-
-## Overview
-
-This is the repository for the documentation page for Auth.js!
-
-NextAuth.js is a complete open source authentication solution for [Next.js](http://nextjs.org/) applications.
-
-This documentation site is based on the [Docusaurus](https://docusaurus.io) framework.
-
-## Getting Started
-
-To start a local environment of this project, please do the following.
-
-1. Clone the repository.
-
-```bash
-$ git clone https://github.com/nextauthjs/docs.git
-```
-
-2. Install dependencies
-
-```bash
-$ npm install
-```
-
-3. Start the development server
-
-```bash
-$ npm start
-```
-
-And thats all! Now you should have a local copy of this docs site running at [localhost:3000](http://localhost:3000)!
-
-## Contributing
-
-We're open to all community contributions! If you'd like to contribute in any way, please first read our [Contributing Guide](https://github.com/nextauthjs/.github/blob/main/CONTRIBUTING.md).
-
-## License
-
-ISC
diff --git a/docs-nextra/assets/img/blobs/blob1.svg b/docs/assets/img/blobs/blob1.svg
similarity index 100%
rename from docs-nextra/assets/img/blobs/blob1.svg
rename to docs/assets/img/blobs/blob1.svg
diff --git a/docs-nextra/assets/img/blobs/blob2.svg b/docs/assets/img/blobs/blob2.svg
similarity index 100%
rename from docs-nextra/assets/img/blobs/blob2.svg
rename to docs/assets/img/blobs/blob2.svg
diff --git a/docs-nextra/assets/img/blobs/blob3.svg b/docs/assets/img/blobs/blob3.svg
similarity index 100%
rename from docs-nextra/assets/img/blobs/blob3.svg
rename to docs/assets/img/blobs/blob3.svg
diff --git a/docs-nextra/components/marquee.jsx b/docs/components/marquee.jsx
similarity index 100%
rename from docs-nextra/components/marquee.jsx
rename to docs/components/marquee.jsx
diff --git a/docs-nextra/components/triangle.jsx b/docs/components/triangle.jsx
similarity index 100%
rename from docs-nextra/components/triangle.jsx
rename to docs/components/triangle.jsx
diff --git a/docs/docs/concepts/_category_.json b/docs/docs/concepts/_category_.json
deleted file mode 100644
index d8c58ebe..00000000
--- a/docs/docs/concepts/_category_.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
- "label": "Concepts",
- "collapsible": true,
- "collapsed": true
-}
diff --git a/docs/docs/concepts/faq.md b/docs/docs/concepts/faq.md
deleted file mode 100644
index f7d6649a..00000000
--- a/docs/docs/concepts/faq.md
+++ /dev/null
@@ -1,359 +0,0 @@
----
-id: faq
-title: Frequently Asked Questions
----
-
-## About Auth.js
-
-### Is Auth.js commercial software?
-
-Auth.js is an open source project built by individual contributors.
-
-It is not commercial software and is not associated with a commercial organization.
-
----
-
-## Compatibility
-
-
-
-
What databases does Auth.js support?
-
-
-
-You can use Auth.js with MySQL, MariaDB, Postgres, MongoDB and SQLite or without a database. (See our [using a database adapter guide](/guides/adapters/using-a-database-adapter)).
-
-You can use also Auth.js with any database using a custom database adapter, or by using a custom credentials authentication provider - e.g. to support signing in with a username and password stored in an existing database.
-
-
-
-
-
-
-
What authentication services does Auth.js support?
-
-
-
-
Auth.js includes built-in support for signing in with
-(See also: Providers)
-
-
-Auth.js also supports email for passwordless sign in, which is useful for account recovery or for people who are not able to use an account with the configured OAuth services (e.g. due to service outage, account suspension or otherwise becoming locked out of an account).
-
-You can also use a custom based provider to support signing in with a username and password stored in an external database and/or using two factor authentication.
-
-
-
-
-
-
-
Does Auth.js support signing in with a username and password?
-
-
-
-Auth.js is designed to avoid the need to store passwords for user accounts.
-
-If you have an existing database of usernames and passwords, you can use a custom credentials provider to allow signing in with a username and password stored in an existing database.
-
-_If you use a custom credentials provider user accounts will not be persisted in a database by Auth.js (even if one is configured). The option to use JSON Web Tokens for session tokens (which allow sign in without using a session database) must be enabled to use a custom credentials provider._
-
-
-
-
-
-
-
Can I use Auth.js with a website that does not use Next.js?
-
-
-
-Auth.js is designed for use with Next.js and Serverless.
-
-If you are using a different framework for your website, you can create a website that handles sign in with Next.js and then access those sessions on a website that does not use Next.js as long as the websites are on the same domain.
-
-If you use Auth.js on a website with a different subdomain then the rest of your website (e.g. `auth.example.com` vs `www.example.com`) you will need to set a custom cookie domain policy for the Session Token cookie. (See also: [Cookies](/reference/configuration/auth-config#cookies))
-
-Auth.js does not currently support automatically signing into sites on different top level domains (e.g. `www.example.com` vs `www.example.org`) using a single session.
-
-
-
-
-
-
-
Can I use Auth.js with React Native?
-
-
-
-Auth.js is designed as a secure, confidential client and implements a server side authentication flow.
-
-It is not intended to be used in native applications on desktop or mobile applications, which typically implement public clients (e.g. with client / secrets embedded in the application).
-
-
-
-
-
-
-
Is Auth.js supporting TypeScript?
-
-
-
-Yes! Check out the [TypeScript docs](/getting-started/typescript)
-
-
-
-
-
-
-
Is Auth.js compatible with Next.js 12 Middleware?
-
-
-
-[Next.js Middleware](https://nextjs.org/docs/middleware) is supported. Head over to the [this page](/reference/nextjs/#middleware)
-
-
-
-
----
-
-## Databases
-
-
-
-
What databases are supported by Auth.js?
-
-
-
-Auth.js can be used with MySQL, Postgres, MongoDB, SQLite and compatible databases (e.g. MariaDB, Amazon Aurora, Amazon DocumentDB…) or with no database.
-
-It also provides an Adapter API which allows you to connect it to any database.
-
-
-
-
-
-
-
What does Auth.js use databases for?
-
-
-
-Databases in Auth.js are used for persisting users, OAuth accounts, email sign in tokens and sessions.
-
-Specifying a database is optional if you don't need to persist user data or support email sign in. If you don't specify a database then JSON Web Tokens will be enabled for session storage and used to store session data.
-
-If you are using a database with Auth.js, you can still explicitly enable JSON Web Tokens for sessions (instead of using database sessions).
-
-
-
-
-
-
-
Should I use a database?
-
-
-
-- Using Auth.js without a database works well for internal tools - where you need to control who is able to sign in, but when you do not need to create user accounts for them in your application.
-
-- Using Auth.js with a database is usually a better approach for a consumer facing application where you need to persist accounts (e.g. for billing, to contact customers, etc).
-
-
-
-
-
-
-
What database should I use?
-
-
-
-Managed database solutions for MySQL, Postgres and MongoDB (and compatible databases) are well supported from cloud providers such as Amazon, Google, Microsoft and Atlas.
-
-If you are deploying directly to a particular cloud platform you may also want to consider serverless database offerings they have (e.g. [Amazon Aurora Serverless on AWS](https://aws.amazon.com/rds/aurora/serverless/)).
-
-
-
-
----
-
-## Security
-
-Parts of this section has been moved to its [own page](/getting-started/security).
-
-
-
-
How do I get Refresh Tokens and Access Tokens for an OAuth account?
-
-
-
-Auth.js provides a solution for authentication, session management and user account creation.
-
-Auth.js records Refresh Tokens and Access Tokens on sign in (if supplied by the provider) and it will pass them, along with the User ID, Provider and Provider Account ID, to either:
-
-1. A database - if a database connection string is provided
-2. The JSON Web Token callback - if JWT sessions are enabled (e.g. if no database specified)
-
-You can then look them up from the database or persist them to the JSON Web Token.
-
-Note: Auth.js does not currently handle Access Token rotation for OAuth providers for you, however you can check out [this tutorial](/guides/basics/refresh-token-rotation) if you want to implement it.
-
-We also have an [example repository](https://github.com/nextauthjs/next-auth-refresh-token-example) / project based upon Auth.js v4 where we demonstrate how to use a refresh token to refresh the provided access token.
-
-
-
-
-
-
-
When I sign in with another account with the same email address, why are accounts not linked automatically?
-
-
-
-Automatic account linking on sign in is not secure between arbitrary providers - with the exception of allowing users to sign in via an email addresses as a fallback (as they must verify their email address as part of the flow).
-
-When an email address is associated with an OAuth account it does not necessarily mean that it has been verified as belonging to account holder — how email address verification is handled is not part of the OAuth specification and varies between providers (e.g. some do not verify first, some do verify first, others return metadata indicating the verification status).
-
-With automatic account linking on sign in, this can be exploited by bad actors to hijack accounts by creating an OAuth account associated with the email address of another user.
-
-For this reason it is not secure to automatically link accounts between arbitrary providers on sign in, which is why this feature is generally not provided by authentication service and is not provided by Auth.js.
-
-Automatic account linking is seen on some sites, sometimes insecurely. It can be technically possible to do automatic account linking securely if you trust all the providers involved to ensure they have securely verified the email address associated with the account, but requires placing trust (and transferring the risk) to those providers to handle the process securely.
-
-Examples of scenarios where this is secure include with an OAuth provider you control (e.g. that only authorizes users internal to your organization) or with a provider you explicitly trust to have verified the users email address.
-
-Automatic account linking is not a planned feature of Auth.js, however there is scope to improve the user experience of account linking and of handling this flow, in a secure way. Typically this involves providing a fallback option to sign in via email, which is already possible (and recommended), but the current implementation of this flow could be improved on.
-
-Providing support for secure account linking and unlinking of additional providers - which can only be done if a user is already signed in already - was originally a feature in v1.x but has not been present since v2.0, is planned to return in a future release.
-
-
-
-
----
-
-## Feature Requests
-
-
-
-
Why doesn't Auth.js support [a particular feature]?
-
-
-
-Auth.js is an open source project built by individual contributors who are volunteers writing code and providing support in their spare time.
-
-If you would like Auth.js to support a particular feature, the best way to help make it happen is to raise a feature request describing the feature and offer to work with other contributors to develop and test it.
-
-If you are not able to develop a feature yourself, you can offer to sponsor someone to work on it.
-
-
-
-
-
-
-
I disagree with a design decision, how can I change your mind?
-
-
-
-Product design decisions on Auth.js are made by core team members.
-
-You can raise suggestions as feature requests / requests for enhancement.
-
-Requests that provide the detail requested in the template and follow the format requested may be more likely to be supported, as additional detail prompted in the templates often provides important context.
-
-Ultimately if your request is not accepted or is not actively in development, you are always free to fork the project under the terms of the ISC License.
-
-
-
-
----
-
-## JSON Web Tokens
-
-
-
-
Does Auth.js use JSON Web Tokens?
-
-
-
-Auth.js by default uses JSON Web Tokens for saving the user's session. However, if you use a [database adapter](/guides/adapters/using-a-database-adapter), the database will be used to persist the user's session. You can force the usage of JWT when using a database [through the configuration options](/reference/configuration/auth-config#session). Since v4 all our JWT tokens are now encrypted by default with A256GCM.
-
-
-
-
-
-
-
What are the advantages of JSON Web Tokens?
-
-
-
-JSON Web Tokens can be used for session tokens, but are also used for lots of other things, such as sending signed objects between services in authentication flows.
-
-- Advantages of using a JWT as a session token include that they do not require a database to store sessions, this can be faster and cheaper to run and easier to scale.
-
-- JSON Web Tokens in Auth.js are secured using cryptographic encryption (JWE) to store the included information directly in a JWT session token. You may then use the token to pass information between services and APIs on the same domain without having to contact a database to verify the included information.
-
-- You can use JWT to securely store information you do not mind the client knowing even without encryption, as the JWT is stored in a server-readable-only cookie so data in the JWT is not accessible to third party JavaScript running on your site.
-
-
-
-
-
-
-
What are the disadvantages of JSON Web Tokens?
-
-
-
-- You cannot as easily expire a JSON Web Token - doing so requires maintaining a server side blocklist of invalid tokens (at least until they expire) and checking every token against the list every time a token is presented.
-
- Shorter session expiry times are used when using JSON Web Tokens as session tokens to allow sessions to be invalidated sooner and simplify this problem.
-
- Auth.js client includes advanced features to mitigate the downsides of using shorter session expiry times on the user experience, including automatic session token rotation, optionally sending keep alive messages to prevent short lived sessions from expiring if there is an window or tab open, background re-validation, and automatic tab/window syncing that keeps sessions in sync across windows any time session state changes or a window or tab gains or loses focus.
-
-- As with database session tokens, JSON Web Tokens are limited in the amount of data you can store in them. There is typically a limit of around 4096 bytes per cookie, though the exact limit varies between browsers, proxies and hosting services. If you want to support most browsers, then do not exceed 4096 bytes per cookie. If you want to save more data, you will need to persist your sessions in a database (Source: [browsercookielimits.iain.guru](http://browsercookielimits.iain.guru/))
-
- The more data you try to store in a token and the more other cookies you set, the closer you will come to this limit. Since v4 we have implemented cookie chunking so that cookies over the 4kb limit get split and reassembled upon parsing. However since this data needs to be transmitted on every request, if you wish to store more than ~4 KB of data you're probably at the point where you want to store a unique ID in the token and persist the data elsewhere (e.g. in a server-side key/value store).
-
-- Data stored in an encrypted JSON Web Token (JWE) may be compromised at some point.
-
- Even if appropriately configured, information stored in an encrypted JWT should not be assumed to be impossible to decrypt at some point - e.g. due to the discovery of a defect or advances in technology.
-
- Avoid storing any data in a token that might be problematic if it were to be decrypted in the future.
-
-- If you do not explicitly specify a secret for for Auth.js, existing sessions will be invalidated any time your Auth.js configuration changes, as Auth.js will default to an auto-generated secret. Since v4 this only impacts development and generating a secret is required in production.
-
-
-
-
-
-
-
Are JSON Web Tokens secure?
-
-
-
-By default tokens are not signed (JWS) but are encrypted (JWE). Since v4 we have implemented cookie chunking so that cookies over the 4kb limit get split and reassembled upon parsing.
-
-You can specify other valid algorithms - [as specified in RFC 7518](https://tools.ietf.org/html/rfc7517) - with either a secret (for symmetric encryption) or a public/private key pair (for asymmetric encryption).
-
-Auth.js will generate keys for you, but this will generate a warning at start up.
-
-Using explicit public/private keys for signing is strongly recommended.
-
-
-
-
-
-
-
What signing and encryption standards does Auth.js support?
-
-
-
-Auth.js includes a largely complete implementation of JSON Object Signing and Encryption (JOSE):
-
-- [RFC 7515 - JSON Web Signature (JWS)](https://tools.ietf.org/html/rfc7515)
-- [RFC 7516 - JSON Web Encryption (JWE)](https://tools.ietf.org/html/rfc7516)
-- [RFC 7517 - JSON Web Key (JWK)](https://tools.ietf.org/html/rfc7517)
-- [RFC 7518 - JSON Web Algorithms (JWA)](https://tools.ietf.org/html/rfc7518)
-- [RFC 7519 - JSON Web Token (JWT)](https://tools.ietf.org/html/rfc7519)
-
-This incorporates support for:
-
-- [RFC 7638 - JSON Web Key Thumbprint](https://tools.ietf.org/html/rfc7638)
-- [RFC 7787 - JSON JWS Unencoded Payload Option](https://tools.ietf.org/html/rfc7797)
-- [RFC 8037 - CFRG Elliptic Curve ECDH and Signatures](https://tools.ietf.org/html/rfc8037)
-
-
-
diff --git a/docs/docs/concepts/oauth.md b/docs/docs/concepts/oauth.md
deleted file mode 100644
index 3d708cd5..00000000
--- a/docs/docs/concepts/oauth.md
+++ /dev/null
@@ -1,51 +0,0 @@
----
-title: How OAuth works
----
-
-Authentication Providers in **Auth.js** are OAuth definitions that allow your users to sign in with their favorite preexisting logins. You can use any of our many predefined providers, or write your own custom OAuth configuration.
-
-- [Using a built-in OAuth Provider](#built-in-providers) (e.g Github, Twitter, Google, etc...)
-- [Using a custom OAuth Provider](#using-a-custom-provider)
-
-:::note
-Auth.js is designed to work with any OAuth service, it supports **OAuth 1.0**, **1.0A**, **2.0** and **OpenID Connect** and has built-in support for most popular sign-in services.
-:::
-
-Without going into too much detail, the OAuth flow generally has 6 parts:
-
-1. The application requests authorization to access service resources from the user
-2. If the user authorized the request, the application receives an authorization grant
-3. The application requests an access token from the authorization server (API) by presenting authentication of its own identity, and the authorization grant
-4. If the application identity is authenticated and the authorization grant is valid, the authorization server (API) issues an access token to the application. Authorization is complete.
-5. The application requests the resource from the resource server (API) and presents the access token for authentication
-6. If the access token is valid, the resource server (API) serves the resource to the application
-
-```mermaid
-sequenceDiagram
- participant Browser
- participant App Server
- participant Auth Server (Github)
- Note left of Browser: User clicks on "Sign in"
- Browser->>App Server: GET "api/auth/signin"
- App Server->>App Server: Computes the available sign in providers from the "providers" option
- App Server->>Browser: Redirects to Sign in page
- Note left of Browser: Sign in options are shown the user (Github, Twitter, etc...)
- Note left of Browser: User clicks on "Sign in with Github"
- Browser->>App Server: POST "api/auth/signin/github"
- App Server->>App Server: Computes sign in options for Github (scopes, callback URL, etc...)
- App Server->>Auth Server (Github): GET "github.com/login/oauth/authorize"
- Note left of Auth Server (Github): Sign in options are supplied as query params (clientId, scope, etc...)
- Auth Server (Github)->>Browser: Shows sign in page in Github.com to the user
- Note left of Browser: User inserts their credentials in Github
- Browser->>Auth Server (Github): Github validates the inserted credentials
- Auth Server (Github)->>Auth Server (Github): Generates one time access code and calls callback URL defined in App settings
- Auth Server (Github)->>App Server: GET "api/auth/github/callback?code=123"
- App Server->>App Server: Grabs code to exchange it for access token
- App Server->>Auth Server (Github): POST "github.com/login/oauth/access_token" {code: 123}
- Auth Server (Github)->>Auth Server (Github): Verifies code is valid and generates access token
- Auth Server (Github)->>App Server: { access_token: 16C7x... }
- App Server->>App Server: Generates session token and stores session
- App Server->>Browser: You're now logged in!
-```
-
-For more details, check out Aaron Parecki's blog post [OAuth2 Simplified](https://aaronparecki.com/oauth-2-simplified/) or Postman's blog post [OAuth 2.0: Implicit Flow is Dead, Try PKCE Instead](https://blog.postman.com/pkce-oauth-how-to/).
diff --git a/docs/docs/contributors.md b/docs/docs/contributors.md
deleted file mode 100644
index 189a92e1..00000000
--- a/docs/docs/contributors.md
+++ /dev/null
@@ -1,42 +0,0 @@
----
-title: Contributors
-displayed_sidebar: null
----
-
-## Core team
-
-Without these people, the project could not have become one of the most used authentication library in its category.
-
-- [Balázs Orbán](https://github.com/balazsorban44) - **Lead Maintainer**
-- [Thang Vu](https://github.com/ThangHuuVu) - Maintainer (Core)
-- [Nico Domino](https://github.com/ndom91) - Maintainer (Core, Documentation)
-- [Lluis Agusti](https://github.com/lluia) - Maintainer (Documentation, Testing, TypeScript)
-
-## Special thanks
-
-Special thanks to Lori Karikari for creating most of the original provider configurations to Fredrik Pettersen for creating the original Prisma Adapter, to Gerald Nolan for adding support for Sign in with Apple, and to Jefferson Bledsoe for working on original testing automations.
-
-- [Lori Karikari](https://github.com/LoriKarikari)
-- [Fredrik Pettersen](https://github.com/Fumler)
-- [Gerald Nolan](https://github.com/geraldnolan)
-- [Jefferson Bledsoe](https://github.com/JeffersonBledsoe)
-
-## Other contributors
-
-Auth.js as it exists today has been possible thanks to the work of many individual contributors.
-
-Thank you to the [dozens of individual contributors](https://github.com/nextauthjs/next-auth/graphs/contributors) who have help shaped Auth.js.
-
-## Open Collective
-
-You can find Auth.js on Open Collective. We are very thankful for all of our existing contributors and would be delighted if you or your company would decide to join them.
-
-More information can be found at: https://opencollective.com/nextauth
-
-## History
-
-- Auth.js was originally developed by Iain Collins in 2016 for Next.js.
-
-- In 2020, Auth.js was rebuilt from the ground up to support Serverless, with support for MySQL, Postgres and MongoDB, JSON Web Tokens and built in support for over a dozen authentication providers.
-
-- In 2021, efforts have started to move Auth.js to other frameworks and to support as many databases and providers as possible.
diff --git a/docs/docs/getting-started/01-introduction.md b/docs/docs/getting-started/01-introduction.md
deleted file mode 100644
index 1efdbb14..00000000
--- a/docs/docs/getting-started/01-introduction.md
+++ /dev/null
@@ -1,44 +0,0 @@
----
-title: Introduction
-sidebar_position: 0
----
-
-## About Auth.js
-
-Auth.js is a complete open-source authentication solution for web applications. Check out the live demos of Auth.js in action:
-
-- [Next.js](https://next-auth-example.vercel.app/)
-- [SvelteKit](https://sveltekit-auth-example.vercel.app/)
-- [SolidStart](https://auth-solid.vercel.app/)
-
-Continue to our tutorials to see how to use Auth.js for authentication:
-
-- [Setup with OAuth](/getting-started/oauth-tutorial)
-- [Setup with magic links](/getting-started/email-tutorial)
-- [Integrating with external auth](/getting-started/credentials-tutorial)
-
-### Battery included
-
-- Built in support for 60+ popular services (Google, Facebook, Auth0, Apple…)
-- Built-in email/password-less/magic link
-- Use with any OAuth 2 or OpenID Connect provider
-- Use with any username/password store
-
-### Flexible
-- Runtime agnostic - run anywhere! Vercel Edge Functions, Node.js, Serverless, etc.
-- Use with any modern framework! Next.js, SolidStart, SvelteKit, etc.
-- [Bring Your Own Database](/getting-started/databases) - or none! MySQL, Postgres, MSSQL, MongoDB, etc. Choose database sessions or JWT.
-
-_Note: Email sign-in requires a database to store single-use verification tokens._
-
-### Secure by default
-- Signed, prefixed, server-only cookies
-- Built-in CSRF protection
-- Doesn't rely on client-side JavaScript
-- JWT with JWS / JWE / JWK.
-
-## Credits
-
-Auth.js is an open-source project that is only possible [thanks to contributors](/contributors).
-
-To financially support the development of Auth.js, you can check our [OpenCollective](https://opencollective.com/nextauth) page. We appreciate your support 💚.
diff --git a/docs/docs/getting-started/02-oauth-tutorial.mdx b/docs/docs/getting-started/02-oauth-tutorial.mdx
deleted file mode 100644
index 7b081a93..00000000
--- a/docs/docs/getting-started/02-oauth-tutorial.mdx
+++ /dev/null
@@ -1,369 +0,0 @@
----
-title: OAuth authentication
----
-
-import creatingOauthAppImg from "./img/getting-started-creating-oauth-app.png"
-import addingCallbackUrlImg from "./img/getting-started-oauth-callback-url.png"
-import gettingClientIdSecretImg from "./img/getting-started-oauth-clientid-secret.png"
-import startAppAndSignInImg from "./img/getting-started-app-start.png"
-import githubAuthCredentials from "./img/getting-started-github-auth.png"
-import nextAuthUserLoggedIn from "./img/getting-started-nextauth-success.png"
-import Tabs from "@theme/Tabs"
-import TabItem from "@theme/TabItem"
-
-The goal of Auth.js is that you can add authentication easily to your project with just a few lines of code.
-
-The fastest way to set up Auth.js is with an [OAuth](/concepts/oauth) provider. In this tutorial, we'll be setting Auth.js in a web application to be able to log in with **GitHub**.
-
-:::info
-Auth.js comes with a list of [built-in providers](/reference/providers/oauth-builtin) (Google, Facebook, Twitter, etc.). You can also integrate it with your OAuth service by [building a custom provider](/guides/providers/custom-provider).
-:::
-
-## 1. Configuring Auth.js
-
-To add Auth.js to your project:
-
-
-
-
-### Prerequisites
-
-This tutorial assumes you have a Next.js application set up. If you don't, you can follow the [Next.js tutorial](https://nextjs.org/learn/basics/create-nextjs-app) to get started.
-
-### Installing NextAuth.js
-
-```bash npm2yarn
-npm install next-auth
-```
-
-:::info
-We are working on a new `@auth/nextjs` package that will make it easier to set up Auth.js with Next.js. Stay tuned! For now, you can use the `next-auth` package.
-:::
-
-### Creating the server config
-
-Create the following [API route](https://nextjs.org/docs/api-routes/dynamic-api-routes#catch-all-api-routes) file. This route contains the necessary configuration for NextAuth.js, as well as the dynamic route handler:
-
-```ts title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import GithubProvider from "next-auth/providers/github"
-
-export default NextAuth({
- providers: [
- GithubProvider({
- clientId: process.env.GITHUB_ID,
- clientSecret: process.env.GITHUB_SECRET,
- }),
- ],
-})
-```
-
-:::info
-
-Behind the scenes, this creates all the relevant OAuth API routes within `/api/auth/*` so that auth API requests to:
-
-- [GET `/api/auth/signin`](https://authjs.dev/reference/rest-api#get--apiauthsignin)
-- [POST `/api/auth/signin/:provider`](https://authjs.dev/reference/rest-api#post--apiauthsigninprovider)
-- [GET/POST `/api/auth/callback/:provider`](https://authjs.dev/reference/rest-api#get--post--apiauthcallbackprovider)
-- [GET `/api/auth/signout`](https://authjs.dev/reference/rest-api#get--apiauthsignout)
-- [POST `/api/auth/signout`](https://authjs.dev/reference/rest-api#post--apiauthsignout)
-- [GET `/api/auth/session`](https://authjs.dev/reference/rest-api#get--apiauthsession)
-- [GET `/api/auth/csrf`](https://authjs.dev/reference/rest-api#get--apiauthcsrf)
-- [GET `/api/auth/providers`](https://authjs.dev/reference/rest-api#get--apiauthproviders)
-
-can be handled by NextAuth.js. In this way, NextAuth.js stays in charge of the whole application's authentication request/response flow.
-
-NextAuth.js is fully customizable - [our guides section](/guides/overview) teaches you how to set it up to handle auth in different ways. All the possible configuration options are [listed here](/reference/configuration/auth-config).
-:::
-
-### Adding environment variables
-
-You may notice we are using environment variables in the code example above. We take the value of `GITHUB_ID` and `GITHUB_SECRET` from the GitHub Developer OAuth Portal. See [Configuring OAuth Provider](/getting-started/oauth-tutorial#2-configuring-oauth-provider) section on how to get those.
-
-In your project root, create a `.env.local` file and add the `NEXTAUTH_SECRET` environment variable:
-
-```title=".env.local"
-NEXTAUTH_SECRET="This is an example"
-```
-
-`NEXTAUTH_SECRET` is a random string used by the library to encrypt tokens and email verification hashes, and **it's mandatory to keep things secure**! 🔥 🔐 . You can use:
-
-```
-$ openssl rand -base64 32
-```
-
-or https://generate-secret.vercel.app/32 to generate a random value for it.
-
-### Exposing the session via `SessionProvider`:
-
-NextAuth.js provides [`useSession()`](/reference/react/#usesession) - a [React Hooks](https://reactjs.org/docs/hooks-intro.html) to access the session data and status. To use it first you'll need to expose the session context - [``](/reference/react/#sessionprovider) - at the top level of your application:
-
-```ts title="pages/_app.tsx"
-import { SessionProvider } from "next-auth/react"
-
-export default function App({
- Component,
- pageProps: { session, ...pageProps },
-}) {
- return (
-
-
-
- )
-}
-```
-
-Instances of `useSession` (more on it in the next section) will have access to the session data and status. The `` also keep the session updated and synced between browser tabs and windows. 💪🏽
-
-:::tip
-Check our [client docs](/reference/react/) to learn all the available options for handling sessions on the browser.
-:::
-
-### Consuming the session via hooks
-
-You can use the `useSession` hook from anywhere in your application (E.g. in a header component). Behind the scenes, the hook will connect to the `` to read the current user session. Learn more about React Context in the [React docs](https://reactjs.org/docs/context.html).
-
-```ts title="pages/overview.tsx"
-import { useSession, signIn, signOut } from "next-auth/react"
-
-export default function CamperVanPage() {
- const { data: session, status } = useSession()
- const userEmail = session?.user.email
-
- if (status === "loading") {
- return
-
- >
- )
-}
-```
-
-### Protecting API Routes
-
-To protect your API Routes (blocking unauthorized access to resources), you can use [`getServerSession()`](/reference/nextjs#getserversession) to know whether a session exists or not:
-
-```ts title="pages/api/movies/list.ts"
-import { getServerSession } from "next-auth/next"
-import { authOptions } from "../auth/[...nextauth]"
-
-export default async function listMovies(req, res) {
- const session = await getServerSession(req, res, authOptions)
-
- if (session) {
- res.send({
- movies: [
- { title: "Alien vs Predator", id: 1 },
- { title: "Reservoir Dogs", id: 2 },
- ],
- })
- } else {
- res.send({
- error: "You must sign in to view movies.",
- })
- }
-}
-```
-
-
-
-TODO: SvelteKit
-
-
-TODO: SolidStart
-
-
-TODO Core
-
-
-
-## 2. Configuring OAuth Provider
-
-Ok, we have our app set up with NextAuth.js, however, if you run the app right now, it won't work as we haven't configured our OAuth provider (**GitHub**) yet.
-
-:::info
-When using OAuth you're asking for a third-party service (in this case GitHub, although it could be Google, Twitter, etc...) to handle user authentication for your app.
-:::
-
-We need to register our new app in GitHub, so that when NextAuth.js forwards the authorization requests to it, GitHub can recognize your application and prompt the user to sign in.
-
-
-
-Log in to **GitHub**, go to [`Settings / Developers / OAuth Apps`](https://github.com/settings/developers) and click "New OAuth App"
-
-Next, you'll be presented with a screen to add details about your new application. Fill in the required fields, but pay extra attention to the **Authorization Callback URL** one:
-
-
-
-The callback URL we insert should have the following pattern:
-
-```
-[origin]/api/auth/callback/[provider]
-```
-
-In this case, given we want to try our authentication working locally on our machine and we're using **GitHub** as our OAuth provider, it'll be:
-
-
-
-
-```
-http://localhost:3000/api/auth/callback/github
-```
-
-:::info
-NextAuth.js will already create this API endpoint for you when we start the application later. Note that because we're using Next.js, locally it starts our server on port `3000` by default. Hence, the origin is `http://localhost:3000`.
-:::
-
-
-
-
-```
-http://localhost:5173/auth/callback/github
-```
-
-
-
- TODO SolidStart
-
-
-TODO Core
-
-
-:::info
-The last part of the URL, `[provider]`, is the ID of the provider you're using. In this case, we're using GitHub, so it's `github`. If you're using Google, it'll be `google`, etc... We keep track of the provider IDs internally.
-The same id is used in the `signIn()` method we saw earlier.
-:::
-To register, tap on "Register application" button.
-
-The next screen shows all the configurations for your newly created OAuth app. For now, we need two things from it - the **Client ID** and **Client Secret**:
-
-
-
-The Client ID is always there, a public identifier of your OAuth application within GitHub. Click on the **Generate a new client Secret** button and should be presented with a new string (which is just a randomized string).
-
-:::warning
-Keep both your Client ID and Client Secret secure and never expose them to the public or share them with people outside your organization. With them, a malicious actor could hijack your application and cause you and your user serious problems!
-:::
-
-Cool! We have finished configuring our OAuth provider, now let's wire all together so we can finally see authentication working in our app!
-
-:::info
-As noted previously, NextAuth.js has built-in support for multiple OAuth providers, here is the full list. You can also easily build your own in case the provider you need is not on the list.
-
-Note that, for each provider, the configuration process will be similar to what we just did:
-
-1. Log in to the provider
-2. Create create your OAuth application within it
-3. Set the callback URL
-4. Get the Client ID and Generate a Client Secret
-:::
-
-## 3. Wiring all together
-
-Finally, we just need to reference our **Client ID** and **Client Secret** we just generated in the previous in our Auth.js config. In this way, the library will be able to use them when forwarding users to GitHub, and GitHub will be able to recognize the request as generated from our application.
-
-Now let's copy both the Client ID and Client Secret and paste them into an environment file in the root of your project like so:
-
-```title=".env.local"
-GITHUB_ID=12345
-GITHUB_SECRET=67890
-```
-
-Here is our server configuration file again:
-
-
-
-
-```ts title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import GithubProvider from "next-auth/providers/github"
-
-export default NextAuth({
- providers: [
- GithubProvider({
- clientId: process.env.GITHUB_ID,
- clientSecret: process.env.GITHUB_SECRET,
- }),
- ],
-})
-```
-
-Great! We're now ready to run our application locally. Start the Next.js app by running on your terminal the following command and navigating to [`http://localhost:3000`](http://localhost:3000):
-
-```
-$ npm run next dev
-```
-
-
-
-TODO SvelteKit
-
-
-TODO SolidStart
-
-
-TODO Core
-
-
-
-You should see the following page:
-
-
-
-Click on "Sign in" and then on "Sign in with GitHub": Auth.js will redirect you to GitHub, and GitHub will recognize our app [that we just registered](#2-configuring-oauth-provider) and ask the user (in this case you) to enter its credentials to proceed:
-
-
-
-Once inserted and correct, GitHub will redirect the user to our app and NextAuth.js will take care of any further calls with GitHub to get access to the user profile and start a user session safely in the background:
-
-
-
-Great! We have completed the whole E2E authentication flow setup so that users can log in to our application through GitHub!
-
-## 4. Deploying to production
-
-### Configuring different environments
-
-It's normal to test your application in different environments. Usually, you'll have a development environment (when you run the application locally on your machine), a staging environment (for team members to try the application), and a production environment.
-
-For each environment, you need to create an OAuth application in your provider respectively, as [we did previously](#2-configuring-oauth-provider), and point the **callback URL** to it.
-
-For instance, in the previous section, we pointed the callback URL to `http://localhost:3000/api/auth/callback/github` as we wanted to test our application in the development environment.
-
-If we were to deploy our app to production, we would need to create a new **OAuth App** in GitHub (calling it something like "Van life – prod") and point the **callback URL** to our production domain: `https://example.com/api/auth/callback/github`
-
-Finally, we would need to point the environment variables we set ( `GITHUB_ID` and `GITHUB_SECRET` ) to the credentials of the OAuth app we want our application to run with.
-
-### Setting up `NEXTAUTH_URL`
-
-:::tip
-Skip this section if you are deploying to Vercel.
-:::
-
-When deploying your site, **you need to set** the `NEXTAUTH_URL` environment variable to the canonical URL of your website:
-
-```
-NEXTAUTH_URL=https://example.com
-```
-
-:::warning
-In production, this needs to be set as an environment variable on the service you use to deploy your app.
-
-To set environment variables on Vercel, you can use the [dashboard](https://vercel.com/dashboard) or the `vercel env pull` [command](https://vercel.com/docs/build-step#development-environment-variables).
-:::
-
-For more information please check out our [deployment page](/guides/basics/deployment).
diff --git a/docs/docs/getting-started/03-email-tutorial.mdx b/docs/docs/getting-started/03-email-tutorial.mdx
deleted file mode 100644
index 69d01f63..00000000
--- a/docs/docs/getting-started/03-email-tutorial.mdx
+++ /dev/null
@@ -1,201 +0,0 @@
----
-title: Email authentication
----
-
-import smtpConfig from "./img/dashboard-smtp.png"
-import startPageImg from "./img/email-tutorial-start.png"
-import checkPageImg from "./img/email-tutorial-check.png"
-import mailboxImg from "./img/email-tutorial-mailbox.png"
-import loggedInImg from "./img/email-tutorial-logged.png"
-
-Aside from authenticating users in Auth.js via [OAuth](/getting-started/oauth-tutorial), you can also enable the option to authenticate them via "magic links". These are links that are sent to the user's email and when clicking on them they'll sign up the user automatically.
-
-Adding support for signing in via email in addition to one or more OAuth services provides a way for users to sign in if they lose access to their OAuth account (e.g. if it is locked or deleted).
-
-The Email provider can be used in conjunction with (or instead of) one or more OAuth providers.
-
-## How it works
-
-On initial sign in, a **Verification Token** is sent to the email address provided. By default this token **is valid for 24 hours**. If the Verification Token is used within that time (i.e. by clicking on the link in the email) an account is created for the user and they are signed in.
-
-:::tip
-The Email Provider can be used with both JSON Web Tokens and database sessions, but you [must configure a database adapter](/guides/adapters/using-a-database-adapter) to use it. It is not possible to enable email sign in without using a database.
-:::
-
-## 1. Installing `nodemailer`
-
-[`nodemailer`](https://www.npmjs.com/package/nodemailer) is a [peer dependency](https://nodejs.org/en/blog/npm/peer-dependencies/) when using the Email Provider. This means we need to install before we can start sending emails:
-
-```bash npm2yarn2pnpm
-npm install -D nodemailer
-```
-
-`nodemailer` will enable us to send emails from NodeJS, which the runtime on which Next.js application operate.
-
-## 2. Setting up a SMTP service
-
-Next we need a [SMTP service](https://sendgrid.com/blog/what-is-an-smtp-server/) which will be in charge of sending emails from our application. There's a number of services available for this, however [here are the ones](http://nodemailer.com/smtp/well-known/) known to work with `nodemailer`.
-
-:::info
-For this tutorial, we're going to be using [Sendgrid](https://sendgrid.com/), but any of the services linked above should work the same
-:::
-
-First create an account in and then login to the dashboard, then navigate to "Settings → API Keys" and create an API key:
-
-
-
-Next paste the API in your terminal as so, and run the command:
-
-```bash
-echo -n '' | openssl base64
-```
-
-Next, as [per Sendgrid documentation](https://docs.sendgrid.com/for-developers/sending-email/integrating-with-the-smtp-api), let's add the following [environment variables](https://nextjs.org/docs/basic-features/environment-variables) in our Next.js app:
-
-```bash title=".env.local"
-SMTP_USER=apikey
-SMTP_PASSWORD={API_KEY}
-SMTP_HOST=smtp.sendgrid.net
-SMTP_PORT=587
-EMAIL_FROM={SENDER_EMAIL}
-```
-
-Note that we're also specifying from which domain email are going to be sent from. You're going to need to verify [a sender identity](https://docs.sendgrid.com/for-developers/sending-email/sender-identity) so that Sendgrid can send emails from your domain.
-
-Nice! We're getting there. Now we need to read supply this values as the configuration for our Email Provider. Open `pages/api/auth/[...nextauth].ts` and do the following:
-
-```ts title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import EmailProvider from "next-auth/providers/email"
-
-export default NextAuth({
- providers: [
- Email({
- server: {
- host: process.env.SMTP_HOST,
- port: Number(process.env.SMTP_PORT),
- auth: {
- user: process.env.SMTP_USER,
- pass: process.env.SMTP_PASSWORD,
- },
- },
- from: process.env.EMAIL_FROM,
- }),
- ],
-})
-```
-
-## 3. Setting up an adapter
-
-Finally, we'll need to set up a database adapter to store verification tokens the Email Provider will emit when verifying users.
-
-An **Adapter** in Auth.js connects your application to whatever database or backend system you want to use to store data for users, their accounts, sessions, etc...
-
-For this tutorial, we're going to use the **MongoDB** adapter, other any of the other adapters will work just fine.
-
-First, let's start by installing the adapter package:
-
-```bash npm2yarn2pnpm
-npm install -D @next-auth/mongodb-adapter mongodb
-```
-
-and create a simple MongoDB client:
-
-```ts title="lib/mongodb/client.ts"
-// This approach is taken from https://github.com/vercel/next.js/tree/canary/examples/with-mongodb
-import { MongoClient } from "mongodb"
-
-const uri = process.env.MONGODB_URI
-const options = {
- useUnifiedTopology: true,
- useNewUrlParser: true,
-}
-
-let client
-let clientPromise
-
-if (!process.env.MONGODB_URI) {
- throw new Error("Please add your Mongo URI to .env.local")
-}
-
-if (process.env.NODE_ENV === "development") {
- // In development mode, use a global variable so that the value
- // is preserved across module reloads caused by HMR (Hot Module Replacement).
- if (!global._mongoClientPromise) {
- client = new MongoClient(uri, options)
- global._mongoClientPromise = client.connect()
- }
- clientPromise = global._mongoClientPromise
-} else {
- // In production mode, it's best to not use a global variable.
- client = new MongoClient(uri, options)
- clientPromise = client.connect()
-}
-
-// Export a module-scoped MongoClient promise. By doing this in a
-// separate module, the client can be shared across functions.
-export default clientPromise
-```
-
-And now let's reference this new adapter from our Auth.js configuration file:
-
-```diff title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import EmailProvider from "next-auth/providers/email"
-+ import { MongoDBAdapter } from "@next-auth/mongodb-adapter"
-+ import clientPromise from "../../../lib/mongodb/client"
-
-export default NextAuth({
- secret: process.env.NEXTAUTH_SECRET,
-+ adapter: MongoDBAdapter(clientPromise),
- providers: [
- EmailProvider({
- server: {
- host: process.env.EMAIL_SERVER_HOST,
- port: process.env.EMAIL_SERVER_PORT,
- auth: {
- user: process.env.EMAIL_SERVER_USER,
- pass: process.env.EMAIL_SERVER_PASSWORD
- }
- },
- from: process.env.EMAIL_FROM
- }),
- ],
-})
-```
-
-## 4. Wiring all together
-
-Now that everything is properly configured, let's try to sign in via email on our application.
-
-Let's start by running a Next.js application with NextAuth, making sure the **EmailProvider** and a Database Adapter are properly configured as per the instructions above.
-
-For this tutorial we're going to be using NextAuth example app. Launch the app and click on "Sign in", we're redirected to the Sign In page:
-
-
-
-:::info
-You can customize the look and feel of your Sign in page pretty easily with NextAuth. Refer to our [pages guide](/guides/basics/pages) for that!
-:::
-
-Then we insert the email address we want to log-in with in the Email credentials section and click on "Sign in with Email".
-
-NextAuth will then display another page hinting the user to check their email:
-
-
-
-Let's now check our email, and look for one sent from NextAuth (check your spam folder just in case):
-
-
-
-Nice! We got one, coming from the sender specified in the `EMAIL_FROM` environment variable from our configuration above and that's is the sender we verified in Sendgrid.
-
-Click on "Sign in" and a new browser tab will open, you should then land on your application as authenticated!
-
-
-
-Easy right? We had to configure Sendgrid and install a database adapter so the user sessions can be saved somewhere, but once done NextAuth will deal with all the user session management for us in a secure way!
-
-:::info
-A user account (i.e. an entry in the Users table) will not be created for the user until the first time they verify their email address. If an email address is already associated with an account, the user will be signed in to that account when they use the link in the email.
-:::
diff --git a/docs/docs/getting-started/04-credentials-tutorial.mdx b/docs/docs/getting-started/04-credentials-tutorial.mdx
deleted file mode 100644
index 3e1f8a13..00000000
--- a/docs/docs/getting-started/04-credentials-tutorial.mdx
+++ /dev/null
@@ -1,56 +0,0 @@
----
-title: Credentials authentication
----
-
-Auth.js is built in a way that is flexible to integrate it with any authentication back-end you or your company may already have.
-
-This library has been designed to handle the user session client-wise, to support multiple authentication methods (OAuth, Email, etc...) so that you're not forced to run your own authentication service.
-
-In case you already have an authentication service, you can use the Credentials Provider, which will just forward the credentials inserted by the user in the login form to your service.
-
-For this tutorial, we're going to use [Auth.js example app](https://github.com/nextauthjs/next-auth-example) as a base.
-
-:::warning
-The functionality provided for credentials based authentication is intentionally limited to discourage use of passwords due to the inherent security risks associated with them and the additional complexity associated with supporting usernames and passwords.
-:::
-
-Integrating the Credentials Provider is as simple as initializing it in the Auth.js configuration file:
-
-```ts title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import CredentialsProvider from "next-auth/providers/credentials"
-
-export default NextAuth({
- providers: [
- CredentialsProvider({
- async authorize(credentials) {
- const authResponse = await fetch("/users/login", {
- method: "POST",
- headers: {
- "Content-Type": "application/json",
- },
- body: JSON.stringify(credentials),
- })
-
- if (!authResponse.ok) {
- return null
- }
-
- const user = await authResponse.json()
-
- return user
- },
- }),
- ],
-})
-```
-
-:::note
-Check the [Credentials Provider options](/reference/providers/credentials) for further customization
-:::
-
-Note that we only need to define an `authorize` method that is in charge of receiving the credentials inserted by the user and call the authorization service.
-
-:::info
-If you're using TypeScript, you can [augment the `User` interface](/getting-started/typescript#module-augmentation) to match the response of your `authorize` callback, so whenever you read the user in other callbacks (like the `jwt`) the type will match correctly.
-:::
diff --git a/docs/docs/getting-started/05-typescript.md b/docs/docs/getting-started/05-typescript.md
deleted file mode 100644
index b78adaa6..00000000
--- a/docs/docs/getting-started/05-typescript.md
+++ /dev/null
@@ -1,162 +0,0 @@
----
-title: TypeScript
----
-
-Auth.js has its own type definitions to use in your TypeScript projects safely. Even if you don't use TypeScript, IDEs like VSCode will pick this up to provide you with a better developer experience. While you are typing, you will get suggestions about what certain objects/functions look like, and sometimes links to documentation, examples, and other valuable resources.
-
-Check out the example repository showcasing how to use `next-auth` on a Next.js application with TypeScript:
-https://github.com/nextauthjs/next-auth-example
-
----
-
-## Adapters
-
-If you're writing your own custom Adapter, you can take advantage of the types to make sure your implementation conforms to what's expected:
-
-```ts
-import type { Adapter } from "next-auth/adapters"
-
-function MyAdapter(): Adapter {
- return {
- // your adapter methods here
- }
-}
-```
-
-When writing your own custom Adapter in plain JavaScript, note that you can use **JSDoc** to get helpful editor hints and auto-completion like so:
-
-```js
-/** @return { import("next-auth/adapters").Adapter } */
-function MyAdapter() {
- return {
- // your adapter methods here
- }
-}
-```
-
-:::note
-This will work in code editors with a strong TypeScript integration like VSCode or WebStorm. It might not work if you're using more lightweight editors like VIM or Atom.
-:::
-
-## Module Augmentation
-
-`next-auth` comes with certain types/interfaces that are shared across submodules. Good examples are `Session` and `JWT`. Ideally, you should only need to create these types at a single place, and TS should pick them up in every location where they are referenced. Luckily, Module Augmentation is exactly that, which can do this for us. Define your shared interfaces in a single place, and get type-safety across your application when using `next-auth` (or one of its submodules).
-
-### Main module
-
-Let's look at `Session`:
-
-```ts title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-
-export default NextAuth({
- callbacks: {
- session({ session, token, user }) {
- return session // The return type will match the one returned in `useSession()`
- },
- },
-})
-```
-
-```ts title="pages/index.ts"
-import { useSession } from "next-auth/react"
-
-export default function IndexPage() {
- // `session` will match the returned value of `callbacks.session()` from `NextAuth()`
- const { data: session } = useSession()
-
- return (
- // Your component
- )
-}
-```
-
-To extend/augment this type, create a `types/next-auth.d.ts` file in your project:
-
-```ts title="types/next-auth.d.ts"
-import NextAuth from "next-auth"
-
-declare module "next-auth" {
- /**
- * Returned by `useSession`, `getSession` and received as a prop on the `SessionProvider` React Context
- */
- interface Session {
- user: {
- /** The user's postal address. */
- address: string
- }
- }
-}
-```
-
-#### Extend default interface properties
-
-By default, TypeScript will merge new interface properties and overwrite existing ones. In this case, the default session user properties will be overwritten, with the new one defined above.
-
-If you want to keep the default session user properties, you need to add them back into the newly declared interface:
-
-```ts title="types/next-auth.d.ts"
-import NextAuth, { DefaultSession } from "next-auth"
-
-declare module "next-auth" {
- /**
- * Returned by `useSession`, `getSession` and received as a prop on the `SessionProvider` React Context
- */
- interface Session {
- user: {
- /** The user's postal address. */
- address: string
- } & DefaultSession["user"]
- }
-}
-```
-
-#### Popular interfaces to augment
-
-Although you can augment almost anything, here are some of the more common interfaces that you might want to override in the `next-auth` module:
-
-```ts
-/**
- * The shape of the user object returned in the OAuth providers' `profile` callback,
- * or the second parameter of the `session` callback, when using a database.
- */
-interface User {}
-/**
- * Usually contains information about the provider being used
- * and also extends `TokenSet`, which is different tokens returned by OAuth Providers.
- */
-interface Account {}
-/** The OAuth profile returned from your provider */
-interface Profile {}
-```
-
-Make sure that the `types` folder is added to [`typeRoots`](https://www.typescriptlang.org/tsconfig/#typeRoots) in your project's `tsconfig.json` file.
-
-### Submodules
-
-The `JWT` interface can be found in the `next-auth/jwt` submodule:
-
-```ts title="types/next-auth.d.ts"
-import { JWT } from "next-auth/jwt"
-
-declare module "next-auth/jwt" {
- /** Returned by the `jwt` callback and `getToken`, when using JWT sessions */
- interface JWT {
- /** OpenID ID Token */
- idToken?: string
- }
-}
-```
-
-### Useful links
-
-1. [TypeScript documentation: Module Augmentation](https://www.typescriptlang.org/docs/handbook/declaration-merging.html#module-augmentation)
-2. [Digital Ocean: Module Augmentation in TypeScript](https://www.digitalocean.com/community/tutorials/typescript-module-augmentation)
-
-## Contributing
-
-Contributions of any kind are always welcome, especially for TypeScript. Please keep in mind that we are a small team working on this project in our free time. We will try our best to give support, but if you think you have a solution for a problem, please open a PR!
-
-:::note
-When contributing to TypeScript, if the actual JavaScript user API does not change in a breaking manner, we reserve the right to push any TypeScript change in a minor release. This ensures that we can keep on a faster release cycle.
-:::
diff --git a/docs/docs/getting-started/06-databases.md b/docs/docs/getting-started/06-databases.md
deleted file mode 100644
index 974f14df..00000000
--- a/docs/docs/getting-started/06-databases.md
+++ /dev/null
@@ -1,18 +0,0 @@
----
-title: Databases
----
-
-Auth.js offers multiple database adapters. Check our guides on:
-
-- [using a database adapter](/guides/adapters/using-a-database-adapter)
-- [creating your own](/guides/adapters/creating-a-database-adapter)
-
-> As of **v4** Auth.js no longer ships with an adapter included by default. If you would like to persist any information, you need to install one of the many available adapters yourself. See the individual adapter documentation pages for more details.
-
-To learn more about databases in Auth.js and how they are used, check out [databases in the FAQ](/concepts/faq#databases).
-
----
-
-## How to use a database
-
-See the [documentation for adapters](/reference/adapters/overview) for more information on advanced configuration, including how to use Auth.js with other databases using a [custom adapter](/guides/adapters/creating-a-database-adapter).
diff --git a/docs/docs/getting-started/07-security.md b/docs/docs/getting-started/07-security.md
deleted file mode 100644
index c45442db..00000000
--- a/docs/docs/getting-started/07-security.md
+++ /dev/null
@@ -1,28 +0,0 @@
----
-title: Security
----
-
-## Reporting a Vulnerability
-
-Auth.js practices responsible disclosure.
-
-We request that you contact us directly to report serious issues that might impact the security of sites using Auth.js.
-
-If you contact us regarding a serious issue:
-
-- We will endeavor to get back to you within 72 hours.
-- We will aim to publish a fix within 30 days.
-- We will disclose the issue (and credit you, with your consent) once a fix to resolve the issue has been released.
-- If 90 days has elapsed and we still don't have a fix, we will disclose the issue publicly.
-
-The best way to report an issue is by contacting us via email at info@balazsorban.com or me@iaincollins.com and yo@ndo.dev, or raise a public issue requesting someone get in touch with you via whatever means you prefer for more details. (Please do not disclose sensitive details publicly at this stage.)
-
-:::note
-For less serious issues (e.g. RFC compliance for unsupported flows or potential issues that may cause a problem in the future) it is appropriate to make these public as bug reports or feature requests or to raise a question to open a discussion around them.
-:::
-
-## Supported Versions
-
-Security updates are only released for the current version.
-
-Old releases are not maintained and do not receive updates.
diff --git a/docs/docs/getting-started/08-upgrade-to-v4.md b/docs/docs/getting-started/08-upgrade-to-v4.md
deleted file mode 100644
index ebe85d04..00000000
--- a/docs/docs/getting-started/08-upgrade-to-v4.md
+++ /dev/null
@@ -1,612 +0,0 @@
----
-title: Upgrade Guide (v4)
----
-
-Auth.js version 4 includes a few breaking changes from the last major version (3.x). So we're here to help you upgrade your applications as smoothly as possible. It should be possible to upgrade from any version of 3.x to the latest 4 release by following the next few migration steps.
-
-:::note
-Version 4 has been released to GA 🚨
-
-We encourage users to try it out and report any and all issues they come across.
-:::
-
-You can upgrade to the new version by running:
-
-```bash npm2yarn
-npm install next-auth
-```
-
-## `next-auth/jwt`
-
-We no longer have a default export in `next-auth/jwt`.
-To comply with this, change the following:
-
-```diff
-- import jwt from "next-auth/jwt"
-+ import { getToken } from "next-auth/jwt"
-```
-
-## `next-auth/react`
-
-We've renamed the client-side import source to `next-auth/react`. To comply with this change, you will simply have to rename anywhere you were using `next-auth/client`.
-
-For example:
-
-```diff
-- import { useSession } from "next-auth/client"
-+ import { useSession } from "next-auth/react"
-```
-
-We've also made the following changes to the names of the exports:
-
-- `setOptions`: Not exposed anymore, use [`SessionProvider` props](/reference/react/#sessionprovider)
-- `options`: Not exposed anymore, [use `SessionProvider` props](/reference/react/#sessionprovider)
-- `session`: Renamed to `getSession`
-- `providers`: Renamed to `getProviders`
-- `csrfToken`: Renamed to `getCsrfToken`
-- `signin`: Renamed to `signIn`
-- `signout`: Renamed to `signOut`
-- `Provider`: Renamed to `SessionProvider`
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.12
-
-## `SessionProvider`
-
-Version 4 makes using the `SessionProvider` mandatory. This means that you will have to wrap any part of your application using `useSession` in this provider, if you were not doing so already. The `SessionProvider` has also undergone a few further changes:
-
-- `Provider` is renamed to `SessionProvider`
-- The options prop is now flattened as the props of SessionProvider.
-- `keepAlive` has been renamed to `refetchInterval`.
-- `clientMaxAge` has been removed in favor of `refetchInterval`, as they overlap in functionality, with the difference that `refetchInterval` will keep re-fetching the session periodically in the background.
-
-The best practice for wrapping your app in Providers is to do so in your `pages/_app.jsx` file.
-
-An example use-case with these new changes:
-
-```jsx
-import { SessionProvider } from "next-auth/react"
-
-export default function App({
- Component,
- pageProps: { session, ...pageProps },
-}) {
- return (
- // `session` comes from `getServerSideProps` or `getInitialProps`.
- // Avoids flickering/session loading on first load.
-
-
-
- )
-}
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.12
-
-## Providers
-
-Providers now need to be imported individually.
-
-```diff
-- import Provider from "next-auth/providers"
-- Providers.Auth0({...})
-- Providers.Google({...})
-+ import Auth0Provider from "next-auth/providers/auth0"
-+ import GoogleProvider from "next-auth/providers/google"
-+ Auth0Provider({...})
-+ GoogleProvider({...})
-```
-
-1. The `AzureADB2C` provider has been renamed `AzureAD`.
-2. The `Basecamp` provider has been removed, see explanation [here](https://github.com/basecamp/api/blob/master/sections/authentication.md#on-authenticating-users-via-oauth).
-3. The GitHub provider by default now will not request full write access to user profiles. If you need this scope, please add `user` to the scope option manually.
-
-The following new options are available when defining your Providers in the configuration:
-
-1. `authorization` (replaces `authorizationUrl`, `authorizationParams`, `scope`)
-2. `token` replaces (`accessTokenUrl`, `headers`, `params`)
-3. `userinfo` (replaces `profileUrl`)
-4. `issuer`(replaces `domain`)
-
-For more details on their usage, please see [options](/reference/providers/oauth) section of the OAuth Provider documentation.
-
-When submitting a new OAuth provider to the repository, the `profile` callback is expected to only return these fields from now on: `id`, `name`, `email`, and `image`. If any of these are missing values, they should be set to `null`.
-
-Also worth noting is that `id` is expected to be returned as a `string` type (For example if your provider returns it as a number, you can cast it by using the `.toString()` method). This makes the returned profile object comply across all providers/accounts/adapters, and hopefully cause less confusion in the future.
-
-Implemented in: https://github.com/nextauthjs/next-auth/pull/2411
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.20
-
-## `useSession` Hook
-
-The `useSession` hook has been updated to return an object. This allows you to test states much more cleanly with the new `status` option.
-
-```diff
-- const [ session, loading ] = useSession()
-+ const { data: session, status } = useSession()
-+ const loading = status === "loading"
-```
-
-[Check the docs](/reference/react/#usesession) for the possible values of both `session.status` and `session.data`.
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.18
-
-## Named Parameters
-
-We have changed the arguments to our callbacks to the named parameters pattern. This way you don't have to use dummy `_` placeholders or other tricks.
-
-### Callbacks
-
-The signatures for the callback methods now look like this:
-
-```diff
-- signIn(user, account, profileOrEmailOrCredentials)
-+ signIn({ user, account, profile, email, credentials })
-```
-
-```diff
-- redirect(url, baseUrl)
-+ redirect({ url, baseUrl })
-```
-
-```diff
-- session(session, tokenOrUser)
-+ session({ session, token, user })
-```
-
-```diff
-- jwt(token, user, account, OAuthProfile, isNewUser)
-+ jwt({ token, user, account, profile, isNewUser })
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.17
-
-### Events
-
-Two event signatures have changed to also use the named parameters pattern, `signOut` and `updateUser`.
-
-```diff
-// [...nextauth].js
-...
-events: {
-- signOut(tokenOrSession),
-+ signOut({ token, session }), // token if using JWT, session if DB persisted sessions.
-- updateUser(user)
-+ updateUser({ user })
-}
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.20
-
-## JWT configuration
-
-We have removed some of the [configuration options](/reference/configuration/auth-config) when using JSON Web Tokens, [here's the PR](https://github.com/nextauthjs/next-auth/pull/3039) for more context.
-
-```diff
-export default NextAuth({
- // ...
- jwt: {
- secret,
- maxAge,
-- encryptionKey
-- signingKey
-- encryptionKey
-- verificationOptions
- encode({
- token
- secret
- maxAge
-- signingKey
-- signingOptions
-- encryptionKey
-- encryptionOptions
-- encryption
- }) {},
- decode({
- token
- secret
-- maxAge
-- signingKey
-- verificationKey
-- verificationOptions
-- encryptionKey
-- decryptionKey
-- decryptionOptions
-- encryption
- }) {}
- }
-})
-```
-
-## Logger API
-
-The logger API has been simplified to use at most two parameters, where the second is usually an object (`metadata`) containing an `error` object. If you are not using the logger settings you can ignore this change.
-
-```diff
-// [...Auth.js]
-import log from "some-logger-service"
-...
-logger: {
-- error(code, ...message) {},
-+ error(code, metadata) {},
-- warn(code, ...message) {},
-+ warn(code) {}
-- debug(code, ...message) {}
-+ debug(code, metadata) {}
-}
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.19
-
-## `nodemailer`
-
-Like `typeorm` and `prisma`, [`nodemailer`](https://npmjs.com/package/nodemailer) is no longer included as a dependency by default. If you are using the Email provider you must install it in your project manually, or use any other Email library in the [`sendVerificationRequest`](/reference/providers/email) callback. This reduces bundle size for those not actually using the Email provider. Remember, when using the Email provider, it is mandatory to also use a database adapter due to the fact that verification tokens need to be persisted longer term for the magic link functionality to work.
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.2
-
-## Theme
-
-We have added some basic customization options to our built-in pages like `signin`, `signout`, etc.
-
-These can be set under the `theme` configuration key. This used to be a string which only controlled the color scheme option. Now it is an object with the following options:
-
-```js
-theme: {
- colorScheme: "auto", // "auto" | "dark" | "light"
- brandColor: "", // Hex color value
- logo: "" // Absolute URL to logo image
-}
-```
-
-The hope is that with some minimal configuration / customization options, users won't immediately feel the need to replace the built-in pages with their own.
-
-More details and screenshots of the new theme options can be found under [custom pages tutorial](/guides/basics/pages).
-
-Introduced in https://github.com/nextauthjs/next-auth/pull/2788
-
-## Session
-
-The `session.jwt: boolean` option has been renamed to `session.strategy: "jwt" | "database"`. The goal is to make the user's options more intuitive:
-
-1. No adapter, `strategy: "jwt"`: This is the default. The session is saved in a cookie and never persisted anywhere.
-2. With Adapter, `strategy: "database"`: If an Adapter is defined, this will be the implicit setting. No user config is needed.
-3. With Adapter, `strategy: "jwt"`: The user can explicitly instruct `next-auth` to use JWT even if a database is available. This can result in faster lookups in compromise of lowered security. Read more about: https://authjs.dev/concepts/faq#json-web-tokens
-
-Example:
-
-```diff
-session: {
-- jwt: true,
-+ strategy: "jwt",
-}
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/pull/3144
-
-## Adapters
-
-Most importantly, the core `next-auth` package no longer ships with `typeorm` or any other database adapter by default. This brings the default bundle size down significantly for those not needing to persist user data to a database.
-
-You can find the official Adapters in the `packages` directory in the primary monorepo ([nextauthjs/next-auth](https://github.com/nextauthjs/next-auth)). Although you can still [create your own](/guides/adapters/creating-a-database-adapter) with a new, [simplified Adapter API](https://github.com/nextauthjs/next-auth/pull/2361).
-
-If you have a database that was created with a `3.x.x` or earlier version of Auth.js, you will need to run a migration to update the schema to the new version 4 database model. See the bottom of this migration guide for database specific migration examples.
-
-1. If you use the built-in TypeORM or Prisma adapters, these have been removed from the core `next-auth` package. Thankfully the migration is easy; you just need to install the external packages for your database and change the import in your `[...nextauth].js`.
-
-The `database` option has been removed, you must now do the following instead:
-
-```diff
-// [...nextauth].js
-import NextAuth from "next-auth"
-+ import { TypeORMLegacyAdapter } from "@next-auth/typeorm-legacy-adapter"
-
-...
-export default NextAuth({
-- database: "yourconnectionstring",
-+ adapter: TypeORMLegacyAdapter("yourconnectionstring")
-})
-```
-
-2. The `prisma-legacy` adapter has been removed, please use the [`@next-auth/prisma-adapter`](https://npmjs.com/package/@next-auth/prisma-adapter) instead.
-
-3. The `typeorm-legacy` adapter has been upgraded to use the newer adapter API, but has retained the `typeorm-legacy` name. We aim to migrate this to individual lighter weight adapters for each database type in the future, or switch out `typeorm`.
-
-4. MongoDB has been moved to its own adapter under `@next-auth/mongodb-adapter`. See the [MongoDB Adapter docs](/reference/adapters/mongodb).
-
-Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.8 and https://github.com/nextauthjs/next-auth/pull/2361
-
-### Adapter API
-
-**This does not require any changes from the user - these are adapter specific changes only**
-
-The Adapter API has been rewritten and significantly simplified in NextAuth v4. The adapters now have less work to do as some functionality has been migrated to the core of NextAuth, like hashing the [verification token](/reference/adapters/models/#verification-token).
-
-If you are an adapter maintainer or are interested in writing your own adapter, you can find more information about this change in https://github.com/nextauthjs/next-auth/pull/2361 and release https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.22.
-
-### Schema changes
-
-The way we save data with adapters have slightly changed. With the new Adapter API, we wanted to make it easier to extend your database with additional fields. For example if your User needs an extra `phone` field, it should be enough to add that to your database's schema, and no changes will be necessary in your adapter.
-
-- `created_at`/`createdAt` and `updated_at`/`updatedAt` fields are removed from all Models.
-- `user_id`/`userId` consistently named `userId`.
-- `compound_id`/`compoundId` is removed from Account.
-- `access_token`/`accessToken` is removed from Session.
-- `email_verified`/`emailVerified` on User is consistently named `emailVerified`.
-- `provider_id`/`providerId` renamed to `provider` on Account
-- `provider_type`/`providerType` renamed to `type` on Account
-- `provider_account_id`/`providerAccountId` on Account is consistently named `providerAccountId`
-- `access_token_expires`/`accessTokenExpires` on Account renamed to `expires_at`
-- New fields on Account: `token_type`, `scope`, `id_token`, `session_state`
-- `verification_requests` table has been renamed to `verification_tokens`
-
-
-
-
-See the changes
-
-
-
-
-For more info, see the [Models page](/reference/adapters/models).
-
-### Database migration
-
-Auth.js v4 has a slightly different database schema compared to v3. If you're using any of our adapters and want to upgrade, you can use on of the below schemas.
-
-They are designed to be run directly against the database itself. So instead of having one in Prisma syntax, one in TypeORM syntax, etc. we've decided to just make one for each underlying database type. i.e. one for Postgres, one for MySQL, one for MongoDB, etc.
-
-#### MySQL
-
-```sql
-/* ACCOUNT */
-ALTER TABLE accounts
-CHANGE "access_token_expires" "expires_at" int
-CHANGE "user_id" "userId" varchar(255)
-ADD CONSTRAINT fk_user_id FOREIGN KEY (userId) REFERENCES users(id)
-RENAME COLUMN "provider_id" "provider"
-RENAME COLUMN "provider_account_id" "providerAccountId"
-DROP COLUMN "provider_type"
-DROP COLUMN "compound_id"
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-DROP COLUMN "created_at"
-DROP COLUMN "updated_at"
-
-ADD COLUMN "token_type" varchar(255) NULL
-ADD COLUMN "scope" varchar(255) NULL
-ADD COLUMN "id_token" varchar(255) NULL
-ADD COLUMN "session_state" varchar(255) NULL
-
-/* Note: These are only needed if you're going to be using the old Twitter OAuth 1.0 provider. */
-ADD COLUMN "oauth_token_secret" varchar(255) NULL
-ADD COLUMN "oauth_token" varchar(255) NULL
-
-/* USER */
-ALTER TABLE users
-RENAME COLUMN "email_verified" "emailVerified"
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-DROP COLUMN "created_at"
-DROP COLUMN "updated_at"
-
-/* SESSION */
-ALTER TABLE sessions
-RENAME COLUMN "session_token" "sessionToken"
-CHANGE "user_id" "userId" varchar(255)
-ADD CONSTRAINT fk_user_id FOREIGN KEY (userId) REFERENCES users(id)
-DROP COLUMN "access_token"
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-DROP COLUMN "created_at"
-DROP COLUMN "updated_at"
-
-/* VERIFICATION REQUESTS */
-ALTER TABLE verification_requests RENAME verification_tokens
-ALTER TABLE verification_tokens
-DROP COLUMN id
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-DROP COLUMN "created_at"
-DROP COLUMN "updated_at"
-```
-
-#### Postgres
-
-```sql
-/* ACCOUNT */
-ALTER TABLE accounts RENAME COLUMN "user_id" TO "userId";
-ALTER TABLE accounts RENAME COLUMN "provider_id" TO "provider";
-ALTER TABLE accounts RENAME COLUMN "provider_account_id" TO "providerAccountId";
-ALTER TABLE accounts RENAME COLUMN "access_token_expires" TO "expires_at";
-ALTER TABLE accounts RENAME COLUMN "provider_type" TO "type";
-
-/* Do conversion of TIMESTAMPTZ to BIGINT */
-ALTER TABLE accounts ALTER COLUMN "expires_at" TYPE TEXT USING CAST(extract(epoch FROM "expires_at") AS BIGINT)*1000;
-
-/* Keep id as SERIAL with autoincrement when using ORM. Using new v4 uuid format won't work because of incompatibility */
-/* ALTER TABLE accounts ALTER COLUMN "id" TYPE TEXT; */
-/* ALTER TABLE accounts ALTER COLUMN "userId" TYPE TEXT; */
-ALTER TABLE accounts ALTER COLUMN "type" TYPE TEXT;
-ALTER TABLE accounts ALTER COLUMN "provider" TYPE TEXT;
-ALTER TABLE accounts ALTER COLUMN "providerAccountId" TYPE TEXT;
-
-ALTER TABLE accounts ADD CONSTRAINT fk_user_id FOREIGN KEY ("userId") REFERENCES users(id);
-ALTER TABLE accounts
-DROP COLUMN IF EXISTS "compound_id";
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-ALTER TABLE accounts
-DROP COLUMN IF EXISTS "created_at",
-DROP COLUMN IF EXISTS "updated_at";
-
-ALTER TABLE accounts
-ADD COLUMN IF NOT EXISTS "token_type" TEXT NULL,
-ADD COLUMN IF NOT EXISTS "scope" TEXT NULL,
-ADD COLUMN IF NOT EXISTS "id_token" TEXT NULL,
-ADD COLUMN IF NOT EXISTS "session_state" TEXT NULL;
-/* Note: These are only needed if you're going to be using the old Twitter OAuth 1.0 provider. */
-/* ALTER TABLE accounts
-ADD COLUMN IF NOT EXISTS "oauth_token_secret" TEXT NULL,
-ADD COLUMN IF NOT EXISTS "oauth_token" TEXT NULL; */
-
-/* USER */
-ALTER TABLE users RENAME COLUMN "email_verified" TO "emailVerified";
-
-/* Keep id as SERIAL with autoincrement when using ORM. Using new v4 uuid format won't work because of incompatibility */
-/* ALTER TABLE users ALTER COLUMN "id" TYPE TEXT; */
-ALTER TABLE users ALTER COLUMN "name" TYPE TEXT;
-ALTER TABLE users ALTER COLUMN "email" TYPE TEXT;
-ALTER TABLE users ALTER COLUMN "image" TYPE TEXT;
-/* Do conversion of TIMESTAMPTZ to BIGINT and then TEXT */
-ALTER TABLE users ALTER COLUMN "emailVerified" TYPE TEXT USING CAST(CAST(extract(epoch FROM "emailVerified") AS BIGINT)*1000 AS TEXT);
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-ALTER TABLE users
-DROP COLUMN IF EXISTS "created_at",
-DROP COLUMN IF EXISTS "updated_at";
-
-/* SESSION */
-ALTER TABLE sessions RENAME COLUMN "session_token" TO "sessionToken";
-ALTER TABLE sessions RENAME COLUMN "user_id" TO "userId";
-
-/* Keep id as SERIAL with autoincrement when using ORM. Using new v4 uuid format won't work because of incompatibility */
-/* ALTER TABLE sessions ALTER COLUMN "id" TYPE TEXT; */
-/* ALTER TABLE sessions ALTER COLUMN "userId" TYPE TEXT; */
-ALTER TABLE sessions ALTER COLUMN "sessionToken" TYPE TEXT;
-ALTER TABLE sessions ADD CONSTRAINT fk_user_id FOREIGN KEY ("userId") REFERENCES users(id);
-/* Do conversion of TIMESTAMPTZ to BIGINT and then TEXT */
-ALTER TABLE sessions ALTER COLUMN "expires" TYPE TEXT USING CAST(CAST(extract(epoch FROM "expires") AS BIGINT)*1000 AS TEXT);
-ALTER TABLE sessions DROP COLUMN IF EXISTS "access_token";
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-ALTER TABLE sessions
-DROP COLUMN IF EXISTS "created_at",
-DROP COLUMN IF EXISTS "updated_at";
-
-/* VERIFICATION REQUESTS */
-ALTER TABLE verification_requests RENAME TO verification_tokens;
-/* Keep id as ORM needs it */
-/* ALTER TABLE verification_tokens DROP COLUMN IF EXISTS id; */
-ALTER TABLE verification_tokens ALTER COLUMN "identifier" TYPE TEXT;
-ALTER TABLE verification_tokens ALTER COLUMN "token" TYPE TEXT;
-/* Do conversion of TIMESTAMPTZ to BIGINT and then TEXT */
-ALTER TABLE verification_tokens ALTER COLUMN "expires" TYPE TEXT USING CAST(CAST(extract(epoch FROM "expires") AS BIGINT)*1000 AS TEXT);
-/* The following two timestamp columns have never been necessary for Auth.js to function, but can be kept if you want */
-ALTER TABLE verification_tokens
-DROP COLUMN IF EXISTS "created_at",
-DROP COLUMN IF EXISTS "updated_at";
-```
-
-#### MongoDB
-
-MongoDB is a document database and as such new fields will be automatically populated. You do, however, need to update the names of existing fields which are going to be reused.
-
-```mongo
-db.getCollection('accounts').updateMany({}, {
- $rename: {
- "provider_id": "provider",
- "provider_account_id": "providerAccountId",
- "user_id": "userId",
- "access_token_expires": "expires_at"
- }
-})
-db.getCollection('users').updateMany({}, {
- $rename: {
- "email_verified": "emailVerified"
- }
-})
-db.getCollection('sessions').updateMany({}, {
- $rename: {
- "session_token": "sessionToken",
- "user_id": "userId"
- }
-})
-```
-
-## Missing `secret`
-
-Auth.js used to generate a secret for convenience, when the user did not define one. This might have been useful in development, but can be a concern in production. We have always been clear about that in the docs, but from now on, if you forget to define a `secret` property in production, we will show the user an error page. Read more about this option [here](/reference/configuration/auth-config#secret)
-
-You can generate a secret to be placed in the `secret` configuration option via the following command:
-
-```bash
-$ openssl rand -base64 32
-```
-
-Therefore, your Auth.js config should look something like this:
-
-```javascript title="/pages/api/auth/[...nextauth].js"
-...
-export default NextAuth({
- ...
- providers: [...],
- secret: "LlKq6ZtYbr+hTC073mAmAh9/h2HwMfsFo4hrfCx5mLg=",
- ...
-})
-```
-
-Introduced in https://github.com/nextauthjs/next-auth/issues/3143
-
-## Session `strategy`
-
-We have always supported two different session strategies. The first being our most popular and default strategy - the JWT based one. The second is the database adapter persisted session strategy. Both have their advantages/disadvantages, you can learn more about them on the [FAQ](/concepts/faq) page.
-
-Previously, the way you configured this was through the `jwt: boolean` flag in the `session` option. The names `session` and `jwt` might have been a bit overused in the options, and so for a clearer message, we renamed this option to `strategy: "jwt" | "database"`, it is still in the `session` object. This will hopefully better indicate the purpose of this option as well as make very explicit which type of session you are going to use.
-
-See the [`session` option docs](/reference/configuration/auth-config#session) for more details.
-
-Introduced in https://github.com/nextauthjs/next-auth/pull/3144
-
-## Summary
-
-We hope this migration goes smoothly for each and every one of you! If you have any questions or get stuck anywhere, feel free to create [a new issue](https://github.com/nextauthjs/next-auth/issues/new) on GitHub.
diff --git a/docs/docs/getting-started/_category_.json b/docs/docs/getting-started/_category_.json
deleted file mode 100644
index 3f2f1ca5..00000000
--- a/docs/docs/getting-started/_category_.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
- "label": "Getting Started",
- "collapsible": true,
- "collapsed": true
-}
diff --git a/docs/docs/getting-started/img/dashboard-smtp.png b/docs/docs/getting-started/img/dashboard-smtp.png
deleted file mode 100644
index b30c300ad4a66e3fdac4ad82c3b34143614e1059..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 176313
zcmb@tc|6qZ7eCx4m2g)i5lKk4LYQnNl9V<37D9H$Zj4DPA$#^^Ldd=wgCWT}m@Fa2
zOqQ|FjCIBsGxMms`~H5v&+GZ;`MrME>+=U=u5+F9KJRm`bDirWQcp*d_0+{vhYlTL
z)q0?AaOe;V`p_Zf=O>OHe4=eOe(}(uBV@ftPc#mG{l78>2T?UOwP|VTFJHcNa&mh1
z?3sgugQKG(gTbKg@2?ZLFZOzH^m^=5X?uIr-94(hx;kZVe`8~ttJhyw
z)8~Q5<8yLy_V;Pv*bjTVyZ!zBqW7OJuMxMm$vHVt4i0WZw=g8Ke|dQg#=~>*?d9_X1ivz=1{dzJigV03DSMCSaODOXbyn_XH4`|>vJ)98<%rk=0n7FKFn
zx;pwsN{XwvI4<^}#vhHvF%S|A8xxVfJ4dp9TzT
z!xK|L=aZ^Ggcbv8%>JlH1BIWhjk3tJ}oRP*=x)T$s9!EDfsxnJ|m;)
zq{MG-uD%T$gB9U#BciqKa6b?U2rPN%$L0y};Flcl;&1B}fnBsOF4`a3ZXrL-_htz`
z>Q3k)@6LT*>D_qYLg;rA5sn_BWdzY?-&Z8jUUe92RcXKbypoW;($>A~8ul~vU7OBh
zJ-q%ST>dr4RL_yHAFw!wqJ|ljz!)SNz*8+cf9G~h!@B!8&UhGBIGU3DX_OXSyP2kI
zmZgaIaMKPgoNsc|@RB=R{<9*Wv%50q)e|w9ySZI6o#}Db#hz-5J<{IVZ+N7?-Z
zWnTjw!$YV3;^7n&mAa>;ETf=nU~1v(?F004bNG_?-V+iQ{*va?<$mZ$xxSYA-6w&Q
zYwcmb0_MdBS}|Agk^l49c}iNl!1VO5w|PJ5RGZrlc9);357`x-A(^=go%sJP_0jvd
z>WbB-Uk_u&EpePa!kawoXElEC>}(KdZKl4zfA*t&&}pk%eMDw|NN5gXE6H2s0tLWE
z9-I!h-31XDh2*DIyv=xj$kTc|>wDZHD2|iSN6#f1{}SVepn+ZE5cKimGfl=i?YUXx
zzn5Fx+Z67SxJvbJ-qU6Ka!s1LDww2K{6`ll&!r_1{1m!oE3-YCdm*_?(*LG?tNw3!
zR^vtI9BXyW?&;pLjHJ;#kFkr9oWAJm4p$S`ivE#JTHwluzl@6}L45VX-Z=XXYgDkG
zeK5>!!1cF1R;sib_?eGcmh?iCPKn#9?2ca&yhryhdIx?99MuHh{j<{4R8yOq%PLVm
z<9qhRvg-LaGP&A=aQBj}oTp{;wb@sH1Gn0Q!5~6Ax?k%hH8a-aAZ0&6gZ`soFrF;6
z-Om+5SIhJZuI2(ygdLIGZCv?#25d9mil{3cHm}9tHh1Mfjr%L94t;L)btr!KZE)zv
z(HSpmg`vOQK*YDK@>98WPi;n<(?e`&o=u2)W(CSj}Bes*sdtFqHHp7sdxVNDucwQX00R|
z;nbo-55UIP!Y-Y;z#Ll{DLGqdqq_!{;@E0&A!r^+V|S8ctu8yJFa_fBT$Jiu5DhmJ2umaPuCGV7!rGX
zFREnBQ<_8mq=rMX>zQ9)`1QU0LdFFjPPyajJLGuiNbIE>s~ODuj^2^$USPiKdC4Ia
zzeOEXzruOVI;^oYpxw+c#pZHsf+ZKHDm%~O82wqeuU
zBb?IkJP_wprbX8b0F0e$%KLU@Jo{fwkaPv)x#}`qD3+YAlg?>f%F{sJkxYRZZoJ+M
zyO6&F#ocaFjIv=LADqY1z~cr$k+(Y-7{1k
zRknyAsNMYypXyrnfJgofj@N!+`)}tDCpvO|Jj`h;+gxLt?DllX$k>{6b8p+neHLD$
z_FjkMu@{J~!RM!I!Bf+$7dL0jE#U#qruU~KWE3Li#ccY4x`LaFJUbq-@2+o*C)yr`4Xz7&
zwEsJZGebsmNMxm~a3-XaJ@3$2nwjrTc^y#qWe6)G{X*ycNQo=34ZeZT|IXm=)`%<*
zzf~h4GF83k>YfncEc%Yyr)O)kQ!5X#5n8p#mnCKFnlJl!yydimy0&5VmTD?;RKm@j
zh3%g~*9{TPikV00vqli=wqVfV89t2Dc
zENo3QJj8G9`&GU#S-n!}W5h+ZDKQSJhyq)W2A#;V5W|!uUq5B#+9_1Y>DjYt&UrE9
zO4h1aNASZ%c7@*~u+fs?5eLm2@K3F9^j5nfH9sZvu9`G1+$2(*lNXrN>Xwl=6ytKy
zLnB`-38#ZIGc!(hNOo}OY?aO#pSXPzrebf$y9-$isoJf&bxyVIZ#*C;xTYx#U94(n
z^q59%kk+C%M^HNk7aTBSAvvu}t2VFsF0rOX`pgqAqYYy&&k)#7X)vz9#pTYNJ%*~O
zSlz3DfLwE*j>44rWyeNP{9eDux@U)WxnJ{Rr^r-7=S1Mz;|v*Gh;BvjocEHNe#^wA
zn*9MX2g;zWw}(jdTU0C1#g4vyFk@RbI`I
zqz?<5>0V9dlA5Y)FweC9be+Qe#5lRW!v4rCFaB}EVoTs{`uAqjA;sM%yUV@`A!&iA
zR6?^e)aK_;$b_OjFU^W4*ib7NDg
z6*-8|(dTbuNZNCAM^#BN0(>ptx80Fl^bi&6V*aR{$#|CiOF^TQK(^zI8%jVrMnEgbTG_au*<`ajcQBM+Ohh9?GH72bB@4IWx5N=d^^H-UFK~#`^n@t*T5ZRI
z6<0vfn?_g?_y)y_>!nZVu>k1K?#ly73cMci#Fxzh=QxAkB_qctMF7eRu<{bsihxkd
z;Jw>p3DNN6F9R>Oxy5sXH>{@E38AJ&nZ$pTNswacQ58@mTh2D2|X={
z#}wm20<0*cn~V3iS29BaOrLn@Xb5ltHmAD!3XG!~p@wE-?9jO>k>$sU%6#F#CRXX<
z3RVAmmO8Ef=&VmrgNFc%w>F#iX!evPSXN8L&3xh25}7
zP;-(hH3?Ss{}(CJn2}7PQzI{05RT
zktovrsWp_?j3hoKY+bVXMa_tg7+{;#6KNltrpUxfl(=gwA#-(pbnF>MC1)o>L~7cL
zHU?vPhu&SqE={GfN|&S>_k;h1%BYp4d9*Ka(o}cEcE!cq-9aY2ve0@kuQ9VG
zZs&swylLe){=|z-~;`aSIM3x$dY#%_ZK)^h+9Y>;&6&l$AJ1-PyUjc
z(6xYN!LG*2)CGDfk7t}cK|*`rKWmy{*cULJTQ;RGRw^fbEH}y3>H`&p$*_|1-BSu5
zO^evx*58eV!^Cg>w}GlEu`*->Y-yw1uGs{LB079A!_ZzT`ot*OW?rKk#p#Kdy~j;$
z=j%pW92_|Rb!TbFxI~G;G)>kamhWEg=N}^Q+1uQ0PkPZ2K2Pcu0>Q4y3pCHJYeFDi
zA5Sxv|G05rGdu%iW~5k~YZT>;`ZA}RINz^r+3drJ3@Gjg3R%N0;|K{hyWBj((~+ee_82gD0OjuHWT0oy=8CelVfa_hPc(l-SCP>(`Sb
zb(UYm$1i>5*DJP{PVnfBFDNmU1}-k92ESo&pyq9
zT=aOPJ)MK5J?X+sVN`mQgZKlF7sd!xXFb1h$MYlm>(C+Z_{?aQ9$P}RxEwhN1P%-T
zJ-AXLyu~$9_usqpE}a^nL;xFub?F#~wSlXHm^7+%+=7NSccpyZSAz?j@f~O`GdF?=
zdG84G?;#})6-#}0GUqH)#ga0>HD~iLMUdna@zxu
zwF?=BQQ>=jJmW8+1$yVa^}$B-d%VUK0(FfD{pW7}0Qj76GSG8gTgncc&7Q`hKQP|)!N${U4QoJRXa;1Q0i=cD4vFDT{Xbn6@5TQGF4AyX5FfjiuZT;
z;17bl9Whvapa>f3)z8qTB8-b}>lJ-JM<6hy6r{;aT$vyS#m01((5&)L1?kS0qFqpW
z^%O=?n>?Ri?)J#~VGTpvNj$<$xmeapj^AzfuO2S0Ghk5lNcqRnX)SL=Ar}bbP5y!>
zfwEm5X6JYr6wNuu$a(P>zadS*i4FZl)F4bm(jQk(IE)V=r#t(%wQ
zIYn%MQu`5%eODjie_N0VI;&we?@Tr~T(*ogTjXkH|Ky}KZ<>+U+nSsrL)Py(d6jzq
zl|tqdR}*QM@mHF?7oK*{;yb7LWl~Aha+mw%t<4Z;h#Ngln(R8$|0#HT{jet{qYdzg
zNW@R;5J7*uXNXarODE_A>fvNp#XkUZMu(ixQS5d
zU13eJ*4&h~;-3%BR;@-BqKhW>u1)$XJc@?s5UwBe~6;g
zSr3=z^dOOE6Jy#?T?C&ecamJ6PZkH>P1HoQcLKl6%dl2{F^A3S!Md{I-g6M#vqS6#
z@nl7#h}+-*#xQ*X?MyJ?iRp5&H$vH9*tRXAcAX*ciU-VdX;g}thPlp8>&H>UG>|`e
z77t#)fao!BvK9Y70U?*#he&xsaONwSo=T=(PVG|`0S-q}b4Ad#5ATnR&v}YH3$)g+
z8>vtj#n=vN;(Oc)acMqOWf+_Yr>2s+7d(90Tv`wbSTxq!q&9Ahpfco0JLq!K9j%Jl
zd0e%pf@xp7e0*eXkk<%5rl``bzV5)0UP!%ayq*3`GPtd
zjiU7fGeLEASlxPD(>n*sHqN^3z$dK1sFl~rzPU)sG%Cs<&elfC|nuEXz5}LsBkSN*U_(tG_aVA=hMrfaG~RVgUo8*Z&U&^3}ZgrOV8A$EEe$
zgD;C^?1)u<1K)Yb6B0Q!^%~TN)*QN=&LLDff4NRfr#`YaZ)rZpP~>X?&G>t9$}bXz
z5X#W5w=U+VQ{9bpLl(yJC(4O5gB>!le*v{ejxl*S5PB8XT3qbPwoJMx1FvD2EN|oT;}%`)A37>*mGbT4O++nz_7))zk8FV@NuZ=
zbn1{8nLl|?K`_|bF5Fts+g;N9~G_G8xE9dz|#&3&HeX!(H(tgK~vy2(mKJrO5I
zmT7*7k0oUt1Q6ELbi#7;KfF25jvTjhwW;BM+uL`{XEV^4jr`S$os&?sE1G7!oFfg0
zgcm(Ze1OSvB1A?>R-m<$7SllijJ%r^rgTtw*R_REceCPwn719WO>T^N%!pNe+0ot1
z$qFe9&D^9mqs4e-ahAr4AX9g975p1iFgxGF>+8Rw`PW--kOecSK7+*emxjT=ZFTDHFUKAVext=U}-f!BBKbnYIt^LZRhWI6pY{$s+q=6E%A0b}#*
zr{c#9FHM{hO}d^+c=<8GS2Q~v=80Xyizl74^oKK$n2Z6>X`DZ7ce+{L^Hc;uy3%lfDUv%H0Pqt+nboPmpeR5Rya@T3
zXx`d*&Gj{R^U?UD)L3aCY`j$&DaLW8Nr>;4&|2psOJnB1pbe
zU}s<~xTaX*ltkaUZ2-rfhZDU_1_@Dk!pLN
z39+a`P9}A{H{76zL=ym#J^Mx;X0c{#y0>>PBcvUYOm8mgy&m!XzEW1o2$^2&Jn~i9=t8{)!Jgak
z^J}e}?!;K7NUGJsKGqJBPc@tg(I%0B0KKH6*xgz}&A0i2+ZD0b?F3UO&i284??En^hLU8(
zhwhm{MIK^1({f!(qr!}DIws9CeY6wT#EqFD+H;Kyru$*f?hn#H%ht%La
z+?7xEg4gLhaCYT?H^?sq;v(1^-6cThN|1lBxzV}dm$lbO{@}Y`w9q_o)OUe&Y&Od}
zA@B3Yztnamjw-x*XYo;da={!y)gi()<$YKAp8Lab;r-S7Eq5vnOzbk%7a(2cv@`HVbE`m)un
z3b>%?0`a3pwEd*!rni=pJ)9o-fXzUKL{{25fZ!6=`Y~|KQIia02)lZV)A%@1ZRa;a`f)
zEh5p{0|@!^*jB5Qa>YxN*Sa?In*A1k41(QhIO>%_335Btb6({?G1hG9L?}Ooj5n|7
zpSc|2uRRS&vi7UZdYeSHBPBe+EeQ>vqbE@VRy9BrmtY~eACeoV>`J7+i;dHSV9F@~
zPdx3m^04=wE2m)*Dp4(`r_i}H1qZBRL!udajGUl%5`L_f4TNwBM$M88ZuKFV|
zAq5}kGQx>ZtoVJgoq~i!-DX2yFRZcXDMAFkNW77lRG7LR_!<5iL
zX3Px-OF&iscI^7zCNlLM8WnVL;enA(#kg|0I->McMo!AO$BOlQ>tmMJK^7DbfUq5R
z$Oo-5`HMXr=^({i&iU4q1Fc#a(Ne3F{XZwq@f4}&aH&Fqg>>H7l!T^mN%`e#4pN~+
z_2{*n*5~n~%H;Ms2f#8&XKgV01s&(GQ8n?BD70_1wu6zZPJKgY)y+(xptaJ#!h
zn%X3eqp)VS9{~5iW$z-WxxRJR-dV`UW+~YoM?Zxc({N3%l+TSSP;kD?-a~tV=L6bw
zKZREkxBeXJFs7|u4$?lv*iSpD(@8ESl3c@oEc7dD
zxP=Z!$IDg1w9f(NTYKBn|Hqv7aB?A`KwMMmTro8&7^l8@J+tjP@H=Mz?UYkG2!29G
z*`UGYas*l)U`kk}hWvq3KE-gs+JKzZm};H&j3fb_WMKQj@5^!TUpHm-q-V;hh9$>D
z%lSZ`$?QC|GUzwSkK_en=l|DyK0~obHuC)`l-}!8A~NLfkL`tGfZOJI8mlRlNCa5*
zAoX!R9NvdY9=6Ij4(tIZh2vUVQCz=*YuAP}cv;i^^4mP%vn-~Q@FS7$A0vOLCww^~
z_w#c57cuD5*qM={5~POT)FXdkt6_$Jrhx7#8Dpu|Xzcf&KRp1Qzzo)d4itf46m2?K
zS_UrQvUu$J8l-RBEZ_M>Ih}eGd&GZNsjiy=Q)dJ8BbPtXLXQFv)1@?xf>dS5_JZrK{nU#}a6eIa5CQ+hg?WRbb1Y_x-jRHDo
ze*qVN<93jiEcpDV%Dg-Y^l*Z{;*X^kpwt*$17oe~+yE%wqnhv2%2*4Z5n#=7&yR>&
zy}hHEwiovQVFdp*AMAq#6{+bFtr`gznPRLpoX0Ww7Tkt}Jo7zdiLE{z?wR38rF@tU
z<3q`k`T{O1%s(T|%FLjh%7Pu1_`b~?E%hYOwJbCJj;{6%q9!OhtvnCz`RofBaTu9m=RH|iCeI?fz=C-Ze$2h2eQ)DXbyMWEpwRo&_9#MTSaejNO)~(Sgiz&=gIwmi&4+r1ubjS<%Ud#)`d>1YQfl=fmLmYMX;eV<
z@YQ|o+Y9jvU_z~F?0#R+j5QU_Y~lE!{bT%_B;HM)W~%nMRpp#QjsWvT)ZBxyR-)uh
zFNj$1KRJeqYxP6IWD+G}!f-w9^eEHC85GlAUDEL8b)fmT#``
z>|R&Noc7HayrYy?JMWs7{)+hYL&JIzrHGjhq)=g=7)vcGAfU~>>)})x-W?ly-`%g7
z!_f+qOVuMMG^sA6Qv+RZq9h5p@U?S+36@_GYuAZeyLMK`S}xF+x8(InSMawyZFaGL
z-!iSI_JPlo_IvZUW|{j(hrBjlZAc|uTr~&y8H*PUS^|7pVqE~)V>`LUB_jH?5&?F_)UfPZvlQk~Qck@@${)vijAs_v&--uzv>aY3A=;^OXY
ze(bNK(zjMSH7EYI#zz@m=jIeN;D`+%9~C5uvoV8whl;
z>A|x9z6x7c-XzRSXX=q9@rd(|X#@u(*Qc0%#I4BkI!G3q`-kq0z_DV`Inoq}VBfzk
zNuf^Gg9%OS7CMT3V{+x&!^?}KE1x2gc*B0*haLbz{xXn~LP!G-&lgh5O{z-@
z2j5suMzo+@ZTTF0+=&G@lCo-FWd|h+g9KBB3JTNN{+T>O{h0`d8Kl*KR_JFbuO?sL
z6nR7*^E_9v>K<1me==RFyW=rH6NMH5B}STX4J?H#<39hohyCRU>Q7M=dU2L+&6i~?4RF{bF3TKQ>S=mnB!Z_Q%LM>6o?CJtOeYI|2lAQ6Ty?KYk(Bvs|Mu0t
zHTO~o5wTPv+cu5&$dDuU`h1BAI0CHV^)d;n=Jt3H6$4so6q-r
z=JomvdLUXR%Xf6_$8$}c0}MjrS`^tGux&G5fm-|dkyN*Y$;_43VTmtg()z=WrDcd$
znFJYI{t@RbG&l_yqK2QFSZSHft>1$>kE$`oYu#ov)_ulpQXY>L<#+t
zr{4m%MN%>wD^q4MFjm2b)0GBfeK8RiG>D+`mDb@~5^hY5tGR10)2G>dX#L9Wk4@u*
z_QWwz<$m85rk;QJ6WflWP2&0pR5Jqx?
ziMQ&Kvz&)kqHdCeXn|a>&^MMNQZJxXLy}$7ctz5XdBDNF`#N=D(SV5cQfQI&Xy9c@
z>RMGJM^xd^*ZmGIWDnkOBG>Qib&PcaC3A-{UlHSs(OfOk(|oD|*!6he;gH6bP?a6<
z$LiaZS%TpK{%rv&?}L7+*SP`bSOBWwKW1#*CXXkW&B+_=w7yIx1&N;}=ihd=Ic(C{QTG|9byq{3%Et{lh{9k?_5&8~BDQ?e$({-RpzaR0I%I+LoqUBGrcky#Ad+@w;i~T19x(a#fGkCqr
zT4h4>w{n=|AO=PT5=^Jf87rwKZ%}`(Plco@9n|)zlbCx?w#yCD5=`RUsK$FLT)Xui
z=b2+3O;w7F#+J)jb&3gbhqPk~or_*DAfcPZ_QN6H>XP4t{tDH=bTaYMmPjh8beHzz
z3o*Qd@kRCiLTF!*w)!ll6lZEWsHAp_?BApUHEOo}a{V13T}mXSD(Ymt=#OZYOBX9i
z(Bq(qA*po+YQX+>TUe`(@#7P}g3tle7SIoc(Dy=RLTMqAGvxM}gV#XX#_yM0i=|rV
z=`&tcKkYi1ewV9yxhm+v$niSylWg(^AeczAfoXgS(J)Da?&9i^c;=^#&G8Ej4t$Wzc7
znsW54*#!yaP+lJb
z{ak~5>)&rAEDEYKNrB$9EVdXh8;F0E1WY^1{Q(N(@?uCg*
z*dezROJJ{1YKu%ImSJoCNVd*SU~VD%(+i(1$Q`&Lup%TrSI6Htj>f?TuWoPO>fB1w+
zwb20}2TCh$?a}xbUN**Ei%R@Cb`qClxp|*=7^v-@|SCcuD9IA1%Hmy4&K{fYPi!a{ompvFJ>C5
zdt?7d?^H%Mag6}e8oDFwhm}Q%i1D4qzdA^km?W$Ib3VII0jY-OY)0pD-sBpWvJs0l
zLf*_@`s{7$r1IHk`q0_X{}z1GW6ZCw>@q$weS~X`Ua+HMe1>(gm+=JD{i}r7b*QVW)X6(2Iut;s|endwD2N(CIdN
zGcytA(0lKn>;FaOL&7#=N?=B9%{-IFiunA}l?0K7(Ea&}W)+I}YNTL^E_p&FeB|C^
zx8QH~wDn!Vqa8ySI%eYMAuj|T1^Ebb5=|XgNC^(s^xxPYj$u=5v+^z%mRK}!w4B^(
z;k^meP2@`jB_?(RJkb0r33xHa2O_GCJR?#q{k+85Lj`m}4;?jdC5U<5r7r5M_D0y7
z=ph;C6lv#^U{O&xM8VX>pK#U<-Vn8KucG<7Hb{3~{n(X_AZMJi@A+NWEkEZwf&!(B<4hIXq>H=dC)`
zqa_pw++5(vANuyR84CF%lKIKJL1g}Wo7joMz3ptv@zYnWDp1f=l|YZL>Dc{QW-0tQ
z`5x~gUw=xEoi&?`z+z5ZYOTo;=tpHx@lElQ+Hfb~k2p(5W`bBg?s-O3A-8{db)SF0
zQGO3is_Oa!flLYY+pv)9%`ueHtum@}!;Xi=B(&NF*1W24QF4VAeR;LK`XKL1{lYab8_5PLRx~fa
z9k7vSQD}gCwL}~~e^oQRZgG?T$tBPkntOhsJ`~)M+dER!qoe!g4RvyFKU^!GH0CBN
zn-`H+d%lPI?AsKjHgtctcaCTJ+x>c83==Br*p&a2$_lZ&b$4YudQYdKEpV??DwgK4
zHbTC4ZWw4fVa+S0+23bt%vwrxFlW>4^X3&}=JPW&J*h=DQJc?c;s`gQyB^jJKYn)j
zG=E(e1lnC=Tjf?}h%9nRhNz9SymKR*k0(v>T*GS$6z*TLBkK3VW-?AJTE
zML+=QSM&=VRKn+D6(@ZA%OMwM&wL<`48&p&lCaKfJ_~NM^4vLjFL#D(knJdyt~KT3
zjV)C_tN0Z`-PHdX>gQKozBfJH-=NfhO5i7!)bhs#y6_9ncB3j0DmtaGEE`4D_6ATf
zl)w|||2XG%eMppB5M^}!PF)O2^%zivU%%vhZ}=#C&~3H(6ED|f-|+|3
z7{776Ob}_JTFRP6$zBw8rOf*f_xD%0x?{6@lCv*+N?Ak>S
zpH-U|Vw{%nQwMlCj}sr{UhuE76PR^ixJeCyHlMU6OHb^6{W|=FGH!#+R8`*W5hP<8
z%&a%eRfkEIXp5+`1J4RM99Gm{rbm!QV&Y6p+V(@OzfV1fjIN)$V6wfvuoTzOME<7o
zX74J?6bq?0=?$S3oYnwMH_J@F`&hO0P3hL7X;6vH<=`#nC#1Gi-JDN7)Wze1IVe=C
z-4!mw_xb#xBzi5XmGL7&lT#=~n}gbtg>AYGTu_)umo#z;QD^ah9_w)Tm|85be|ni{
za~#Z=jZPvReXslwRF_Ixrbf=8Z6b%Qv+`126EuRPqCg?i6omYJ=BLyCJcD}COyw7g
zLDFNn4T4KwJ*uvp(QM}nq!R8d=}7HW#Z~3iY7hXZh+I{RFE()DM*Unh5F9%
zncg()HvR5KA0+#z_#-B|QF_oJQWz?m1fj0G8homPQy}v~1;ELplr`%vXM$Wb~g7(eP#tDxmn^a}m0
zOQQ!=pk_;E?%ugYr?D>2^zN!9QD{^M%l+4+D@Z-tvlu@+}DLu
z_WO3A$`{saDp{1mi(oguI
zLBcrs9FPzcXP)9Gb)OKlW_{yf`VVA}GU9gs)6V0_b`ky)NvNlOqN1RK+d_6R3vS^D
z4%3l-=-F`Q#iM_T1pI;+^=wabk{oAhTV*Mb-oLn3|28G;^+J8fM|?t3ljjWNP8Q+W
zvpRE%Zd#y;B@73aub9QNpPb8s-1PAF=#0LCox!@AIXexKiD7Z(#$5}wV+LZ3=|x%!
zrz=6#GK;{a(6lzV!ERw($I4LKR|j>+nT|a{(#UV3Z!)X6nuV8>q~P;>fl4aIsP0+s
zRJzZGf~A7=#;#@3T)@Om^C9`efj|kJSjG3Y`xKTxf&J`x5b3J+v4{bHJ2J
zQ}BD-{Lec83k5s2gQRoB|A)%GXRfZhr~3G|l`96Im50bXBVgxI(uYNNZwPzYhit+K
zA{%;Fta{$?JT|zY3uFGI!s4OnUEM{Php+y+%F@WKQ4&Xk&Gs_iAha#k==3oflGA>Y
zZ%s-H3K3X)&csD`%K`}#Uf1#N7C%O|Gt2N9U`K2TGcyX7u?ngZ#UOEi{8NBlshCvT
zkxqo;^Cw__I{4m>{PlAn?yUR<{@?Ksm)GPu&My=scTND4{57EWM%qe!NJE2&M=8~q
z&fFm;FVlvo@^s<3jE4nHL@8XI$!~J9Xj0&!ZO9=3Xlsqu4%KwSHI|#V}O5<1ofR
zy4!+6R3Y9RC|;m5jfkIY5n+;S28JMIsV!99f=51$<#VWl{%1&9_rQDHXP-iD=Xyx5
z5c%^=i6KfK-Ml5$RomFp75z9CYdcO9M;l}*ptYk3WGE|_LIgGIGs{dKbu;^@1B6%(
zD{2OH1KYA6IN1%ge}e4ttr)E~g?_~Mo_!gak83RFXCkx>g@~1w@;408V>%IebBeHo
zebVB)N}VQ$>`r9KBzD*chVS^Q97!2>a`dpZgZBH;PTxAOfN0rom!1UU2C&{IiMpEi
zzykLIu&ur7gOwrsYiv~0jm5KC2X0cyE1tU0f;GMAI}K~}-c;EB$dq0Q+6~19r$0K55|hdz;MDIK>*
zt%ZF*bsF|W_{n`*C}As2)@u1y!dnlt;sAQ~l9J-1zJPpy06si%3TZC2k
zdGaz(8Q)z9Z@|8&LJ*dzcL4{NG2L>*q-Rn=l>HGcP3`9O@yh$&aS0&V_oVux)8T;)
zkb}cyI(==yIe<{$1aXlOzrZU^ggHllW`dk0zq6mWp3j2}
z%Pt;MaV-pfi^_0}>!4@y@gE_P%!M6t?)-9FP+WS33xVJKI_VTIgKr{vF5*$`L?2}0
zkwYYVQNQ>`^_nH9J3>|1JXOlP?#-pZ!ABbAcpG4^vRBK>owCc;^&hcgD-twzeuAn}
zN_ePRPi~x^$Jz}ypi-;u>Zeut9-tFjBAQ0GmC6b)`aFYJ-MssgZfxI3rqj^}KD1-X
zTV_sTR~l~aJ^t0#qK!YT0iqcsKlBwnraR6h;Kj~j8CtetJ=K=nc#t0V&hzkU0_>dT
zLpFO2qc%^oPdB^r3rINGg*x(XE4M;zodF)JMby13MJcL*a}@bILrHb2Ov-xH{c8G>
z{VyNtUa91*+1aON*kzJh%eUD@De7_5Een%z80&7xw)+z@kF39r-ld_KWcL>b^+Q)%
ztT*WU80i)dy~!Ke3XNDB0{W9aac%+w4Pr+QS^>O`i{4b0EXV32rTi>OAC-9)t#3UE
zA5L6n8ZQ>R=`rTT;yp}?&7y*Ep9taZyB3#wHF8cS1u3d@;sFO?*T*=dKu2-U85~w@
zV2bnUj$@y)=yBP-_7>EHI%&BbF(vMuk|GEk;uj#QgUu
zBcrO>(K5AfExxnDeWy2Ajqo4;<0f}+T`T12Z4QN&0E^bA+-qTBz7S#m+0@J?kjxOg
zUqH2c!w0J(
z_(NU2nmQbMLPDDDcr-iSy8hwS1lA^%HoqNok<*dO3q~NlM}31~<$I)FnKy(z>KUb}
zM`$SPuhQc_a>m{^FX4f(tCA^OquX>b6x!<`|wAUu)
zd~{af_YhW_#3cAYP+8JGEtI50{&NZ*0$aWz7E{r`ql^r#^>F-78MD0|>DRB|kbmEc
zErH6Z>dw{pQ};*Z*JaXmuU{Ujk~YQFiq=LbL{TSc>})6K;eOpBuU)r14d=>2!WCoL
zdA@G4pT2={W8@a{`X6E8AitYCK0Aoh-`F6hD8>9<{?_
zL{>dLn-i;=_0Zwcq^H-N-4Hd!-Orb$RON1o7hh1Lc-`yR3g17-xbp&C*@IF_UNRUV
z3L~q-s3@o7dr>3=Ke5{>yWv~iB+5G#6w(sv|80lo86aLwp(9Ax^3XwK?$Dj3t`hLF
z2Mu=+3}+D$TFZh16)q&QD{X(v-ClF^q+^(gYi;E%W?fJ}*iI=YdCWI2?6F0~l&7~J
z=Mhp*v%o9QCB8oas%yO6qISJ)lW>h?T6LxY{N|gmHB`h5!sk|AbK663d{Osm@Lo7B
z4im_?1yuRm9nDTErd85*y7?jdDr>Fa;BzU!(by?5OSG8(8vT=9j1Bu@%;H;+CJwn$Ox12WLJKgYtll88~l>E#*F*~V=ykc|OiTN0Y-*ExA`w_39
zQ+-gkPzR5Gv3ysx*46Gf^c=(*Az44Y?RtcZCJIhI-AQAU+{X3_!`CDUZMMK
zqfJ7B;-r0VK|SFma5l6!B$i6-d!(DTz)Fc9(0%`KsCc#!aQG$bN0Xr`}-Zz{{YFAUh^^H>l5%j{TN<0#itp)Q*X
zsMk%$xAZnWQ;%QI!Dh@Y@tbG7xhS$wLeRtJ2A(BDMW>$@zIj+6ZWE48lf?bxoN}zX
z;a=!brIw6xl2kcnq{RDaU+r>+*xkDymfuRHkB%nxlvOr}CE^zc9-iHtZv6ljq0y(m|8W`Dx=M#8-u9foO+|21B0
ztC#=aFGhN`42>3s8njH)=-yIadkufCW85i&65`@+l5T_NrF%8)mNh+y{F&G2fb)pT
z7QHvn*FKV~BI<;qvm>nH3EpO^m+tpc5*sgd*o^vl;&s(9KjPu;(DH|`tj{b|m$0SR
z;u^qulhE!2JS01#e!a0r9(-BR4P_V3UwOXAUe&fROqePX
zx#`Nhf*p40M37Q0^+6wRHy$J)KdRvk1^t)DPe%m-nex_48a&w3@?#q5p}VSQL8DPL
zXVp`L5whVu@3^k-%FpMUxLr21006Y<6L6(db>2~LFeKqJQFO-oQIm)}gq!uX^EXvd
zS?K-REjx={x+AgAda5|Ds`&%^p2(ASxs&NX>7@c^GCqdMUbrGB>1T7hRrK1mF7>*r
z$Mo&L)@L+QKWNMuq%xPAa|Vox1fV}Nc{4GkGPe