* chore: move dev app to its own folder
* docs: update CONTRIBUTING.md
* docs: fix typos in CONTRIBUTING
* chore: gitignore dev app lock files
* chore: move release config into package.json
* chore: add beta to release flow/GH actions
* feat(ts): expose types from the package (#1665)
* chore(types): move existing types to the repo
* feat(ts): expose types from the main package
* chore(deps): bring back `react-dom` version range
* chore(ts): cleanup deps and comments
* chore(ci): run types tests on a separate workflow
* chore(ci): fix typo on types workflow
* fix(ts): correctly export sub-module types (#1677)
* chore(types): build types script
Adds a script that moves the declaration files we have in `./types` to `./dist` relative to the files they intend to type.
This is the first step, we still need to change what we declare in `package.json`, add the script to the CI pipeline if we're happy with it and figure out how to type `next-auth/jwt`.
* refactor(lint): fix build-types script
* fix(ts): add .d.ts sub-module files to package.json
#1677 seemed to miss this
* fix(built): typo in package.json
* fix(build): fix release
* feat(ts): support module augmentation (#1681)
* chore(ts): remove unused imports
* refactor(ts): clean up CallbackOptions
* docs(ts): explain Module Augmentation
* docs(ts): don't use @ in folder name "types"
* test(ts): make jwt params optional
* docs(ts): fix typo (TypeScript -> NextAuth.js)
* style: replace ts-standard with eslint/prettier (#1724)
* style: move from ts-standard to eslint/prettier
* fix: install remaining eslint-config-standard peer deps
* fix: add remaining missing dependencies/config
Co-authored-by: Balázs Orbán <info@balazsorban.com>
* docs(lint): update contributing.md (#1760)
Regarding ESLint / Prettier use and link to their VSCode extensions
* refactor(ts): de-duplicate types (#1690)
* refactor(ts): deduplicate internal types
* refactor(ts): ease up providers typings
* test(ts): fix failing TS tests
* test(ts): rename TS property to fix test
* docs(ts): mention TS docs in README.md
* feat(ts): move/update client types
* refactor(TS): rename some types
* test(ts): fix client tests
* docs(ts): move function descriptions to .d.ts
* chore: fix lint error
* refactor(ts): separate internal types
* chore: simplify build-types script
* chore: update type import paths in src
* chore(build): create root files at build
* chore: remove unnecessary .npmignore
* chore: run prettier on types
* fix(ts): clean up jwt types
* fix(ts): make getToken return type depend on raw param
* docs(page): explain page errors, add theming note
* docs(ts): add JSDoc to NextAuthOptions props
* chore(ts): remove unused import
* docs(ts): change JSDOC docs notation
* refactor(build): extract module entries into enum
* chore(ts): move ClientSafeProvider
* chore(ts): simplify GetTokenParams generic
* style(lint): fix linting errors
* chore: re-add generic extension to GetTokenParams
* fix(ts): extract EmailConfigServerOptions to interface
* fix(ts): use relative imports
* Merge branch 'main' into beta
* Merge main into beta
* fix(ts): fix typos, add more links to documentation
* test(ts): update JWT getToken test
* fix(build): fix tsconfig.json formatting
* test(ts): use absolute imports in test files
* fix(ts): add missing callbacks JSDoc
* docs: mention TS in FAQ, fix typos
* docs: fix some typos in the docs
Co-authored-by: Lluis Agusti <hi@llu.lu>
Co-authored-by: Nico Domino <yo@ndo.dev>
* chore: alias dev script to next
* feat(core): fallback to body when reading state
* refactor: set csrfToken on req.options implicitly
Ensures we do this similarly than
in other handlers like pkce, state, extendRes, callbackUrlHandler etc.
* chore: add code comment for debugging
* chore(deps): add next and react to dev dependencies
* chore: move build configs to avoid crash with next dev
* chore: add next js dev app
* chore: remove .txt extension from LICENSE file
* chore: update CONTRIBUTING.md
* chore: watch css under development
* style(lint): run linter on index.css
* chore: fix some imports for dev server
* refactor: simplify client code
* chore: mention VSCode extension for linting
* docs: reword CONTRIBUTING.md
* chore: ignore linting pages and components
* docs: update CONTRIBUTING.md
* docs: use db instead of database for more space
* docs: update CONTRIBUTING.md
* docs: update PR template
* docs: add note about skipping a release
* By default, sessions are 30 day 'rolling sessions' and the timestamp for when they expire is extended when they are accessed to keep them alive.
* When sessions expire (ie after 30 days of inactivity), session object returns empty (as if there is no session) and users must sign in in again.
* Cleaning up old sessions from the database is not currently handled by the default adapter, but I do intend to add some logic to do this (added @TODO).
* The session expiry date can be changed by passing a custom updateSession() callback handler function in the options to the default adapter.
Using a custom `updateSession()` method with the default adapter, it is possible to specify other behaviour:
e.g.
* Disable rolling sessions (e.g. force a new login every X days).
* Create a session expiry date far into the future on initial sign in, so that they effectively never expire.
* Set a decently long max expiry time (e.g. 90+ days) but only actually update the session expiry time if the current expiry time is < 30 days; so that sessions stay valid for 30 days (and at most 90 days of inactivity) so that idle sessions are valid for at least 30 days (and maybe longer) but you don't need to write to your session database as often (useful if slow/expensive).
Note: Adapter options are passed as second option to the default adapter (the first option being the DB connection details). This is probably confusing and might be a design mistake.
const adapter = Adapter.Default({ /* database object * /}, {
updateSession: async (session, isNewSession) => {
// 1st arg is the current session (or null) so it's easy to check current
// expiry date, get user specific info, etc.
// 2nd arg is true if this is a brand new session.
//
// Function should return an ISO date (e.g. toISOString) or false/null to
// prevent an update from being applied; but should always return a session
// if isNewSession is set or the sign in will fail.
}
})
Relying on on Adapter options is a little obtuse / confusing and so I'm considering it an 'advanced option' right now. In future, we might change how session expiry dates and behaviour is set to make it easier.
Note: There are some other updates in this PR, that's just from the linter and some improvements to formatting of contributing guide.
* Now has 'www' directory at root level for the website (was 'docs').
* The 'docs' directory now only contains Markdown docs.
* Docusarus config looks in '../docs' for the docs.
This is deployed with now.sh to https://next-auth-docs.now.sh
