chore(release): bump package version(s) [skip ci]

* Add Descope provider

* Add Descope provider

* Remove dark logo, remove wellKnown, and fix user profile syntax

* Change to DESCOPE_SECRET

* Fix env comment

* Fix clientId extracting

* Change to client id

.github/ISSUE_TEMPLATE/2_bug_provider.yml

@@ -37,6 +37,7 @@ body:
         - "Bungie"
         - "Cognito"
         - "Coinbase"
+        - "Descope"
         - "Discord"
         - "Dropbox"
         - "EVE Online"

.github/ISSUE_TEMPLATE/3_bug_adapter.yml

@@ -21,20 +21,20 @@ body:
       multiple: true
       options:
         - "Custom adapter"
-        - "@next-auth/dgraph-adapter"
-        - "@next-auth/dynamodb-adapter"
-        - "@next-auth/fauna-adapter"
-        - "@next-auth/firebase-adapter"
-        - "@next-auth/mikro-orm-adapter"
-        - "@next-auth/mongodb-adapter"
-        - "@next-auth/neo4j-adapter"
-        - "@next-auth/pouchdb-adapter"
-        - "@next-auth/prisma-adapter"
-        - "@next-auth/sequelize-adapter"
-        - "@next-auth/supabase-adapter"
-        - "@next-auth/typeorm-legacy-adapter"
-        - "@next-auth/upstash-redis-adapter"
-        - "@next-auth/xata-adapter"
+        - "@auth/dgraph-adapter"
+        - "@auth/dynamodb-adapter"
+        - "@auth/fauna-adapter"
+        - "@auth/firebase-adapter"
+        - "@auth/mikro-orm-adapter"
+        - "@auth/mongodb-adapter"
+        - "@auth/neo4j-adapter"
+        - "@auth/pouchdb-adapter"
+        - "@auth/prisma-adapter"
+        - "@auth/sequelize-adapter"
+        - "@auth/supabase-adapter"
+        - "@auth/typeorm-adapter"
+        - "@auth/upstash-redis-adapter"
+        - "@auth/xata-adapter"
     validations:
       required: true
   - type: textarea

.github/issue-labeler.yml

@@ -1,43 +1,43 @@
 # https://github.com/github/issue-labeler#basic-examples
 
 dgraph:
-  - "@next-auth/dgraph-adapter"
+  - "@auth/dgraph-adapter"
 
 dynamodb:
-  - "@next-auth/dynamodb-adapter"
+  - "@auth/dynamodb-adapter"
 
 fauna:
-  - "@next-auth/fauna-adapter"
+  - "@auth/fauna-adapter"
 
 firebase:
-  - "@next-auth/firebase-adapter"
+  - "@auth/firebase-adapter"
 
 mikro-orm:
-  - "@next-auth/mikro-orm-adapter"
+  - "@auth/mikro-orm-adapter"
 
 mongodb:
-  - "@next-auth/mongodb-adapter"
+  - "@auth/mongodb-adapter"
 
 neo4j:
-  - "@next-auth/neo4j-adapter"
+  - "@auth/neo4j-adapter"
 
 pouchdb:
-  - "@next-auth/pouchdb-adapter"
+  - "@auth/pouchdb-adapter"
 
 prisma:
-  - "@next-auth/prisma-adapter"
+  - "@auth/prisma-adapter"
 
 sequelize:
-  - "@next-auth/sequelize-adapter"
+  - "@auth/sequelize-adapter"
 
 supabase:
-  - "@next-auth/supabase-adapter"
+  - "@auth/supabase-adapter"
 
-typeorm-legacy:
-  - "@next-auth/typeorm-legacy-adapter"
+typeorm:
+  - "@auth/typeorm-adapter"
 
 upstash-redis:
-  - "@next-auth/upstash-redis-adapter"
+  - "@auth/upstash-redis-adapter"
 
 xata:
-  - "@next-auth/xata-adapter"
+  - "@auth/xata-adapter"

.github/pr-labeler.yml

@@ -21,6 +21,6 @@ solidjs: ["packages/frameworks-solid-start/**/*"]
 supabase: ["packages/adapter-supabase/**/*"]
 svelte: ["packages/frameworks-sveltekit/**/*"]
 test: ["**test**/*"]
-typeorm-legacy: ["packages/adapter-typeorm-legacy/**/*"]
+typeorm: ["packages/adapter-typeorm/**/*"]
 upstash-redis: ["packages/adapter-upstash-redis/**/*"]
 xata: ["packages/adapter-xata/**/*"]

.github/sync.yml

@@ -1,5 +1,3 @@
-# Note that nextauthjs/next-auth-example syncs from the v4 branch
-
 nextauthjs/sveltekit-auth-example:
   - source: apps/examples/sveltekit
     dest: .
@@ -20,3 +18,10 @@ nextauthjs/next-auth-gatsby-example:
     deleteOrphaned: true
   - .github/FUNDING.yml
   - LICENSE
+
+nextauthjs/next-auth-example:
+  - source: apps/examples/nextjs
+    dest: .
+    deleteOrphaned: true
+  - .github/FUNDING.yml
+  - LICENSE

.github/version-pr/index.js

@@ -5,14 +5,15 @@ const core = require("@actions/core")
 try {
   const packageJSONPath = path.join(
     process.cwd(),
-    "packages/next-auth/package.json"
+    `packages/${process.env.PACKAGE_PATH || "next-auth"}/package.json`
   )
   const packageJSON = JSON.parse(fs.readFileSync(packageJSONPath, "utf8"))
 
   const sha8 = process.env.GITHUB_SHA.substring(0, 8)
-  const prNumber = process.env.PR_NUMBER
-
-  const packageVersion = `0.0.0-pr.${prNumber}.${sha8}`
+  const prefix = "0.0.0-"
+  const pr = process.env.PR_NUMBER
+  const source = pr ? `pr.${pr}` : "manual"
+  const packageVersion = `${prefix}${source}.${sha8}`
   packageJSON.version = packageVersion
   core.setOutput("version", packageVersion)
   fs.writeFileSync(packageJSONPath, JSON.stringify(packageJSON))

.github/workflows/release.yml

@@ -8,6 +8,54 @@ on:
       - next
       - 3.x
   pull_request:
+  # TODO: Support latest releases
+  workflow_dispatch:
+    inputs:
+      name: 
+        type: choice
+        description: Package name (npm)
+        options:
+        - "@auth/core"
+        - "@auth/nextjs"
+        - "@auth/dgraph-adapter"
+        - "@auth/drizzle-adapter"
+        - "@auth/dynamodb-adapter"
+        - "@auth/fauna-adapter"
+        - "@auth/firebase-adapter"
+        - "@auth/mikro-orm-adapter"
+        - "@auth/mongodb-adapter"
+        - "@auth/neo4j-adapter"
+        - "@auth/pouchdb-adapter"
+        - "@auth/prisma-adapter"
+        - "@auth/sequelize-adapter"
+        - "@auth/supabase-adapter"
+        - "@auth/typeorm-adapter"
+        - "@auth/upstash-redis-adapter"
+        - "@auth/xata-adapter"
+        - "next-auth"
+      # TODO: Infer from package name
+      path:
+        type: choice
+        description: Directory name (packages/*)
+        options:
+        - "core"
+        - "frameworks-nextjs"
+        - "adapter-dgraph"
+        - "adapter-drizzle"
+        - "adapter-dynamodb"
+        - "adapter-fauna"
+        - "adapter-firebase"
+        - "adapter-mikro-orm"
+        - "adapter-mongodb"
+        - "adapter-neo4j"
+        - "adapter-pouchdb"
+        - "adapter-prisma"
+        - "adapter-sequelize"
+        - "adapter-supabase"
+        - "adapter-typeorm"
+        - "adapter-upstash-redis"
+        - "adapter-xata"
+        - "next-auth"
 
 jobs:
   test:
@@ -24,6 +72,7 @@ jobs:
         uses: actions/setup-node@v3
         with:
           node-version: 18
+          cache: "pnpm"
       - name: Install dependencies
         run: pnpm install
       - name: Run tests
@@ -73,6 +122,7 @@ jobs:
         uses: actions/setup-node@v3
         with:
           node-version: 18
+          cache: "pnpm"
       - name: Install dependencies
         run: pnpm install
       - name: Publish to npm and GitHub
@@ -97,6 +147,7 @@ jobs:
         uses: actions/setup-node@v3
         with:
           node-version: 18
+          cache: "pnpm"
       - name: Install dependencies
         run: pnpm install
       - name: Determine version
@@ -122,3 +173,36 @@ jobs:
         env:
           VERSION: ${{ steps.determine-version.outputs.version }}
           GITHUB_TOKEN: ${{ secrets.GH_PAT }}
+  release-manual:
+    name: Publish manually
+    runs-on: ubuntu-latest
+    if: ${{ github.event_name == 'workflow_dispatch' }}
+    steps:
+      - name: Init
+        uses: actions/checkout@v3
+      - name: Install pnpm
+        uses: pnpm/action-setup@v2.2.4
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          cache: "pnpm"
+      - name: Install dependencies
+        run: pnpm install
+      - name: Determine version
+        uses: ./.github/version-pr
+        id: determine-version
+        env:
+          PACKAGE_PATH: ${{ github.event.inputs.path }}
+      - name: Publish to npm
+        run: |
+          pnpm build
+          cd packages/$PACKAGE_PATH
+          echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> .npmrc
+          pnpm publish --no-git-checks --access public --tag experimental
+          echo "🎉 Experimental release published 📦️ on npm: https://npmjs.com/package/${{ github.event.inputs.name }}/v/${{ env.VERSION }}"
+          echo "Install via: pnpm add ${{ github.event.inputs.name }}@${{ env.VERSION }}"
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          PACKAGE_PATH: ${{ github.event.inputs.path }}
+          VERSION: ${{ steps.determine-version.outputs.version }}

.gitignore

@@ -38,11 +38,13 @@ packages/next-auth/next
 packages/*/*.js
 packages/*/*.d.ts
 packages/*/*.d.ts.map
+packages/*/lib
 
 # Development app
 apps/dev/src/css
 apps/dev/prisma/migrations
 apps/dev/typeorm
+apps/dev/nextjs-2
 
 # VS
 /.vs/slnx.sqlite-journal

apps/dev/nextjs-v4/.env.local.example

@@ -0,0 +1,61 @@
+# Rename file to .env.local (or .env) and populate values
+# to be able to run the dev app
+
+NEXTAUTH_URL=http://localhost:3000
+
+# You can use `openssl rand -hex 32` or 
+# https://generate-secret.vercel.app/32 to generate a secret.
+# Note: Changing a secret may invalidate existing sessions
+# and/or verification tokens.
+NEXTAUTH_SECRET=secret
+
+AUTH0_ID=
+AUTH0_SECRET=
+AUTH0_ISSUER=
+
+DESCOPE_ID=
+DESCOPE_SECRET=
+
+KEYCLOAK_ID=
+KEYCLOAK_SECRET=
+KEYCLOAK_ISSUER=
+
+IDS4_ID=
+IDS4_SECRET=
+IDS4_ISSUER=
+
+GITHUB_ID=
+GITHUB_SECRET=
+
+TWITCH_ID=
+TWITCH_SECRET=
+
+TWITTER_ID=
+TWITTER_SECRET=
+
+LINE_ID=
+LINE_SECRET=
+
+TRAKT_ID=
+TRAKT_SECRET=
+
+# Example configuration for a Gmail account (will need SMTP enabled)
+EMAIL_SERVER=smtps://user@gmail.com:password@smtp.gmail.com:465
+EMAIL_FROM=user@gmail.com
+
+# Note: If using with Prisma adapter, you need to use a `.env`
+# file rather than a `.env.local` file to configure env vars.
+# Postgres: DATABASE_URL=postgres://nextauth:password@127.0.0.1:5432/nextauth?synchronize=true
+# MySQL:    DATABASE_URL=mysql://nextauth:password@127.0.0.1:3306/nextauth?synchronize=true
+# MongoDB:  DATABASE_URL=mongodb://nextauth:password@127.0.0.1:27017/nextauth?synchronize=true
+DATABASE_URL=
+
+WIKIMEDIA_ID=
+WIKIMEDIA_SECRET=
+
+# Supabase Example Configuration
+# Supabase Example Configuration
+# NEXT_PUBLIC_SUPABASE_URL=http://localhost:54321
+# SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6InNlcnZpY2Vfcm9sZSJ9.vI9obAHOGyVVKa3pD--kJlyxp-Z2zV9UUMAhKpNLAcU
+# SUPABASE_JWT_SECRET=super-secret-jwt-token-with-at-least-32-characters-long
+# NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24ifQ.625_WdcF3KHqz5amU0x2X5WWHP-OEs_4qj0ssLNHzTs

apps/dev/nextjs-v4/.vscode/settings.json

@@ -0,0 +1,4 @@
+{
+  "typescript.tsdk": "../../node_modules/.pnpm/typescript@4.8.4/node_modules/typescript/lib",
+  "typescript.enablePromptUseWorkspaceTsdk": true
+}

apps/dev/nextjs-v4/README.md

@@ -0,0 +1,6 @@
+# NextAuth.js Development App
+
+This folder contains a Next.js app using NextAuth.js for local development. See the following section on how to start:
+
+[Setting up local environment
+](https://github.com/nextauthjs/next-auth/blob/main/CONTRIBUTING.md#setting-up-local-environment)

apps/dev/nextjs-v4/app/api/auth/[...nextauth]/route.ts

@@ -0,0 +1,14 @@
+import NextAuth, { type NextAuthOptions } from "next-auth"
+import GitHub from "next-auth/providers/github"
+
+export const authOptions: NextAuthOptions = {
+  providers: [
+    GitHub({
+      clientId: process.env.GITHUB_ID,
+      clientSecret: process.env.GITHUB_SECRET,
+    }),
+  ],
+}
+
+const handler = NextAuth(authOptions)
+export { handler as GET, handler as POST }

apps/dev/nextjs-v4/app/layout.tsx

@@ -0,0 +1,12 @@
+export default function RootLayout({
+  children,
+}: {
+  children: React.ReactNode
+}) {
+  return (
+    <html>
+      <head></head>
+      <body>{children}</body>
+    </html>
+  )
+}

apps/dev/nextjs-v4/app/server-component/page.tsx

@@ -0,0 +1,6 @@
+import { getServerSession } from "next-auth/next"
+
+export default async function Page() {
+  const session = await getServerSession()
+  return <pre>{JSON.stringify(session, null, 2)}</pre>
+}

apps/dev/nextjs-v4/components/access-denied.js

@@ -0,0 +1,20 @@
+import { signIn } from "next-auth/react"
+
+export default function AccessDenied() {
+  return (
+    <>
+      <h1>Access Denied</h1>
+      <p>
+        <a
+          href="/api/auth/signin"
+          onClick={(e) => {
+            e.preventDefault()
+            signIn()
+          }}
+        >
+          You must be signed in to view this page
+        </a>
+      </p>
+    </>
+  )
+}

apps/dev/nextjs-v4/components/footer.js

@@ -0,0 +1,28 @@
+import Link from "next/link"
+import styles from "./footer.module.css"
+import packageJSON from "package.json"
+
+export default function Footer() {
+  return (
+    <footer className={styles.footer}>
+      <hr />
+      <ul className={styles.navItems}>
+        <li className={styles.navItem}>
+          <a href="https://next-auth.js.org">Documentation</a>
+        </li>
+        <li className={styles.navItem}>
+          <a href="https://www.npmjs.com/package/next-auth">NPM</a>
+        </li>
+        <li className={styles.navItem}>
+          <a href="https://github.com/nextauthjs/next-auth-example">GitHub</a>
+        </li>
+        <li className={styles.navItem}>
+          <Link href="/policy">Policy</Link>
+        </li>
+        <li className={styles.navItem}>
+          <em>{packageJSON.version}</em>
+        </li>
+      </ul>
+    </footer>
+  )
+}

apps/dev/nextjs-v4/components/footer.module.css

@@ -0,0 +1,14 @@
+.footer {
+  margin-top: 2rem;
+}
+
+.navItems {
+  margin-bottom: 1rem;
+  padding: 0;
+  list-style: none;
+}
+
+.navItem {
+  display: inline-block;
+  margin-right: 1rem;
+}

apps/dev/nextjs-v4/components/header.js

@@ -0,0 +1,103 @@
+import Link from "next/link"
+import { signIn, signOut, useSession } from "next-auth/react"
+import styles from "./header.module.css"
+
+// The approach used in this component shows how to built a sign in and sign out
+// component that works on pages which support both client and server side
+// rendering, and avoids any flash incorrect content on initial page load.
+export default function Header() {
+  const { data: session, status } = useSession()
+
+  return (
+    <header>
+      <noscript>
+        <style>{".nojs-show { opacity: 1; top: 0; }"}</style>
+      </noscript>
+      <div className={styles.signedInStatus}>
+        <p
+          className={`nojs-show ${
+            !session && status === "loading" ? styles.loading : styles.loaded
+          }`}
+        >
+          {!session && (
+            <>
+              <span className={styles.notSignedInText}>
+                You are not signed in
+              </span>
+              <a
+                href="/api/auth/signin"
+                className={styles.buttonPrimary}
+                onClick={(e) => {
+                  e.preventDefault()
+                  signIn()
+                }}
+              >
+                Sign in
+              </a>
+            </>
+          )}
+          {session && (
+            <>
+              {session.user.image && (
+                <img src={session.user.image} className={styles.avatar} />
+              )}
+              <span className={styles.signedInText}>
+                <small>Signed in as</small>
+                <br />
+                <strong>{session.user.email} </strong>
+                {session.user.name ? `(${session.user.name})` : null}
+              </span>
+              <a
+                href="/api/auth/signout"
+                className={styles.button}
+                onClick={(e) => {
+                  e.preventDefault()
+                  signOut()
+                }}
+              >
+                Sign out
+              </a>
+            </>
+          )}
+        </p>
+      </div>
+      <nav>
+        <ul className={styles.navItems}>
+          <li className={styles.navItem}>
+            <Link href="/">Home</Link>
+          </li>
+          <li className={styles.navItem}>
+            <Link href="/client">Client</Link>
+          </li>
+          <li className={styles.navItem}>
+            <Link href="/server">Server</Link>
+          </li>
+          <li className={styles.navItem}>
+            <Link href="/protected">Protected</Link>
+          </li>
+          <li className={styles.navItem}>
+            <Link href="/protected-ssr">Protected(SSR)</Link>
+          </li>
+          <li className={styles.navItem}>
+            <Link href="/api-example">API</Link>
+          </li>
+          <li className={styles.navItem}>
+            <Link href="/credentials">Credentials</Link>
+          </li>
+          <li className={styles.navItem}>
+            <Link href="/email">Email</Link>
+          </li>
+          <li className={styles.navItem}>
+            <Link href="/middleware-protected">Middleware protected</Link>
+          </li>
+          <li className={styles.navItem}>
+            <Link href="/supabase-client-rls">Supabase RLS</Link>
+          </li>
+          <li className={styles.navItem}>
+            <Link href="/supabase-ssr">Supabase RLS(SSR)</Link>
+          </li>
+        </ul>
+      </nav>
+    </header>
+  )
+}

apps/dev/nextjs-v4/components/header.module.css

@@ -0,0 +1,92 @@
+/* Set min-height to avoid page reflow while session loading */
+.signedInStatus {
+  display: block;
+  min-height: 4rem;
+  width: 100%;
+}
+
+.loading,
+.loaded {
+  position: relative;
+  top: 0;
+  opacity: 1;
+  overflow: hidden;
+  border-radius: 0 0 .6rem .6rem;
+  padding: .6rem 1rem;
+  margin: 0;
+  background-color: rgba(0,0,0,.05);
+  transition: all 0.2s ease-in;
+}
+
+.loading {
+  top: -2rem;
+  opacity: 0;
+}
+
+.signedInText,
+.notSignedInText {
+  position: absolute;
+  padding-top: .8rem;
+  left: 1rem;
+  right: 6.5rem;
+  white-space: nowrap;
+  text-overflow: ellipsis;
+  overflow: hidden;
+  display: inherit;  
+  z-index: 1;
+  line-height: 1.3rem;
+}
+
+.signedInText {
+  padding-top: 0rem;
+  left: 4.6rem;
+}
+
+.avatar {
+  border-radius: 2rem;
+  float: left;
+  height: 2.8rem;
+  width: 2.8rem;
+  background-color: white;
+  background-size: cover;
+  background-repeat: no-repeat;
+}
+
+.button,
+.buttonPrimary {
+  float: right;
+  margin-right: -.4rem;
+  font-weight: 500;
+  border-radius: .3rem;
+  cursor: pointer;
+  font-size: 1rem;
+  line-height: 1.4rem;
+  padding: .7rem .8rem;
+  position: relative;
+  z-index: 10;
+  background-color: transparent;
+  color: #555;
+}
+
+.buttonPrimary {
+  background-color: #346df1;
+  border-color: #346df1;
+  color: #fff;
+  text-decoration: none;
+  padding: .7rem 1.4rem;
+}
+
+.buttonPrimary:hover {
+  box-shadow: inset 0 0 5rem rgba(0,0,0,0.2)
+}
+
+.navItems {
+  margin-bottom: 2rem;
+  padding: 0;
+  list-style: none;
+}
+
+.navItem {
+  display: inline-block;
+  margin-right: 1rem;
+}

apps/dev/nextjs-v4/components/layout.js

@@ -0,0 +1,14 @@
+import Header from 'components/header'
+import Footer from 'components/footer'
+
+export default function Layout ({ children }) {
+  return (
+    <>
+      <Header />
+      <main>
+        {children}
+      </main>
+      <Footer />
+    </>
+  )
+}

apps/dev/nextjs-v4/middleware.ts

@@ -0,0 +1,45 @@
+export { default } from "next-auth/middleware"
+
+export const config = { matcher: ["/middleware-protected"] }
+
+// Other ways to use this middleware
+
+// import withAuth from "next-auth/middleware"
+// import { withAuth } from "next-auth/middleware"
+
+// export function middleware(req, ev) {
+//   return withAuth(req)
+// }
+
+// export function middleware(req, ev) {
+//   return withAuth(req, ev)
+// }
+
+// export function middleware(req, ev) {
+//   return withAuth(req, {
+//     callbacks: {
+//       authorized: ({ token }) => !!token,
+//     },
+//   })
+// }
+
+// export default withAuth(function middleware(req, ev) {
+//   console.log(req.nextauth.token)
+// })
+
+// export default withAuth(
+//   function middleware(req, ev) {
+//     console.log(req, ev)
+//   },
+//   {
+//     callbacks: {
+//       authorized: ({ token }) => token.name === "Balázs Orbán",
+//     },
+//   }
+// )
+
+// export default withAuth({
+//   callbacks: {
+//     authorized: ({ token }) => !!token,
+//   },
+// })

apps/dev/nextjs-v4/next-env.d.ts

@@ -0,0 +1,6 @@
+/// <reference types="next" />
+/// <reference types="next/image-types/global" />
+/// <reference types="next/navigation-types/compat/navigation" />
+
+// NOTE: This file should not be edited
+// see https://nextjs.org/docs/basic-features/typescript for more information.

apps/dev/nextjs-v4/next.config.js

@@ -0,0 +1,9 @@
+/** @type {import("next").NextConfig} */
+module.exports = {
+  webpack(config) {
+    config.experiments = { ...config.experiments, topLevelAwait: true }
+    return config
+  },
+  experimental: { appDir: true },
+  typescript: { ignoreBuildErrors: true },
+}

apps/dev/nextjs-v4/package.json

@@ -0,0 +1,40 @@
+{
+  "name": "next-auth-app-v4",
+  "version": "1.0.0",
+  "description": "NextAuth.js Developer app",
+  "private": true,
+  "scripts": {
+    "clean": "rm -rf .next",
+    "dev": "next dev",
+    "lint": "next lint",
+    "build": "next build",
+    "start": "next start",
+    "email": "fake-smtp-server",
+    "start:email": "pnpm email"
+  },
+  "license": "ISC",
+  "dependencies": {
+    "@auth/fauna-adapter": "workspace:*",
+    "@auth/prisma-adapter": "workspace:*",
+    "@auth/supabase-adapter": "workspace:*",
+    "@auth/typeorm-adapter": "workspace:*",
+    "@prisma/client": "^3",
+    "@supabase/supabase-js": "^2.0.5",
+    "faunadb": "^4",
+    "next": "13.3.0",
+    "next-auth": "workspace:*",
+    "nodemailer": "^6",
+    "react": "^18",
+    "react-dom": "^18"
+  },
+  "devDependencies": {
+    "@types/jsonwebtoken": "^8.5.5",
+    "@types/react": "^18.0.37",
+    "@types/react-dom": "^18.0.6",
+    "fake-smtp-server": "^0.8.0",
+    "pg": "^8.7.3",
+    "prisma": "^3",
+    "sqlite3": "^5.0.8",
+    "typeorm": "0.3.7"
+  }
+}

apps/dev/nextjs-v4/pages/_app.js

@@ -0,0 +1,10 @@
+import { SessionProvider } from "next-auth/react"
+import "./styles.css"
+
+export default function App({ Component, pageProps }) {
+  return (
+    <SessionProvider session={pageProps.session}>
+      <Component {...pageProps} />
+    </SessionProvider>
+  )
+}

apps/dev/nextjs-v4/pages/api-example.js

@@ -0,0 +1,17 @@
+import Layout from '../components/layout'
+
+export default function Page () {
+  return (
+    <Layout>
+      <h1>API Example</h1>
+      <p>The examples below show responses from the example API endpoints.</p>
+      <p><em>You must be signed in to see responses.</em></p>
+      <h2>Session</h2>
+      <p>/api/examples/session</p>
+      <iframe src='/api/examples/session' />
+      <h2>JSON Web Token</h2>
+      <p>/api/examples/jwt</p>
+      <iframe src='/api/examples/jwt' />
+    </Layout>
+  )
+}

apps/dev/nextjs-v4/pages/api/auth-old/[...nextauth].ts

@@ -0,0 +1,217 @@
+import NextAuth, { NextAuthOptions } from "next-auth"
+
+// Providers
+import Apple from "next-auth/providers/apple"
+import Auth0 from "next-auth/providers/auth0"
+import AzureAD from "next-auth/providers/azure-ad"
+import AzureB2C from "next-auth/providers/azure-ad-b2c"
+import BoxyHQSAML from "next-auth/providers/boxyhq-saml"
+// import Cognito from "next-auth/providers/cognito"
+import Credentials from "next-auth/providers/credentials"
+import Discord from "next-auth/providers/discord"
+import DuendeIDS6 from "next-auth/providers/duende-identity-server6"
+// import Email from "next-auth/providers/email"
+import Facebook from "next-auth/providers/facebook"
+import Foursquare from "next-auth/providers/foursquare"
+import Freshbooks from "next-auth/providers/freshbooks"
+import GitHub from "next-auth/providers/github"
+import Gitlab from "next-auth/providers/gitlab"
+import Google from "next-auth/providers/google"
+// import IDS4 from "next-auth/providers/identity-server4"
+import Instagram from "next-auth/providers/instagram"
+// import Keycloak from "next-auth/providers/keycloak"
+import Line from "next-auth/providers/line"
+import LinkedIn from "next-auth/providers/linkedin"
+import Mailchimp from "next-auth/providers/mailchimp"
+// import Okta from "next-auth/providers/okta"
+import Osu from "next-auth/providers/osu"
+import Patreon from "next-auth/providers/patreon"
+import Slack from "next-auth/providers/slack"
+import Spotify from "next-auth/providers/spotify"
+import Trakt from "next-auth/providers/trakt"
+import Twitch from "next-auth/providers/twitch"
+import Twitter from "next-auth/providers/twitter"
+import Vk from "next-auth/providers/vk"
+import Wikimedia from "next-auth/providers/wikimedia"
+import WorkOS from "next-auth/providers/workos"
+
+// // Prisma
+// import { PrismaClient } from "@prisma/client"
+// import { PrismaAdapter } from "@auth/prisma-adapter"
+// const client = globalThis.prisma || new PrismaClient()
+// if (process.env.NODE_ENV !== "production") globalThis.prisma = client
+// const adapter = PrismaAdapter(client)
+
+// // Fauna
+// import { Client as FaunaClient } from "faunadb"
+// import { FaunaAdapter } from "@auth/fauna-adapter"
+// const opts = { secret: process.env.FAUNA_SECRET, domain: process.env.FAUNA_DOMAIN }
+// const client = globalThis.fauna || new FaunaClient(opts)
+// if (process.env.NODE_ENV !== "production") globalThis.fauna = client
+// const adapter = FaunaAdapter(client)
+
+// // TypeORM
+// import { TypeORMAdapter } from "@auth/typeorm-adapter"
+// const adapter = TypeORMAdapter({
+//   type: "sqlite",
+//   name: "next-auth-test-memory",
+//   database: "./typeorm/dev.db",
+//   synchronize: true,
+// })
+
+// // Supabase
+// import { SupabaseAdapter } from "@auth/supabase-adapter"
+// const adapter = SupabaseAdapter({
+//   url: process.env.NEXT_PUBLIC_SUPABASE_URL,
+//   secret: process.env.SUPABASE_SERVICE_ROLE_KEY,
+// })
+
+export const authOptions: NextAuthOptions = {
+  // adapter,
+  // debug: process.env.NODE_ENV !== "production",
+  theme: {
+    logo: "https://next-auth.js.org/img/logo/logo-sm.png",
+    brandColor: "#1786fb",
+  },
+  providers: [
+    Credentials({
+      credentials: { password: { label: "Password", type: "password" } },
+      async authorize(credentials) {
+        if (credentials.password !== "pw") return null
+        return {
+          name: "Fill Murray",
+          email: "bill@fillmurray.com",
+          image: "https://www.fillmurray.com/64/64",
+          id: "1",
+          foo: "",
+        }
+      },
+    }),
+    Apple({
+      clientId: process.env.APPLE_ID,
+      clientSecret: process.env.APPLE_SECRET,
+    }),
+    Auth0({
+      clientId: process.env.AUTH0_ID,
+      clientSecret: process.env.AUTH0_SECRET,
+      issuer: process.env.AUTH0_ISSUER,
+    }),
+    AzureAD({
+      clientId: process.env.AZURE_AD_CLIENT_ID,
+      clientSecret: process.env.AZURE_AD_CLIENT_SECRET,
+      tenantId: process.env.AZURE_AD_TENANT_ID,
+    }),
+    AzureB2C({
+      clientId: process.env.AZURE_B2C_ID,
+      clientSecret: process.env.AZURE_B2C_SECRET,
+      issuer: process.env.AZURE_B2C_ISSUER,
+    }),
+    BoxyHQSAML({
+      issuer: "https://jackson-demo.boxyhq.com",
+      clientId: "tenant=boxyhq.com&product=saml-demo.boxyhq.com",
+      clientSecret: "dummy",
+    }),
+    // Cognito({ clientId: process.env.COGNITO_ID, clientSecret: process.env.COGNITO_SECRET, issuer: process.env.COGNITO_ISSUER }),
+    Discord({
+      clientId: process.env.DISCORD_ID,
+      clientSecret: process.env.DISCORD_SECRET,
+    }),
+    DuendeIDS6({
+      clientId: "interactive.confidential",
+      clientSecret: "secret",
+      issuer: "https://demo.duendesoftware.com",
+    }),
+    Facebook({
+      clientId: process.env.FACEBOOK_ID,
+      clientSecret: process.env.FACEBOOK_SECRET,
+    }),
+    Foursquare({
+      clientId: process.env.FOURSQUARE_ID,
+      clientSecret: process.env.FOURSQUARE_SECRET,
+    }),
+    Freshbooks({
+      clientId: process.env.FRESHBOOKS_ID,
+      clientSecret: process.env.FRESHBOOKS_SECRET,
+    }),
+    GitHub({
+      clientId: process.env.GITHUB_ID,
+      clientSecret: process.env.GITHUB_SECRET,
+    }),
+    Gitlab({
+      clientId: process.env.GITLAB_ID,
+      clientSecret: process.env.GITLAB_SECRET,
+    }),
+    Google({
+      clientId: process.env.GOOGLE_ID,
+      clientSecret: process.env.GOOGLE_SECRET,
+    }),
+    // IDS4({ clientId: process.env.IDS4_ID, clientSecret: process.env.IDS4_SECRET, issuer: process.env.IDS4_ISSUER }),
+    Instagram({
+      clientId: process.env.INSTAGRAM_ID,
+      clientSecret: process.env.INSTAGRAM_SECRET,
+    }),
+    // Keycloak({ clientId: process.env.KEYCLOAK_ID, clientSecret: process.env.KEYCLOAK_SECRET, issuer: process.env.KEYCLOAK_ISSUER }),
+    Line({
+      clientId: process.env.LINE_ID,
+      clientSecret: process.env.LINE_SECRET,
+    }),
+    LinkedIn({
+      clientId: process.env.LINKEDIN_ID,
+      clientSecret: process.env.LINKEDIN_SECRET,
+    }),
+    Mailchimp({
+      clientId: process.env.MAILCHIMP_ID,
+      clientSecret: process.env.MAILCHIMP_SECRET,
+    }),
+    // Okta({ clientId: process.env.OKTA_ID, clientSecret: process.env.OKTA_SECRET, issuer: process.env.OKTA_ISSUER }),
+    Osu({
+      clientId: process.env.OSU_CLIENT_ID,
+      clientSecret: process.env.OSU_CLIENT_SECRET,
+    }),
+    Patreon({
+      clientId: process.env.PATREON_ID,
+      clientSecret: process.env.PATREON_SECRET,
+    }),
+    Slack({
+      clientId: process.env.SLACK_ID,
+      clientSecret: process.env.SLACK_SECRET,
+    }),
+    Spotify({
+      clientId: process.env.SPOTIFY_ID,
+      clientSecret: process.env.SPOTIFY_SECRET,
+    }),
+    Trakt({
+      clientId: process.env.TRAKT_ID,
+      clientSecret: process.env.TRAKT_SECRET,
+    }),
+    Twitch({
+      clientId: process.env.TWITCH_ID,
+      clientSecret: process.env.TWITCH_SECRET,
+    }),
+    Twitter({
+      clientId: process.env.TWITTER_ID,
+      clientSecret: process.env.TWITTER_SECRET,
+    }),
+    // TwitterLegacy({ clientId: process.env.TWITTER_LEGACY_ID, clientSecret: process.env.TWITTER_LEGACY_SECRET }),
+    Vk({ clientId: process.env.VK_ID, clientSecret: process.env.VK_SECRET }),
+    Wikimedia({
+      clientId: process.env.WIKIMEDIA_ID,
+      clientSecret: process.env.WIKIMEDIA_SECRET,
+    }),
+    WorkOS({
+      clientId: process.env.WORKOS_ID,
+      clientSecret: process.env.WORKOS_SECRET,
+    }),
+  ],
+}
+
+if (authOptions.adapter) {
+  // TODO:
+  // authOptions.providers.unshift(
+  //   // NOTE: You can start a fake e-mail server with `pnpm email`
+  //   // and then go to `http://localhost:1080` in the browser
+  //   Email({ server: "smtp://127.0.0.1:1025?tls.rejectUnauthorized=false" })
+  // )
+}
+
+export default NextAuth(authOptions)

apps/dev/nextjs-v4/pages/api/examples/jwt.js

@@ -0,0 +1,7 @@
+// This is an example of how to read a JSON Web Token from an API route
+import { getToken } from "next-auth/jwt"
+
+export default async (req, res) => {
+  const token = await getToken({ req })
+  res.send(JSON.stringify(token, null, 2))
+}

apps/dev/nextjs-v4/pages/api/examples/protected.js

@@ -0,0 +1,19 @@
+// This is an example of to protect an API route
+import { getServerSession } from "next-auth/next"
+import { authOptions } from "../auth/[...nextauth]"
+
+export default async (req, res) => {
+  const session = await getServerSession(req, res, authOptions)
+
+  if (session) {
+    res.send({
+      content:
+        "This is protected content. You can access this content because you are signed in.",
+      session,
+    })
+  } else {
+    res.send({
+      error: "You must be sign in to view the protected content on this page.",
+    })
+  }
+}

apps/dev/nextjs-v4/pages/api/examples/session.js

@@ -0,0 +1,8 @@
+// This is an example of how to access a session from an API route
+import { getServerSession } from "next-auth/next"
+import { authOptions } from "../auth/[...nextauth]"
+
+export default async (req, res) => {
+  const session = await getServerSession(req, res, authOptions)
+  res.json(session)
+}

apps/dev/nextjs-v4/pages/api/examples/supabase-rls.js

@@ -0,0 +1,30 @@
+// This is an example of how to query data from Supabase with RLS.
+// Learn more about Row Levele Security (RLS): https://supabase.com/docs/guides/auth/row-level-security
+import { getServerSession } from "next-auth/next"
+import { authOptions } from "../auth/[...nextauth]"
+import { createClient } from "@supabase/supabase-js"
+
+export default async (req, res) => {
+  const session = await getServerSession(req, res, authOptions)
+
+  if (!session)
+    return res.send(JSON.stringify({ error: "No session!" }, null, 2))
+
+  const { supabaseAccessToken } = session
+
+  const supabase = createClient(
+    process.env.NEXT_PUBLIC_SUPABASE_URL,
+    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
+    {
+      global: {
+        headers: {
+          Authorization: `Bearer ${supabaseAccessToken}`,
+        },
+      },
+    }
+  )
+  // Now you can query with RLS enabled.
+  const { data, error } = await supabase.from("users").select("*")
+
+  res.send(JSON.stringify({ supabaseAccessToken, data, error }, null, 2))
+}

apps/dev/nextjs-v4/pages/client.js

@@ -0,0 +1,22 @@
+import Layout from '../components/layout'
+
+export default function Page () {
+  return (
+    <Layout>
+      <h1>Client Side Rendering</h1>
+      <p>
+        This page uses the <strong>useSession()</strong> React Hook in the <strong>&lt;/Header&gt;</strong> component.
+      </p>
+      <p>
+        The <strong>useSession()</strong> React Hook easy to use and allows pages to render very quickly.
+      </p>
+      <p>
+        The advantage of this approach is that session state is shared between pages by using the <strong>Provider</strong> in <strong>_app.js</strong> so
+        that navigation between pages using <strong>useSession()</strong> is very fast.
+      </p>
+      <p>
+        The disadvantage of <strong>useSession()</strong> is that it requires client side JavaScript.
+      </p>
+    </Layout>
+  )
+}

apps/dev/nextjs-v4/pages/credentials.js

@@ -0,0 +1,67 @@
+// eslint-disable-next-line no-use-before-define
+import * as React from "react"
+import { signIn, signOut, useSession } from "next-auth/react"
+import Layout from "components/layout"
+
+export default function Page() {
+  const [response, setResponse] = React.useState(null)
+  const handleLogin = (options) => async () => {
+    if (options.redirect) {
+      return signIn("credentials", options)
+    }
+    const response = await signIn("credentials", options)
+    setResponse(response)
+  }
+
+  const handleLogout = (options) => async () => {
+    if (options.redirect) {
+      return signOut(options)
+    }
+    const response = await signOut(options)
+    setResponse(response)
+  }
+
+  const { data: session } = useSession()
+
+  if (session) {
+    return (
+      <Layout>
+        <h1>Test different flows for Credentials logout</h1>
+        <span className="spacing">Default:</span>
+        <button onClick={handleLogout({ redirect: true })}>Logout</button>
+        <br />
+        <span className="spacing">No redirect:</span>
+        <button onClick={handleLogout({ redirect: false })}>Logout</button>
+        <br />
+        <p>Response:</p>
+        <pre style={{ background: "#eee", padding: 16 }}>
+          {JSON.stringify(response, null, 2)}
+        </pre>
+      </Layout>
+    )
+  }
+
+  return (
+    <Layout>
+      <h1>Test different flows for Credentials login</h1>
+      <span className="spacing">Default:</span>
+      <button onClick={handleLogin({ redirect: true, password: "password" })}>
+        Login
+      </button>
+      <br />
+      <span className="spacing">No redirect:</span>
+      <button onClick={handleLogin({ redirect: false, password: "password" })}>
+        Login
+      </button>
+      <br />
+      <span className="spacing">No redirect, wrong password:</span>
+      <button onClick={handleLogin({ redirect: false, password: "" })}>
+        Login
+      </button>
+      <p>Response:</p>
+      <pre style={{ background: "#eee", padding: 16 }}>
+        {JSON.stringify(response, null, 2)}
+      </pre>
+    </Layout>
+  )
+}

apps/dev/nextjs-v4/pages/email.js

@@ -0,0 +1,80 @@
+// eslint-disable-next-line no-use-before-define
+import * as React from "react"
+import { signIn, signOut, useSession } from "next-auth/react"
+import Layout from "components/layout"
+
+export default function Page() {
+  const [response, setResponse] = React.useState(null)
+  const [email, setEmail] = React.useState("")
+
+  const handleChange = (event) => {
+    setEmail(event.target.value)
+  }
+
+  const handleLogin = (options) => async (event) => {
+    event.preventDefault()
+
+    if (options.redirect) {
+      return signIn("email", options)
+    }
+    const response = await signIn("email", options)
+    setResponse(response)
+  }
+
+  const handleLogout = (options) => async (event) => {
+    if (options.redirect) {
+      return signOut(options)
+    }
+    const response = await signOut(options)
+    setResponse(response)
+  }
+
+  const { data: session } = useSession()
+
+  if (session) {
+    return (
+      <Layout>
+        <h1>Test different flows for Email logout</h1>
+        <span className="spacing">Default:</span>
+        <button onClick={handleLogout({ redirect: true })}>Logout</button>
+        <br />
+        <span className="spacing">No redirect:</span>
+        <button onClick={handleLogout({ redirect: false })}>Logout</button>
+        <br />
+        <p>Response:</p>
+        <pre style={{ background: "#eee", padding: 16 }}>
+          {JSON.stringify(response, null, 2)}
+        </pre>
+      </Layout>
+    )
+  }
+
+  return (
+    <Layout>
+      <h1>Test different flows for Email login</h1>
+      <label className="spacing">
+        Email address:{" "}
+        <input
+          type="text"
+          id="email"
+          name="email"
+          value={email}
+          onChange={handleChange}
+        />
+      </label>
+      <br />
+      <form onSubmit={handleLogin({ redirect: true, email })}>
+        <span className="spacing">Default:</span>
+        <button type="submit">Sign in with Email</button>
+      </form>
+      <form onSubmit={handleLogin({ redirect: false, email })}>
+        <span className="spacing">No redirect:</span>
+        <button type="submit">Sign in with Email</button>
+      </form>
+      <p>Response:</p>
+      <pre style={{ background: "#eee", padding: 16 }}>
+        {JSON.stringify(response, null, 2)}
+      </pre>
+    </Layout>
+  )
+}

apps/dev/nextjs-v4/pages/index.js

@@ -0,0 +1,12 @@
+import Layout from 'components/layout'
+
+export default function Page () {
+  return (
+    <Layout>
+      <h1>NextAuth.js Example</h1>
+      <p>
+        This is an example site to demonstrate how to use <a href='https://next-auth.js.org'>NextAuth.js</a> for authentication.
+      </p>
+    </Layout>
+  )
+}

apps/dev/nextjs-v4/pages/middleware-protected/index.js

@@ -0,0 +1,9 @@
+import Layout from "components/layout"
+
+export default function Page() {
+  return (
+    <Layout>
+      <h1>Page protected by Middleware</h1>
+    </Layout>
+  )
+}

apps/dev/nextjs-v4/pages/policy.js

@@ -0,0 +1,30 @@
+import Layout from '../components/layout'
+
+export default function Page () {
+  return (
+    <Layout>
+      <p>
+        This is an example site to demonstrate how to use <a href='https://next-auth.js.org'>NextAuth.js</a> for authentication.
+      </p>
+      <h2>Terms of Service</h2>
+      <p>
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+      </p>
+      <h2>Privacy Policy</h2>
+      <p>
+        This site uses JSON Web Tokens and an in-memory database which resets every ~2 hours.
+      </p>
+      <p>
+        Data provided to this site is exclusively used to support signing in
+        and is not passed to any third party services, other than via SMTP or OAuth for the
+        purposes of authentication.
+      </p>
+    </Layout>
+  )
+}

apps/dev/nextjs-v4/pages/protected-ssr.js

@@ -0,0 +1,48 @@
+// This is an example of how to protect content using server rendering
+import { getServerSession } from "next-auth/next"
+import { authOptions } from "./api/auth/[...nextauth]"
+import Layout from "../components/layout"
+import AccessDenied from "../components/access-denied"
+
+export default function Page({ content, session }) {
+  // If no session exists, display access denied message
+  if (!session) {
+    return (
+      <Layout>
+        <AccessDenied />
+      </Layout>
+    )
+  }
+
+  // If session exists, display content
+  return (
+    <Layout>
+      <h1>Protected Page</h1>
+      <p>
+        <strong>{content}</strong>
+      </p>
+    </Layout>
+  )
+}
+
+export async function getServerSideProps(context) {
+  const session = await getServerSession(context.req, context.res, authOptions)
+  let content = null
+
+  if (session) {
+    const hostname = process.env.NEXTAUTH_URL || "http://localhost:3000"
+    const options = { headers: { cookie: context.req.headers.cookie } }
+    const res = await fetch(`${hostname}/api/examples/protected`, options)
+    const json = await res.json()
+    if (json.content) {
+      content = json.content
+    }
+  }
+
+  return {
+    props: {
+      session,
+      content,
+    },
+  }
+}

apps/dev/nextjs-v4/pages/protected.js

@@ -0,0 +1,35 @@
+import { useState, useEffect } from "react"
+import { useSession } from "next-auth/react"
+import Layout from "../components/layout"
+
+export default function Page() {
+  const { status } = useSession({
+    required: true,
+  })
+  const [content, setContent] = useState()
+
+  // Fetch content from protected route
+  useEffect(() => {
+    if (status === "loading") return
+    const fetchData = async () => {
+      const res = await fetch("/api/examples/protected")
+      const json = await res.json()
+      if (json.content) {
+        setContent(json.content)
+      }
+    }
+    fetchData()
+  }, [status])
+
+  if (status === "loading") return <Layout>Loading...</Layout>
+
+  // If session exists, display content
+  return (
+    <Layout>
+      <h1>Protected Page</h1>
+      <p>
+        <strong>{content}</strong>
+      </p>
+    </Layout>
+  )
+}

apps/dev/nextjs-v4/pages/server.js

@@ -0,0 +1,46 @@
+import { getServerSession } from "next-auth/next"
+import Layout from "../components/layout"
+import { authOptions } from "./api/auth/[...nextauth]"
+
+export default function Page() {
+  // As this page uses Server Side Rendering, the `session` will be already
+  // populated on render without needing to go through a loading stage.
+  // This is possible because of the shared context configured in `_app.js` that
+  // is used by `useSession()`.
+
+  return (
+    <Layout>
+      <h1>Server Side Rendering</h1>
+      <p>
+        This page uses the <strong>getServerSession()</strong> method in{" "}
+        <strong>getServerSideProps()</strong>.
+      </p>
+      <p>
+        Using <strong>getServerSession()</strong> in{" "}
+        <strong>getServerSideProps()</strong> is currently the recommended
+        approach, although the API may still change, if you need to support
+        Server Side Rendering with authentication.
+      </p>
+      <p>
+        Using <strong>getSession()</strong> is still recommended on the client.
+      </p>
+      <p>
+        The advantage of Server Side Rendering is this page does not require
+        client side JavaScript.
+      </p>
+      <p>
+        The disadvantage of Server Side Rendering is that this page is slower to
+        render.
+      </p>
+    </Layout>
+  )
+}
+
+// Export the `session` prop to use sessions with Server Side Rendering
+export async function getServerSideProps(context) {
+  return {
+    props: {
+      session: await getServerSession(context.req, context.res, authOptions),
+    },
+  }
+}

apps/dev/nextjs-v4/pages/styles.css

@@ -0,0 +1,32 @@
+body {
+  font-family: ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont,
+    "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif,
+    "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
+  padding: 0 1rem 1rem 1rem;
+  max-width: 680px;
+  margin: 0 auto;
+  background: #fff;
+  color: var(--color-text);
+}
+
+li,
+p {
+  line-height: 1.5rem;
+}
+
+a {
+  font-weight: 500;
+}
+
+hr {
+  border: 1px solid #ddd;
+}
+
+iframe {
+  background: #ccc;
+  border: 1px solid #ccc;
+  height: 10rem;
+  width: 100%;
+  border-radius: .5rem;
+  filter: invert(1);
+}

apps/dev/nextjs-v4/pages/supabase-client-rls.js

@@ -0,0 +1,49 @@
+import Layout from "../components/layout"
+import { useState, useEffect } from "react"
+import { useSession } from "next-auth/react"
+import { createClient } from "@supabase/supabase-js"
+
+export default function Page() {
+  const { data: session } = useSession()
+  const [data, setData] = useState(null)
+
+  useEffect(() => {
+    if (session) {
+      console.log(session)
+      // User is logged in, let's fetch their data.
+      const { supabaseAccessToken } = session
+      const supabase = createClient(
+        process.env.NEXT_PUBLIC_SUPABASE_URL,
+        process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
+        {
+          global: {
+            headers: { Authorization: `Bearer ${supabaseAccessToken}` },
+          },
+        }
+      )
+      // Fetch data with RLS enabled.
+      supabase
+        .from("users")
+        .select("*")
+        .then(({ data }) => setData(data))
+    }
+  }, [session])
+
+  return (
+    <Layout>
+      <h1>Fetch Data from Supabase with RLS</h1>
+      <h2>Client-side data fetching with RLS:</h2>
+      <pre>{JSON.stringify(data, null, 2)}</pre>
+      <h2>API Example</h2>
+      <p>
+        You can also use Supabase in API routes. See the code in the
+        `/pages/api/examples/supabase-rls.js` file.
+      </p>
+      <p>
+        <em>You must be signed in to see responses.</em>
+      </p>
+      <p>/api/examples/supabase-rls</p>
+      <iframe src="/api/examples/supabase-rls" />
+    </Layout>
+  )
+}

apps/dev/nextjs-v4/pages/supabase-ssr.js

@@ -0,0 +1,64 @@
+// This is an example of how to protect content using server rendering
+// and fetching data from Supabase with RLS enabled.
+import { getServerSession } from "next-auth/next"
+import { authOptions } from "./api/auth/[...nextauth]"
+import { createClient } from "@supabase/supabase-js"
+import Layout from "../components/layout"
+import AccessDenied from "../components/access-denied"
+
+export default function Page({ data, session }) {
+  // If no session exists, display access denied message
+  if (!session) {
+    return (
+      <Layout>
+        <AccessDenied />
+      </Layout>
+    )
+  }
+
+  // If session exists, display content
+  return (
+    <Layout>
+      <h1>Protected Page</h1>
+      <p>Data fetched during SSR from Supabase with RSL enabled:</p>
+      <pre>{JSON.stringify(data, null, 2)}</pre>
+    </Layout>
+  )
+}
+
+export async function getServerSideProps(context) {
+  const session = await getServerSession(context.req, context.res, authOptions)
+
+  if (!session)
+    return {
+      props: {
+        session,
+        data: null,
+        error: "No session",
+      },
+    }
+
+  const { supabaseAccessToken } = session
+
+  const supabase = createClient(
+    process.env.NEXT_PUBLIC_SUPABASE_URL,
+    process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
+    {
+      global: {
+        headers: {
+          Authorization: `Bearer ${supabaseAccessToken}`,
+        },
+      },
+    }
+  )
+  // Now you can query with RLS enabled.
+  const { data, error } = await supabase.from("users").select("*")
+
+  return {
+    props: {
+      session,
+      data,
+      error,
+    },
+  }
+}

apps/dev/nextjs-v4/prisma/migrations/20230325081057_test/migration.sql

@@ -0,0 +1,60 @@
+-- CreateTable
+CREATE TABLE "Account" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "userId" TEXT NOT NULL,
+    "type" TEXT NOT NULL,
+    "provider" TEXT NOT NULL,
+    "providerAccountId" TEXT NOT NULL,
+    "refresh_token" TEXT,
+    "access_token" TEXT,
+    "expires_at" INTEGER,
+    "token_type" TEXT,
+    "scope" TEXT,
+    "id_token" TEXT,
+    "session_state" TEXT,
+    "oauth_token_secret" TEXT,
+    "oauth_token" TEXT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    CONSTRAINT "Account_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "Session" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "sessionToken" TEXT NOT NULL,
+    "userId" TEXT NOT NULL,
+    "expires" DATETIME NOT NULL,
+    CONSTRAINT "Session_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "User" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "name" TEXT,
+    "email" TEXT,
+    "emailVerified" DATETIME,
+    "image" TEXT
+);
+
+-- CreateTable
+CREATE TABLE "VerificationToken" (
+    "identifier" TEXT NOT NULL,
+    "token" TEXT NOT NULL,
+    "expires" DATETIME NOT NULL
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Account_provider_providerAccountId_key" ON "Account"("provider", "providerAccountId");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Session_sessionToken_key" ON "Session"("sessionToken");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "VerificationToken_token_key" ON "VerificationToken"("token");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "VerificationToken_identifier_token_key" ON "VerificationToken"("identifier", "token");

apps/dev/nextjs-v4/prisma/migrations/migration_lock.toml

@@ -0,0 +1,3 @@
+# Please do not edit this file manually
+# It should be added in your version-control system (i.e. Git)
+provider = "sqlite"

apps/dev/nextjs-v4/prisma/schema.prisma

@@ -0,0 +1,57 @@
+datasource db {
+  provider = "sqlite"
+  url      = "file:./dev.db"
+}
+
+generator client {
+  provider = "prisma-client-js"
+}
+
+model Account {
+  id                 String  @id @default(cuid())
+  userId             String
+  type               String
+  provider           String
+  providerAccountId  String
+  refresh_token      String?
+  access_token       String?
+  expires_at         Int?
+  token_type         String?
+  scope              String?
+  id_token           String?
+  session_state      String?
+  oauth_token_secret String?
+  oauth_token        String?
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+  user      User     @relation(fields: [userId], references: [id])
+
+  @@unique([provider, providerAccountId])
+}
+
+model Session {
+  id           String   @id @default(cuid())
+  sessionToken String   @unique
+  userId       String
+  expires      DateTime
+  user         User     @relation(fields: [userId], references: [id])
+}
+
+model User {
+  id            String    @id @default(cuid())
+  name          String?
+  email         String?   @unique
+  emailVerified DateTime?
+  image         String?
+  accounts      Account[]
+  sessions      Session[]
+}
+
+model VerificationToken {
+  identifier String
+  token      String   @unique
+  expires    DateTime
+
+  @@unique([identifier, token])
+}

apps/dev/nextjs-v4/tsconfig.json

@@ -0,0 +1,39 @@
+{
+  "compilerOptions": {
+    "target": "esnext",
+    "lib": [
+      "dom",
+      "dom.iterable",
+      "esnext"
+    ],
+    "allowJs": true,
+    "skipLibCheck": true,
+    "strict": false,
+    "forceConsistentCasingInFileNames": true,
+    "noEmit": true,
+    "esModuleInterop": true,
+    "module": "esnext",
+    "moduleResolution": "node",
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "incremental": true,
+    "jsx": "preserve",
+    "baseUrl": ".",
+    "plugins": [
+      {
+        "name": "next"
+      }
+    ],
+    "strictNullChecks": true
+  },
+  "include": [
+    "next-env.d.ts",
+    "**/*.ts",
+    "**/*.tsx",
+    ".next/types/**/*.ts"
+  ],
+  "exclude": [
+    "node_modules",
+    "jest.config.js"
+  ]
+}

apps/dev/nextjs-v4/types/nextauth.d.ts

@@ -0,0 +1,20 @@
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+import NextAuth from "next-auth"
+
+declare module "next-auth" {
+  /**
+   * Returned by `useSession`, `getSession` and received as a prop on the `SessionProvider` React Context
+   */
+  interface Session {
+    // A JWT which can be used as Authorization header with supabase-js for RLS.
+    supabaseAccessToken?: string
+    user: {
+      /** The user's postal address. */
+      address: string
+    } & User
+  }
+
+  interface User {
+    foo: string
+  }
+}

apps/dev/nextjs/.env.local.example

@@ -22,6 +22,9 @@ BEYOND_IDENTITY_CLIENT_ID=
 BEYOND_IDENTITY_CLIENT_SECRET=
 BEYOND_IDENTITY_ISSUER=
 
+DESCOPE_ID=
+DESCOPE_SECRET=
+
 GITHUB_ID=
 GITHUB_SECRET=
 

apps/dev/nextjs/next-env.d.ts

@@ -1,5 +1,6 @@
 /// <reference types="next" />
 /// <reference types="next/image-types/global" />
+/// <reference types="next/navigation-types/compat/navigation" />
 
 // NOTE: This file should not be edited
 // see https://nextjs.org/docs/basic-features/typescript for more information.

apps/dev/nextjs/package.json

@@ -15,14 +15,14 @@
   "license": "ISC",
   "dependencies": {
     "@auth/core": "workspace:*",
-    "@next-auth/fauna-adapter": "workspace:*",
-    "@next-auth/prisma-adapter": "workspace:*",
-    "@next-auth/supabase-adapter": "workspace:*",
-    "@next-auth/typeorm-legacy-adapter": "workspace:*",
+    "@auth/fauna-adapter": "workspace:*",
+    "@auth/prisma-adapter": "workspace:*",
+    "@auth/supabase-adapter": "workspace:*",
+    "@auth/typeorm-adapter": "workspace:*",
     "@prisma/client": "^3",
     "@supabase/supabase-js": "^2.0.5",
     "faunadb": "^4",
-    "next": "13.1.1",
+    "next": "13.3.0",
     "next-auth": "workspace:*",
     "nodemailer": "^6",
     "react": "^18",
@@ -31,7 +31,7 @@
   "devDependencies": {
     "@playwright/test": "1.29.2",
     "@types/jsonwebtoken": "^8.5.5",
-    "@types/react": "^18.0.15",
+    "@types/react": "18.0.37",
     "@types/react-dom": "^18.0.6",
     "dotenv": "^16.0.3",
     "fake-smtp-server": "^0.8.0",

apps/dev/nextjs/pages/api/auth/[...nextauth].ts

@@ -10,6 +10,7 @@ import BeyondIdentity from "@auth/core/providers/beyondidentity"
 import BoxyHQSAML from "@auth/core/providers/boxyhq-saml"
 // import Cognito from "@auth/core/providers/cognito"
 import Credentials from "@auth/core/providers/credentials"
+import Descope from "@auth/core/providers/descope"
 import Discord from "@auth/core/providers/discord"
 import DuendeIDS6 from "@auth/core/providers/duende-identity-server6"
 // import Email from "@auth/core/providers/email"
@@ -41,22 +42,22 @@ import WorkOS from "@auth/core/providers/workos"
 
 // // Prisma
 // import { PrismaClient } from "@prisma/client"
-// import { PrismaAdapter } from "@next-auth/prisma-adapter"
+// import { PrismaAdapter } from "@auth/prisma-adapter"
 // const client = globalThis.prisma || new PrismaClient()
 // if (process.env.NODE_ENV !== "production") globalThis.prisma = client
 // const adapter = PrismaAdapter(client)
 
 // // Fauna
 // import { Client as FaunaClient } from "faunadb"
-// import { FaunaAdapter } from "@next-auth/fauna-adapter"
+// import { FaunaAdapter } from "@auth/fauna-adapter"
 // const opts = { secret: process.env.FAUNA_SECRET, domain: process.env.FAUNA_DOMAIN }
 // const client = globalThis.fauna || new FaunaClient(opts)
 // if (process.env.NODE_ENV !== "production") globalThis.fauna = client
 // const adapter = FaunaAdapter(client)
 
 // // TypeORM
-// import { TypeORMLegacyAdapter } from "@next-auth/typeorm-legacy-adapter"
-// const adapter = TypeORMLegacyAdapter({
+// import { TypeORMAdapter } from "@auth/typeorm-adapter"
+// const adapter = TypeORMAdapter({
 //   type: "sqlite",
 //   name: "next-auth-test-memory",
 //   database: "./typeorm/dev.db",
@@ -64,7 +65,7 @@ import WorkOS from "@auth/core/providers/workos"
 // })
 
 // // Supabase
-// import { SupabaseAdapter } from "@next-auth/supabase-adapter"
+// import { SupabaseAdapter } from "@auth/supabase-adapter"
 // const adapter = SupabaseAdapter({
 //   url: process.env.NEXT_PUBLIC_SUPABASE_URL,
 //   secret: process.env.SUPABASE_SERVICE_ROLE_KEY,
@@ -94,15 +95,20 @@ export const authConfig: AuthConfig = {
       tenantId: process.env.AZURE_AD_TENANT_ID,
     }),
     AzureB2C({ clientId: process.env.AZURE_B2C_ID, clientSecret: process.env.AZURE_B2C_SECRET, issuer: process.env.AZURE_B2C_ISSUER }),
-    BeyondIdentity({ clientId: process.env.BEYOND_IDENTITY_CLIENT_ID, clientSecret: process.env.BEYOND_IDENTITY_CLIENT_SECRET, issuer: process.env.BEYOND_IDENTITY_ISSUER }),
+    BeyondIdentity({
+      clientId: process.env.BEYOND_IDENTITY_CLIENT_ID,
+      clientSecret: process.env.BEYOND_IDENTITY_CLIENT_SECRET,
+      issuer: process.env.BEYOND_IDENTITY_ISSUER,
+    }),
     BoxyHQSAML({ issuer: "https://jackson-demo.boxyhq.com", clientId: "tenant=boxyhq.com&product=saml-demo.boxyhq.com", clientSecret: "dummy" }),
     // Cognito({ clientId: process.env.COGNITO_ID, clientSecret: process.env.COGNITO_SECRET, issuer: process.env.COGNITO_ISSUER }),
+    Descope({ clientId: process.env.DESCOPE_ID, clientSecret: process.env.DESCOPE_SECRET }),
     Discord({ clientId: process.env.DISCORD_ID, clientSecret: process.env.DISCORD_SECRET }),
     DuendeIDS6({ clientId: "interactive.confidential", clientSecret: "secret", issuer: "https://demo.duendesoftware.com" }),
     Facebook({ clientId: process.env.FACEBOOK_ID, clientSecret: process.env.FACEBOOK_SECRET }),
     Foursquare({ clientId: process.env.FOURSQUARE_ID, clientSecret: process.env.FOURSQUARE_SECRET }),
     Freshbooks({ clientId: process.env.FRESHBOOKS_ID, clientSecret: process.env.FRESHBOOKS_SECRET }),
-    GitHub({ clientId: process.env.GITHUB_ID, clientSecret: process.env.GITHUB_SECRET }),
+    GitHub({ clientId: process.env.GITHUB_ID, clientSecret: process.env.GITHUB_SECRET, redirectProxy: process.env.AUTH_REDIRECT_PROXY_URL }),
     Gitlab({ clientId: process.env.GITLAB_ID, clientSecret: process.env.GITLAB_SECRET }),
     Google({ clientId: process.env.GOOGLE_ID, clientSecret: process.env.GOOGLE_SECRET }),
     // IDS4({ clientId: process.env.IDS4_ID, clientSecret: process.env.IDS4_SECRET, issuer: process.env.IDS4_ISSUER }),

apps/dev/nextjs/tsconfig.json

@@ -1,7 +1,11 @@
 {
   "compilerOptions": {
     "target": "esnext",
-    "lib": ["dom", "dom.iterable", "esnext"],
+    "lib": [
+      "dom",
+      "dom.iterable",
+      "esnext"
+    ],
     "allowJs": true,
     "skipLibCheck": true,
     "strict": false,
@@ -19,8 +23,17 @@
       {
         "name": "next"
       }
-    ]
+    ],
+    "strictNullChecks": true
   },
-  "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", ".next/types/**/*.ts"],
-  "exclude": ["node_modules", "jest.config.js"]
-}
+  "include": [
+    "next-env.d.ts",
+    "**/*.ts",
+    "**/*.tsx",
+    ".next/types/**/*.ts"
+  ],
+  "exclude": [
+    "node_modules",
+    "jest.config.js"
+  ]
+}

apps/examples/nextjs/.env.local.example

@@ -1,15 +1,14 @@
 NEXTAUTH_URL=http://localhost:3000
 NEXTAUTH_SECRET= # Linux: `openssl rand -hex 32` or go to https://generate-secret.now.sh/32
 
-APPLE_ID=
-APPLE_TEAM_ID=
-APPLE_PRIVATE_KEY=
-APPLE_KEY_ID=
 
 AUTH0_ID=
 AUTH0_SECRET=
 AUTH0_ISSUER=
 
+DESCOPE_ID=
+DESCOPE_SECRET=
+
 FACEBOOK_ID=
 FACEBOOK_SECRET=
 
@@ -21,8 +20,3 @@ GOOGLE_SECRET=
 
 TWITTER_ID=
 TWITTER_SECRET=
-
-EMAIL_SERVER=smtp://username:password@smtp.example.com:587
-EMAIL_FROM=NextAuth <noreply@example.com>
-
-DATABASE_URL=sqlite://localhost/:memory:?synchronize=true

apps/examples/nextjs/next.config.js

@@ -0,0 +1,4 @@
+/** @type {import("next").NextConfig} */
+module.exports = {
+  reactStrictMode: true,
+}

apps/examples/nextjs/package.json

@@ -20,13 +20,12 @@
   "dependencies": {
     "next": "latest",
     "next-auth": "latest",
-    "nodemailer": "^6",
     "react": "^18.2.0",
     "react-dom": "^18.2.0"
   },
   "devDependencies": {
-    "@types/node": "^17",
-    "@types/react": "^18.0.15",
-    "typescript": "^4"
+    "@types/node": "^18.16.2",
+    "@types/react": "^18.2.0",
+    "typescript": "^5.0.4"
   }
 }

apps/examples/nextjs/pages/admin.tsx

@@ -7,7 +7,7 @@ export default function Page() {
       <p>Only admin users can see this page.</p>
       <p>
         To learn more about the NextAuth middleware see&nbsp;
-        <a href="https://docs-git-misc-docs-nextauthjs.vercel.app/configuration/nextjs#middleware">
+        <a href="https://next-auth.js.org/configuration/nextjs#middleware">
           the docs
         </a>
         .

apps/examples/nextjs/pages/api/auth/[...nextauth].ts

@@ -4,31 +4,17 @@ import FacebookProvider from "next-auth/providers/facebook"
 import GithubProvider from "next-auth/providers/github"
 import TwitterProvider from "next-auth/providers/twitter"
 import Auth0Provider from "next-auth/providers/auth0"
-// import AppleProvider from "next-auth/providers/apple"
-// import EmailProvider from "next-auth/providers/email"
 
 // For more information on each option (and a full list of options) go to
 // https://next-auth.js.org/configuration/options
 export const authOptions: NextAuthOptions = {
   // https://next-auth.js.org/configuration/providers/oauth
   providers: [
-    /* EmailProvider({
-         server: process.env.EMAIL_SERVER,
-         from: process.env.EMAIL_FROM,
-       }),
-    // Temporarily removing the Apple provider from the demo site as the
-    // callback URL for it needs updating due to Vercel changing domains
-
-    Providers.Apple({
-      clientId: process.env.APPLE_ID,
-      clientSecret: {
-        appleId: process.env.APPLE_ID,
-        teamId: process.env.APPLE_TEAM_ID,
-        privateKey: process.env.APPLE_PRIVATE_KEY,
-        keyId: process.env.APPLE_KEY_ID,
-      },
+    Auth0Provider({
+      clientId: process.env.AUTH0_ID,
+      clientSecret: process.env.AUTH0_SECRET,
+      issuer: process.env.AUTH0_ISSUER,
     }),
-    */
     FacebookProvider({
       clientId: process.env.FACEBOOK_ID,
       clientSecret: process.env.FACEBOOK_SECRET,
@@ -44,16 +30,9 @@ export const authOptions: NextAuthOptions = {
     TwitterProvider({
       clientId: process.env.TWITTER_ID,
       clientSecret: process.env.TWITTER_SECRET,
-    }),
-    Auth0Provider({
-      clientId: process.env.AUTH0_ID,
-      clientSecret: process.env.AUTH0_SECRET,
-      issuer: process.env.AUTH0_ISSUER,
+      version: "2.0",
     }),
   ],
-  theme: {
-    colorScheme: "light",
-  },
   callbacks: {
     async jwt({ token }) {
       token.userRole = "admin"

apps/examples/nextjs/pages/api/examples/protected.ts

@@ -1,5 +1,5 @@
 // This is an example of to protect an API route
-import { unstable_getServerSession } from "next-auth/next"
+import { getServerSession } from "next-auth/next"
 import { authOptions } from "../auth/[...nextauth]"
 
 import type { NextApiRequest, NextApiResponse } from "next"
@@ -8,7 +8,7 @@ export default async function handler(
   req: NextApiRequest,
   res: NextApiResponse
 ) {
-  const session = await unstable_getServerSession(req, res, authOptions)
+  const session = await getServerSession(req, res, authOptions)
 
   if (session) {
     return res.send({

apps/examples/nextjs/pages/api/examples/session.ts

@@ -1,5 +1,5 @@
 // This is an example of how to access a session from an API route
-import { unstable_getServerSession } from "next-auth"
+import { getServerSession } from "next-auth"
 import { authOptions } from "../auth/[...nextauth]"
 
 import type { NextApiRequest, NextApiResponse } from "next"
@@ -8,6 +8,6 @@ export default async function handler(
   req: NextApiRequest,
   res: NextApiResponse
 ) {
-  const session = await unstable_getServerSession(req, res, authOptions)
+  const session = await getServerSession(req, res, authOptions)
   res.send(JSON.stringify(session, null, 2))
 }

apps/examples/nextjs/pages/server.tsx

@@ -13,11 +13,11 @@ export default function ServerSidePage() {
     <Layout>
       <h1>Server Side Rendering</h1>
       <p>
-        This page uses the <strong>unstable_getServerSession()</strong> method
-        in <strong>getServerSideProps()</strong>.
+        This page uses the <strong>getServerSession()</strong> method in{" "}
+        <strong>getServerSideProps()</strong>.
       </p>
       <p>
-        Using <strong>unstable_getServerSession()</strong> in{" "}
+        Using <strong>getServerSession()</strong> in{" "}
         <strong>getServerSideProps()</strong> is the recommended approach if you
         need to support Server Side Rendering with authentication.
       </p>
@@ -38,11 +38,7 @@ export default function ServerSidePage() {
 export async function getServerSideProps(context: GetServerSidePropsContext) {
   return {
     props: {
-      session: await getServerSession(
-        context.req,
-        context.res,
-        authOptions
-      ),
+      session: await getServerSession(context.req, context.res, authOptions),
     },
   }
 }

apps/examples/nextjs/process.d.ts

@@ -12,5 +12,7 @@ declare namespace NodeJS {
     GOOGLE_SECRET: string
     AUTH0_ID: string
     AUTH0_SECRET: string
+    DESCOPE_ID: string
+    DESCOPE_SECRET: string
   }
 }

apps/playgrounds/nuxt/composables/useSession.ts

@@ -1,4 +1,4 @@
-import { Session } from "@auth/core"
+import { Session } from "@auth/core/types"
 
 export default function useSession() {
   return useState<Session | null>("session", () => null)

apps/playgrounds/nuxt/lib/auth/client.ts

@@ -43,7 +43,7 @@ export async function signIn<
 
   // TODO: Handle custom base path
   // TODO: Remove this since Sveltekit offers the CSRF protection via origin check
-  const { csrfToken } = await $fetch("/api/auth/csrf")
+  const { csrfToken } = await $fetch<{ csrfToken: string }>("/api/auth/csrf")
 
   console.log(_signInUrl)
 

apps/playgrounds/nuxt/lib/auth/server.ts

@@ -1,13 +1,14 @@
-import { AuthHandler, AuthOptions, Session } from "@auth/core"
+import { AuthConfig, Session } from "@auth/core/types"
+import { Auth } from "@auth/core"
 import { fromNodeMiddleware, H3Event } from "h3"
 import getURL from "requrl"
 import { createMiddleware } from "@hattip/adapter-node"
 
-export function NuxtAuthHandler(options: AuthOptions) {
+export function NuxtAuthHandler(options: AuthConfig) {
   async function handler(ctx: { request: Request }) {
     options.trustHost ??= true
 
-    return AuthHandler(ctx.request, options)
+    return Auth(ctx.request, options)
   }
 
   const middleware = createMiddleware(handler)
@@ -17,7 +18,7 @@ export function NuxtAuthHandler(options: AuthOptions) {
 
 export async function getSession(
   event: H3Event,
-  options: AuthOptions
+  options: AuthConfig
 ): Promise<Session | null> {
   options.trustHost ??= true
 
@@ -30,7 +31,7 @@ export async function getSession(
     nodeHeaders.append(key, headers[key] as any)
   })
 
-  const response = await AuthHandler(
+  const response = await Auth(
     new Request(url, { headers: nodeHeaders }),
     options
   )

apps/playgrounds/nuxt/package.json

@@ -1,21 +1,21 @@
 {
-  "name": "playground-nuxt",
+  "name": "next-auth-nuxt",
   "private": true,
   "scripts": {
-    "build": "nuxt prepare && nuxt build",
-    "dev": "nuxt prepare &&  export NODE_OPTIONS='--no-experimental-fetch' && nuxt dev",
+    "build": "nuxt build",
+    "dev": "nuxt prepare && nuxt dev",
     "generate": "nuxt generate",
     "preview": "nuxt preview"
   },
   "devDependencies": {
     "@nuxt/eslint-config": "^0.1.1",
     "eslint": "^8.29.0",
-    "h3": "1.0.2",
-    "nuxt": "3.0.0"
+    "h3": "1.6.6",
+    "nuxt": "3.5.1"
   },
   "dependencies": {
     "@auth/core": "workspace:*",
-    "@hattip/adapter-node": "^0.0.22",
+    "@hattip/adapter-node": "^0.0.34",
     "requrl": "^3.0.2"
   }
 }

apps/playgrounds/nuxt/plugins/auth.ts

@@ -1,4 +1,4 @@
-import { Session } from "@auth/core"
+import { Session } from "@auth/core/types"
 
 export default defineNuxtPlugin(async () => {
   const session = useSession()

apps/playgrounds/nuxt/server/api/auth/[...].ts

@@ -1,10 +1,10 @@
 import { NuxtAuthHandler } from "@/lib/auth/server"
 import GithubProvider from "@auth/core/providers/github"
-import type { AuthOptions } from "@auth/core"
+import type { AuthConfig } from "@auth/core"
 
 const runtimeConfig = useRuntimeConfig()
 
-export const authOptions: AuthOptions = {
+export const authOptions = {
   secret: runtimeConfig.secret,
   providers: [
     GithubProvider({
@@ -12,6 +12,6 @@ export const authOptions: AuthOptions = {
       clientSecret: runtimeConfig.github.clientSecret,
     }),
   ],
-}
+} as AuthConfig
 
 export default NuxtAuthHandler(authOptions)

docs/docs/concepts/faq.md

@@ -269,7 +269,7 @@ Ultimately if your request is not accepted or is not actively in development, yo
 </summary>
 <p>
 
-Auth.js by default uses JSON Web Tokens for saving the user's session. However, if you use a [database adapter](/guides/adapters/using-a-database-adapter), the database will be used to persist the user's session. You can force the usage of JWT when using a database [through the configuration options](/reference/configuration/auth-config#session). Since v4 all our JWT tokens are now encrypted by default with A256GCM.
+Auth.js by default uses JSON Web Tokens for saving the user's session. However, if you use a [database adapter](/guides/adapters/using-a-database-adapter), the database will be used to persist the user's session. You can force the usage of JWT when using a database [through the configuration options](/reference/configuration/auth-config#session). Since v4 all our JWTs are now encrypted by default with A256GCM.
 
 </p>
 </details>

docs/docs/getting-started/databases.md

@@ -4,15 +4,11 @@ title: Databases
 
 Auth.js offers multiple database adapters. Check our guides on:
 
-- [using a database adapter](/guides/adapters/using-a-database-adapter)
-- [creating your own](/guides/adapters/creating-a-database-adapter)
-
-> As of **v4** Auth.js no longer ships with an adapter included by default. If you would like to persist any information, you need to install one of the many available adapters yourself. See the individual adapter documentation pages for more details.
+- [Using a database adapter](/guides/adapters/using-a-database-adapter)
+- [Creating your own](/guides/adapters/creating-a-database-adapter)
 
 To learn more about databases in Auth.js and how they are used, check out [databases in the FAQ](/concepts/faq#databases).
 
----
-
 ## How to use a database
 
-See the [documentation for adapters](/reference/adapters/overview) for more information on advanced configuration, including how to use Auth.js with other databases using a [custom adapter](/guides/adapters/creating-a-database-adapter).
+See the [documentation for adapters](/reference/adapters) for more information on advanced configuration, including how to use Auth.js with other databases using a [custom adapter](/guides/adapters/creating-a-database-adapter).

docs/docs/getting-started/email-tutorial.mdx

@@ -91,12 +91,12 @@ Finally, we'll need to set up a database adapter to store verification tokens th
 
 An **Adapter** in Auth.js connects your application to whatever database or backend system you want to use to store data for users, their accounts, sessions, etc...
 
-For this tutorial, we're going to use the **MongoDB** adapter, other any of the other adapters will work just fine.
+For this tutorial, we're going to use the **MongoDB** adapter, but any of the other adapters will work just fine.
 
 First, let's start by installing the adapter package:
 
 ```bash npm2yarn2pnpm
-npm install -D  @next-auth/mongodb-adapter mongodb
+npm install -D  @auth/mongodb-adapter mongodb
 ```
 
 and create a simple MongoDB client:
@@ -142,7 +142,7 @@ And now let's reference this new adapter from our Auth.js configuration file:
 ```diff title="pages/api/auth/[...nextauth].ts"
 import NextAuth from "next-auth"
 import EmailProvider from "next-auth/providers/email"
-+ import { MongoDBAdapter } from "@next-auth/mongodb-adapter"
++ import { MongoDBAdapter } from "@auth/mongodb-adapter"
 + import clientPromise from "../../../lib/mongodb/client"
 
 export default NextAuth({

docs/docs/getting-started/oauth-tutorial.mdx

@@ -243,10 +243,13 @@ http://localhost:5173/auth/callback/github
 TODO Core
   </TabItem>
 </Tabs>
+
 :::info
 The last part of the URL, `[provider]`, is the ID of the provider you're using. In this case, we're using GitHub, so it's `github`. If you're using Google, it'll be `google`, etc... We keep track of the provider IDs internally.
+
 The same id is used in the `signIn()` method we saw earlier.
 :::
+
 To register, tap on "Register application" button.
 
 The next screen shows all the configurations for your newly created OAuth app. For now, we need two things from it - the **Client ID** and **Client Secret**:

docs/docs/guides/adapters/creating-a-database-adapter.md

@@ -6,7 +6,7 @@ Using a custom adapter you can connect to any database back-end or even several
 
 ## How to create an adapter
 
-For more information about the data these methods need to manage see [models](/reference/adapters/models).
+For more information about the data these methods need to manage see [models](/reference/adapters#models).
 
 _See the code below for practical example._
 

docs/docs/guides/basics/deployment.md

@@ -18,77 +18,55 @@ See below for more detailed provider settings.
 
 ## Vercel
 
-1. Make sure to expose the Vercel [System Environment Variables](https://vercel.com/docs/concepts/projects/environment-variables#system-environment-variables) in your project settings.
-2. Create a `NEXTAUTH_SECRET` environment variable for all environments.
+1. Make sure to expose the Vercel [System Environment Variables](https://vercel.com/docs/concepts/projects/environment-variables#system-environment-variables) in your project settings. This way, we can detect the environment. (Setting `NEXTAUTH_URL` environment variable on Vercel is **unnecessary**).
+2. Create a `NEXTAUTH_SECRET` environment variable for both Production and Preview environments.
    a. You can use `openssl rand -base64 32` or https://generate-secret.vercel.app/32 to generate a random value.
-   b. You **do not** need the `NEXTAUTH_URL` environment variable in Vercel.
 3. Add your provider's client ID and client secret to environment variables. _(Skip this step if not using an [OAuth Provider](/reference/providers/index))_
 4. Deploy!
 
 Example repository: https://github.com/nextauthjs/next-auth-example
 
-A few notes about deploying to Vercel. The environment variables are read server-side, so you do not need to prefix them with `NEXT_PUBLIC_`. When deploying here, you do not need to explicitly set the `NEXTAUTH_URL` environment variable. With other providers **you will** need to also set this environment variable.
+A few notes about deploying to Vercel. The environment variables are read server-side, so you **should not** prefix them with `NEXT_PUBLIC_` to avoid accidentally bundling a secret in the client-side JavaScript code.
 
 ### Securing a preview deployment
 
-Securing a preview deployment (with an OAuth provider) comes with some critical obstacles. Most OAuth providers only allow a single redirect/callback URL, or at least a set of full static URLs. Meaning you cannot set the value before publishing the site and you cannot use wildcard subdomains in the callback URL settings of your OAuth provider. Here are a few ways you can still use Auth.js to secure your Preview Deployments.
+Most OAuth providers cannot be configured with multiple callback URLs or using a wildcard. 
 
-#### Using the Credentials Provider
+However, Auth.js **supports Preview deployments**, even **with OAuth providers**:
 
-You could check in your `/pages/api/auth/[...nextauth].js` API route / configuration file to see if you're currently in a Vercel preview environment, and if so, enable a simple "credential provider", meaning username/password. Vercel offers a few built-in [system environment variables](https://vercel.com/docs/concepts/projects/environment-variables#system-environment-variables) which you could check against, like `VERCEL_ENV`. This would allow you to use this basic, for testing only, authentication strategy in your preview deployments.
+1. Determine a stable deployment URL. Eg.: A deployment whose URL does not change between builds, for example. `auth.yourdomain.com`),
+2. Set `AUTH_REDIRECT_PROXY_URL` to that URL, adding the path up until your `[...nextauth]` route. Eg.: (`https://auth.yourdomain.com/api/auth`)
+3. For your OAuth provider, set the callback URL using the stable deployment URL. Eg.: For GitHub `https://auth.yourdomain.com/api/auth/callback/github`)
 
-Some things to be aware of here, include:
+:::info
+To support preview deployments, the `AUTH_SECRET` value needs to be the same for the stable deployment and deployments that will need OAuth support.
+:::
 
-- Do not let this potential testing-only user have access to any critical data
-- If possible, maybe do not even connect this preview deployment to your production database
 
-##### Example
+<details>
+<summary>
+<b>How does this work?</b>
+</summary>
+To support preview deployments, Auth.js uses the stable deployment URL as a redirect proxy server.
 
-```js title="/pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import GoogleProvider from "next-auth/providers/google"
-import CredentialsProvider from "next-auth/providers/credentials"
+It will redirect the OAuth callback request to the preview deployment URL, but only when the `AUTH_REDIRECT_PROXY_URL` environment variable is set. The stable deployment can still act as a regular app.
 
-export default NextAuth({
-  providers: [
-    process.env.VERCEL_ENV === "preview"
-      ? CredentialsProvider({
-          name: "Credentials",
-          credentials: {
-            username: {
-              label: "Username",
-              type: "text",
-              placeholder: "jsmith",
-            },
-            password: { label: "Password", type: "password" },
-          },
-          async authorize() {
-            return {
-              id: 1,
-              name: "J Smith",
-              email: "jsmith@example.com",
-              image: "https://i.pravatar.cc/150?u=jsmith@example.com",
-            }
-          },
-        })
-      : GoogleProvider({
-          clientId: process.env.GOOGLE_ID,
-          clientSecret: process.env.GOOGLE_SECRET,
-        }),
-  ],
-})
-```
+When a user initiates an OAuth sign-in flow on a preview deployment, we save its URL in the `state` query parameter but set the `redirect_uri` to the stable deployment.
 
-#### Using the branch based preview URL
+Then, the OAuth provider will redirect the user to the stable deployment, which then will verify the `state` parameter and redirect the user to the preview deployment URL if the `state` is valid. This is secured by relying on the same server-side `AUTH_SECRET` for the stable deployment and the preview deployment.
 
-Preview deployments at Vercel are often available via multiple URLs. For example, PR's merged to `master` or `main`, will be available the commit and PR specific preview URLs, but also the branch specific preview URLs. This branch specific URL will obviously not change as long as you work with that same branch. Therefore, you could add to your OAuth provider your `{project}-git-main-{user}.vercel.app` preview URL. As this will stay constant for that branch, you can reuse that preview deployment / URL for testing any authentication related deployments.
+See also:
+<ul>
+<li><a href="https://www.ietf.org/rfc/rfc6749.html#section-4.1.1">OAuth 2.0 specification: `state` query parameter</a></li>
+</ul>
+</details>
 
 ## Netlify
 
 Netlify is very similar to Vercel in that you can deploy a Next.js project without almost any extra work.
 
-In order to setup Auth.js correctly here, you will want to make sure you add your `NEXTAUTH_SECRET` environment variable in the project settings. If you are using the [Essential Next.js Build Plugin](https://github.com/netlify/netlify-plugin-nextjs) within your project, you **do not** need to set the `NEXTAUTH_URL` environment variable as it is set automatically as part of the build process.
+To set up Auth.js correctly here, you will want to make sure you add your `NEXTAUTH_SECRET` environment variable in the project settings. If you are using the [Essential Next.js Build Plugin](https://github.com/netlify/netlify-plugin-nextjs) within your project, you **do not** need to set the `NEXTAUTH_URL` environment variable as it is set automatically as part of the build process.
 
 Netlify also exposes some [system environment variables](https://docs.netlify.com/configure-builds/environment-variables/) from which you can check which `NODE_ENV` you are currently in and much more.
 
-After this, just make sure you either have your OAuth provider setup correctly with `clientId` / `clientSecret`'s and callback URLs.
+After this, make sure you either have your OAuth provider set up correctly with `clientId` / `clientSecret`'s and callback URLs.

docs/docs/guides/basics/events.md

@@ -29,7 +29,7 @@ Sent when the user signs out.
 
 The message object will contain one of these depending on if you use JWT or database persisted sessions:
 
-- `token`: The JWT token for this session.
+- `token`: The JWT for this session.
 - `session`: The session object from your adapter that is being ended
 
 ### createUser
@@ -60,5 +60,5 @@ Sent at the end of a request for the current session.
 
 The message object will contain one of these depending on if you use JWT or database persisted sessions:
 
-- `token`: The JWT token for this session.
+- `token`: The JWT for this session.
 - `session`: The session object from your adapter.

docs/docs/guides/basics/refresh-token-rotation.md

@@ -117,7 +117,7 @@ Using the database strategy is very similar, but instead of preserving the `acce
 import { Auth } from "@auth/core"
 import { type TokenSet } from "@auth/core/types"
 import Google from "@auth/core/providers/google"
-import { PrismaAdapter } from "@next-auth/prisma-adapter"
+import { PrismaAdapter } from "@auth/prisma-adapter"
 import { PrismaClient } from "@prisma/client"
 
 const prisma = new PrismaClient()

docs/docs/guides/testing/testing-with-cypress.md

@@ -22,11 +22,18 @@ Next you will have to create some configuration files for Cypress.
 
 First, the primary cypress config:
 
-```js title="cypress.json"
-{
-  "baseUrl": "http://localhost:3000",
-  "chromeWebSecurity": false
-}
+```ts title="cypress.config.ts"
+import { defineConfig } from 'cypress'
+
+export default defineConfig({
+  e2e: {
+    baseUrl: 'http://localhost:3000',
+    chromeWebSecurity: false,
+    setupNodeEvents(on, config) {
+      // implement node event listeners here
+    },
+  },
+})
 ```
 
 This initial Cypress config will tell Cypress where to find your site on initial launch as well as allow it to open up URLs at domains that aren't your page, for example to be able to login to a social provider.
@@ -46,14 +53,24 @@ You must change the login credentials you want to use, but you can also redefine
 
 Third, if you're using the `cypress-social-login` plugin, you must add this to your `/cypress/plugins/index.js` file like so:
 
-```js title="cypress/plugins/index.js"
-const { GoogleSocialLogin } = require("cypress-social-logins").plugins
+```js title="cypress.config.ts" {3-4,10-14}
+import { defineConfig } from 'cypress'
+
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const { GoogleSocialLogin } = require('cypress-social-logins').plugins
+
+export default defineConfig({
+  e2e: {
+    baseUrl: 'http://localhost:3000',
+    chromeWebSecurity: false,
+    setupNodeEvents(on, config) {
+      on('task', {
+        GoogleSocialLogin,
+      })
+    },
+  },
+})
 
-module.exports = (on, config) => {
-  on("task", {
-    GoogleSocialLogin: GoogleSocialLogin,
-  })
-}
 ```
 
 Finally, you can also add the following npm scripts to your `package.json`:
@@ -110,10 +127,6 @@ describe("Login page", () => {
             secure: cookie.secure,
           })
 
-          Cypress.Cookies.defaults({
-            preserve: cookieName,
-          })
-
           // remove the two lines below if you need to stay logged in
           // for your remaining tests
           cy.visit("/api/auth/signout")

docs/docs/reference/adapters/index.md

@@ -2,7 +2,7 @@
 title: Overview
 ---
 
-Using a Auth.js / NextAuth.js adapter you can connect to any database service or even several different services at the same time. The following listed official adapters are created and maintained by the community:
+Using an Auth.js / NextAuth.js adapter you can connect to any database service or even several different services at the same time. The following listed official adapters are created and maintained by the community:
 
 <div class="adapter-card-list">
   <a href="/reference/adapter/dgraph" class="adapter-card">
@@ -71,7 +71,7 @@ If you don't find an adapter for the database or service you use, you can always
 ## Models
 
 
-Auth.js can be used with any database. Models tell you what structures Auth.js expects from your database. Models will vary slightly depending on which adapter you use, but in general, will look something like this. Each adapter's model/schema will be slightly adapted for its needs, but will look very much like this schema below:
+Auth.js can be used with any database. Models tell you what structures Auth.js expects from your database. Models will vary slightly depending on which adapter you use, but in general, will look something like this:
 
 ```mermaid
 erDiagram
@@ -103,8 +103,6 @@ erDiagram
       string scope
       string id_token
       string session_state
-      string oauth_token_secret
-      string oauth_token
     }
     VerificationToken {
       string identifier
@@ -113,10 +111,10 @@ erDiagram
     }
 ```
 
-More information about each Model / Table can be found below.
+More information about each Model/Table can be found below.
 
 :::note
-You can [create your own adapter](/guides/adapters/creating-a-database-adapter) if you want to use Auth.js with a database that is not supported out of the box, or you have to change fields on any of the models.
+You can [create your adapter](/guides/adapters/creating-a-database-adapter) if you want to use Auth.js with a database that is not supported out of the box, or you have to change fields on any of the models.
 :::
 
 ---
@@ -125,30 +123,31 @@ You can [create your own adapter](/guides/adapters/creating-a-database-adapter)
 
 The User model is for information such as the user's name and email address.
 
-Email address is optional, but if one is specified for a User then it must be unique.
+Email address is optional, but if one is specified for a User, then it must be unique.
 
 :::note
-If a user first signs in with OAuth then their email address is automatically populated using the one from their OAuth profile, if the OAuth provider returns one.
+If a user first signs in with an OAuth provider, then their email address is automatically populated using the one from their OAuth profile if the OAuth provider returns one.
 
-This provides a way to contact users and for users to maintain access to their account and sign in using email in the event they are unable to sign in with the OAuth provider in future (if the [Email Provider](/getting-started/email-tutorial) is configured).
+This provides a way to contact users and for users to maintain access to their account and sign in using email in the event they are unable to sign in with the OAuth provider in the future (if the [Email Provider](/reference/core/providers_email) is configured).
 :::
 
-User creation in the database is automatic, and happens when the user is logging in for the first time with a provider. The default data saved is `id`, `name`, `email` and `image`. You can add more profile data by returning extra fields in your [OAuth provider](/guides/providers/custom-provider)'s [`profile()`](/reference/core/providers#profile) callback.
+User creation in the database is automatic and happens when the user is logging in for the first time with a provider. 
+If the first sign-in is via the [OAuth Provider](/reference/core/providers_oauth), the default data saved is `id`, `name`, `email` and `image`. You can add more profile data by returning extra fields in your [OAuth provider](/guides/providers/custom-provider)'s [`profile()`](/reference/core/providers#profile) callback.
+
+If the first sign-in is via the [Email Provider](/reference/core/providers_email), then the saved user will have `id`, `email`, `emailVerified`, where `emailVerified` is the timestamp of when the user was created.
 
 ### Account
 
-The Account model is for information about OAuth accounts associated with a User. It will usually contain `access_token`, `id_token` and other OAuth specific data. [`TokenSet`](https://github.com/panva/node-openid-client/blob/main/docs/README.md#new-tokensetinput) from `openid-client` might give you an idea of all the fields.
-
-:::note
-In case of an OAuth 1.0 provider (like Twitter), you will have to look for `oauth_token` and `oauth_token_secret` string fields. GitHub also has an extra `refresh_token_expires_in` integer field. You have to make sure that your database schema includes these fields.
-:::
+The Account model is for information about OAuth accounts associated with a User
 
 A single User can have multiple Accounts, but each Account can only have one User.
 
-Linking Accounts to Users happen automatically, only when they have the same e-mail address, and the user is currently signed in. Check the [FAQ](/concepts/faq#security) for more information why this is a requirement.
+Account creation in the database is automatic and happens when the user is logging in for the first time with a provider, or the [`Adapter.linkAccount`](/reference/core/adapters#linkaccount) method is invoked. The default data saved is `access_token`, `expires_at`, `refresh_token`, `id_token`, `token_type`, `scope` and `session_state`. You can save other fields or remove the ones you don't need by returning them in the [OAuth provider](/guides/providers/custom-provider)'s [`account()`](/reference/core/providers#account) callback.
+
+Linking Accounts to Users happen automatically, only when they have the same e-mail address, and the user is currently signed in. Check the [FAQ](/concepts/faq#security) for more information on why this is a requirement.
 
 :::tip
-You can manually unlink accounts, if your adapter implements the `unlinkAccount` method. Make sure to take all the necessary security steps to avoid data loss.
+You can manually unlink accounts if your adapter implements the `unlinkAccount` method. Make sure to take all the necessary security steps to avoid data loss.
 :::
 
 :::note
@@ -162,7 +161,7 @@ The Session model is used for database sessions. It is not used if JSON Web Toke
 A single User can have multiple Sessions, each Session can only have one User.
 
 :::tip
-When a Session is read, we check if it's `expires` field indicates an invalid session, and delete it from the database. You can also do this clean-up periodically in the background to avoid our extra delete call to the database during an active session retrieval. This might result in a slight performance increase in a few cases.
+When a Session is read, we check if its `expires` field indicates an invalid session, and delete it from the database. You can also do this clean-up periodically in the background to avoid our extra delete call to the database during an active session retrieval. This might result in a slight performance increase in a few cases.
 :::
 
 ### Verification Token
@@ -171,7 +170,7 @@ The Verification Token model is used to store tokens for passwordless sign in.
 
 A single User can have multiple open Verification Tokens (e.g. to sign in to different devices).
 
-It has been designed to be extendable for other verification purposes in the future (e.g. 2FA / short codes).
+It has been designed to be extendable for other verification purposes in the future (e.g. 2FA / magic codes, etc.).
 
 :::note
 Auth.js makes sure that every token is usable only once, and by default has a short (1 day, can be configured by [`maxAge`](/guides/providers/email)) lifetime. If your user did not manage to finish the sign-in flow in time, they will have to start the sign-in process again.
@@ -183,8 +182,7 @@ Due to users forgetting or failing at the sign-in flow, you might end up with un
 
 ## RDBMS Naming Convention
 
-Auth.js / NextAuth.js uses `camelCase` for its own database rows, while respecting the conventional `snake_case` formatting for OAuth related values. If mixed casing is an issue for you, most adapters have a dedicated section on how to use a single naming convention.
-
+Auth.js / NextAuth.js uses `camelCase` for its database rows while respecting the conventional `snake_case` formatting for OAuth-related values. If the mixed casing is an issue for you, most adapters have a dedicated documentation section on how to force a casing convention.
 
 ## TypeScript
 

docs/docusaurus.config.js

@@ -7,7 +7,7 @@ const path = require("path")
 const coreSrc = "../packages/core/src"
 const providers = fs
   .readdirSync(path.join(__dirname, coreSrc, "/providers"))
-  .filter((file) => file.endsWith(".ts") && !file.startsWith("oauth"))
+  .filter((file) => file.endsWith(".ts"))
   .map((p) => `${coreSrc}/providers/${p}`)
 
 const typedocConfig = require("./typedoc.json")
@@ -261,32 +261,24 @@ const docusaurusConfig = {
         },
       },
     ],
-    typedocAdapter("Dgraph"),
-    typedocAdapter("DynamoDB"),
-    typedocAdapter("Fauna"),
-    typedocAdapter("Firebase"),
-    typedocAdapter("Mikro ORM"),
-    typedocAdapter("MongoDB"),
-    typedocAdapter("Neo4j"),
-    typedocAdapter("PouchDB"),
-    typedocAdapter("Prisma"),
-    [
-      "docusaurus-plugin-typedoc",
-      {
-        ...typedocConfig,
-        id: "typeorm",
-        plugin: [require.resolve("./typedoc-mdn-links")],
-        watch: process.env.TYPEDOC_WATCH,
-        entryPoints: [`../packages/adapter-typeorm-legacy/src/index.ts`],
-        tsconfig: `../packages/adapter-typeorm-legacy/tsconfig.json`,
-        out: `reference/adapter/typeorm`,
-        sidebar: { indexLabel: "TypeORM" },
-      },
-    ],
-    typedocAdapter("Sequelize"),
-    typedocAdapter("Supabase"),
-    typedocAdapter("Upstash Redis"),
-    typedocAdapter("Xata"),
+    ...(process.env.TYPEDOC_SKIP_ADAPTERS
+      ? []
+      : [
+          typedocAdapter("Dgraph"),
+          typedocAdapter("DynamoDB"),
+          typedocAdapter("Fauna"),
+          typedocAdapter("Firebase"),
+          typedocAdapter("Mikro ORM"),
+          typedocAdapter("MongoDB"),
+          typedocAdapter("Neo4j"),
+          typedocAdapter("PouchDB"),
+          typedocAdapter("Prisma"),
+          typedocAdapter("TypeORM"),
+          typedocAdapter("Sequelize"),
+          typedocAdapter("Supabase"),
+          typedocAdapter("Upstash Redis"),
+          typedocAdapter("Xata"),
+        ]),
   ],
 }
 

docs/package.json

@@ -34,9 +34,9 @@
     "@docusaurus/theme-common": "2.3.1",
     "@docusaurus/theme-mermaid": "2.3.1",
     "@docusaurus/types": "2.3.1",
-    "docusaurus-plugin-typedoc": "1.0.0-next.2",
-    "typedoc": "^0.23.28",
-    "typedoc-plugin-markdown": "4.0.0-next.3"
+    "docusaurus-plugin-typedoc": "1.0.0-next.5",
+    "typedoc": "^0.24.4",
+    "typedoc-plugin-markdown": "4.0.0-next.6"
   },
   "browserslist": {
     "production": [

docs/sidebars.js

@@ -46,27 +46,31 @@ module.exports = {
         },
       ],
     },
-    {
-      type: "category",
-      label: "Database Adapters",
-      link: { type: "doc", id: "reference/adapters/index" },
-      items: [
-        { type: "doc", id: "reference/adapter/dgraph/index" },
-        { type: "doc", id: "reference/adapter/dynamodb/index" },
-        { type: "doc", id: "reference/adapter/fauna/index" },
-        { type: "doc", id: "reference/adapter/firebase/index" },
-        { type: "doc", id: "reference/adapter/mikro-orm/index" },
-        { type: "doc", id: "reference/adapter/mongodb/index" },
-        { type: "doc", id: "reference/adapter/neo4j/index" },
-        { type: "doc", id: "reference/adapter/pouchdb/index" },
-        { type: "doc", id: "reference/adapter/prisma/index" },
-        { type: "doc", id: "reference/adapter/sequelize/index" },
-        { type: "doc", id: "reference/adapter/supabase/index" },
-        { type: "doc", id: "reference/adapter/typeorm/index" },
-        { type: "doc", id: "reference/adapter/upstash-redis/index" },
-        { type: "doc", id: "reference/adapter/xata/index" },
-      ],
-    },
+    ...(process.env.TYPEDOC_SKIP_ADAPTERS
+      ? []
+      : [
+          {
+            type: "category",
+            label: "Database Adapters",
+            link: { type: "doc", id: "reference/adapters/index" },
+            items: [
+              { type: "doc", id: "reference/adapter/dgraph/index" },
+              { type: "doc", id: "reference/adapter/dynamodb/index" },
+              { type: "doc", id: "reference/adapter/fauna/index" },
+              { type: "doc", id: "reference/adapter/firebase/index" },
+              { type: "doc", id: "reference/adapter/mikro-orm/index" },
+              { type: "doc", id: "reference/adapter/mongodb/index" },
+              { type: "doc", id: "reference/adapter/neo4j/index" },
+              { type: "doc", id: "reference/adapter/pouchdb/index" },
+              { type: "doc", id: "reference/adapter/prisma/index" },
+              { type: "doc", id: "reference/adapter/sequelize/index" },
+              { type: "doc", id: "reference/adapter/supabase/index" },
+              { type: "doc", id: "reference/adapter/typeorm/index" },
+              { type: "doc", id: "reference/adapter/upstash-redis/index" },
+              { type: "doc", id: "reference/adapter/xata/index" },
+            ],
+          },
+        ]),
     "reference/warnings",
   ],
   conceptsSidebar: [

docs/snippets/oauth-provider.md

@@ -1,22 +1,20 @@
 Add $1 login to your page.
 
-## Example
-
 @example
 
 ```js
 import Auth from "@auth/core"
-import { $1 } from "@auth/core/providers/$2"
+import $1 from "@auth/core/providers/$2"
 
-const request = new Request("https://example.com")
-const response = await AuthHandler(request, {
-  providers: [$1({ clientId: "", clientSecret: "" })],
+const request = new Request(origin)
+const response = await Auth(request, {
+  providers: [$1({ clientId: $3CLIENT_ID, clientSecret: $3CLIENT_SECRET })],
 })
 ```
 
 ## Resources
 
-@see [Link 1](https://example.com)
+ - [$1 OAuth documentation](https://example.com)
 
 ## Notes
 

docs/snippets/oidc-oauth-provider.md

@@ -1,29 +1,25 @@
 Add $1 login to your page.
 
-## Example
+@example
 
-```ts
-import { Auth } from "@auth/core"
+```js
+import Auth from "@auth/core"
 import $1 from "@auth/core/providers/$2"
 
-const request = new Request("https://example.com")
-const response = await AuthHandler(request, {
-  providers: [$1({ clientId: "", clientSecret: "" })],
+const request = new Request(origin)
+const response = await Auth(request, {
+  providers: [$1({ clientId: $3CLIENT_ID, clientSecret: $3CLIENT_SECRET })],
 })
 ```
 
----
-
 ## Resources
 
-- [Link 1](https://example.com)
-
----
+ - [$1 OAuth documentation](https://example.com)
 
 ## Notes
 
 By default, Auth.js assumes that the $1 provider is
-based on the [OAuth 2](https://www.rfc-editor.org/rfc/rfc6749.html) specification.
+based on the [Open ID Connect](https://openid.net/specs/openid-connect-core-1_0.html) specification.
 
 :::tip
 

docs/src/components/ProviderMarquee.js

@@ -7,6 +7,7 @@ const icons = [
   "/img/providers/apple.svg",
   "/img/providers/auth0.svg",
   "/img/providers/cognito.svg",
+  "/img/providers/descope.svg",
   "/img/providers/battlenet.svg",
   "/img/providers/box.svg",
   "/img/providers/facebook.svg",
@@ -19,23 +20,29 @@ const icons = [
   "/img/providers/twitter.svg",
 ]
 
-export default React.memo(function ProviderMarquee() {
-  let scale = 0.4
-
+function changeScale() {
   if (typeof window !== "undefined") {
     const width = window.outerWidth
-    if (width > 800) {
-      scale = 0.6
-    }
 
-    if (width > 1100) {
-      scale = 0.7
-    }
-
-    if (width > 1400) {
-      scale = 0.8
-    }
+    if (width > 800) return 0.6
+    else if (width > 1100) return 0.7
+    else if (width > 1400) return 0.8
   }
+}
+
+export default React.memo(function ProviderMarquee() {
+  // Get initial scale on load
+  const [scale, setScale] = React.useState(changeScale)
+
+  React.useEffect(() => {
+    // Account for window size change
+    function handleEvent() {
+      setScale(changeScale)
+    }
+
+    window.addEventListener("resize", handleEvent)
+    return () => window.removeEventListener("resize", handleEvent)
+  }, [])
 
   return (
     <div className={styles.fullWidth}>

docs/src/css/adapters.css

@@ -29,6 +29,7 @@ html[data-theme="dark"] .adapter-card {
   color: #f5f5f5;
 }
 
+html[data-theme="dark"] .adapter-card:hover,
 .adapter-card:hover {
   text-decoration: none;
   color: black;

docs/src/css/index.css

@@ -124,6 +124,9 @@ html[data-theme="dark"] hr {
   font-size: 1rem;
   font-weight: 700;
   width: 100%;
+  display: flex;
+  justify-content: space-between;
+  flex-wrap: wrap;
 }
 
 .home-main .code .code-heading span {

docs/static/img/providers/42-school.svg

@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 18.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1"
+	 id="Calque_1" sodipodi:docname="42_logo.svg" inkscape:version="0.48.2 r9819" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:svg="http://www.w3.org/2000/svg" xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://creativecommons.org/ns#" xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+	 xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 -200 960 960"
+	 enable-background="new 0 -200 960 960" xml:space="preserve">
+<polygon id="polygon5" points="32,412.6 362.1,412.6 362.1,578 526.8,578 526.8,279.1 197.3,279.1 526.8,-51.1 362.1,-51.1 
+	32,279.1 "/>
+<polygon id="polygon7" points="597.9,114.2 762.7,-51.1 597.9,-51.1 "/>
+<polygon id="polygon9" points="762.7,114.2 597.9,279.1 597.9,443.9 762.7,443.9 762.7,279.1 928,114.2 928,-51.1 762.7,-51.1 "/>
+<polygon id="polygon11" points="928,279.1 762.7,443.9 928,443.9 "/>
+</svg>

docs/static/img/providers/coinbase.svg

@@ -0,0 +1 @@
+<svg height="447" viewBox="0 0 1101.64 196.79" width="2500" xmlns="http://www.w3.org/2000/svg"><path d="m222.34 54.94c-40.02 0-71.29 30.38-71.29 71.05s30.48 70.79 71.29 70.79 71.82-30.64 71.82-71.05c0-40.15-30.48-70.79-71.82-70.79zm.27 112.53c-22.79 0-39.49-17.7-39.49-41.47 0-24.04 16.43-41.73 39.22-41.73 23.06 0 39.75 17.96 39.75 41.73s-16.69 41.47-39.48 41.47zm80.29-81.62h19.88v108.3h31.8v-136.57h-51.68zm-231.88-1.59c16.7 0 29.95 10.3 34.98 25.62h33.66c-6.1-32.75-33.13-54.94-68.37-54.94-40.02 0-71.29 30.38-71.29 71.06s30.48 70.79 71.29 70.79c34.45 0 62.01-22.19 68.11-55.21h-33.4c-4.77 15.32-18.02 25.89-34.72 25.89-23.06 0-39.22-17.7-39.22-41.47.01-24.04 15.91-41.74 38.96-41.74zm836.1 28.53-23.32-3.43c-11.13-1.58-19.08-5.28-19.08-14 0-9.51 10.34-14.26 24.38-14.26 15.37 0 25.18 6.6 27.3 17.43h30.74c-3.45-27.47-24.65-43.58-57.24-43.58-33.66 0-55.92 17.17-55.92 41.47 0 23.24 14.58 36.72 43.99 40.94l23.32 3.43c11.4 1.58 17.76 6.08 17.76 14.53 0 10.83-11.13 15.32-26.5 15.32-18.82 0-29.42-7.66-31.01-19.28h-31.27c2.92 26.68 23.85 45.43 62.01 45.43 34.72 0 57.77-15.85 57.77-43.06 0-24.3-16.69-36.98-42.93-40.94zm-568.44-111.47c-11.66 0-20.41 8.45-20.41 20.07s8.74 20.07 20.41 20.07c11.66 0 20.41-8.45 20.41-20.07s-8.75-20.07-20.41-20.07zm466.68 103.02c0-29.58-18.02-49.39-56.18-49.39-36.04 0-56.18 18.23-60.16 46.23h31.54c1.59-10.83 10.07-19.81 28.09-19.81 16.17 0 24.12 7.13 24.12 15.85 0 11.36-14.58 14.26-32.6 16.11-24.38 2.64-54.59 11.09-54.59 42.79 0 24.57 18.29 40.41 47.44 40.41 22.79 0 37.1-9.51 44.26-24.57 1.06 13.47 11.13 22.19 25.18 22.19h18.55v-28.26h-15.64v-61.55zm-31.27 34.34c0 18.23-15.9 31.7-35.25 31.7-11.93 0-22-5.02-22-15.58 0-13.47 16.17-17.17 31.01-18.75 14.31-1.32 22.26-4.49 26.24-10.57zm-168.81-83.74c-17.76 0-32.6 7.4-43.2 19.81v-74.75h-31.8v194.15h31.27v-17.96c10.6 12.94 25.71 20.6 43.73 20.6 38.16 0 67.05-30.11 67.05-70.79s-29.42-71.06-67.05-71.06zm-4.77 112.53c-22.79 0-39.49-17.7-39.49-41.47s16.96-41.73 39.75-41.73c23.06 0 39.22 17.7 39.22 41.73 0 23.77-16.69 41.47-39.48 41.47zm-146.29-112.53c-20.67 0-34.19 8.45-42.14 20.34v-17.7h-31.54v136.56h31.8v-74.22c0-20.87 13.25-35.66 32.86-35.66 18.29 0 29.68 12.94 29.68 31.7v78.19h31.8v-80.56c.01-34.35-17.74-58.65-52.46-58.65zm647.42 66.57c0-39.09-28.62-66.56-67.05-66.56-40.81 0-70.76 30.64-70.76 71.05 0 42.53 32.07 70.79 71.29 70.79 33.13 0 59.1-19.55 65.72-47.28h-33.13c-4.77 12.15-16.43 19.02-32.07 19.02-20.41 0-35.78-12.68-39.22-34.87h105.21v-12.15zm-103.36-10.57c5.04-19.02 19.35-28.26 35.78-28.26 18.02 0 31.8 10.3 34.98 28.26z" fill="#0052ff"/></svg>

docs/static/img/providers/descope.svg

@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 26.2.1, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="194.7px" height="215.2px" viewBox="0 0 194.7 215.2" style="enable-background:new 0 0 194.7 215.2;" xml:space="preserve"
+	>
+<style type="text/css">
+	.st0{fill:url(#SVGID_1_);}
+	.st1{fill:url(#SVGID_00000004519561486438896460000001266960168497785022_);}
+	.st2{fill:url(#SVGID_00000049204468076180615810000015113731544435055266_);}
+	.st3{fill:url(#SVGID_00000116951257355544416270000003794629356563808950_);}
+</style>
+<g>
+	<linearGradient id="SVGID_1_" gradientUnits="userSpaceOnUse" x1="68.3919" y1="222.1531" x2="185.0265" y2="41.0264">
+		<stop  offset="1.481436e-07" style="stop-color:#0083B5"/>
+		<stop  offset="0.4173" style="stop-color:#00FFFF"/>
+		<stop  offset="0.9952" style="stop-color:#6FF12D"/>
+	</linearGradient>
+	<path class="st0" d="M129.8,174.7c7.6-1.6,14-4.8,19.2-9.7c7.7-7.3,8.8-17.1,8.8-29.4V80.7c0-12.3-1.1-22.1-8.8-29.4
+		c-5.2-4.9-11.6-8.1-19.2-9.7V15.4c12.5,1.8,22.9,6.5,31,14.2c10.6,10,19.9,23.5,19.9,40.5v75c0,17-9.3,30.5-19.9,40.5
+		c-8.1,7.7-18.5,12.4-31,14.2V174.7z"/>
+	
+		<linearGradient id="SVGID_00000040544740507634666800000017273841385603649669_" gradientUnits="userSpaceOnUse" x1="5.037" y1="181.3564" x2="121.6716" y2="0.2297">
+		<stop  offset="1.481436e-07" style="stop-color:#0083B5"/>
+		<stop  offset="0.4173" style="stop-color:#00FFFF"/>
+		<stop  offset="0.9952" style="stop-color:#6FF12D"/>
+	</linearGradient>
+	<path style="fill:url(#SVGID_00000040544740507634666800000017273841385603649669_);" d="M33.9,29.6c8.1-7.7,18.5-12.4,31-14.2
+		v26.3c-7.6,1.6-14,4.8-19.2,9.7c-7.7,7.3-8.8,17-8.8,29.2v55.1c0,12.3,1.1,22.1,8.8,29.4c5.2,4.9,11.6,8.1,19.2,9.7v25.1
+		c-12.5-1.8-22.9-6.5-31-14.2c-10.6-10-19.9-23.5-19.9-40.5V69.8C13.9,53,23.2,39.6,33.9,29.6z"/>
+	<g>
+		
+			<linearGradient id="SVGID_00000060713993868866928010000000698955780952733088_" gradientUnits="userSpaceOnUse" x1="22.0278" y1="192.2974" x2="138.6624" y2="11.1707">
+			<stop  offset="1.481436e-07" style="stop-color:#0083B5"/>
+			<stop  offset="0.4173" style="stop-color:#00FFFF"/>
+			<stop  offset="0.9952" style="stop-color:#6FF12D"/>
+		</linearGradient>
+		<path style="fill:url(#SVGID_00000060713993868866928010000000698955780952733088_);" d="M120.2,87.8l8.5-13.7l-17.8-9.4
+			l-7.5,14.2c-1.1,2.1-3.1,3.3-5.5,3.3c-2.3,0-4.4-1.2-5.5-3.3L85,64.7L67.3,74l12.3,19.7L120.2,87.8z"/>
+		
+			<linearGradient id="SVGID_00000115475840050352750520000000840372054167564949_" gradientUnits="userSpaceOnUse" x1="37.9651" y1="202.5601" x2="154.5998" y2="21.4334">
+			<stop  offset="1.481436e-07" style="stop-color:#0083B5"/>
+			<stop  offset="0.4173" style="stop-color:#00FFFF"/>
+			<stop  offset="0.9952" style="stop-color:#6FF12D"/>
+		</linearGradient>
+		<path style="fill:url(#SVGID_00000115475840050352750520000000840372054167564949_);" d="M142.4,97.7l-87.8,0.8v17.7l27.5-0.1
+			l-14.8,23.8l17.7,9.3l7.5-14.2c1.1-2.1,3.1-3.3,5.5-3.3c2.3,0,4.4,1.2,5.5,3.3l7.5,14.2l17.8-9.4l-12-19.3L93.7,116l48.7-0.2V97.7
+			z"/>
+	</g>
+</g>
+</svg>

docs/static/img/providers/dropbox.svg

@@ -0,0 +1 @@
+<svg id="Layer_1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 42.4 39.5" width="2500" height="2329"><style>.st0{fill:#0062ff}</style><path class="st0" d="M10.6 1.7L0 8.5l10.6 6.7 10.6-6.7zm21.2 0L21.2 8.5l10.6 6.7 10.6-6.7zM0 22l10.6 6.8L21.2 22l-10.6-6.8zm31.8-6.8L21.2 22l10.6 6.8L42.4 22zM10.6 31l10.6 6.8L31.8 31l-10.6-6.7z"/></svg>

docs/static/img/providers/duende-identity-server6.svg

@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 21.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 1280 1280" style="enable-background:new 0 0 1280 1280;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#252122;}
+	.st1{fill:#F6971D;}
+</style>
+<path class="st0" d="M639.7,17C293.2,17,12.2,297.9,12.2,644.5S293.2,1272,639.7,1272c346.6,0,627.5-280.9,627.5-627.5
+	S986.3,17,639.7,17z M639.7,1203.4c-308.7,0-558.9-250.2-558.9-558.9c0-308.7,250.2-558.9,558.9-558.9
+	c308.7,0,558.9,250.2,558.9,558.9C1198.6,953.2,948.4,1203.4,639.7,1203.4z"/>
+<g>
+	<path class="st1" d="M573,917.4c0.1-4,0.3-7.9,0.3-11.9c0.1-205.8,0.2-411.7,0.3-617.5c0-3.6,0-7.2,0-11.7
+		c50.9-25.9,101.8-51.8,153.9-78.3c0,252.5,0,503.3,0,754.7c-37.6,22.7-75.4,45.5-113.3,68.1c-13.5,8.1-27.3,15.8-40.9,23.7
+		C573.2,1002.2,573.1,959.8,573,917.4z"/>
+	<path class="st0" d="M573,917.4c0.1,42.4,0.2,84.8,0.4,127.1c-34.5-4.5-67.5-14.6-99.5-27.6c-68.3-27.6-126.9-68.3-170-129
+		c-75.6-106.7-69.3-237.9,15.9-337.3c59-68.8,135.1-109.6,222.2-134.6c0,43.7,0,86.3,0,129.9c-8.6,3.7-18,7.5-27.2,11.8
+		c-39.9,18.6-75.4,43.1-103.4,77.7c-47.7,58.9-47.7,128.3,0.2,187.2c36.9,45.4,85.9,71.7,140.6,89.1
+		C558.9,913.9,566,915.5,573,917.4z"/>
+	<path class="st0" d="M923.1,448.7c7.9-15.2,15.5-29.7,23.7-45.5c37.2,58.7,73.8,116.3,111.2,175.2
+		c-74.4,13.3-147.2,26.3-222.2,39.7c10.5-20.4,20-39.1,30-58.6c-33.9-16.3-69-26.5-105.8-32.6c0-41.9,0-83.3,0-124.7
+		C793.4,403.3,846.4,418.4,923.1,448.7z"/>
+</g>
+</svg>

docs/static/img/providers/eveonline.svg

@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://creativecommons.org/ns#" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" version="1.1" width="198.4" height="78.66" xml:space="preserve">
+<path d="M 0,0 0,13.88 10.97,13.88 10.97,10.31 60.69,10.31 60.69,0 0,0 z M 65.84,0 99.22,58.09 132.6,0 120.7,0 C 120.7,0 100.5,34.91 99.22,37.16 97.92,34.91 77.75,0 77.75,0 L 65.84,0 z M 137.8,0 137.8,13.88 148.7,13.88 148.7,10.31 198.4,10.31 198.4,0 137.8,0 z M 0,19.12 0,29.47 60.69,29.47 60.69,19.12 0,19.12 z M 137.8,19.12 137.8,29.47 198.4,29.47 198.4,19.12 137.8,19.12 z M 0,34.66 0,48.59 60.69,48.59 60.69,38.25 10.97,38.25 10.97,34.66 0,34.66 z M 137.8,34.66 137.8,48.59 198.4,48.59 198.4,38.25 148.7,38.25 148.7,34.66 137.8,34.66 z M 42.19,69.72 C 41.32,69.72 40.71,69.89 40.41,70.19 40.1,70.49 39.97,71.03 39.97,71.84 L 39.97,76.56 C 39.97,77.38 40.1,77.93 40.41,78.22 40.71,78.52 41.32,78.66 42.19,78.66 L 48.72,78.66 C 49.59,78.66 50.19,78.52 50.5,78.22 50.8,77.93 50.97,77.38 50.97,76.56 L 50.97,71.84 C 50.97,71.03 50.8,70.49 50.5,70.19 50.19,69.89 49.59,69.72 48.72,69.72 L 42.19,69.72 z M 64.37,69.72 64.37,78.66 66.25,78.66 66.25,73.84 C 66.25,73.66 66.23,73.43 66.22,73.19 66.2,72.94 66.18,72.69 66.16,72.41 66.26,72.53 66.38,72.67 66.5,72.78 66.62,72.89 66.75,73.01 66.91,73.16 L 73.47,78.66 74.88,78.66 74.88,69.72 73.03,69.72 73.03,74.41 C 73.03,74.52 73.05,74.7 73.06,74.91 73.07,75.11 73.09,75.47 73.12,75.97 72.99,75.81 72.82,75.66 72.66,75.5 72.49,75.35 72.31,75.18 72.09,75 L 65.81,69.72 64.37,69.72 z M 88.53,69.72 88.53,78.66 97.31,78.66 97.31,77 90.59,77 90.59,69.72 88.53,69.72 z M 109.4,69.72 109.4,78.66 111.5,78.66 111.5,69.72 109.4,69.72 z M 125.1,69.72 125.1,78.66 127,78.66 127,73.84 C 127,73.66 127,73.43 126.9,73.19 126.9,72.94 126.9,72.69 126.9,72.41 127,72.53 127.1,72.67 127.2,72.78 127.3,72.89 127.5,73.01 127.6,73.16 L 134.2,78.66 135.6,78.66 135.6,69.72 133.8,69.72 133.8,74.41 C 133.8,74.52 133.8,74.7 133.8,74.91 133.8,75.11 133.8,75.47 133.8,75.97 133.7,75.81 133.6,75.66 133.4,75.5 133.2,75.35 133,75.18 132.8,75 L 126.5,69.72 125.1,69.72 z M 149.3,69.72 149.3,78.66 158.5,78.66 158.5,77 151.3,77 151.3,74.78 155.4,74.78 155.4,73.25 151.3,73.25 151.3,71.25 158.4,71.25 158.4,69.72 149.3,69.72 z M 42.03,71.31 48.87,71.31 48.87,77 42.03,77 42.03,71.31 z" /></svg>

docs/static/img/providers/faceit.svg

@@ -0,0 +1 @@
+<svg height="1520" viewBox="29.3 101.1 451.7 357.9" width="2500" xmlns="http://www.w3.org/2000/svg"><path d="m481 104.8c0-1.8-1.9-3.7-1.9-3.7-1.8 0-1.8 0-3.7 1.9-37.5 58.1-76.8 116.2-114.3 176.2h-326.2c-3.7 0-5.6 5.6-1.8 7.5 134.9 50.5 331.7 127.3 440.4 170.4 3.7 1.9 7.5-1.9 7.5-3.7z" fill="#fd5a00"/><path d="m481 104.8c0-1.8-1.9-3.7-1.9-3.7-1.8 0-1.8 0-3.7 1.9-37.5 58.1-76.8 116.2-114.3 176.2l119.9 1.23z" fill="#ff690a"/></svg>

docs/static/img/providers/fusionauth.svg

@@ -0,0 +1,100 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Generator: Adobe Illustrator 22.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   version="1.1"
+   id="Layer_1"
+   x="0px"
+   y="0px"
+   viewBox="0 0 64 64.000001"
+   xml:space="preserve"
+   sodipodi:docname="fusionauthio-icon.svg"
+   width="64"
+   height="64"
+   inkscape:version="0.92.4 (5da689c313, 2019-01-14)"><metadata
+   id="metadata49"><rdf:RDF><cc:Work
+       rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type
+         rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs
+   id="defs47" /><sodipodi:namedview
+   pagecolor="#ffffff"
+   bordercolor="#666666"
+   borderopacity="1"
+   objecttolerance="10"
+   gridtolerance="10"
+   guidetolerance="10"
+   inkscape:pageopacity="0"
+   inkscape:pageshadow="2"
+   inkscape:window-width="1920"
+   inkscape:window-height="1001"
+   id="namedview45"
+   showgrid="false"
+   inkscape:zoom="4.205303"
+   inkscape:cx="94.166817"
+   inkscape:cy="80.099998"
+   inkscape:window-x="-9"
+   inkscape:window-y="-9"
+   inkscape:window-maximized="1"
+   inkscape:current-layer="Layer_1" />
+<style
+   type="text/css"
+   id="style2">
+	.st0{fill:#EC8D53;}
+	.st1{fill:#FFFFFF;}
+</style>
+
+
+
+
+
+
+<g
+   id="g906"
+   transform="matrix(2.6397668,0,0,2.6397668,-35.322894,-50.457841)"><g
+     transform="matrix(0.15722805,0,0,0.15722805,13.258327,18.768605)"
+     style="fill:#ec8d53;fill-opacity:1"
+     id="g6">
+	<path
+   inkscape:connector-curvature="0"
+   style="fill:#ec8d53;fill-opacity:1"
+   id="path4"
+   d="m 77.7,2.2 c -3.9,0 -7.5,2.1 -9.4,5.5 -2.9,5.1 -1,11.7 4.2,14.5 1.6,0.9 3.4,1.3 5.2,1.3 3.9,0 7.5,-2.1 9.4,-5.5 C 90,12.8 88.1,6.3 82.9,3.5 81.2,2.7 79.4,2.2 77.7,2.2 Z"
+   class="st0" />
+</g><g
+     transform="matrix(0.15722805,0,0,0.15722805,13.258327,18.768605)"
+     style="fill:#ec8d53;fill-opacity:1"
+     id="g10">
+	<path
+   inkscape:connector-curvature="0"
+   style="fill:#ec8d53;fill-opacity:1"
+   id="path8"
+   d="m 16,103.6 c -3.9,0 -7.5,2.1 -9.4,5.5 -2.9,5.1 -1,11.7 4.2,14.5 1.6,0.9 3.4,1.3 5.2,1.3 3.9,0 7.5,-2.1 9.4,-5.5 2.9,-5.2 1,-11.7 -4.2,-14.5 -1.6,-0.8 -3.4,-1.3 -5.2,-1.3 z"
+   class="st0" />
+</g><g
+     transform="matrix(0.15722805,0,0,0.15722805,13.258327,18.768605)"
+     style="fill:#ec8d53;fill-opacity:1"
+     id="g14">
+	<path
+   inkscape:connector-curvature="0"
+   style="fill:#ec8d53;fill-opacity:1"
+   id="path12"
+   d="m 136.4,109.1 c -3.9,0 -7.5,2.1 -9.4,5.5 -2.9,5.1 -1,11.7 4.2,14.5 1.6,0.9 3.4,1.3 5.2,1.3 3.9,0 7.5,-2.1 9.4,-5.5 2.9,-5.2 1,-11.7 -4.2,-14.5 -1.6,-0.9 -3.4,-1.3 -5.2,-1.3 z"
+   class="st0" />
+</g><path
+     inkscape:connector-curvature="0"
+     style="fill:#ec8d53;fill-opacity:1;stroke-width:0.15722805"
+     id="path40"
+     d="m 29.657213,20.891185 c -0.330179,-0.125783 -0.707527,0.04717 -0.849032,0.377347 -0.125782,0.330179 0.04717,0.707526 0.377347,0.849031 2.971611,1.132042 5.125635,3.490463 6.084726,6.304845 l -4.056484,1.084874 c -0.251565,-0.676081 -0.628912,-1.28927 -1.116319,-1.855291 -1.084873,-1.257825 -2.594263,-1.996797 -4.26088,-2.122579 -1.650895,-0.11006 -3.191729,0.440239 -4.37094,1.415052 l -2.877273,-2.845827 c 1.352161,-1.226379 3.034501,-2.091133 4.842624,-2.468481 -0.172951,-0.408793 -0.220119,-0.864754 -0.125783,-1.304992 -4.229434,0.833308 -7.814234,4.009315 -9.009167,8.301641 -0.39307,1.446498 -0.518852,2.924441 -0.361624,4.402385 0.03144,0.330179 0.314456,0.581744 0.644635,0.581744 0.03144,0 0.04717,0 0.07861,0 0.361624,-0.04717 0.613189,-0.361625 0.581743,-0.723249 -0.141505,-1.304993 -0.04717,-2.625709 0.314457,-3.899256 0.408792,-1.493666 1.147764,-2.830105 2.122578,-3.946424 l 2.892996,2.830105 c -0.754694,0.959091 -1.242101,2.138301 -1.336438,3.427571 -0.188674,2.720046 1.39933,5.141358 3.789196,6.147617 l -1.194933,3.930701 c -1.745232,-0.660357 -3.238898,-1.760954 -4.386663,-3.207452 -0.298733,0.345902 -0.67608,0.581744 -1.116319,0.691804 1.509389,1.949627 3.616245,3.396126 6.069003,4.072206 1.037705,0.283011 2.091133,0.424516 3.144561,0.424516 2.499926,0 4.93696,-0.817586 6.996648,-2.374144 0.28301,-0.220119 0.345902,-0.628912 0.125782,-0.911922 -0.220119,-0.283011 -0.628912,-0.345902 -0.911922,-0.125783 -2.499926,1.886737 -5.644487,2.547095 -8.663266,1.808123 l 1.194933,-3.946424 c 0.235842,0.04717 0.487407,0.07861 0.738972,0.09434 0.141505,0.01572 0.283011,0.01572 0.440239,0.01572 3.238898,0 5.958943,-2.531371 6.179062,-5.785992 0.03145,-0.471684 0.01572,-0.943368 -0.06289,-1.383607 l 4.056484,-1.084873 c 0.314456,1.556557 0.267287,3.191729 -0.172951,4.826901 -0.09434,0.314456 -0.188674,0.628912 -0.314456,0.943368 0.220119,0.04717 0.440238,0.125783 0.644635,0.235842 0.188673,0.11006 0.361624,0.235842 0.518852,0.39307 0.157228,-0.39307 0.298733,-0.801863 0.408793,-1.210656 1.588003,-5.817437 -1.430775,-11.807826 -7.059539,-13.96185 z m -9.213564,10.48711 c 0.172951,-2.609985 2.374143,-4.65395 4.984129,-4.65395 0.11006,0 0.235842,0 0.345902,0.01572 1.336438,0.09434 2.547094,0.691803 3.427571,1.698063 0.880477,1.006259 1.304993,2.295529 1.210656,3.631968 -0.09434,1.336438 -0.707526,2.547094 -1.713785,3.427571 -1.00626,0.880477 -2.29553,1.304993 -3.616246,1.210656 -2.751491,-0.188673 -4.826901,-2.57854 -4.638227,-5.330031 z"
+     class="st1" /><path
+     inkscape:connector-curvature="0"
+     style="fill:#ec8d53;fill-opacity:1;stroke-width:0.15722805"
+     id="path42"
+     d="M 29.216974,28.422408 C 28.336497,27.400426 27.110118,26.787236 25.77368,26.6929 c -0.11006,-0.01572 -0.235842,-0.01572 -0.345902,-0.01572 -2.625708,0 -4.826901,2.059687 -5.015575,4.685396 -0.188673,2.767213 1.90246,5.172803 4.669673,5.361476 2.782937,0.204397 5.172803,-1.933905 5.361477,-4.669673 0.09434,-1.336438 -0.345902,-2.625708 -1.226379,-3.631968 z m -3.773473,6.383459 c -0.754695,0 -1.367884,0.06289 -1.367884,-0.345902 l 0.597466,-3.411848 c -0.345901,-0.235843 -0.566021,-0.628913 -0.566021,-1.084874 0,-0.723249 0.597467,-1.320716 1.320716,-1.320716 0.723249,0 1.320716,0.597467 1.320716,1.320716 0,0.440239 -0.22012,0.833309 -0.566021,1.084874 l 0.613189,3.380403 c 0,0.01572 0,0.01572 0,0.03144 0.01572,0.408793 -0.597466,0.345902 -1.352161,0.345902 z"
+     class="st0" /></g>
+</svg>

docs/static/img/providers/kakao.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="2500" height="2500" viewBox="0 0 256 256"><path fill="#FFE812" d="M256 236c0 11.046-8.954 20-20 20H20c-11.046 0-20-8.954-20-20V20C0 8.954 8.954 0 20 0h216c11.046 0 20 8.954 20 20v216z"/><path d="M128 36C70.562 36 24 72.713 24 118c0 29.279 19.466 54.97 48.748 69.477-1.593 5.494-10.237 35.344-10.581 37.689 0 0-.207 1.762.934 2.434s2.483.15 2.483.15c3.272-.457 37.943-24.811 43.944-29.04 5.995.849 12.168 1.29 18.472 1.29 57.438 0 104-36.712 104-82 0-45.287-46.562-82-104-82z"/><path fill="#FFE812" d="M70.5 146.625c-3.309 0-6-2.57-6-5.73V105.25h-9.362c-3.247 0-5.888-2.636-5.888-5.875s2.642-5.875 5.888-5.875h30.724c3.247 0 5.888 2.636 5.888 5.875s-2.642 5.875-5.888 5.875H76.5v35.645c0 3.16-2.691 5.73-6 5.73zM123.112 146.547c-2.502 0-4.416-1.016-4.993-2.65l-2.971-7.778-18.296-.001-2.973 7.783c-.575 1.631-2.488 2.646-4.99 2.646a9.155 9.155 0 0 1-3.814-.828c-1.654-.763-3.244-2.861-1.422-8.52l14.352-37.776c1.011-2.873 4.082-5.833 7.99-5.922 3.919.088 6.99 3.049 8.003 5.928l14.346 37.759c1.826 5.672.236 7.771-1.418 8.532a9.176 9.176 0 0 1-3.814.827c-.001 0 0 0 0 0zm-11.119-21.056L106 108.466l-5.993 17.025h11.986zM138 145.75c-3.171 0-5.75-2.468-5.75-5.5V99.5c0-3.309 2.748-6 6.125-6s6.125 2.691 6.125 6v35.25h12.75c3.171 0 5.75 2.468 5.75 5.5s-2.579 5.5-5.75 5.5H138zM171.334 146.547c-3.309 0-6-2.691-6-6V99.5c0-3.309 2.691-6 6-6s6 2.691 6 6v12.896l16.74-16.74c.861-.861 2.044-1.335 3.328-1.335 1.498 0 3.002.646 4.129 1.772 1.051 1.05 1.678 2.401 1.764 3.804.087 1.415-.384 2.712-1.324 3.653l-13.673 13.671 14.769 19.566a5.951 5.951 0 0 1 1.152 4.445 5.956 5.956 0 0 1-2.328 3.957 5.94 5.94 0 0 1-3.609 1.211 5.953 5.953 0 0 1-4.793-2.385l-14.071-18.644-2.082 2.082v13.091a6.01 6.01 0 0 1-6.002 6.003z"/></svg>

docs/static/img/providers/mailru.svg

@@ -0,0 +1 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"><svg width="100%" height="100%" viewBox="0 0 115 44" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xml:space="preserve" xmlns:serif="http://www.serif.com/" style="fill-rule:evenodd;clip-rule:evenodd;stroke-linejoin:round;stroke-miterlimit:1.41421;"><rect id="h44px_-mail_-_bg" serif:id="h44px_@mail_&amp;_bg" x="0" y="0" width="115" height="44" style="fill:none;"/><clipPath id="_clip1"><rect x="0" y="0" width="115" height="44"/></clipPath><g clip-path="url(#_clip1)"><path d="M115,4c0,-2.208 -1.792,-4 -4,-4l-107,0c-2.208,0 -4,1.792 -4,4l0,36c0,2.208 1.792,4 4,4l107,0c2.208,0 4,-1.792 4,-4l0,-36Z" style="fill:#005ff9;"/><g><rect x="16" y="8" width="83" height="28" style="fill:none;"/><rect x="95.68" y="10.59" width="2.654" height="18.019" style="fill:#fff;"/><path d="M92.812,28.609l-2.654,0l0,-12.769l2.654,0l0,12.769Zm-1.327,-18.467c0.989,0 1.792,0.803 1.792,1.792c0,0.989 -0.803,1.792 -1.792,1.792c-0.989,0 -1.792,-0.803 -1.792,-1.792c0,-0.989 0.803,-1.792 1.792,-1.792Z" style="fill:#fff;"/><path d="M87.29,28.609l-2.608,0l0,-1.397c-0.935,1.059 -2.582,1.725 -4.131,1.725c-3.704,0 -6.712,-3.008 -6.712,-6.713c0,-3.704 3.008,-6.712 6.712,-6.712c1.549,0 3.109,0.584 4.131,1.615l0,-1.287l2.608,0l0,12.769Zm-6.654,-10.414c2.284,0 4.081,1.634 4.081,4.029c0,2.395 -1.797,4.044 -4.081,4.044c-2.284,0 -4.02,-1.759 -4.02,-4.044c0,-2.284 1.736,-4.029 4.02,-4.029Z" style="fill:#fff;"/><path d="M54.361,28.609l-2.609,0l0,-12.769l2.609,0l0,0.892c0.579,-0.545 1.665,-1.218 3.171,-1.22c1.852,0 3.232,0.779 4.177,2.032c1.034,-1.241 2.739,-2.032 4.476,-2.032c3.26,0 5.482,2.201 5.482,5.631l0,7.466l-2.609,0l0,-7.466c0,-1.666 -1.356,-3.022 -3.022,-3.022c-1.667,0 -3.022,1.356 -3.022,3.022l0,7.466l-2.609,0l0,-7.466c0,-1.666 -1.356,-3.022 -3.022,-3.022c-1.666,0 -3.022,1.356 -3.022,3.022l0,7.466Z" style="fill:#fff;"/><path d="M34.211,22c0,2.322 -1.889,4.211 -4.211,4.211c-2.322,0 -4.211,-1.889 -4.211,-4.211c0,-2.322 1.889,-4.211 4.211,-4.211c2.322,0 4.211,1.889 4.211,4.211m-4.211,-14c-7.72,0 -14,6.28 -14,14c0,7.72 6.28,14 14,14c2.828,0 5.555,-0.842 7.886,-2.435l0.04,-0.028l-1.886,-2.192l-0.032,0.02c-1.794,1.155 -3.872,1.765 -6.008,1.765c-6.137,0 -11.13,-4.993 -11.13,-11.13c0,-6.137 4.993,-11.13 11.13,-11.13c6.137,0 11.13,4.993 11.13,11.13c0,0.795 -0.089,1.6 -0.262,2.392c-0.352,1.445 -1.364,1.887 -2.123,1.829c-0.764,-0.062 -1.658,-0.606 -1.664,-1.938l0,-1.015l0,-1.268c0,-3.905 -3.176,-7.081 -7.081,-7.081c-3.905,0 -7.081,3.176 -7.081,7.081c0,3.905 3.176,7.081 7.081,7.081c1.897,0 3.676,-0.741 5.017,-2.09c0.78,1.214 2.051,1.975 3.498,2.091c0.124,0.01 0.251,0.015 0.376,0.015c1.019,0 2.028,-0.341 2.842,-0.958c0.839,-0.638 1.466,-1.559 1.812,-2.666c0.055,-0.179 0.157,-0.588 0.157,-0.591l0.003,-0.015c0.204,-0.888 0.295,-1.773 0.295,-2.867c0,-7.72 -6.28,-14 -14,-14" style="fill:#ff9e00;fill-rule:nonzero;"/></g></g></svg>

docs/static/img/providers/meidum.svg

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
+<svg width="800px" height="800px" viewBox="0 -55 256 256" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" preserveAspectRatio="xMidYMid">
+    <g>
+        <path d="M72.2009141,1.42108547e-14 C112.076502,1.42108547e-14 144.399375,32.5485469 144.399375,72.6964154 C144.399375,112.844284 112.074049,145.390378 72.2009141,145.390378 C32.327779,145.390378 0,112.844284 0,72.6964154 C0,32.5485469 32.325326,1.42108547e-14 72.2009141,1.42108547e-14 Z M187.500628,4.25836743 C207.438422,4.25836743 223.601085,34.8960455 223.601085,72.6964154 L223.603538,72.6964154 C223.603538,110.486973 207.440875,141.134463 187.503081,141.134463 C167.565287,141.134463 151.402624,110.486973 151.402624,72.6964154 C151.402624,34.9058574 167.562834,4.25836743 187.500628,4.25836743 Z M243.303393,11.3867175 C250.314,11.3867175 256,38.835526 256,72.6964154 C256,106.547493 250.316453,134.006113 243.303393,134.006113 C236.290333,134.006113 230.609239,106.554852 230.609239,72.6964154 C230.609239,38.837979 236.292786,11.3867175 243.303393,11.3867175 Z" fill="#000000">
+
+</path>
+    </g>

docs/static/img/providers/naver.svg

@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="圖層_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="521.0783691px" height="100px" viewBox="0 0 521.0783691 100" style="enable-background:new 0 0 521.0783691 100;"
+	 xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#03CF5D;}
+</style>
+<g>
+	<path class="st0" d="M150,0l-39.2157059,100h33.3333054l4.7360992-13.2352982h37.5867004L191.1764984,100h33.3332977L185.2940979,0
+		H150z M156.4685974,62.7450981L167.64711,31.5069008l11.1783905,31.2381973H156.4685974z"/>
+	<polygon class="st0" points="363.2352905,62.0098 408.8234863,62.0098 408.8234863,37.9902 363.2352905,37.9902 
+		363.2352905,24.5098 409.3136902,24.5098 409.3136902,0 331.3724976,0 331.3724976,100 410.2940979,100 410.2940979,75.4901962 
+		363.2352905,75.4901962 	"/>
+	<polygon class="st0" points="264.2156982,65.7534027 240.6862946,0 207.35289,0 246.5685883,100 281.8627014,100 321.0783997,0 
+		287.7451172,0 	"/>
+	<polygon class="st0" points="68.1371994,53.5211983 30.8822994,0 0,0 0,100 32.3528976,100 32.3528976,46.4789009 69.6077957,100 
+		100.4901962,100 100.4901962,0 68.1371994,0 	"/>
+	<path class="st0" d="M495.7964783,65.694397l3.0326233-1.2691956
+		c11.6220093-4.8646011,17.5325928-15.3901024,17.5325928-28.7482033c0-12.6320972-4.6071167-21.9770985-13.6939087-27.7756977
+		C494.2207947,2.5106001,483.2662964,0,468.1940002,0h-42.213623v100h31.3724976V72.0588989h11.2745056L487.7451172,100h33.333252
+		L495.7964783,65.694397z M474.0195923,46.5686989h-17.1568909V25.4902h17.1568909
+		c5.8205872,0,10.5391846,4.7185993,10.5391846,10.5391998C484.5587769,41.8501015,479.8401794,46.5686989,474.0195923,46.5686989z"
+		/>
+</g>
+</svg>

docs/static/img/providers/netlify.svg

@@ -0,0 +1 @@
+<svg viewBox="0 0 256 105" xmlns="http://www.w3.org/2000/svg" data-theme="light" class="netlify-logo-full-small netlify-logo masthead-home-logo"><g fill="var(--_netlify-logo-lines-color)" class="netlify-logo-full-small-lines"><path d="M58.4705 103.765V77.4144L59.0166 76.8683H65.6043L66.1505 77.4144V103.765L65.6043 104.311H59.0166L58.4705 103.765Z"></path> <path d="M58.4705 26.8971V0.546133L59.0166 0H65.6043L66.1505 0.546133V26.8971L65.6043 27.4432H59.0166L58.4705 26.8971Z"></path> <path d="M35.7973 85.2395H34.8928L30.3616 80.7083V79.8037L38.8522 71.3045L43.648 71.3131L44.288 71.9445V76.7403L35.7973 85.2395Z"></path> <path d="M30.3616 24.7467V23.8336L34.8928 19.3109H35.7973L44.288 27.8016V32.5888L43.648 33.2373H38.8522L30.3616 24.7467Z"></path> <path d="M0.546133 48.3072H37.8795L38.4256 48.8533V55.4496L37.8795 55.9957H0.546133L0 55.4496V48.8533L0.546133 48.3072Z"></path> <path d="M220.314 48.3157H255.445L255.991 48.8619V55.4496L255.445 55.9957H217.566L217.02 55.4496L219.759 48.8619L220.305 48.3157H220.314Z"></path></g> <g fill="var(--_netlify-logo-text-color)" class="netlify-logo-full-small-text"><path d="M74.6666 65.8859H68.0789L67.5328 65.3397V49.92C67.5328 47.1723 66.4576 45.0475 63.1466 44.9792C61.44 44.9365 59.4944 44.9792 57.4122 45.0645L57.0965 45.3803V51.6096V65.3312L56.5504 65.8773H49.9626L49.4165 65.3312V38.9803L49.9626 38.4341H64.785C70.545 38.4341 75.2128 43.1019 75.2128 48.8619V65.3312L74.6666 65.8773V65.8859Z"></path> <path d="M106.573 54.3488L106.027 54.8949H88.9942L88.448 55.4411C88.448 56.5419 89.5488 59.8357 93.9435 59.8357C95.5904 59.8357 97.2374 59.2896 97.792 58.1888L98.3382 57.6427H104.926L105.472 58.1888C104.926 61.4827 102.178 66.432 93.935 66.432C84.5995 66.432 80.2048 59.8443 80.2048 52.1472C80.2048 44.4501 84.5995 37.8624 93.3888 37.8624C102.178 37.8624 106.573 44.4501 106.573 52.1472V54.3403V54.3488ZM98.3296 48.8533C98.3296 48.3072 97.7835 44.4587 93.3888 44.4587C88.9942 44.4587 88.448 48.3072 88.448 48.8533L88.9942 49.3995H97.7835L98.3296 48.8533Z"></path> <path d="M121.95 57.6427C121.95 58.7435 122.496 59.2896 123.597 59.2896H128.538L129.084 59.8358V65.3312L128.538 65.8774H123.597C118.656 65.8774 114.261 63.6758 114.261 57.6342V45.5509L113.715 45.0048H109.867L109.321 44.4587V38.9632L109.867 38.4171H113.715L114.261 37.8709V32.9301L114.807 32.384H121.395L121.941 32.9301V37.8709L122.487 38.4171H128.529L129.075 38.9632V44.4587L128.529 45.0048H122.487L121.941 45.5509V57.6342L121.95 57.6427Z"></path> <path d="M142.276 65.8859H135.688L135.142 65.3397V27.9808L135.688 27.4347H142.276L142.822 27.9808V65.3312L142.276 65.8773V65.8859Z"></path> <path d="M157.107 34.0224H150.519L149.973 33.4763V27.9808L150.519 27.4347H157.107L157.653 27.9808V33.4763L157.107 34.0224ZM157.107 65.8859H150.519L149.973 65.3397V38.9717L150.519 38.4256H157.107L157.653 38.9717V65.3397L157.107 65.8859Z"></path> <path d="M182.929 27.9808V33.4763L182.383 34.0224H177.442C176.341 34.0224 175.795 34.5685 175.795 35.6693V37.8709L176.341 38.4171H181.837L182.383 38.9632V44.4587L181.837 45.0048H176.341L175.795 45.5509V65.3227L175.249 65.8688H168.661L168.115 65.3227V45.5509L167.569 45.0048H163.72L163.174 44.4587V38.9632L163.72 38.4171H167.569L168.115 37.8709V35.6693C168.115 29.6277 172.51 27.4261 177.451 27.4261H182.391L182.938 27.9723L182.929 27.9808Z"></path> <path d="M203.247 66.432C201.045 71.9275 198.852 75.2213 191.164 75.2213H188.416L187.87 74.6752V69.1797L188.416 68.6336H191.164C193.911 68.6336 194.458 68.0875 195.012 66.4405V65.8944L186.223 44.4672V38.9717L186.769 38.4256H191.71L192.256 38.9717L198.844 57.6512H199.39L205.978 38.9717L206.524 38.4256H211.465L212.011 38.9717V44.4672L203.221 66.4405L203.247 66.432Z"></path></g></svg>