←back to thread

Show HN: Shadcn/UI theme editor – Design and share Shadcn themes

(shadcnthemer.com)
134 points miketromba | 1 comments | 25 Oct 25 19:51 UTC | HN request time: 0s | source

Hey, I built https://ShadcnThemer.com - a web app for creating and sharing themes for shadcn/ui, made with my some of my favorites, Next.js 15, Tailwind CSS 4, Drizzle ORM, and Supabase.

The goal was to make it easy to visually design shadcn color themes, preview them live across various example UIs, and export them straight into your projects (as CSS or via the shadcn CLI registry command).

I had a bit of experience going into this because I built the Theme Studio for VS Code in the past, but it was fun using a modern stack and leveraging Cursor to help me along the way this time.

GitHub: https://github.com/miketromba/shadcn-themer

Show context
meindnoch ◴[25 Oct 25 21:35 UTC] No.45707186[source]
>Sign in or create an account with your email

Into the trash it goes.

replies(2): >>45707375 #>>45709116 #
slig ◴[25 Oct 25 22:07 UTC] No.45707375[source]
That's unfair. You can browse, preview and get the CSS variables without signing up.
replies(1): >>45707501 #
LoganDark ◴[25 Oct 25 22:31 UTC] No.45707501[source]
Email magic links are dumb. On top of that, forms that don't let you specify whether to login or to create an account are extra dumb. With magic links, one can't log in with just their password manager, and with a stupid combo form, anyone who mis-types or mis-remembers their email address just accidentally created a new account (or a new link that creates an account).
replies(2): >>45707545 #>>45709359 #
devilsdata ◴[25 Oct 25 22:41 UTC] No.45707545{3}[source]
Email magic links are inconvenient for the user, but they're not dumb. They're a pretty good option for a small project by a developer doesn't want to implement a whole auth flow, or pay for an OAuth provider.

It's a tradeoff. If you roll your own password flow, you need to add MFA to be secure. The complexity of what you need to build and maintain goes up.

A simple magic link flow for an app like this, where you are really only likely to log into it once per project you start.

Personally though, I also use a password manager. And I am annoyed enough by email magic links, that any of my personal projects will at least have a passkey implementation.

So I agree they're annoying. But they're definitely not "dumb". They're a tradeoff. This developer has chosen his own time over user convenience; which is a common tradeoff for small developers.

replies(1): >>45707892 #
LoganDark ◴[25 Oct 25 23:56 UTC] No.45707892{4}[source]
The problem with magic links is that the secret is sent with each login attempt. It's just like SMS verification codes - an attacker that controls the email address, or the phone number, can log right in. In this case, probably without even resetting a password. Plus, with no way to verify the account owner other than the email address, if the email address is lost or changed, the account's as good as gone.

Also yes they're super annoying for the user too. It's inconvenient and less secure.

Passkeys are awesome, yeah.

replies(2): >>45708347 #>>45715370 #
bobbiechen ◴[26 Oct 25 01:27 UTC] No.45708347{5}[source]
As opposed to username/password, where... An attacker that controls the email address can log right in.

Unless you mean to say I should set up 2FA for my CSS theme variable helper website?

Passkeys and OAuth/social login are great, but everyone has an email. And I don't think any mainstream site supports only passkey as an auth method (and no other way).

replies(2): >>45709365 #>>45717072 #
1. tonyhart7 ◴[26 Oct 25 05:24 UTC] No.45709365{6}[source]
"Passkeys and OAuth/social login are great, but everyone has an email"

big tech is only allowing Social login from another big tech anyway, they use whitelist and banning everyone that dont use that because they cant guarantee untrusted "third party"