astrodtsbuilder':
+        specifier: catalog:studiocms-shared
+        version: 0.1.2(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
       '@matthiesenxyz/astrolace':
         specifier: catalog:studiocms-shared
         version: 0.3.2(@types/react@18.3.5)(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
@@ -286,9 +381,15 @@ importers:
       '@matthiesenxyz/unocss-preset-daisyui':
         specifier: catalog:studiocms-shared
         version: 0.1.2(daisyui@4.12.10(postcss@8.4.47))(unocss@0.62.3(postcss@8.4.47)(rollup@4.21.0)(vite@5.4.8(@types/node@22.0.0)))
-      '@noble/hashes':
-        specifier: catalog:studiocms-shared
-        version: 1.5.0
+      '@oslojs/binary':
+        specifier: catalog:studiocms-auth
+        version: 1.0.0
+      '@oslojs/crypto':
+        specifier: catalog:studiocms-auth
+        version: 1.0.1
+      '@oslojs/encoding':
+        specifier: catalog:studiocms-auth
+        version: 1.1.0
       '@shikijs/transformers':
         specifier: catalog:studiocms-renderer
         version: 1.14.1
@@ -322,6 +423,12 @@ importers:
       '@studiocms/robotstxt':
         specifier: workspace:*
         version: link:../studiocms_robotstxt
+      '@types/bcryptjs':
+        specifier: catalog:studiocms-auth
+        version: 2.4.6
+      '@types/three':
+        specifier: catalog:studiocms-auth
+        version: 0.169.0
       '@unocss/astro':
         specifier: catalog:studiocms-shared
         version: 0.62.3(rollup@4.21.0)(vite@5.4.8(@types/node@22.0.0))
@@ -329,22 +436,22 @@ importers:
         specifier: catalog:studiocms-shared
         version: 0.62.3
       arctic:
-        specifier: catalog:studiocms-shared
-        version: 1.9.2
+        specifier: catalog:studiocms-auth
+        version: 2.0.1
       astro:
         specifier: catalog:min
         version: 4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3)
       astro-integration-kit:
         specifier: 'catalog:'
         version: 0.16.1(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
+      bcryptjs:
+        specifier: catalog:studiocms-auth
+        version: 2.4.3
       daisyui:
         specifier: catalog:studiocms-shared
         version: 4.12.10(postcss@8.4.47)
-      lucia:
-        specifier: catalog:studiocms-shared
-        version: 3.2.0
       marked:
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-renderer
         version: 13.0.3
       marked-alert:
         specifier: catalog:studiocms-renderer
@@ -357,32 +464,38 @@ importers:
         version: 1.2.2(marked@13.0.3)
       marked-shiki:
         specifier: catalog:studiocms-renderer
-        version: 1.1.0(marked@13.0.3)(shiki@1.14.1)
+        version: 1.1.0(marked@13.0.3)(shiki@1.22.0)
       marked-smartypants:
         specifier: catalog:studiocms-renderer
         version: 1.1.7(marked@13.0.3)
-      micromatch:
-        specifier: catalog:studiocms-shared
-        version: 4.0.8
+      mdast-util-to-hast:
+        specifier: catalog:studiocms-core
+        version: 13.2.0
       mrmime:
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-core
         version: 2.0.0
       package-json:
         specifier: catalog:studiocms
         version: 10.0.1
+      remark-rehype:
+        specifier: catalog:studiocms-core
+        version: 11.1.0
+      rollup-plugin-copy:
+        specifier: catalog:studiocms-shared
+        version: 3.5.0
       semver:
         specifier: catalog:studiocms
         version: 7.6.3
       shiki:
-        specifier: catalog:studiocms-shared
-        version: 1.14.1
+        specifier: catalog:studiocms-renderer
+        version: 1.22.0
+      three:
+        specifier: catalog:studiocms-auth
+        version: 0.170.0
       unocss:
         specifier: catalog:studiocms-shared
         version: 0.62.3(postcss@8.4.47)(rollup@4.21.0)(vite@5.4.8(@types/node@22.0.0))
     devDependencies:
-      '@types/micromatch':
-        specifier: catalog:studiocms-shared
-        version: 4.0.9
       '@types/semver':
         specifier: catalog:studiocms
         version: 7.5.8
@@ -411,49 +524,58 @@ importers:
       '@astrojs/db':
         specifier: catalog:min
         version: 0.14.2(@cloudflare/workers-types@4.20240725.0)(@types/react@18.3.5)(react@18.3.1)
+      '@fontsource-variable/onest':
+        specifier: catalog:studiocms-shared
+        version: 5.1.0
       '@inox-tools/runtime-logger':
         specifier: catalog:studiocms-shared
         version: 0.3.4(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
       '@matthiesenxyz/astrodtsbuilder':
         specifier: catalog:studiocms-shared
         version: 0.1.2(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
-      '@matthiesenxyz/astrolace':
-        specifier: catalog:studiocms-shared
-        version: 0.3.2(@types/react@18.3.5)(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
       '@matthiesenxyz/integration-utils':
         specifier: catalog:studiocms-shared
         version: 0.2.0(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
-      '@noble/hashes':
-        specifier: catalog:studiocms-shared
-        version: 1.5.0
-      '@studiocms/assets':
-        specifier: workspace:*
-        version: link:../studiocms_assets
+      '@oslojs/binary':
+        specifier: catalog:studiocms-auth
+        version: 1.0.0
+      '@oslojs/crypto':
+        specifier: catalog:studiocms-auth
+        version: 1.0.1
+      '@oslojs/encoding':
+        specifier: catalog:studiocms-auth
+        version: 1.1.0
       '@studiocms/core':
         specifier: workspace:*
         version: link:../studiocms_core
-      '@studiocms/dashboard':
+      '@studiocms/ui':
         specifier: workspace:*
-        version: link:../studiocms_dashboard
+        version: link:../studiocms_ui
+      '@types/bcryptjs':
+        specifier: catalog:studiocms-auth
+        version: 2.4.6
+      '@types/three':
+        specifier: catalog:studiocms-auth
+        version: 0.169.0
       arctic:
-        specifier: catalog:studiocms-shared
-        version: 1.9.2
+        specifier: catalog:studiocms-auth
+        version: 2.0.1
       astro:
         specifier: catalog:min
         version: 4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3)
       astro-integration-kit:
         specifier: 'catalog:'
         version: 0.16.1(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
-      lucia:
+      bcryptjs:
+        specifier: catalog:studiocms-auth
+        version: 2.4.3
+      rollup-plugin-copy:
         specifier: catalog:studiocms-shared
-        version: 3.2.0
-      micromatch:
-        specifier: catalog:studiocms-shared
-        version: 4.0.8
+        version: 3.5.0
+      three:
+        specifier: catalog:studiocms-auth
+        version: 0.170.0
     devDependencies:
-      '@types/micromatch':
-        specifier: catalog:studiocms-shared
-        version: 4.0.9
       typescript:
         specifier: 'catalog:'
         version: 5.6.3
@@ -466,9 +588,6 @@ importers:
       '@studiocms/assets':
         specifier: workspace:*
         version: link:../studiocms_assets
-      '@studiocms/core':
-        specifier: workspace:*
-        version: link:../studiocms_core
       astro:
         specifier: catalog:min
         version: 4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3)
@@ -508,7 +627,7 @@ importers:
         specifier: catalog:min
         version: 0.14.2(@cloudflare/workers-types@4.20240725.0)(@types/react@18.3.5)(react@18.3.1)
       '@markdoc/markdoc':
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-renderer
         version: 0.4.0(@types/react@18.3.5)(react@18.3.1)
       '@matthiesenxyz/astrodtsbuilder':
         specifier: catalog:studiocms-shared
@@ -519,9 +638,6 @@ importers:
       '@matthiesenxyz/integration-utils':
         specifier: catalog:studiocms-shared
         version: 0.2.0(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
-      '@noble/hashes':
-        specifier: catalog:studiocms-shared
-        version: 1.5.0
       '@studiocms/robotstxt':
         specifier: workspace:*
         version: link:../studiocms_robotstxt
@@ -531,26 +647,23 @@ importers:
       astro-integration-kit:
         specifier: 'catalog:'
         version: 0.16.1(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
-      lucia:
-        specifier: catalog:studiocms-shared
-        version: 3.2.0
       marked:
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-renderer
         version: 13.0.3
       mdast-util-to-hast:
         specifier: catalog:studiocms-core
         version: 13.2.0
       mrmime:
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-core
         version: 2.0.0
       remark-rehype:
         specifier: catalog:studiocms-core
         version: 11.1.0
       shiki:
-        specifier: catalog:studiocms-shared
-        version: 1.14.1
+        specifier: catalog:studiocms-renderer
+        version: 1.22.0
       unified:
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-core
         version: 11.0.5
     devDependencies:
       typescript:
@@ -562,6 +675,12 @@ importers:
 
   packages/studiocms_dashboard:
     dependencies:
+      '@astrojs/db':
+        specifier: 'catalog:'
+        version: 0.14.2(@cloudflare/workers-types@4.20240725.0)(@types/react@18.3.5)(react@18.3.1)
+      '@astrojs/web-vitals':
+        specifier: 'catalog:'
+        version: 3.0.0(@astrojs/db@0.14.2(@cloudflare/workers-types@4.20240725.0)(@types/react@18.3.5)(react@18.3.1))
       '@inox-tools/runtime-logger':
         specifier: catalog:studiocms-shared
         version: 0.3.4(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
@@ -577,9 +696,6 @@ importers:
       '@matthiesenxyz/unocss-preset-daisyui':
         specifier: catalog:studiocms-shared
         version: 0.1.2(daisyui@4.12.10(postcss@8.4.47))(unocss@0.62.3(postcss@8.4.47)(rollup@4.21.0)(vite@5.4.8(@types/node@22.0.0)))
-      '@noble/hashes':
-        specifier: catalog:studiocms-shared
-        version: 1.5.0
       '@studiocms/assets':
         specifier: workspace:*
         version: link:../studiocms_assets
@@ -624,16 +740,16 @@ importers:
         specifier: catalog:min
         version: 0.14.2(@cloudflare/workers-types@4.20240725.0)(@types/react@18.3.5)(react@18.3.1)
       '@libsql/client':
-        specifier: ^0.14.0
+        specifier: catalog:studiocms-devapps
         version: 0.14.0
       '@studiocms/core':
         specifier: workspace:*
         version: link:../studiocms_core
       '@types/cheerio':
-        specifier: ^0.22.35
+        specifier: catalog:studiocms-devapps
         version: 0.22.35
       '@types/turndown':
-        specifier: ^5.0.5
+        specifier: catalog:studiocms-devapps
         version: 5.0.5
       astro:
         specifier: catalog:min
@@ -642,13 +758,13 @@ importers:
         specifier: 'catalog:'
         version: 0.16.1(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
       cheerio:
-        specifier: ^1.0.0
+        specifier: catalog:studiocms-devapps
         version: 1.0.0
       html-entities:
-        specifier: ^2.5.2
+        specifier: catalog:studiocms-devapps
         version: 2.5.2
       turndown:
-        specifier: ^7.2.0
+        specifier: catalog:studiocms-devapps
         version: 7.2.0
     devDependencies:
       typescript:
@@ -717,13 +833,13 @@ importers:
         specifier: 'catalog:'
         version: 5.2.0
       '@astrojs/react':
-        specifier: catalog:studiocms-shared
+        specifier: 'catalog:'
         version: 3.6.2(@types/react-dom@18.3.0)(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(vite@5.4.8(@types/node@22.0.0))
       '@inox-tools/runtime-logger':
         specifier: catalog:studiocms-shared
         version: 0.3.4(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
       '@markdoc/markdoc':
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-renderer
         version: 0.4.0(@types/react@18.3.5)(react@18.3.1)
       '@matthiesenxyz/astrodtsbuilder':
         specifier: catalog:studiocms-shared
@@ -747,7 +863,7 @@ importers:
         specifier: 'catalog:'
         version: 0.16.1(astro@4.16.2(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
       marked:
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-renderer
         version: 13.0.3
       marked-alert:
         specifier: catalog:studiocms-renderer
@@ -760,15 +876,15 @@ importers:
         version: 1.2.2(marked@13.0.3)
       marked-shiki:
         specifier: catalog:studiocms-renderer
-        version: 1.1.0(marked@13.0.3)(shiki@1.14.1)
+        version: 1.1.0(marked@13.0.3)(shiki@1.22.0)
       marked-smartypants:
         specifier: catalog:studiocms-renderer
         version: 1.1.7(marked@13.0.3)
       react:
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-renderer
         version: 18.3.1
       react-dom:
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-renderer
         version: 18.3.1(react@18.3.1)
       rehype-highlight:
         specifier: catalog:studiocms-renderer
@@ -777,17 +893,17 @@ importers:
         specifier: catalog:studiocms-renderer
         version: 4.0.0
       shiki:
-        specifier: catalog:studiocms-shared
-        version: 1.14.1
+        specifier: catalog:studiocms-renderer
+        version: 1.22.0
       unified:
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-core
         version: 11.0.5
     devDependencies:
       '@types/react':
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-renderer
         version: 18.3.5
       '@types/react-dom':
-        specifier: catalog:studiocms-shared
+        specifier: catalog:studiocms-renderer
         version: 18.3.0
       typescript:
         specifier: 'catalog:'
@@ -805,7 +921,7 @@ importers:
   packages/studiocms_ui:
     dependencies:
       '@fontsource-variable/onest':
-        specifier: 5.1.0
+        specifier: catalog:studiocms-shared
         version: 5.1.0
       astro:
         specifier: catalog:min
@@ -858,7 +974,7 @@ importers:
         specifier: 'catalog:'
         version: 8.3.4(astro@4.16.6(@types/node@20.14.13)(rollup@4.21.0)(typescript@5.6.3))
       '@fontsource-variable/onest':
-        specifier: 5.1.0
+        specifier: catalog:studiocms-shared
         version: 5.1.0
       '@studiocms/ui':
         specifier: workspace:*
@@ -889,7 +1005,7 @@ importers:
         specifier: 'catalog:'
         version: 8.3.4(astro@4.16.6(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
       '@astrojs/react':
-        specifier: catalog:studiocms-shared
+        specifier: 'catalog:'
         version: 3.6.2(@types/react-dom@18.3.0)(@types/react@18.3.5)(react-dom@18.3.1(react@18.3.1))(react@18.3.1)(vite@5.4.9(@types/node@22.0.0))
       '@astrojs/starlight':
         specifier: 'catalog:'
@@ -904,10 +1020,10 @@ importers:
         specifier: catalog:docs
         version: 0.2.0(@astrojs/starlight@0.28.3(astro@4.16.6(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3)))(astro@4.16.6(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3))
       '@shikijs/transformers':
-        specifier: 1.22.0
+        specifier: catalog:docs
         version: 1.22.0
       '@shikijs/twoslash':
-        specifier: 1.22.0
+        specifier: catalog:docs
         version: 1.22.0(typescript@5.6.3)
       '@studiocms/blog':
         specifier: workspace:*
@@ -925,7 +1041,7 @@ importers:
         specifier: catalog:docs
         version: 3.0.4
       '@types/html-escaper':
-        specifier: ^3.0.2
+        specifier: catalog:docs
         version: 3.0.2
       astro:
         specifier: 'catalog:'
@@ -940,22 +1056,22 @@ importers:
         specifier: catalog:docs
         version: 6.0.3
       hast-util-to-string:
-        specifier: ^3.0.1
+        specifier: catalog:docs
         version: 3.0.1
       hastscript:
-        specifier: ^9.0.0
+        specifier: catalog:docs
         version: 9.0.0
       html-escaper:
-        specifier: ^3.0.3
+        specifier: catalog:docs
         version: 3.0.3
       mdast-util-from-markdown:
-        specifier: ^2.0.1
+        specifier: catalog:docs
         version: 2.0.1
       mdast-util-gfm:
-        specifier: ^3.0.0
+        specifier: catalog:docs
         version: 3.0.0
       mdast-util-to-hast:
-        specifier: ^13.2.0
+        specifier: catalog:docs
         version: 13.2.0
       p-retry:
         specifier: catalog:docs
@@ -964,25 +1080,25 @@ importers:
         specifier: catalog:docs
         version: 13.0.2
       rehype-autolink-headings:
-        specifier: ^7.1.0
+        specifier: catalog:docs
         version: 7.1.0
       rehype-external-links:
-        specifier: ^3.0.0
+        specifier: catalog:docs
         version: 3.0.0
       rehype-slug:
-        specifier: ^6.0.0
+        specifier: catalog:docs
         version: 6.0.0
       sharp:
         specifier: 'catalog:'
         version: 0.33.4
       shiki:
-        specifier: 1.22.0
+        specifier: catalog:docs
         version: 1.22.0
       shiki-transformer-color-highlight:
-        specifier: ^0.2.0
+        specifier: catalog:docs
         version: 0.2.0
       starlight-image-zoom:
-        specifier: ^0.8.0
+        specifier: catalog:docs
         version: 0.8.0(@astrojs/starlight@0.28.3(astro@4.16.6(@types/node@22.0.0)(rollup@4.21.0)(typescript@5.6.3)))
       starlight-typedoc:
         specifier: catalog:docs
@@ -1000,7 +1116,7 @@ importers:
         specifier: 'catalog:'
         version: 5.6.3
       unified:
-        specifier: ^11.0.5
+        specifier: catalog:studiocms-core
         version: 11.0.5
 
   www/web:
@@ -1018,7 +1134,7 @@ importers:
         specifier: catalog:studiocms-shared
         version: 1.2.1
       '@resvg/resvg-js':
-        specifier: ^2.6.2
+        specifier: catalog:landing
         version: 2.6.2
       '@tailwindcss/typography':
         specifier: catalog:landing
@@ -1030,16 +1146,16 @@ importers:
         specifier: catalog:landing
         version: 1.1.1
       html-entities:
-        specifier: ^2.5.2
+        specifier: catalog:landing
         version: 2.5.2
       motion:
         specifier: catalog:landing
         version: 10.18.0
       satori:
-        specifier: ^0.11.1
+        specifier: catalog:landing
         version: 0.11.1
       satori-html:
-        specifier: ^0.3.2
+        specifier: catalog:landing
         version: 0.3.2
       sharp:
         specifier: 'catalog:'
@@ -1593,12 +1709,6 @@ packages:
   '@emmetio/stream-reader@2.2.0':
     resolution: {integrity: sha512-fXVXEyFA5Yv3M3n8sUGT7+fvecGrZP4k6FnWWMSZVQf69kAq0LLpaBQLGcPR30m3zMmKYhECP4k/ZkzvhEW5kw==}
 
-  '@emnapi/core@0.45.0':
-    resolution: {integrity: sha512-DPWjcUDQkCeEM4VnljEOEcXdAD7pp8zSZsgOujk/LGIwCXWbXJngin+MO4zbH429lzeC3WbYLGjE2MaUOwzpyw==}
-
-  '@emnapi/runtime@0.45.0':
-    resolution: {integrity: sha512-Txumi3td7J4A/xTTwlssKieHKTGl3j4A1tglBx72auZ49YK7ePY6XZricgIg9mnZT4xPfA+UPCUdnhRuEFDL+w==}
-
   '@emnapi/runtime@1.2.0':
     resolution: {integrity: sha512-bV21/9LQmcQeCPEg3BDFtvwL6cwiTMksYNWQQ4KOxCZikEGalWtenoZ0wCiukJINlGCIi2KXx01g4FoH/LxpzQ==}
 
@@ -2346,184 +2456,6 @@ packages:
   '@neon-rs/load@0.0.4':
     resolution: {integrity: sha512-kTPhdZyTQxB+2wpiRcFWrDcejc4JI6tkPuS7UZCG4l6Zvc5kU/gGQ/ozvHTh1XR5tS+UlfAfGuPajjzQjCiHCw==}
 
-  '@noble/hashes@1.5.0':
-    resolution: {integrity: sha512-1j6kQFb7QRru7eKN3ZDvRcP13rugwdxZqCjbiAVZfIJwgj2A65UmT4TgARXGlXgnRkORLTDTrO19ZErt7+QXgA==}
-    engines: {node: ^14.21.3 || >=16}
-
-  '@node-rs/argon2-android-arm-eabi@1.7.0':
-    resolution: {integrity: sha512-udDqkr5P9E+wYX1SZwAVPdyfYvaF4ry9Tm+R9LkfSHbzWH0uhU6zjIwNRp7m+n4gx691rk+lqqDAIP8RLKwbhg==}
-    engines: {node: '>= 10'}
-    cpu: [arm]
-    os: [android]
-
-  '@node-rs/argon2-android-arm64@1.7.0':
-    resolution: {integrity: sha512-s9j/G30xKUx8WU50WIhF0fIl1EdhBGq0RQ06lEhZ0Gi0ap8lhqbE2Bn5h3/G2D1k0Dx+yjeVVNmt/xOQIRG38A==}
-    engines: {node: '>= 10'}
-    cpu: [arm64]
-    os: [android]
-
-  '@node-rs/argon2-darwin-arm64@1.7.0':
-    resolution: {integrity: sha512-ZIz4L6HGOB9U1kW23g+m7anGNuTZ0RuTw0vNp3o+2DWpb8u8rODq6A8tH4JRL79S+Co/Nq608m9uackN2pe0Rw==}
-    engines: {node: '>= 10'}
-    cpu: [arm64]
-    os: [darwin]
-
-  '@node-rs/argon2-darwin-x64@1.7.0':
-    resolution: {integrity: sha512-5oi/pxqVhODW/pj1+3zElMTn/YukQeywPHHYDbcAW3KsojFjKySfhcJMd1DjKTc+CHQI+4lOxZzSUzK7mI14Hw==}
-    engines: {node: '>= 10'}
-    cpu: [x64]
-    os: [darwin]
-
-  '@node-rs/argon2-freebsd-x64@1.7.0':
-    resolution: {integrity: sha512-Ify08683hA4QVXYoIm5SUWOY5DPIT/CMB0CQT+IdxQAg/F+qp342+lUkeAtD5bvStQuCx/dFO3bnnzoe2clMhA==}
-    engines: {node: '>= 10'}
-    cpu: [x64]
-    os: [freebsd]
-
-  '@node-rs/argon2-linux-arm-gnueabihf@1.7.0':
-    resolution: {integrity: sha512-7DjDZ1h5AUHAtRNjD19RnQatbhL+uuxBASuuXIBu4/w6Dx8n7YPxwTP4MXfsvuRgKuMWiOb/Ub/HJ3kXVCXRkg==}
-    engines: {node: '>= 10'}
-    cpu: [arm]
-    os: [linux]
-
-  '@node-rs/argon2-linux-arm64-gnu@1.7.0':
-    resolution: {integrity: sha512-nJDoMP4Y3YcqGswE4DvP080w6O24RmnFEDnL0emdI8Nou17kNYBzP2546Nasx9GCyLzRcYQwZOUjrtUuQ+od2g==}
-    engines: {node: '>= 10'}
-    cpu: [arm64]
-    os: [linux]
-
-  '@node-rs/argon2-linux-arm64-musl@1.7.0':
-    resolution: {integrity: sha512-BKWS8iVconhE3jrb9mj6t1J9vwUqQPpzCbUKxfTGJfc+kNL58F1SXHBoe2cDYGnHrFEHTY0YochzXoAfm4Dm/A==}
-    engines: {node: '>= 10'}
-    cpu: [arm64]
-    os: [linux]
-
-  '@node-rs/argon2-linux-x64-gnu@1.7.0':
-    resolution: {integrity: sha512-EmgqZOlf4Jurk/szW1iTsVISx25bKksVC5uttJDUloTgsAgIGReCpUUO1R24pBhu9ESJa47iv8NSf3yAfGv6jQ==}
-    engines: {node: '>= 10'}
-    cpu: [x64]
-    os: [linux]
-
-  '@node-rs/argon2-linux-x64-musl@1.7.0':
-    resolution: {integrity: sha512-/o1efYCYIxjfuoRYyBTi2Iy+1iFfhqHCvvVsnjNSgO1xWiWrX0Rrt/xXW5Zsl7vS2Y+yu8PL8KFWRzZhaVxfKA==}
-    engines: {node: '>= 10'}
-    cpu: [x64]
-    os: [linux]
-
-  '@node-rs/argon2-wasm32-wasi@1.7.0':
-    resolution: {integrity: sha512-Evmk9VcxqnuwQftfAfYEr6YZYSPLzmKUsbFIMep5nTt9PT4XYRFAERj7wNYp+rOcBenF3X4xoB+LhwcOMTNE5w==}
-    engines: {node: '>=14.0.0'}
-    cpu: [wasm32]
-
-  '@node-rs/argon2-win32-arm64-msvc@1.7.0':
-    resolution: {integrity: sha512-qgsU7T004COWWpSA0tppDqDxbPLgg8FaU09krIJ7FBl71Sz8SFO40h7fDIjfbTT5w7u6mcaINMQ5bSHu75PCaA==}
-    engines: {node: '>= 10'}
-    cpu: [arm64]
-    os: [win32]
-
-  '@node-rs/argon2-win32-ia32-msvc@1.7.0':
-    resolution: {integrity: sha512-JGafwWYQ/HpZ3XSwP4adQ6W41pRvhcdXvpzIWtKvX+17+xEXAe2nmGWM6s27pVkg1iV2ZtoYLRDkOUoGqZkCcg==}
-    engines: {node: '>= 10'}
-    cpu: [ia32]
-    os: [win32]
-
-  '@node-rs/argon2-win32-x64-msvc@1.7.0':
-    resolution: {integrity: sha512-9oq4ShyFakw8AG3mRls0AoCpxBFcimYx7+jvXeAf2OqKNO+mSA6eZ9z7KQeVCi0+SOEUYxMGf5UiGiDb9R6+9Q==}
-    engines: {node: '>= 10'}
-    cpu: [x64]
-    os: [win32]
-
-  '@node-rs/argon2@1.7.0':
-    resolution: {integrity: sha512-zfULc+/tmcWcxn+nHkbyY8vP3+MpEqKORbszt4UkpqZgBgDAAIYvuDN/zukfTgdmo6tmJKKVfzigZOPk4LlIog==}
-    engines: {node: '>= 10'}
-
-  '@node-rs/bcrypt-android-arm-eabi@1.9.0':
-    resolution: {integrity: sha512-nOCFISGtnodGHNiLrG0WYLWr81qQzZKYfmwHc7muUeq+KY0sQXyHOwZk9OuNQAWv/lnntmtbwkwT0QNEmOyLvA==}
-    engines: {node: '>= 10'}
-    cpu: [arm]
-    os: [android]
-
-  '@node-rs/bcrypt-android-arm64@1.9.0':
-    resolution: {integrity: sha512-+ZrIAtigVmjYkqZQTThHVlz0+TG6D+GDHWhVKvR2DifjtqJ0i+mb9gjo++hN+fWEQdWNGxKCiBBjwgT4EcXd6A==}
-    engines: {node: '>= 10'}
-    cpu: [arm64]
-    os: [android]
-
-  '@node-rs/bcrypt-darwin-arm64@1.9.0':
-    resolution: {integrity: sha512-CQiS+F9Pa0XozvkXR1g7uXE9QvBOPOplDg0iCCPRYTN9PqA5qYxhwe48G3o+v2UeQceNRrbnEtWuANm7JRqIhw==}
-    engines: {node: '>= 10'}
-    cpu: [arm64]
-    os: [darwin]
-
-  '@node-rs/bcrypt-darwin-x64@1.9.0':
-    resolution: {integrity: sha512-4pTKGawYd7sNEjdJ7R/R67uwQH1VvwPZ0SSUMmeNHbxD5QlwAPXdDH11q22uzVXsvNFZ6nGQBg8No5OUGpx6Ug==}
-    engines: {node: '>= 10'}
-    cpu: [x64]
-    os: [darwin]
-
-  '@node-rs/bcrypt-freebsd-x64@1.9.0':
-    resolution: {integrity: sha512-UmWzySX4BJhT/B8xmTru6iFif3h0Rpx3TqxRLCcbgmH43r7k5/9QuhpiyzpvKGpKHJCFNm4F3rC2wghvw5FCIg==}
-    engines: {node: '>= 10'}
-    cpu: [x64]
-    os: [freebsd]
-
-  '@node-rs/bcrypt-linux-arm-gnueabihf@1.9.0':
-    resolution: {integrity: sha512-8qoX4PgBND2cVwsbajoAWo3NwdfJPEXgpCsZQZURz42oMjbGyhhSYbovBCskGU3EBLoC8RA2B1jFWooeYVn5BA==}
-    engines: {node: '>= 10'}
-    cpu: [arm]
-    os: [linux]
-
-  '@node-rs/bcrypt-linux-arm64-gnu@1.9.0':
-    resolution: {integrity: sha512-TuAC6kx0SbcIA4mSEWPi+OCcDjTQUMl213v5gMNlttF+D4ieIZx6pPDGTaMO6M2PDHTeCG0CBzZl0Lu+9b0c7Q==}
-    engines: {node: '>= 10'}
-    cpu: [arm64]
-    os: [linux]
-
-  '@node-rs/bcrypt-linux-arm64-musl@1.9.0':
-    resolution: {integrity: sha512-/sIvKDABOI8QOEnLD7hIj02BVaNOuCIWBKvxcJOt8+TuwJ6zmY1UI5kSv9d99WbiHjTp97wtAUbZQwauU4b9ew==}
-    engines: {node: '>= 10'}
-    cpu: [arm64]
-    os: [linux]
-
-  '@node-rs/bcrypt-linux-x64-gnu@1.9.0':
-    resolution: {integrity: sha512-DyyhDHDsLBsCKz1tZ1hLvUZSc1DK0FU0v52jK6IBQxrj24WscSU9zZe7ie/V9kdmA4Ep57BfpWX8Dsa2JxGdgQ==}
-    engines: {node: '>= 10'}
-    cpu: [x64]
-    os: [linux]
-
-  '@node-rs/bcrypt-linux-x64-musl@1.9.0':
-    resolution: {integrity: sha512-duIiuqQ+Lew8ASSAYm6ZRqcmfBGWwsi81XLUwz86a2HR7Qv6V4yc3ZAUQovAikhjCsIqe8C11JlAZSK6+PlXYg==}
-    engines: {node: '>= 10'}
-    cpu: [x64]
-    os: [linux]
-
-  '@node-rs/bcrypt-wasm32-wasi@1.9.0':
-    resolution: {integrity: sha512-ylaGmn9Wjwv/D5lxtawttx3H6Uu2WTTR7lWlRHGT6Ga/MB1Vj4OjSGUW8G8zIVnKuXpGbZ92pgHlt4HUpSLctw==}
-    engines: {node: '>=14.0.0'}
-    cpu: [wasm32]
-
-  '@node-rs/bcrypt-win32-arm64-msvc@1.9.0':
-    resolution: {integrity: sha512-2h86gF7QFyEzODuDFml/Dp1MSJoZjxJ4yyT2Erf4NkwsiA5MqowUhUsorRwZhX6+2CtlGa7orbwi13AKMsYndw==}
-    engines: {node: '>= 10'}
-    cpu: [arm64]
-    os: [win32]
-
-  '@node-rs/bcrypt-win32-ia32-msvc@1.9.0':
-    resolution: {integrity: sha512-kqxalCvhs4FkN0+gWWfa4Bdy2NQAkfiqq/CEf6mNXC13RSV673Ev9V8sRlQyNpCHCNkeXfOT9pgoBdJmMs9muA==}
-    engines: {node: '>= 10'}
-    cpu: [ia32]
-    os: [win32]
-
-  '@node-rs/bcrypt-win32-x64-msvc@1.9.0':
-    resolution: {integrity: sha512-2y0Tuo6ZAT2Cz8V7DHulSlv1Bip3zbzeXyeur+uR25IRNYXKvI/P99Zl85Fbuu/zzYAZRLLlGTRe6/9IHofe/w==}
-    engines: {node: '>= 10'}
-    cpu: [x64]
-    os: [win32]
-
-  '@node-rs/bcrypt@1.9.0':
-    resolution: {integrity: sha512-u2OlIxW264bFUfvbFqDz9HZKFjwe8FHFtn7T/U8mYjPZ7DWYpbUB+/dkW/QgYfMSfR0ejkyuWaBBe0coW7/7ig==}
-    engines: {node: '>= 10'}
-
   '@nodelib/fs.scandir@2.1.5':
     resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==}
     engines: {node: '>= 8'}
@@ -2536,9 +2468,24 @@ packages:
     resolution: {integrity: sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==}
     engines: {node: '>= 8'}
 
+  '@oslojs/asn1@1.0.0':
+    resolution: {integrity: sha512-zw/wn0sj0j0QKbIXfIlnEcTviaCzYOY3V5rAyjR6YtOByFtJiT574+8p9Wlach0lZH9fddD4yb9laEAIl4vXQA==}
+
+  '@oslojs/binary@1.0.0':
+    resolution: {integrity: sha512-9RCU6OwXU6p67H4NODbuxv2S3eenuQ4/WFLrsq+K/k682xrznH5EVWA7N4VFk9VYVcbFtKqur5YQQZc0ySGhsQ==}
+
+  '@oslojs/crypto@1.0.1':
+    resolution: {integrity: sha512-7n08G8nWjAr/Yu3vu9zzrd0L9XnrJfpMioQcvCMxBIiF5orECHe5/3J0jmXRVvgfqMm/+4oxlQ+Sq39COYLcNQ==}
+
+  '@oslojs/encoding@0.4.1':
+    resolution: {integrity: sha512-hkjo6MuIK/kQR5CrGNdAPZhS01ZCXuWDRJ187zh6qqF2+yMHZpD9fAYpX8q2bOO6Ryhl3XpCT6kUX76N8hhm4Q==}
+
   '@oslojs/encoding@1.1.0':
     resolution: {integrity: sha512-70wQhgYmndg4GCPxPPxPGevRKqTIJ2Nh4OkiMWmDAVYsTQ+Ta7Sq+rPevXyXGdzr30/qZBnyOalCszoMxlyldQ==}
 
+  '@oslojs/jwt@0.2.0':
+    resolution: {integrity: sha512-bLE7BtHrURedCn4Mco3ma9L4Y1GR2SMBuIvjWr7rmQ4/W/4Jy70TIAgZ+0nIlk0xHz1vNP8x8DCns45Sb2XRbg==}
+
   '@pagefind/darwin-arm64@1.1.0':
     resolution: {integrity: sha512-SLsXNLtSilGZjvqis8sX42fBWsWAVkcDh1oerxwqbac84HbiwxpxOC2jm8hRwcR0Z55HPZPWO77XeRix/8GwTg==}
     cpu: [arm64]
@@ -2763,9 +2710,6 @@ packages:
   '@shikijs/core@1.14.1':
     resolution: {integrity: sha512-KyHIIpKNaT20FtFPFjCQB5WVSTpLR/n+jQXhWHWVUMm9MaOaG9BGOG0MSyt7yA4+Lm+4c9rTc03tt3nYzeYSfw==}
 
-  '@shikijs/core@1.16.2':
-    resolution: {integrity: sha512-XSVH5OZCvE4WLMgdoBqfPMYmGHGmCC3OgZhw0S7KcSi2XKZ+5oHGe71GFnTljgdOxvxx5WrRks6QoTLKrl1eAA==}
-
   '@shikijs/core@1.22.0':
     resolution: {integrity: sha512-S8sMe4q71TJAW+qG93s5VaiihujRK6rqDFqBnxqvga/3LvqHEnxqBIOPkt//IdXVtHkQWKu4nOQNk0uBGicU7Q==}
 
@@ -2814,8 +2758,8 @@ packages:
     resolution: {integrity: sha512-L7z9BgrNEcYyUYtF+HaEfiS5ebkh9jXqbszz7pC0hRBPaatV0XjSD3+eHrpqFemQfgwiFF0QPIarnIihIDn7OA==}
     engines: {node: '>=10.13.0'}
 
-  '@tybys/wasm-util@0.8.3':
-    resolution: {integrity: sha512-Z96T/L6dUFFxgFJ+pQtkPpne9q7i6kIPYCFnQBHSgSPV9idTsKfIhCss0h5iM9irweZCatkrdeP8yi5uM1eX6Q==}
+  '@tweenjs/tween.js@23.1.3':
+    resolution: {integrity: sha512-vJmvvwFxYuGnF2axRtPYocag6Clbb5YS7kLL+SO/TeVFzHqDIWrNKYtcsPMibjDx9O+bu+psAy9NKfWklassUA==}
 
   '@types/acorn@4.0.6':
     resolution: {integrity: sha512-veQTnWP+1D/xbxVrPC3zHnCZRjSrKfhbMUlEA43iMZLu7EsnTtkJklIuwrCPbOi8YkvDQAiW05VQQFvvz9oieQ==}
@@ -2832,8 +2776,8 @@ packages:
   '@types/babel__traverse@7.20.6':
     resolution: {integrity: sha512-r1bzfrm0tomOI8g1SzvCaQHo6Lcv6zu0EA+W2kHrt8dyrHQxGzBBL4kdkzIS+jBMV+EYcMAEAqXqYaLJq5rOZg==}
 
-  '@types/braces@3.0.4':
-    resolution: {integrity: sha512-0WR3b8eaISjEW7RpZnclONaLFDf7buaowRHdqLp4vLj54AsSAYWfh3DRbfiYJY9XDxMgx1B4sE1Afw2PGpuHOA==}
+  '@types/bcryptjs@2.4.6':
+    resolution: {integrity: sha512-9xlo6R2qDs5uixm0bcIqCeMCE6HiQsIyel9KQySStiyqNl2tnj2mP3DX1Nf56MD6KMenNNlBBsy3LJ7gUEQPXQ==}
 
   '@types/cheerio@0.22.35':
     resolution: {integrity: sha512-yD57BchKRvTV+JD53UZ6PD8KWY5g5rvvMLRnZR3EQBCZXiDT/HR+pKpMzFGlWNhFrXlo7VPZXtKvIEwZkAWOIA==}
@@ -2850,6 +2794,12 @@ packages:
   '@types/estree@1.0.5':
     resolution: {integrity: sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw==}
 
+  '@types/fs-extra@8.1.5':
+    resolution: {integrity: sha512-0dzKcwO+S8s2kuF5Z9oUWatQJj5Uq/iqphEtE3GQJVRRYm/tD1LglU2UnXi2A8jLq5umkGouOXOR9y0n613ZwQ==}
+
+  '@types/glob@7.2.0':
+    resolution: {integrity: sha512-ZUxbzKl0IfJILTS6t7ip5fQQM/J3TJYubDm3nMbgubNNYS62eXeUpoLUC8/7fJNiFYHTrGPQn7hspDUzIHX3UA==}
+
   '@types/hast@3.0.4':
     resolution: {integrity: sha512-WPs+bbQw5aCj+x6laNGWLH3wviHtoCv/P3+otBhbOhJgG8qtpdAMlTCxLtsTWA7LH1Oh/bFCHsBn0TPS5m30EQ==}
 
@@ -2871,8 +2821,8 @@ packages:
   '@types/mdx@2.0.13':
     resolution: {integrity: sha512-+OWZQfAYyio6YkJb3HLxDrvnx6SWWDbC0zVPfBRzUk0/nqoDyf6dNxQi3eArPe8rJ473nobTMQ/8Zk+LxJ+Yuw==}
 
-  '@types/micromatch@4.0.9':
-    resolution: {integrity: sha512-7V+8ncr22h4UoYRLnLXSpTxjQrNUXtWHGeMPRJt1nULXI57G9bIcpyrHlmrQ7QK24EyyuXvYcSSWAM8GA9nqCg==}
+  '@types/minimatch@5.1.2':
+    resolution: {integrity: sha512-K0VQKziLUWkVKiRVrx4a40iPaxTUefQmjtkQofBkYRcoaaL/8rhwDWww9qWbrgicNOgnpIsMxyNIUM4+n6dUIA==}
 
   '@types/ms@0.7.34':
     resolution: {integrity: sha512-nG96G3Wp6acyAgJqGasjODb+acrI7KltPiRxzHPXnP3NgI28bpQDRv53olbqGXbfcgF5aiiHmO3xpwEpS5Ld9g==}
@@ -2913,9 +2863,15 @@ packages:
   '@types/semver@7.5.8':
     resolution: {integrity: sha512-I8EUhyrgfLrcTkzV3TSsGyl1tSuPrEDzr0yd5m90UgNxQkyDXULk3b6MlQqTCpZpNtWe1K0hzclnZkTcLBe2UQ==}
 
+  '@types/stats.js@0.17.3':
+    resolution: {integrity: sha512-pXNfAD3KHOdif9EQXZ9deK82HVNaXP5ZIF5RP2QG6OQFNTaY2YIetfrE9t528vEreGQvEPRDDc8muaoYeK0SxQ==}
+
   '@types/tar@6.1.13':
     resolution: {integrity: sha512-IznnlmU5f4WcGTh2ltRu/Ijpmk8wiWXfF0VA4s+HPjHZgvFggk1YaIkbo5krX/zUCzWF8N/l4+W/LNxnvAJ8nw==}
 
+  '@types/three@0.169.0':
+    resolution: {integrity: sha512-oan7qCgJBt03wIaK+4xPWclYRPG9wzcg7Z2f5T8xYTNEF95kh0t0lklxLLYBDo7gQiGLYzE6iF4ta7nXF2bcsw==}
+
   '@types/trusted-types@2.0.7':
     resolution: {integrity: sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw==}
 
@@ -2928,6 +2884,9 @@ packages:
   '@types/unist@3.0.2':
     resolution: {integrity: sha512-dqId9J8K/vGi5Zr7oo212BGii5m3q5Hxlkwy3WpYuKPklmBEvsbMYYyLxAQpSffdLl/gdW0XUpKWFvYmyoWCoQ==}
 
+  '@types/webxr@0.5.20':
+    resolution: {integrity: sha512-JGpU6qiIJQKUuVSKx1GtQnHJGxRjtfGIhzO2ilq43VZZS//f1h1Sgexbdk+Lq+7569a6EYhOWrUpIruR/1Enmg==}
+
   '@types/ws@8.5.12':
     resolution: {integrity: sha512-3tPRkv1EtkDpzlgyKyI8pGsGZAGPEaXeu0DOj5DI25Ja91bdAYddYHbADRYVrZMRbfW+1l5YwXVDKohDJNQxkQ==}
 
@@ -3060,6 +3019,9 @@ packages:
   '@vscode/l10n@0.0.18':
     resolution: {integrity: sha512-KYSIHVmslkaCDyw013pphY+d7x1qV8IZupYfeIfzNA+nsaWHbn5uPuQRvdRFsa9zFzGeudPuoGoZ1Op4jrJXIQ==}
 
+  '@webgpu/types@0.1.49':
+    resolution: {integrity: sha512-NMmS8/DofhH/IFeW+876XrHVWel+J/vdcFCHLDqeJgkH9x0DeiwjVd8LcBdaxdG/T7Rf8VUAYsA8X1efMzLjRQ==}
+
   acorn-jsx@5.3.2:
     resolution: {integrity: sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==}
     peerDependencies:
@@ -3107,8 +3069,8 @@ packages:
     resolution: {integrity: sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==}
     engines: {node: '>= 8'}
 
-  arctic@1.9.2:
-    resolution: {integrity: sha512-VTnGpYx+ypboJdNrWnK17WeD7zN/xSCHnpecd5QYsBfVZde/5i+7DJ1wrf/ioSDMiEjagXmyNWAE3V2C9f1hNg==}
+  arctic@2.0.1:
+    resolution: {integrity: sha512-2UxVMEGtBkWf5GkriStLuJ+YnkBQZ5V/PapL6nCUOySxxUPgaXt8VSauzrzQZpaoP0kEHV5lk5CsdzX4/eqnZg==}
 
   arg@5.0.2:
     resolution: {integrity: sha512-PYjyFOLKQ9y57JvQ6QLo8dAgNqswh8M1RMJYdQduT6xbWSgK36P/Z/v+p888pM69jMMfS8Xd8F6I1kQ/I9HUGg==}
@@ -3247,6 +3209,9 @@ packages:
   bcp-47@2.1.0:
     resolution: {integrity: sha512-9IIS3UPrvIa1Ej+lVDdDwO7zLehjqsaByECw0bu2RRGP73jALm6FYbzI5gWbgHLvNdkvfXB5YrSbocZdOS0c0w==}
 
+  bcryptjs@2.4.3:
+    resolution: {integrity: sha512-V/Hy/X9Vt7f3BbPJEi8BdVFMByHi+jNXrYkW3huaybV/kQ0KJg0Y6PkEMbn+zeT+i+SiKZ/HMqJGIIt4LZDqNQ==}
+
   better-path-resolve@1.0.0:
     resolution: {integrity: sha512-pbnl5XzGBdrFU/wT4jqmJVPn2B6UHPBOhzMQkY/SPUPB6QtUXtmBHBIwCbXJol93mOpGMnQyP/+BB19q04xj7g==}
     engines: {node: '>=4'}
@@ -3416,6 +3381,9 @@ packages:
     resolution: {integrity: sha512-1rXeuUUiGGrykh+CeBdu5Ie7OJwinCgQY0bc7GCRxy5xVHy+moaqkpL/jqQq0MtQOeYcrqEz4abc5f0KtU7W4A==}
     engines: {node: '>=12.5.0'}
 
+  colorette@1.4.0:
+    resolution: {integrity: sha512-Y2oEozpomLn7Q3HFP7dpww7AtMJplbM9lGZP6RDfHqmbeRjiwRg4n6VM6j4KLmRke85uWEI7JqF17f3pqdRA0g==}
+
   colorette@2.0.20:
     resolution: {integrity: sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==}
 
@@ -3921,6 +3889,9 @@ packages:
   fflate@0.7.4:
     resolution: {integrity: sha512-5u2V/CDW15QM1XbbgS+0DfPxVB+jUKhWEKuuFuHncbk3tEEqzmoXL+2KyOFuKGqOnmdIy0/davWF1CkuwtibCw==}
 
+  fflate@0.8.2:
+    resolution: {integrity: sha512-cPJU47OaAoCbg0pBvzsgpTPhmhqI5eJjh/JIu8tPj5q+T7iLvW/JAYUqmE7KOB4R1ZyEhzBaIQpQpardBF5z8A==}
+
   fill-range@7.1.1:
     resolution: {integrity: sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==}
     engines: {node: '>=8'}
@@ -3987,9 +3958,6 @@ packages:
     resolution: {integrity: sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==}
     engines: {node: '>= 8'}
 
-  fs-monkey@1.0.6:
-    resolution: {integrity: sha512-b1FMfwetIKymC0eioW7mTywihSQE4oLzQn1dB6rZB5fx/3NpNEdAWeCSMB+60/AeT0TCXsxzAlcYVEFCTAksWg==}
-
   fs.realpath@1.0.0:
     resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==}
 
@@ -4043,6 +4011,10 @@ packages:
     resolution: {integrity: sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==}
     engines: {node: '>=4'}
 
+  globby@10.0.1:
+    resolution: {integrity: sha512-sSs4inE1FB2YQiymcmTv6NWENryABjUNPeWhOvmn4SjtKybglsyPZxFB3U1/+L1bYi0rNZDqCLlHyLYDl1Pq5A==}
+    engines: {node: '>=8'}
+
   globby@11.1.0:
     resolution: {integrity: sha512-jhIXaOzy1sb8IyocaruWSn1TjmnBVs8Ayhcy83rmxNJ8q2uWKCAj3CnJY+KpGSXCueAPc0i05kVvVKtP1t9S3g==}
     engines: {node: '>=10'}
@@ -4284,6 +4256,10 @@ packages:
     resolution: {integrity: sha512-+Pgi+vMuUNkJyExiMBt5IlFoMyKnr5zhJ4Uspz58WOhBF5QoIZkFyNHIbBAtHwzVAgk5RtndVNsDRN61/mmDqg==}
     engines: {node: '>=12'}
 
+  is-plain-object@3.0.1:
+    resolution: {integrity: sha512-Xnpx182SBMrr/aBik8y+GuR4U1L9FqMSojwDQwPMmxyC6bvEqly9UBCxhauBF5vNh2gwWJNX6oDV7O+OM4z34g==}
+    engines: {node: '>=0.10.0'}
+
   is-reference@3.0.2:
     resolution: {integrity: sha512-v3rht/LgVcsdZa3O2Nqs+NMowLOxeOm7Ay9+/ARQ2F+qEoANRcqrjAZKGN0v8ymUetZGgkp26LTnGT7H0Qo9Pg==}
 
@@ -4477,9 +4453,6 @@ packages:
   lru-cache@5.1.1:
     resolution: {integrity: sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w==}
 
-  lucia@3.2.0:
-    resolution: {integrity: sha512-eXMxXwk6hqtjRTj4W/x3EnTUtAztLPm0p2N2TEBMDEbakDLXiYnDQ9z/qahjPdPdhPguQc+vwO0/88zIWxlpuw==}
-
   lunr@2.3.9:
     resolution: {integrity: sha512-zTU3DaZaF3Rt9rhN3uBMGQD3dD2/vFQqnvZCDv4dl5iOzq2IZQqTxu90r4E5J+nP70J3ilqVCrbho2eWaeW8Ow==}
 
@@ -4597,17 +4570,13 @@ packages:
   mdurl@2.0.0:
     resolution: {integrity: sha512-Lf+9+2r+Tdp5wXDXC4PcIBjTDtq4UKjCPMQhKIuzpJNW0b96kVqSwW0bT7FhRSfmAiFYgP+SCRvdrDozfh0U5w==}
 
-  memfs-browser@3.5.10302:
-    resolution: {integrity: sha512-JJTc/nh3ig05O0gBBGZjTCPOyydaTxNF0uHYBrcc1gHNnO+KIHIvo0Y1FKCJsaei6FCl8C6xfQomXqu+cuzkIw==}
-
-  memfs@3.5.3:
-    resolution: {integrity: sha512-UERzLsxzllchadvbPs5aolHh65ISpKpM+ccLbOJ8/vvpBKmAWf+la7dXFy7Mr0ySHbdHrFv5kGFCUHHe6GFEmw==}
-    engines: {node: '>= 4.0.0'}
-
   merge2@1.4.1:
     resolution: {integrity: sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==}
     engines: {node: '>= 8'}
 
+  meshoptimizer@0.18.1:
+    resolution: {integrity: sha512-ZhoIoL7TNV4s5B6+rx5mC//fw8/POGyNxS/DZyCJeiZ12ScLfVwRE/GfsxwiTkMYYD5DmK2/JXnEVXqL4rF+Sw==}
+
   micromark-core-commonmark@2.0.1:
     resolution: {integrity: sha512-CUQyKr1e///ZODyD1U3xit6zXwy1a8q2a1S1HKtIlmgvurrEpaw/Y9y6KSIbF8P59cn/NjzHyO+Q2fAyYLQrAA==}
 
@@ -4886,9 +4855,6 @@ packages:
     resolution: {integrity: sha512-D2FR03Vir7FIu45XBY20mTb+/ZSWB00sjU9jdQXt83gDrI4Ztz5Fs7/yy74g2N5SVQY4xY1qDr4rNddwYRVX0g==}
     engines: {node: '>=0.10.0'}
 
-  oslo@1.2.0:
-    resolution: {integrity: sha512-OoFX6rDsNcOQVAD2gQD/z03u4vEjWZLzJtwkmgfRF+KpQUXwdgEXErD7zNhyowmHwHefP+PM9Pw13pgpHMRlzw==}
-
   outdent@0.5.0:
     resolution: {integrity: sha512-/jHxFIzoMXdqPzTaCpFzAAWhpkSjZPF4Vsn6jAfNpmbH/ymsmd7Qc6VE9BGn0L6YMj6uwpQLxCECpus4ukKS9Q==}
 
@@ -5313,6 +5279,10 @@ packages:
     deprecated: Rimraf versions prior to v4 are no longer supported
     hasBin: true
 
+  rollup-plugin-copy@3.5.0:
+    resolution: {integrity: sha512-wI8D5dvYovRMx/YYKtUNt3Yxaw4ORC9xo6Gt9t22kveWz1enG9QrhVlagzwrxSC455xD1dHMKhIJkbsQ7d48BA==}
+    engines: {node: '>=8.3'}
+
   rollup@4.21.0:
     resolution: {integrity: sha512-vo+S/lfA2lMS7rZ2Qoubi6I5hwZwzXeUIctILZLbHI+laNtvhhOIon2S1JksA5UEDQ7l3vberd0fxK44lTYjbQ==}
     engines: {node: '>=18.0.0', npm: '>=8.0.0'}
@@ -5394,9 +5364,6 @@ packages:
   shiki@1.14.1:
     resolution: {integrity: sha512-FujAN40NEejeXdzPt+3sZ3F2dx1U24BY2XTY01+MG8mbxCiA2XukXdcbyMyLAHJ/1AUUnQd1tZlvIjefWWEJeA==}
 
-  shiki@1.16.2:
-    resolution: {integrity: sha512-gSym0hZf5a1U0iDPsdoOAZbvoi+e0c6c3NKAi03FoSLTm7oG20tum29+gk0wzzivOasn3loxfGUPT+jZXIUbWg==}
-
   shiki@1.22.0:
     resolution: {integrity: sha512-/t5LlhNs+UOKQCYBtl5ZsH/Vclz73GIqT2yQsCBygr8L/ppTdmpL4w3kPLoZJbMKVWtoG77Ue1feOjZfDxvMkw==}
 
@@ -5571,6 +5538,9 @@ packages:
   thenify@3.3.1:
     resolution: {integrity: sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw==}
 
+  three@0.170.0:
+    resolution: {integrity: sha512-FQK+LEpYc0fBD+J8g6oSEyyNzjp+Q7Ks1C568WWaoMRLW+TkNNWmenWeGgJjV105Gd+p/2ql1ZcjYvNiPZBhuQ==}
+
   tiny-inflate@1.0.3:
     resolution: {integrity: sha512-pkY1fj1cKHb2seWDy0B16HeWyczlJA9/WW3u3c4z/NiWDsO3DOU5D7nhTLE9CF0yXv/QZFY7sEJmj24dK+Rrqw==}
 
@@ -6263,9 +6233,9 @@ snapshots:
       rehype-stringify: 10.0.0
       remark-gfm: 4.0.0
       remark-parse: 11.0.0
-      remark-rehype: 11.1.0
+      remark-rehype: 11.1.1
       remark-smartypants: 3.0.2
-      shiki: 1.16.2
+      shiki: 1.22.0
       unified: 11.0.5
       unist-util-remove-position: 5.0.0
       unist-util-visit: 5.0.0
@@ -6729,14 +6699,14 @@ snapshots:
     transitivePeerDependencies:
       - supports-color
 
-  '@babel/plugin-transform-react-jsx-self@7.24.7(@babel/core@7.25.7)':
+  '@babel/plugin-transform-react-jsx-self@7.24.7(@babel/core@7.25.8)':
     dependencies:
-      '@babel/core': 7.25.7
+      '@babel/core': 7.25.8
       '@babel/helper-plugin-utils': 7.25.7
 
-  '@babel/plugin-transform-react-jsx-source@7.24.7(@babel/core@7.25.7)':
+  '@babel/plugin-transform-react-jsx-source@7.24.7(@babel/core@7.25.8)':
     dependencies:
-      '@babel/core': 7.25.7
+      '@babel/core': 7.25.8
       '@babel/helper-plugin-utils': 7.25.7
 
   '@babel/plugin-transform-react-jsx@7.25.7(@babel/core@7.25.7)':
@@ -7069,16 +7039,6 @@ snapshots:
 
   '@emmetio/stream-reader@2.2.0': {}
 
-  '@emnapi/core@0.45.0':
-    dependencies:
-      tslib: 2.6.3
-    optional: true
-
-  '@emnapi/runtime@0.45.0':
-    dependencies:
-      tslib: 2.6.3
-    optional: true
-
   '@emnapi/runtime@1.2.0':
     dependencies:
       tslib: 2.6.3
@@ -7632,7 +7592,7 @@ snapshots:
       periscopic: 3.1.0
       remark-mdx: 3.0.1
       remark-parse: 11.0.0
-      remark-rehype: 11.1.0
+      remark-rehype: 11.1.1
       source-map: 0.7.4
       unified: 11.0.5
       unist-util-position-from-estree: 2.0.0
@@ -7714,136 +7674,6 @@ snapshots:
 
   '@neon-rs/load@0.0.4': {}
 
-  '@noble/hashes@1.5.0': {}
-
-  '@node-rs/argon2-android-arm-eabi@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-android-arm64@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-darwin-arm64@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-darwin-x64@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-freebsd-x64@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-linux-arm-gnueabihf@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-linux-arm64-gnu@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-linux-arm64-musl@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-linux-x64-gnu@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-linux-x64-musl@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-wasm32-wasi@1.7.0':
-    dependencies:
-      '@emnapi/core': 0.45.0
-      '@emnapi/runtime': 0.45.0
-      '@tybys/wasm-util': 0.8.3
-      memfs-browser: 3.5.10302
-    optional: true
-
-  '@node-rs/argon2-win32-arm64-msvc@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-win32-ia32-msvc@1.7.0':
-    optional: true
-
-  '@node-rs/argon2-win32-x64-msvc@1.7.0':
-    optional: true
-
-  '@node-rs/argon2@1.7.0':
-    optionalDependencies:
-      '@node-rs/argon2-android-arm-eabi': 1.7.0
-      '@node-rs/argon2-android-arm64': 1.7.0
-      '@node-rs/argon2-darwin-arm64': 1.7.0
-      '@node-rs/argon2-darwin-x64': 1.7.0
-      '@node-rs/argon2-freebsd-x64': 1.7.0
-      '@node-rs/argon2-linux-arm-gnueabihf': 1.7.0
-      '@node-rs/argon2-linux-arm64-gnu': 1.7.0
-      '@node-rs/argon2-linux-arm64-musl': 1.7.0
-      '@node-rs/argon2-linux-x64-gnu': 1.7.0
-      '@node-rs/argon2-linux-x64-musl': 1.7.0
-      '@node-rs/argon2-wasm32-wasi': 1.7.0
-      '@node-rs/argon2-win32-arm64-msvc': 1.7.0
-      '@node-rs/argon2-win32-ia32-msvc': 1.7.0
-      '@node-rs/argon2-win32-x64-msvc': 1.7.0
-
-  '@node-rs/bcrypt-android-arm-eabi@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-android-arm64@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-darwin-arm64@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-darwin-x64@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-freebsd-x64@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-linux-arm-gnueabihf@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-linux-arm64-gnu@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-linux-arm64-musl@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-linux-x64-gnu@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-linux-x64-musl@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-wasm32-wasi@1.9.0':
-    dependencies:
-      '@emnapi/core': 0.45.0
-      '@emnapi/runtime': 0.45.0
-      '@tybys/wasm-util': 0.8.3
-      memfs-browser: 3.5.10302
-    optional: true
-
-  '@node-rs/bcrypt-win32-arm64-msvc@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-win32-ia32-msvc@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt-win32-x64-msvc@1.9.0':
-    optional: true
-
-  '@node-rs/bcrypt@1.9.0':
-    optionalDependencies:
-      '@node-rs/bcrypt-android-arm-eabi': 1.9.0
-      '@node-rs/bcrypt-android-arm64': 1.9.0
-      '@node-rs/bcrypt-darwin-arm64': 1.9.0
-      '@node-rs/bcrypt-darwin-x64': 1.9.0
-      '@node-rs/bcrypt-freebsd-x64': 1.9.0
-      '@node-rs/bcrypt-linux-arm-gnueabihf': 1.9.0
-      '@node-rs/bcrypt-linux-arm64-gnu': 1.9.0
-      '@node-rs/bcrypt-linux-arm64-musl': 1.9.0
-      '@node-rs/bcrypt-linux-x64-gnu': 1.9.0
-      '@node-rs/bcrypt-linux-x64-musl': 1.9.0
-      '@node-rs/bcrypt-wasm32-wasi': 1.9.0
-      '@node-rs/bcrypt-win32-arm64-msvc': 1.9.0
-      '@node-rs/bcrypt-win32-ia32-msvc': 1.9.0
-      '@node-rs/bcrypt-win32-x64-msvc': 1.9.0
-
   '@nodelib/fs.scandir@2.1.5':
     dependencies:
       '@nodelib/fs.stat': 2.0.5
@@ -7856,8 +7686,25 @@ snapshots:
       '@nodelib/fs.scandir': 2.1.5
       fastq: 1.17.1
 
+  '@oslojs/asn1@1.0.0':
+    dependencies:
+      '@oslojs/binary': 1.0.0
+
+  '@oslojs/binary@1.0.0': {}
+
+  '@oslojs/crypto@1.0.1':
+    dependencies:
+      '@oslojs/asn1': 1.0.0
+      '@oslojs/binary': 1.0.0
+
+  '@oslojs/encoding@0.4.1': {}
+
   '@oslojs/encoding@1.1.0': {}
 
+  '@oslojs/jwt@0.2.0':
+    dependencies:
+      '@oslojs/encoding': 0.4.1
+
   '@pagefind/darwin-arm64@1.1.0':
     optional: true
 
@@ -8011,11 +7858,6 @@ snapshots:
     dependencies:
       '@types/hast': 3.0.4
 
-  '@shikijs/core@1.16.2':
-    dependencies:
-      '@shikijs/vscode-textmate': 9.3.0
-      '@types/hast': 3.0.4
-
   '@shikijs/core@1.22.0':
     dependencies:
       '@shikijs/engine-javascript': 1.22.0
@@ -8092,10 +7934,7 @@ snapshots:
 
   '@trysound/sax@0.2.0': {}
 
-  '@tybys/wasm-util@0.8.3':
-    dependencies:
-      tslib: 2.6.3
-    optional: true
+  '@tweenjs/tween.js@23.1.3': {}
 
   '@types/acorn@4.0.6':
     dependencies:
@@ -8122,7 +7961,7 @@ snapshots:
     dependencies:
       '@babel/types': 7.25.7
 
-  '@types/braces@3.0.4': {}
+  '@types/bcryptjs@2.4.6': {}
 
   '@types/cheerio@0.22.35':
     dependencies:
@@ -8140,6 +7979,15 @@ snapshots:
 
   '@types/estree@1.0.5': {}
 
+  '@types/fs-extra@8.1.5':
+    dependencies:
+      '@types/node': 22.0.0
+
+  '@types/glob@7.2.0':
+    dependencies:
+      '@types/minimatch': 5.1.2
+      '@types/node': 22.0.0
+
   '@types/hast@3.0.4':
     dependencies:
       '@types/unist': 3.0.2
@@ -8164,9 +8012,7 @@ snapshots:
 
   '@types/mdx@2.0.13': {}
 
-  '@types/micromatch@4.0.9':
-    dependencies:
-      '@types/braces': 3.0.4
+  '@types/minimatch@5.1.2': {}
 
   '@types/ms@0.7.34': {}
 
@@ -8209,11 +8055,22 @@ snapshots:
 
   '@types/semver@7.5.8': {}
 
+  '@types/stats.js@0.17.3': {}
+
   '@types/tar@6.1.13':
     dependencies:
       '@types/node': 22.0.0
       minipass: 4.2.8
 
+  '@types/three@0.169.0':
+    dependencies:
+      '@tweenjs/tween.js': 23.1.3
+      '@types/stats.js': 0.17.3
+      '@types/webxr': 0.5.20
+      '@webgpu/types': 0.1.49
+      fflate: 0.8.2
+      meshoptimizer: 0.18.1
+
   '@types/trusted-types@2.0.7': {}
 
   '@types/turndown@5.0.5': {}
@@ -8222,6 +8079,8 @@ snapshots:
 
   '@types/unist@3.0.2': {}
 
+  '@types/webxr@0.5.20': {}
+
   '@types/ws@8.5.12':
     dependencies:
       '@types/node': 22.0.0
@@ -8402,9 +8261,9 @@ snapshots:
 
   '@vitejs/plugin-react@4.3.1(vite@5.4.8(@types/node@22.0.0))':
     dependencies:
-      '@babel/core': 7.25.7
-      '@babel/plugin-transform-react-jsx-self': 7.24.7(@babel/core@7.25.7)
-      '@babel/plugin-transform-react-jsx-source': 7.24.7(@babel/core@7.25.7)
+      '@babel/core': 7.25.8
+      '@babel/plugin-transform-react-jsx-self': 7.24.7(@babel/core@7.25.8)
+      '@babel/plugin-transform-react-jsx-source': 7.24.7(@babel/core@7.25.8)
       '@types/babel__core': 7.20.5
       react-refresh: 0.14.2
       vite: 5.4.8(@types/node@22.0.0)
@@ -8413,9 +8272,9 @@ snapshots:
 
   '@vitejs/plugin-react@4.3.1(vite@5.4.9(@types/node@22.0.0))':
     dependencies:
-      '@babel/core': 7.25.7
-      '@babel/plugin-transform-react-jsx-self': 7.24.7(@babel/core@7.25.7)
-      '@babel/plugin-transform-react-jsx-source': 7.24.7(@babel/core@7.25.7)
+      '@babel/core': 7.25.8
+      '@babel/plugin-transform-react-jsx-self': 7.24.7(@babel/core@7.25.8)
+      '@babel/plugin-transform-react-jsx-source': 7.24.7(@babel/core@7.25.8)
       '@types/babel__core': 7.20.5
       react-refresh: 0.14.2
       vite: 5.4.9(@types/node@22.0.0)
@@ -8472,6 +8331,8 @@ snapshots:
 
   '@vscode/l10n@0.0.18': {}
 
+  '@webgpu/types@0.1.49': {}
+
   acorn-jsx@5.3.2(acorn@8.12.1):
     dependencies:
       acorn: 8.12.1
@@ -8512,9 +8373,11 @@ snapshots:
       normalize-path: 3.0.0
       picomatch: 2.3.1
 
-  arctic@1.9.2:
+  arctic@2.0.1:
     dependencies:
-      oslo: 1.2.0
+      '@oslojs/crypto': 1.0.1
+      '@oslojs/encoding': 1.1.0
+      '@oslojs/jwt': 0.2.0
 
   arg@5.0.2: {}
 
@@ -8967,6 +8830,8 @@ snapshots:
       is-alphanumerical: 2.0.1
       is-decimal: 2.0.1
 
+  bcryptjs@2.4.3: {}
+
   better-path-resolve@1.0.0:
     dependencies:
       is-windows: 1.0.2
@@ -9143,6 +9008,8 @@ snapshots:
       color-convert: 2.0.1
       color-string: 1.9.1
 
+  colorette@1.4.0: {}
+
   colorette@2.0.20: {}
 
   colorjs.io@0.5.2: {}
@@ -9558,6 +9425,8 @@ snapshots:
 
   fflate@0.7.4: {}
 
+  fflate@0.8.2: {}
+
   fill-range@7.1.1:
     dependencies:
       to-regex-range: 5.0.1
@@ -9621,9 +9490,6 @@ snapshots:
     dependencies:
       minipass: 3.3.6
 
-  fs-monkey@1.0.6:
-    optional: true
-
   fs.realpath@1.0.0: {}
 
   fsevents@2.3.3:
@@ -9675,6 +9541,17 @@ snapshots:
 
   globals@11.12.0: {}
 
+  globby@10.0.1:
+    dependencies:
+      '@types/glob': 7.2.0
+      array-union: 2.1.0
+      dir-glob: 3.0.1
+      fast-glob: 3.3.2
+      glob: 7.2.3
+      ignore: 5.3.1
+      merge2: 1.4.1
+      slash: 3.0.0
+
   globby@11.1.0:
     dependencies:
       array-union: 2.1.0
@@ -10043,6 +9920,8 @@ snapshots:
 
   is-plain-obj@4.1.0: {}
 
+  is-plain-object@3.0.1: {}
+
   is-reference@3.0.2:
     dependencies:
       '@types/estree': 1.0.5
@@ -10228,10 +10107,6 @@ snapshots:
     dependencies:
       yallist: 3.1.1
 
-  lucia@3.2.0:
-    dependencies:
-      oslo: 1.2.0
-
   lunr@2.3.9: {}
 
   magic-string@0.30.11:
@@ -10273,10 +10148,10 @@ snapshots:
     dependencies:
       marked: 13.0.3
 
-  marked-shiki@1.1.0(marked@13.0.3)(shiki@1.14.1):
+  marked-shiki@1.1.0(marked@13.0.3)(shiki@1.22.0):
     dependencies:
       marked: 13.0.3
-      shiki: 1.14.1
+      shiki: 1.22.0
 
   marked-smartypants@1.1.7(marked@13.0.3):
     dependencies:
@@ -10473,18 +10348,10 @@ snapshots:
 
   mdurl@2.0.0: {}
 
-  memfs-browser@3.5.10302:
-    dependencies:
-      memfs: 3.5.3
-    optional: true
-
-  memfs@3.5.3:
-    dependencies:
-      fs-monkey: 1.0.6
-    optional: true
-
   merge2@1.4.1: {}
 
+  meshoptimizer@0.18.1: {}
+
   micromark-core-commonmark@2.0.1:
     dependencies:
       decode-named-character-reference: 1.0.2
@@ -10912,11 +10779,6 @@ snapshots:
 
   os-tmpdir@1.0.2: {}
 
-  oslo@1.2.0:
-    dependencies:
-      '@node-rs/argon2': 1.7.0
-      '@node-rs/bcrypt': 1.9.0
-
   outdent@0.5.0: {}
 
   p-filter@2.1.0:
@@ -11425,6 +11287,14 @@ snapshots:
     dependencies:
       glob: 7.2.3
 
+  rollup-plugin-copy@3.5.0:
+    dependencies:
+      '@types/fs-extra': 8.1.5
+      colorette: 1.4.0
+      fs-extra: 8.1.0
+      globby: 10.0.1
+      is-plain-object: 3.0.1
+
   rollup@4.21.0:
     dependencies:
       '@types/estree': 1.0.5
@@ -11586,12 +11456,6 @@ snapshots:
       '@shikijs/core': 1.14.1
       '@types/hast': 3.0.4
 
-  shiki@1.16.2:
-    dependencies:
-      '@shikijs/core': 1.16.2
-      '@shikijs/vscode-textmate': 9.3.0
-      '@types/hast': 3.0.4
-
   shiki@1.22.0:
     dependencies:
       '@shikijs/core': 1.22.0
@@ -11791,6 +11655,8 @@ snapshots:
     dependencies:
       any-promise: 1.3.0
 
+  three@0.170.0: {}
+
   tiny-inflate@1.0.3: {}
 
   tiny-invariant@1.3.3: {}
diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml
index 59c1cc84a..1329ecdae 100644
--- a/pnpm-workspace.yaml
+++ b/pnpm-workspace.yaml
@@ -1,7 +1,8 @@
-catalog:
+catalog: # Confirmed Current Master Catalog - 11.01.2024
   '@astrojs/db': ^0.14.2
   '@astrojs/markdown-remark': ^5.2.0
   '@astrojs/rss': ^4.0.7
+  '@astrojs/react': ^3.6.2
   '@astrojs/check': ^0.9.4
   '@astrojs/tailwind': ^5.1.2
   '@astrojs/starlight': ^0.28.3
@@ -16,20 +17,25 @@ catalog:
   vite: ^5.4.8
 
 catalogs:
-  min:
+  min: # Confirmed Current Min Deps - 11.01.2024
     astro: ">=4.16"
     '@astrojs/db': ">=0.14.2"
     astro-integration-kit: ">=0.16"
     vite: ^4 || ^5
-  landing:
+
+  landing: # Confirmed Current Landing Deps - 11.01.2024
     motion: ^10.18.0
     tailwindcss: ^3.4.14
     tailwind-merge: ^2.5.4
     tailwind-scrollbar: ^3.1.0
     '@tailwindcss/typography': ^0.5.15
     astro-icon: ^1.1.1
-    '@iconify-json/heroicons': ^1.2.0
-  docs:
+    '@resvg/resvg-js': ^2.6.2
+    html-entities: ^2.5.2
+    satori: ^0.11.1
+    satori-html: ^0.3.2
+
+  docs: # Confirmed Current Docs Deps - 11.01.2024
     "@11ty/eleventy-fetch": ^4.0.1
     "@lorenzo_lewis/starlight-utils": ^0.2.0
     "@types/hast": ^3.0.4
@@ -38,48 +44,80 @@ catalogs:
     hast-util-select: ^6.0.3
     p-retry: ^6.2.0
     rehype: ^13.0.2
-    starlight-versions: ^0.3.0
-    starlight-package-managers: ^0.7.0
     starlight-typedoc: ^0.16.0
     typedoc: ^0.26.10
     typedoc-plugin-markdown: ^4.2.9
-  studiocms:
+    "@shikijs/transformers": ^1.22.0
+    "@shikijs/twoslash": ^1.22.0
+    shiki: ^1.22.0
+    shiki-transformer-color-highlight: ^0.2.0
+    starlight-image-zoom: ^0.8.0
+    hastscript: ^9.0.0
+    hast-util-to-string: ^3.0.1
+    mdast-util-from-markdown: ^2.0.1
+    mdast-util-gfm: ^3.0.0
+    mdast-util-to-hast: ^13.2.0
+    rehype-slug: ^6.0.0
+    rehype-autolink-headings: ^7.1.0
+    rehype-external-links: ^3.0.0
+    "@types/html-escaper": ^3.0.2
+    html-escaper: ^3.0.3
+
+  studiocms: # Confirmed Current CMS Deps - 11.01.2024
     '@types/semver': ^7.5.8
     package-json: ^10.0.1
     semver: ^7.6.3
-  studiocms-core:
+
+  studiocms-core: # Confirmed Current Core Deps - 11.01.2024
     remark-rehype: ^11.1.0
     mdast-util-to-hast: ^13.2.0
-  studiocms-shared:
+    mrmime: ^2.0.0
+    unified: ^11.0.5
+
+  studiocms-devapps: # Confirmed Current DevApps Deps - 11.01.2024
+    "@libsql/client": ^0.14.0
+    "@types/cheerio": ^0.22.35
+    "@types/turndown": ^5.0.5
+    cheerio: ^1.0.0
+    turndown: ^7.2.0
+    html-entities: ^2.5.2
+
+  studiocms-auth: # Confirmed Current Auth Deps - 11.01.2024
+    '@oslojs/crypto': ^1.0.1
+    '@oslojs/encoding': ^1.1.0
+    '@oslojs/binary': ^1.0.0
+    '@types/three': 0.169.0
+    '@types/bcryptjs': ^2.4.6
+    bcryptjs: ^2.4.3
+    arctic: ^2.0.1
+    three: 0.170.0
+    
+  studiocms-shared: # Confirmed Current Shared Deps - 11.01.2024
     '@fontsource-variable/onest': 5.1.0
     '@inox-tools/runtime-logger': ^0.3.4
     '@iconify-json/heroicons': ^1.2.1
-    "@matthiesenxyz/astrolace": ^0.3.2
     "@matthiesenxyz/astrodtsbuilder": ^0.1.2
     "@matthiesenxyz/integration-utils": ^0.2.0
+    rollup-plugin-copy: ^3.5.0
+
+    # Needs to be cleaned up once they are no longer needed
+    "@matthiesenxyz/astrolace": ^0.3.2
     '@matthiesenxyz/unocss-preset-daisyui': ^0.1.2
-    '@markdoc/markdoc': ^0.4.0
-    '@noble/hashes': ^1.5.0
     '@unocss/astro': ^0.62.3
     '@unocss/reset': ^0.62.3
-    '@types/micromatch': ^4.0.9
-    "@astrojs/react": ^3.6.2
+    unocss: ^0.62.3
+    daisyui: ^4.12.10
+
+  studiocms-renderer: # Confirmed Current Renderer Deps - 11.01.2024
+    '@shikijs/transformers': ^1.14.1
+    "@mdx-js/mdx": ^3.0.1
+    '@markdoc/markdoc': ^0.4.0
     "@types/react": ^18.3.5
     "@types/react-dom": ^18.3.0
     react: ^18.3.1
     react-dom: ^18.3.1
-    unocss: ^0.62.3
-    daisyui: ^4.12.10
-    lucia: ^3.2.0
-    arctic: ^1.9.1
-    marked: ^13.0.2
-    micromatch: ^4.0.8
     shiki: ^1.14.1
-    mrmime: ^2.0.0
-    unified: ^11.0.5
-  studiocms-renderer:
-    '@shikijs/transformers': ^1.14.1
-    "@mdx-js/mdx": ^3.0.1
+    marked: ^13.0.2
     marked-alert: ^2.0.1
     marked-emoji: ^1.4.1
     marked-footnote: ^1.2.2
@@ -87,7 +125,8 @@ catalogs:
     marked-smartypants: ^1.1.7
     remark-gfm: ^4.0.0
     rehype-highlight: ^7.0.0
-  studiocms-imagehandler:
+
+  studiocms-imagehandler: # Confirmed Current ImageHandler Deps - 11.01.2024
     '@cloudinary/url-gen': ^1.21.0
 
 packages:
diff --git a/www/docs/astro.config.mts b/www/docs/astro.config.mts
index 35e674ea4..f2b4217b0 100644
--- a/www/docs/astro.config.mts
+++ b/www/docs/astro.config.mts
@@ -57,6 +57,7 @@ export default defineConfig({
 				discord: 'https://chat.studiocms.xyz',
 				youtube: 'https://www.youtube.com/@StudioCMS',
 				'x.com': 'https://x.com/_studiocms',
+				blueSky: 'https://bsky.app/profile/studiocms.xyz',
 			},
 			customCss: [
 				'@shikijs/twoslash/style-rich.css',
diff --git a/www/docs/package.json b/www/docs/package.json
index 717a359ac..cd7f93a82 100644
--- a/www/docs/package.json
+++ b/www/docs/package.json
@@ -5,52 +5,56 @@
   "scripts": {
     "dev": "astro dev",
     "start": "astro dev",
-    "build": "astro check && astro build",
+    "check": "astro check",
+    "build": "astro build",
     "preview": "astro preview",
     "astro": "astro"
   },
   "dependencies": {
-    "@11ty/eleventy-fetch": "catalog:docs",
-    "p-retry": "catalog:docs",
+    "studiocms": "workspace:*",
+    "@studiocms/renderers": "workspace:*",
+    "@studiocms/blog": "workspace:*",
+    "@studiocms/devapps": "workspace:*",
+    "@studiocms/ui": "workspace:*",
+
+    "astro": "catalog:",
     "@astrojs/check": "catalog:",
     "@astrojs/starlight": "catalog:",
-    "@fontsource-variable/onest": "catalog:studiocms-shared",
+    "@astrojs/db": "catalog:",
+    "@astrojs/node": "catalog:",
+    "@astrojs/web-vitals": "catalog:",
+    "@astrojs/react": "catalog:",
+    "sharp": "catalog:",
+    "typescript": "catalog:",
+
+    "@11ty/eleventy-fetch": "catalog:docs",
     "@lorenzo_lewis/starlight-utils": "catalog:docs",
-    "@shikijs/twoslash": "1.22.0",
-    "@shikijs/transformers": "1.22.0",
     "@types/hast": "catalog:docs",
-    "astro": "catalog:",
+    "p-retry": "catalog:docs",
     "astro-embed": "catalog:docs",
     "hast": "catalog:docs",
-    "hastscript": "^9.0.0",
     "hast-util-select": "catalog:docs",
-    "hast-util-to-string": "^3.0.1",
-    "html-escaper": "^3.0.3",
     "rehype": "catalog:docs",
-    "sharp": "catalog:",
     "starlight-typedoc": "catalog:docs",
     "typedoc": "catalog:docs",
     "typedoc-plugin-markdown": "catalog:docs",
-    "typescript": "catalog:",
-    "@studiocms/ui": "workspace:*",
-    "mdast-util-from-markdown": "^2.0.1",
-    "mdast-util-gfm": "^3.0.0",
-    "mdast-util-to-hast": "^13.2.0",
-    "shiki": "1.22.0",
-    "@astrojs/db": "catalog:",
-    "@astrojs/node": "catalog:",
-    "@astrojs/web-vitals": "catalog:",
-    "studiocms": "workspace:*",
-    "@astrojs/react": "catalog:studiocms-shared",
-    "@studiocms/renderers": "workspace:*",
-    "@studiocms/blog": "workspace:*",
-    "@studiocms/devapps": "workspace:*",
-    "starlight-image-zoom": "^0.8.0",
-    "rehype-slug": "^6.0.0",
-    "rehype-autolink-headings": "^7.1.0",
-    "rehype-external-links": "^3.0.0",
-    "@types/html-escaper": "^3.0.2",
-    "shiki-transformer-color-highlight": "^0.2.0",
-    "unified": "^11.0.5"
+    "shiki": "catalog:docs",
+    "@shikijs/twoslash": "catalog:docs",
+    "@shikijs/transformers": "catalog:docs",
+    "shiki-transformer-color-highlight": "catalog:docs",
+    "starlight-image-zoom": "catalog:docs",
+    "hastscript": "catalog:docs",
+    "hast-util-to-string": "catalog:docs",
+    "mdast-util-from-markdown": "catalog:docs",
+    "mdast-util-gfm": "catalog:docs",
+    "mdast-util-to-hast": "catalog:docs",
+    "rehype-slug": "catalog:docs",
+    "rehype-autolink-headings": "catalog:docs",
+    "rehype-external-links": "catalog:docs",
+    "@types/html-escaper": "catalog:docs",
+    "html-escaper": "catalog:docs",
+
+    "@fontsource-variable/onest": "catalog:studiocms-shared",
+    "unified": "catalog:studiocms-core"
   }
 }
diff --git a/www/docs/src/components/PreviewCard.astro b/www/docs/src/components/PreviewCard.astro
index 0396b6b81..fd31d485d 100644
--- a/www/docs/src/components/PreviewCard.astro
+++ b/www/docs/src/components/PreviewCard.astro
@@ -1,7 +1,7 @@
 ---
 type Props = {
-  vertical?: boolean;
-  gapSize?: 'sm' | 'md' | 'lg';
+	vertical?: boolean;
+	gapSize?: 'sm' | 'md' | 'lg';
 };
 
 const { vertical = false, gapSize = 'md' } = Astro.props;
diff --git a/www/docs/src/components/Youtube.astro b/www/docs/src/components/Youtube.astro
index ea35f9614..6e16aaca6 100644
--- a/www/docs/src/components/Youtube.astro
+++ b/www/docs/src/components/Youtube.astro
@@ -1,12 +1,12 @@
 ---
-import { YouTube } from 'astro-embed';
-
-interface Props {
-	id: string;
-	title?: string;
-}
-
-const { id, title } = Astro.props;
+import { YouTube } from 'astro-embed';
+
+interface Props {
+	id: string;
+	title?: string;
+}
+
+const { id, title } = Astro.props;
 ---
 <YouTube id={id} title={title} />
 
diff --git a/www/docs/src/content/docs/config-reference/dashboard.mdx b/www/docs/src/content/docs/config-reference/dashboard.mdx
index cd815fc98..e88cfcacc 100644
--- a/www/docs/src/content/docs/config-reference/dashboard.mdx
+++ b/www/docs/src/content/docs/config-reference/dashboard.mdx
@@ -9,7 +9,7 @@ sidebar:
 
 ## Usage
 
-```ts twoslash {2-24} title="studiocms.config.mjs"
+```ts twoslash {2-16} title="studiocms.config.mjs"
 import { defineStudioCMSConfig } from 'studiocms';
 // ---cut---
 export default defineStudioCMSConfig({
@@ -24,16 +24,8 @@ export default defineStudioCMSConfig({
         },
         enabled: true,
     },
-    UnoCSSConfigOverride: {
-        injectReset: true,
-        injectEntry: true,
-        presetsConfig: {
-            presetDaisyUI: {
-                themes: ['dark', 'light'],
-                lightTheme: 'light',
-                darkTheme: 'dark',
-            },
-        },
+    developerConfig: {
+        testingAndDemoMode: false,
     },
   },
 })
@@ -67,32 +59,24 @@ Allows the user to override the default dashboard route to a custom route.
 
 Allows customization of the Authentication Configuration.
 
-#### `providers`
-
-- **Type:** `authProviderSchema{} | undefined{}`
-
-Allows enabling or disabling of the Authentication Providers.
-
-##### `github`
-
-- **Type:** `boolean | undefined`
-- **Default:** `true`
-
-Allows enabling or disabling of the Github Authentication Provider.
-
-##### `usernameAndPassword`
-
-- **Type:** `boolean | undefined`
-- **Default:** `false`
-
-Allows enabling or disabling of the Username and Password Authentication Provider.
-
-#### `enabled`
-
-- **Type:** `boolean | undefined`
-- **Default:** `true`
-
-Allows enabling or disabling of the Authentication Configuration.
+```ts twoslash {3-12} title="studiocms.config.mjs"
+import { defineStudioCMSConfig } from 'studiocms';
+// ---cut---
+export default defineStudioCMSConfig({
+  dashboardConfig: {
+    AuthConfig: {
+        providers: {
+            github: false,
+            discord: false,
+            google: false,
+            auth0: false,
+            usernameAndPassword: true,
+        },
+        enabled: true,
+    },
+  },
+})
+```
 
 ### `UnoCSSConfigOverride`
 
@@ -153,16 +137,14 @@ Allows the user to set the default dark theme.
 
 Developer Options/Configuration.
 
-#### `viewTransitionsAPI`
-
-- **Type:** `boolean | undefined`
-- **Default:** `false`
-
-Allows the user to enable Astro's ZeroJS View Transition API for the StudioCMS Dashboard.
-
-#### `testingAndDemoMode`
-
-- **Type:** `boolean | undefined`
-- **Default:** `false`
-
-Enables Testing and Demo Mode
+```ts twoslash {3-5} title="studiocms.config.mjs"
+import { defineStudioCMSConfig } from 'studiocms';
+// ---cut---
+export default defineStudioCMSConfig({
+  dashboardConfig: {
+    developerConfig: {
+        testingAndDemoMode: false,
+    },
+  },
+})
+```
diff --git a/www/docs/src/content/docs/how-it-works/index.mdx b/www/docs/src/content/docs/how-it-works/index.mdx
index 17d0d4dc6..d0525b754 100644
--- a/www/docs/src/content/docs/how-it-works/index.mdx
+++ b/www/docs/src/content/docs/how-it-works/index.mdx
@@ -60,6 +60,27 @@ Modules without the `virtual:` prefix have full typings defined and injected int
 - **`studiocms:helpers/headDefaults`**: Provides the exported head defaults for StudioCMS.
 - **`studiocms:helpers/routemap`**: Provides the exported route map for StudioCMS.
 
+### StudioCMS: Auth
+
+The StudioCMS Auth integration provides authentication configuration options for the StudioCMS Dashboard. This integration is used to determine how users can authenticate with the StudioCMS Dashboard.
+
+#### Features
+- **`@oslojs`**: The StudioCMS Auth integration uses the `@oslojs` utilities to handle local authentication options such as username and password.
+- **`arctic`**: The StudioCMS Auth integration uses the `arctic` library to handle OAuth authentication options such as GitHub.
+- **`three`**: The StudioCMS Auth integration uses the ThreeJS library to create a 3D logo animation for the login and signup pages.
+- **`@studiocms/ui`**: The StudioCMS Auth integration uses the `@studiocms/ui` library to provide UI components for the login and signup pages.
+
+#### Auth Virtual Modules
+
+- **`studiocms:auth/lib/encryption`**: Provides encryption functions for the StudioCMS Auth integration.
+- **`studiocms:auth/lib/password`**: Provides password functions for the StudioCMS Auth integration.
+- **`studiocms:auth/lib/session`**: Provides session functions for the StudioCMS Auth integration.
+- **`studiocms:auth/lib/types`**: Provides types for the StudioCMS Auth integration.
+- **`studiocms:auth/lib/user`**: Provides user functions for the StudioCMS Auth integration.
+- **`studiocms:auth/utils/authEnvCheck`**: Provides authentication environment check functions for the StudioCMS Auth integration.
+- **`studiocms:auth/scripts/three`**: Provides ThreeJS scripts for the StudioCMS Auth integration.
+- **`studiocms:auth/scripts/formListener`**: Provides form listener scripts for the StudioCMS Auth integration.
+
 ### StudioCMS: Dashboard
 
 The StudioCMS Dashboard is a web interface that allows you to manage your StudioCMS project. It provides a user-friendly interface for creating, editing, and deleting content for your project. The StudioCMS Dashboard is built with [Astro](https://astro.build) and [DaisyUI](https://daisyui.com/) with [UnoCSS](https://unocss.dev).
@@ -73,10 +94,6 @@ The StudioCMS Dashboard is a web interface that allows you to manage your Studio
 - **Astrolace**: The StudioCMS Dashboard is built using [Astrolace](https://github.com/matthiesenxyz/astrolace) a [Shoelace.style](https://shoelace.style) Astro Integration.
 - **DashboardRouteOverride**: The StudioCMS Dashboard provides a dashboard route override configuration option. Allowing you to change the default route for the StudioCMS Dashboard and API.
 
-#### Dashboard Virtual Modules
-
-- **`studiocms:auth/config`**: Provides the authentication configuration for the dashboard.
-
 ### StudioCMS: ImageHandler
 
 The StudioCMS ImageHandler is an integration that provides a custom image component for your Astro project. This component is used to handle remote images and optimize them in a SSR environment.
diff --git a/www/docs/src/content/docs/start-here/environment-variables.mdx b/www/docs/src/content/docs/start-here/environment-variables.mdx
index 5d1aedd61..8204399a3 100644
--- a/www/docs/src/content/docs/start-here/environment-variables.mdx
+++ b/www/docs/src/content/docs/start-here/environment-variables.mdx
@@ -29,66 +29,75 @@ StudioCMS makes use of Astro's new Experimental [`astro:env`](https://docs.astro
 
 ```bash title=".env"
 ASTRO_DB_REMOTE_URL=libsql://your.server.io
-ASTRO_DB_APP_TOKEN=token-to-your-remote-url
+ASTRO_DB_APP_TOKEN=eyJh...RUCg
 ```
 
 <ReadMore>For more information about `@astrojs/db` see, the [Astro docs for Astro DB](https://docs.astro.build/en/guides/astro-db/)</ReadMore>
 
-## Authentication Environment Variables
+### Encryption Key for `@studiocms/auth`
 
-Currently there are 5 ways to authenticate with StudioCMS:
+`CMS_ENCRYPTION_KEY` - A secure encryption key for encrypting sensitive data
 
-<Aside type="tip" title="Local Development oAuth">
-Use `http://localhost:4321` for local development and testing callback urls, and `https://your-domain.tld` for your callback urls in production!
+```bash title=".env"
+CMS_ENCRYPTION_KEY="wqR+w...sRcg=="
+```
+
+<Aside type="note" title="Use OpenSSL">
+You can generate a secure encryption key using the following command: 
+```bash
+openssl rand --base64 16
+``` 
 </Aside>
 
-### GitHub
+## oAuth Authentication Environment Variables
+
+<ReadMore>
+For more information about setting up oAuth authentication, see the [Configure oAuth Authentication](/start-here/getting-started/#optional-configure-oauth-authentication) documentation.
+</ReadMore>
+
+### GitHub (Optional)
 
 To authenticate with GitHub, you need to add the following environment variables to your `.env` file:
 
 ```bash title=".env"
 # credentials for GitHub OAuth
-# Callback URL for github (NOT AN ENV VARIABLE): 'http://localhost:4321/dashboard/login/github/callback'
-CMS_GITHUB_CLIENT_ID=your_client_id
-CMS_GITHUB_CLIENT_SECRET=your_client_secret
+CMS_GITHUB_CLIENT_ID=
+CMS_GITHUB_CLIENT_SECRET=
+CMS_GITHUB_REDIRECT_URI=
 ```
 
-### Discord
+<Aside type="note" title="Note">
+`CMS_GITHUB_REDIRECT_URI` is optional if you are using multiple redirect URIs with GitHub oAuth.
+</Aside>
+
+### Discord (Optional)
 
 ```bash title=".env"
 # credentials for Discord OAuth
 CMS_DISCORD_CLIENT_ID=
 CMS_DISCORD_CLIENT_SECRET=
-CMS_DISCORD_REDIRECT_URI=http://localhost:4321/dashboard/login/discord/callback
+CMS_DISCORD_REDIRECT_URI=
 ```
 
-### Google
+### Google (Optional)
 
 ```bash title=".env"
 # credentials for Google OAuth
 CMS_GOOGLE_CLIENT_ID=
 CMS_GOOGLE_CLIENT_SECRET=
-CMS_GOOGLE_REDIRECT_URI=http://localhost:4321/dashboard/login/google/callback
+CMS_GOOGLE_REDIRECT_URI=
 ```
 
-### Auth0
+### Auth0 (Optional)
 
 ```bash title=".env"
 # credentials for auth0 OAuth
 CMS_AUTH0_CLIENT_ID=
 CMS_AUTH0_CLIENT_SECRET=
 CMS_AUTH0_DOMAIN=
-CMS_AUTH0_REDIRECT_URI=http://localhost:4321/dashboard/login/auth0/callback
+CMS_AUTH0_REDIRECT_URI=
 ```
 
-### Username and Password
-
-Alternatively, you can authenticate with StudioCMS using your username and password which doesn't require any additional environment variables.
-
-<Aside type="note">
-When Username and Password authentication is enabled you can modify its configuration and level of security using the generated `studiocms-auth.config.json` file.
-</Aside>
-
 ## Image Handler Environment Variables
 
 ### Cloudinary (Optional)
diff --git a/www/docs/src/content/docs/start-here/getting-started.mdx b/www/docs/src/content/docs/start-here/getting-started.mdx
index 3f86aadd0..b7d312fa5 100644
--- a/www/docs/src/content/docs/start-here/getting-started.mdx
+++ b/www/docs/src/content/docs/start-here/getting-started.mdx
@@ -153,11 +153,61 @@ If you skipped the npm install step during the CLI wizard, then be sure to insta
 
 </Tabs>
 
+Please note that the `site` option in the `astro.config.mjs` file is required for StudioCMS to work correctly. You can set this to your site's URL or a placeholder URL. (i.e. `https://demo.studiocms.xyz/` or `http://localhost:4321/`)
 
 <Aside type="note" title="SSR Only">
 StudioCMS requires SSR mode to work correctly. Make sure to set `output: 'server'` and an adapter that supports SSR in your `astro.config.mjs` file.
 </Aside>
 
+## Configure authentication
+
+StudioCMS Auth requires atleast the [Encryption Key](/start-here/environment-variables/#encryption-key-for-studiocmsauth) to be set in your `.env` file.
+
+The following environment variables are required for StudioCMS authentication:
+
+```bash title=".env"
+# encryption key for username and password authentication
+CMS_ENCRYPTION_KEY="wqR+w...sRcg=="
+```
+
+You can generate a secure encryption key using the following command: 
+
+```bash
+openssl rand --base64 16
+``` 
+
+And set the output as the value for `CMS_ENCRYPTION_KEY`.
+
+<ReadMore>
+For more information about all the available authentication environment variables see, [Envrionment variables](/start-here/environment-variables/) page.
+</ReadMore>
+
+### Optional: Configure oAuth authentication
+
+StudioCMS supports oAuth authentication with GitHub, Discord, Google, and Auth0. To configure oAuth authentication, you'll need to set the [required environment variables in your `.env` file](/start-here/environment-variables/#oauth-authentication-environment-variables), and ensure that the provider is [enabled in your config](/config-reference/dashboard/#authconfig).
+
+For setting up oAuth providers, they require a callback URL. The callback URL is the path where the provider will redirect the user after authentication. 
+
+#### Setting up the callback URL
+
+The callback URL should be set to one of the following paths based on your environment:
+
+| Environment   | Callback URL |
+|---------------|--------------|
+| Production    | `https://your-domain.tld/studiocms_api/auth/<provider>/callback` |
+| Testing & Dev | `http://localhost:4321/studiocms_api/auth/<provider>/callback` |
+
+#### Example callback URL paths
+
+The following paths are examples of the callback URL for each provider:
+
+| Provider | Callback PATH |
+|----------|---------------|
+| GitHub   | `/studiocms_api/auth/github/callback` |
+| Discord  | `/studiocms_api/auth/discord/callback` |
+| Google   | `/studiocms_api/auth/google/callback` |
+| Auth0    | `/studiocms_api/auth/auth0/callback` |
+
 ## Configure your `package.json` scripts
 
 Setup your `package.json` scripts to include the `--remote` flag for build, and optionally for dev. (You can also run the dev command as shown in the ["Running your StudioCMS Project"](#running-your-studiocms-project) section)
@@ -182,9 +232,13 @@ Thanks to the power of Astro running StudioCMS is as easy as running the dev com
 To start your Astro project, run the following commands in your terminal:
 
     <PackageManagers type="exec" args="astro db push --remote" />
-    <PackageManagers type="run" args="dev --remote # '--remote' can be removed if you have set the scripts in your package.json" />
+    <PackageManagers type="run" args="dev --remote" />
 
-After running the commands, you should see a message indicating that your project is running at `localhost:4321`. When first setting up StudioCMS, you will prompted to finish configuring StudioCMS at http://localhost:4321/start
+<Aside type="note">
+The `--remote` flag can be removed if you have set the scripts in your `package.json` file to include the flag. This is explained in the ["Configure your `package.json` scripts"](#configure-your-packagejson-scripts) section.
+</Aside>
+
+After running the commands, you should see a message indicating that your project is running at `localhost:4321`. When first setting up StudioCMS, you will prompted to finish configuring StudioCMS at `http://localhost:4321/start`
 
 ### Running in Astro Development mode locally
 
@@ -196,9 +250,17 @@ After running the command, you should see a message indicating that your project
 
 **Congratulations!** 🥳 You now have StudioCMS installed in your Astro project.
 
-## Next steps
+### Building and deploying your StudioCMS project
+
+After running the [first time setup steps](#first-time-setup-or-during-updates-if-the-tables-schema-is-updated), you should build and deploy your StudioCMS project to your server.
+
+By default, StudioCMS's dashboard is available at `http://your-domain.tld/dashboard`.
 
-Now that you have StudioCMS installed, you can start building your project with StudioCMS.
+This dashboard will be available for you to manage your content and settings in development mode and production mode. 
+
+It is recommended to use StudioCMS in production mode only, as the dashboard is meant to be used by the built project. (You may see some issues/errors in development mode such as a Vite dep error.)
+
+## Next steps
 
 <ReadMore>
 Check out how to set [Environment Variables](/start-here/environment-variables) in StudioCMS.
diff --git a/www/docs/typedoc.config.ts b/www/docs/typedoc.config.ts
index 5ca24c7b7..327775c6b 100644
--- a/www/docs/typedoc.config.ts
+++ b/www/docs/typedoc.config.ts
@@ -25,10 +25,13 @@ const [tdDevApps, tdDevApps_SB] = createStarlightTypeDocPlugin();
 // @studiocms/blog
 const [tdBlog, tdBlog_SB] = createStarlightTypeDocPlugin();
 
+// Set to true to enable testing mode for TypeDoc
+const testTypeDoc = false;
+
 const isProd = process.env.NODE_ENV === 'production';
 
-const TypeDocPlugins = (isProd: boolean): StarlightPlugin[] => {
-	if (isProd) {
+const TypeDocPlugins = (isProd: boolean, testingMode: boolean): StarlightPlugin[] => {
+	if (isProd || testingMode) {
 		return [
 			tdStudioCMS(
 				makeTypedocOpts({
@@ -50,14 +53,18 @@ const TypeDocPlugins = (isProd: boolean): StarlightPlugin[] => {
 					entryPoints: [
 						getFilePathToPackage('studiocms_auth', 'src/index.ts'),
 						getFilePathToPackage('studiocms_auth', 'src/integration.ts'),
-						getFilePathToPackage('studiocms_auth', 'src/middleware/index.ts'),
-						getFilePathToPackage('studiocms_auth', 'src/middleware/router.ts'),
-						getFilePathToPackage('studiocms_auth', 'src/auth/index.ts'),
-						getFilePathToPackage('studiocms_auth', 'src/auth/lucia-astrodb-adapter.ts'),
-						getFilePathToPackage('studiocms_auth', 'src/helpers/authHelper.ts'),
-						getFilePathToPackage('studiocms_auth', 'src/astroenv/env.ts'),
-						getFilePathToPackage('studiocms_auth', 'src/utils/authEnvCheck.ts'),
+						getFilePathToPackage('studiocms_auth', 'src/schema.ts'),
 						getFilePathToPackage('studiocms_auth', 'src/utils/checkENV.ts'),
+						getFilePathToPackage('studiocms_auth', 'src/astroenv/env.ts'),
+						getFilePathToPackage('studiocms_auth', 'src/stubs/auth-lib.ts'),
+						getFilePathToPackage('studiocms_auth', 'src/stubs/auth-scripts.ts'),
+						getFilePathToPackage('studiocms_auth', 'src/stubs/auth-utils.ts'),
+						getFilePathToPackage('studiocms_auth', 'src/lib/encryption.ts'),
+						getFilePathToPackage('studiocms_auth', 'src/lib/password.ts'),
+						getFilePathToPackage('studiocms_auth', 'src/lib/rate-limit.ts'),
+						getFilePathToPackage('studiocms_auth', 'src/lib/session.ts'),
+						getFilePathToPackage('studiocms_auth', 'src/lib/types.ts'),
+						getFilePathToPackage('studiocms_auth', 'src/lib/user.ts'),
 					],
 				})
 			),
@@ -229,10 +236,10 @@ const TypeDocPlugins = (isProd: boolean): StarlightPlugin[] => {
 	return [] as StarlightPlugin[];
 };
 
-export const typeDocPlugins = TypeDocPlugins(isProd);
+export const typeDocPlugins = TypeDocPlugins(isProd, testTypeDoc);
 
-const TypeDocSideBarEntry = (isProd: boolean) => {
-	if (isProd) {
+const TypeDocSideBarEntry = (isProd: boolean, testingMode: boolean) => {
+	if (isProd || testingMode) {
 		return {
 			label: 'TypeDoc',
 			badge: {
@@ -270,4 +277,4 @@ const TypeDocSideBarEntry = (isProd: boolean) => {
 	};
 };
 
-export const typeDocSideBarEntry = TypeDocSideBarEntry(isProd);
+export const typeDocSideBarEntry = TypeDocSideBarEntry(isProd, testTypeDoc);
diff --git a/www/web/package.json b/www/web/package.json
index 64fd18d0a..029f3b853 100644
--- a/www/web/package.json
+++ b/www/web/package.json
@@ -12,20 +12,22 @@
   "dependencies": {
     "@astrojs/check": "catalog:",
     "@astrojs/tailwind": "catalog:",
+    "astro": "catalog:",
+    "sharp": "catalog:",
+    "typescript": "catalog:",
+
     "@fontsource-variable/onest": "catalog:studiocms-shared",
     "@iconify-json/heroicons": "catalog:studiocms-shared",
-    "@resvg/resvg-js": "^2.6.2",
+
     "@tailwindcss/typography": "catalog:landing",
-    "astro": "catalog:",
     "astro-icon": "catalog:landing",
-    "html-entities": "^2.5.2",
     "motion": "catalog:landing",
-    "sharp": "catalog:",
-    "satori": "^0.11.1",
-    "satori-html": "^0.3.2",
     "tailwind-merge": "catalog:landing",
     "tailwind-scrollbar": "catalog:landing",
     "tailwindcss": "catalog:landing",
-    "typescript": "catalog:"
+    "@resvg/resvg-js": "catalog:landing",
+    "html-entities": "catalog:landing",
+    "satori": "catalog:landing",
+    "satori-html": "catalog:landing"
   }
 }