docs: remove capitalization on osu!

docs: fix Broken link (#8935 )
chore(release): bump version [skip ci]
2026-05-01 10:55:20 +00:00 · 2023-10-27 16:11:46 +02:00 · 2023-10-24 20:25:42 +02:00 · 2023-10-18 22:05:32 +07:00 · 2023-10-18 22:04:55 +07:00 · 2023-10-18 21:57:34 +07:00
162 changed files with 3750 additions and 4171 deletions
--- a/.github/pr-labeler.yml
+++ b/.github/pr-labeler.yml
@@ -54,7 +54,7 @@ upstash-redis:
 xata:
  - packages/adapter-xata/**

-core:
+legacy:
  - packages/next-auth/src/**/*

 style:
--- a/.github/sync.yml
+++ b/.github/sync.yml
@@ -1,7 +0,0 @@
-# This is a legacy example pushed from the v4 branch
-nextauthjs/next-auth-example:
-  - source: apps/example-nextjs
-    dest: .
-    deleteOrphaned: true
-  - .github/FUNDING.yml
-  - LICENSE
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -32,11 +32,16 @@ jobs:
        run: pnpm install
      - name: Build
        run: pnpm build
+        env:
+          TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
+          TURBO_TEAM: ${{ vars.TURBO_TEAM }}
      - name: Run tests
        run: pnpm test
        env:
          UPSTASH_REDIS_URL: ${{ secrets.UPSTASH_REDIS_URL }}
          UPSTASH_REDIS_KEY: ${{ secrets.UPSTASH_REDIS_KEY }}
+          TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
+          TURBO_TEAM: ${{ vars.TURBO_TEAM }}
      # - name: Coverage
      #   uses: codecov/codecov-action@v1
      #   with:
--- a/.github/workflows/sync-examples.yml
+++ b/.github/workflows/sync-examples.yml
@@ -1,18 +0,0 @@
-name: Sync Example Repositories
-on:
-  push:
-    branches:
-      - v4
-  workflow_dispatch:
-jobs:
-  sync:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout Repository
-        uses: actions/checkout@v3
-      - name: Run GitHub File Sync
-        # Can update to v1 when https://github.com/BetaHuhn/repo-file-sync-action/issues/168 is resolved
-        uses: BetaHuhn/repo-file-sync-action@v1.16.5
-        with:
-          GH_PAT: ${{ secrets.GH_PAT_CLASSIC }}
-          SKIP_PR: true
--- a/.gitignore
+++ b/.gitignore
@@ -34,13 +34,9 @@ packages/next-auth/utils
 packages/next-auth/core
 packages/next-auth/jwt
 packages/next-auth/react
-packages/next-auth/adapters.d.ts
-packages/next-auth/adapters.js
-packages/next-auth/index.d.ts
-packages/next-auth/index.js
+packages/next-auth/*.d.ts*
+packages/next-auth/*.js
 packages/next-auth/next
-packages/next-auth/middleware.d.ts
-packages/next-auth/middleware.js

 # Development app
 apps/dev/src/css
--- a/apps/dev/app/api/auth/[...nextauth]/route.ts
+++ b/apps/dev/app/api/auth/[...nextauth]/route.ts
@@ -0,0 +1,220 @@
+import NextAuth, { type NextAuthOptions } from "next-auth"
+// import { NextRequest } from "next/server"
+
+// Providers
+import Apple from "next-auth/providers/apple"
+import Auth0 from "next-auth/providers/auth0"
+import AzureAD from "next-auth/providers/azure-ad"
+import AzureB2C from "next-auth/providers/azure-ad-b2c"
+import BoxyHQSAML from "next-auth/providers/boxyhq-saml"
+// import Cognito from "next-auth/providers/cognito"
+import Credentials from "next-auth/providers/credentials"
+import Discord from "next-auth/providers/discord"
+import DuendeIDS6 from "next-auth/providers/duende-identity-server6"
+// import Email from "next-auth/providers/email"
+import Facebook from "next-auth/providers/facebook"
+import Foursquare from "next-auth/providers/foursquare"
+import Freshbooks from "next-auth/providers/freshbooks"
+import GitHub from "next-auth/providers/github"
+import Gitlab from "next-auth/providers/gitlab"
+import Google from "next-auth/providers/google"
+// import IDS4 from "next-auth/providers/identity-server4"
+import Instagram from "next-auth/providers/instagram"
+// import Keycloak from "next-auth/providers/keycloak"
+import Line from "next-auth/providers/line"
+import LinkedIn from "next-auth/providers/linkedin"
+import Mailchimp from "next-auth/providers/mailchimp"
+// import Okta from "next-auth/providers/okta"
+import Osu from "next-auth/providers/osu"
+import Patreon from "next-auth/providers/patreon"
+import Slack from "next-auth/providers/slack"
+import Spotify from "next-auth/providers/spotify"
+import Trakt from "next-auth/providers/trakt"
+import Twitch from "next-auth/providers/twitch"
+import Twitter from "next-auth/providers/twitter"
+import Vk from "next-auth/providers/vk"
+import Wikimedia from "next-auth/providers/wikimedia"
+import WorkOS from "next-auth/providers/workos"
+
+// // Prisma
+// import { PrismaClient } from "@prisma/client"
+// import { PrismaAdapter } from "@next-auth/prisma-adapter"
+// const client = globalThis.prisma || new PrismaClient()
+// if (process.env.NODE_ENV !== "production") globalThis.prisma = client
+// const adapter = PrismaAdapter(client)
+
+// // Fauna
+// import { Client as FaunaClient } from "faunadb"
+// import { FaunaAdapter } from "@next-auth/fauna-adapter"
+// const opts = { secret: process.env.FAUNA_SECRET, domain: process.env.FAUNA_DOMAIN }
+// const client = globalThis.fauna || new FaunaClient(opts)
+// if (process.env.NODE_ENV !== "production") globalThis.fauna = client
+// const adapter = FaunaAdapter(client)
+
+// // TypeORM
+// import { TypeORMLegacyAdapter } from "@next-auth/typeorm-legacy-adapter"
+// const adapter = TypeORMLegacyAdapter({
+//   type: "sqlite",
+//   name: "next-auth-test-memory",
+//   database: "./typeorm/dev.db",
+//   synchronize: true,
+// })
+
+// // Supabase
+// import { SupabaseAdapter } from "@next-auth/supabase-adapter"
+// const adapter = SupabaseAdapter({
+//   url: process.env.NEXT_PUBLIC_SUPABASE_URL,
+//   secret: process.env.SUPABASE_SERVICE_ROLE_KEY,
+// })
+
+export const authOptions: NextAuthOptions = {
+  // adapter,
+  // debug: process.env.NODE_ENV !== "production",
+  theme: {
+    logo: "https://next-auth.js.org/img/logo/logo-sm.png",
+    brandColor: "#1786fb",
+  },
+  providers: [
+    Credentials({
+      credentials: { password: { label: "Password", type: "password" } },
+      async authorize(credentials) {
+        if (credentials.password !== "pw") return null
+        return {
+          name: "Fill Murray",
+          email: "bill@fillmurray.com",
+          image: "https://www.fillmurray.com/64/64",
+          id: "1",
+          foo: "",
+        }
+      },
+    }),
+    Apple({
+      clientId: process.env.APPLE_ID,
+      clientSecret: process.env.APPLE_SECRET,
+    }),
+    Auth0({
+      clientId: process.env.AUTH0_ID,
+      clientSecret: process.env.AUTH0_SECRET,
+      issuer: process.env.AUTH0_ISSUER,
+    }),
+    AzureAD({
+      clientId: process.env.AZURE_AD_CLIENT_ID,
+      clientSecret: process.env.AZURE_AD_CLIENT_SECRET,
+      tenantId: process.env.AZURE_AD_TENANT_ID,
+    }),
+    AzureB2C({
+      clientId: process.env.AZURE_B2C_ID,
+      clientSecret: process.env.AZURE_B2C_SECRET,
+      issuer: process.env.AZURE_B2C_ISSUER,
+    }),
+    BoxyHQSAML({
+      issuer: "https://jackson-demo.boxyhq.com",
+      clientId: "tenant=boxyhq.com&product=saml-demo.boxyhq.com",
+      clientSecret: "dummy",
+    }),
+    // Cognito({ clientId: process.env.COGNITO_ID, clientSecret: process.env.COGNITO_SECRET, issuer: process.env.COGNITO_ISSUER }),
+    Discord({
+      clientId: process.env.DISCORD_ID,
+      clientSecret: process.env.DISCORD_SECRET,
+    }),
+    DuendeIDS6({
+      clientId: "interactive.confidential",
+      clientSecret: "secret",
+      issuer: "https://demo.duendesoftware.com",
+    }),
+    Facebook({
+      clientId: process.env.FACEBOOK_ID,
+      clientSecret: process.env.FACEBOOK_SECRET,
+    }),
+    Foursquare({
+      clientId: process.env.FOURSQUARE_ID,
+      clientSecret: process.env.FOURSQUARE_SECRET,
+    }),
+    Freshbooks({
+      clientId: process.env.FRESHBOOKS_ID,
+      clientSecret: process.env.FRESHBOOKS_SECRET,
+    }),
+    GitHub({
+      clientId: process.env.GITHUB_ID,
+      clientSecret: process.env.GITHUB_SECRET,
+    }),
+    Gitlab({
+      clientId: process.env.GITLAB_ID,
+      clientSecret: process.env.GITLAB_SECRET,
+    }),
+    Google({
+      clientId: process.env.GOOGLE_ID,
+      clientSecret: process.env.GOOGLE_SECRET,
+    }),
+    // IDS4({ clientId: process.env.IDS4_ID, clientSecret: process.env.IDS4_SECRET, issuer: process.env.IDS4_ISSUER }),
+    Instagram({
+      clientId: process.env.INSTAGRAM_ID,
+      clientSecret: process.env.INSTAGRAM_SECRET,
+    }),
+    // Keycloak({ clientId: process.env.KEYCLOAK_ID, clientSecret: process.env.KEYCLOAK_SECRET, issuer: process.env.KEYCLOAK_ISSUER }),
+    Line({
+      clientId: process.env.LINE_ID,
+      clientSecret: process.env.LINE_SECRET,
+    }),
+    LinkedIn({
+      clientId: process.env.LINKEDIN_ID,
+      clientSecret: process.env.LINKEDIN_SECRET,
+    }),
+    Mailchimp({
+      clientId: process.env.MAILCHIMP_ID,
+      clientSecret: process.env.MAILCHIMP_SECRET,
+    }),
+    // Okta({ clientId: process.env.OKTA_ID, clientSecret: process.env.OKTA_SECRET, issuer: process.env.OKTA_ISSUER }),
+    Osu({
+      clientId: process.env.OSU_CLIENT_ID,
+      clientSecret: process.env.OSU_CLIENT_SECRET,
+    }),
+    Patreon({
+      clientId: process.env.PATREON_ID,
+      clientSecret: process.env.PATREON_SECRET,
+    }),
+    Slack({
+      clientId: process.env.SLACK_ID,
+      clientSecret: process.env.SLACK_SECRET,
+    }),
+    Spotify({
+      clientId: process.env.SPOTIFY_ID,
+      clientSecret: process.env.SPOTIFY_SECRET,
+    }),
+    Trakt({
+      clientId: process.env.TRAKT_ID,
+      clientSecret: process.env.TRAKT_SECRET,
+    }),
+    Twitch({
+      clientId: process.env.TWITCH_ID,
+      clientSecret: process.env.TWITCH_SECRET,
+    }),
+    Twitter({
+      clientId: process.env.TWITTER_ID,
+      clientSecret: process.env.TWITTER_SECRET,
+    }),
+    // TwitterLegacy({ clientId: process.env.TWITTER_LEGACY_ID, clientSecret: process.env.TWITTER_LEGACY_SECRET }),
+    Vk({ clientId: process.env.VK_ID, clientSecret: process.env.VK_SECRET }),
+    Wikimedia({
+      clientId: process.env.WIKIMEDIA_ID,
+      clientSecret: process.env.WIKIMEDIA_SECRET,
+    }),
+    WorkOS({
+      clientId: process.env.WORKOS_ID,
+      clientSecret: process.env.WORKOS_SECRET,
+    }),
+  ],
+}
+
+/**
+ * Advanced Initialization - route handler
+ */
+// const handler = async (
+//   req: NextRequest,
+//   routeContext: { params: { nextauth: string[] } }
+// ): Promise<any> => {
+//   return NextAuth(req, routeContext, authOptions)
+// }
+
+const handler = NextAuth(authOptions)
+export { handler as GET, handler as POST }
--- a/apps/dev/next-env.d.ts
+++ b/apps/dev/next-env.d.ts
@@ -1,5 +1,6 @@
 /// <reference types="next" />
 /// <reference types="next/image-types/global" />
+/// <reference types="next/navigation-types/compat/navigation" />

 // NOTE: This file should not be edited
 // see https://nextjs.org/docs/basic-features/typescript for more information.
--- a/apps/dev/package.json
+++ b/apps/dev/package.json
@@ -21,7 +21,7 @@
    "@prisma/client": "^3",
    "@supabase/supabase-js": "^2.0.5",
    "faunadb": "^4",
-    "next": "13.0.6",
+    "next": "13.4.12",
    "next-auth": "workspace:*",
    "nodemailer": "^6",
    "react": "^18",
@@ -29,7 +29,7 @@
  },
  "devDependencies": {
    "@types/jsonwebtoken": "^8.5.5",
-    "@types/react": "^18.0.15",
+    "@types/react": "^18.0.37",
    "@types/react-dom": "^18.0.6",
    "fake-smtp-server": "^0.8.0",
    "pg": "^8.7.3",
--- a/apps/dev/pages/api/auth-old/[...nextauth].ts
+++ b/apps/dev/pages/api/auth-old/[...nextauth].ts
--- a/apps/dev/tsconfig.json
+++ b/apps/dev/tsconfig.json
@@ -23,7 +23,8 @@
      {
        "name": "next"
      }
-    ]
+    ],
+    "strictNullChecks": true
  },
  "include": [
    "next-env.d.ts",
--- a/apps/example-nextjs/package.json
+++ b/apps/example-nextjs/package.json
@@ -26,7 +26,7 @@
  },
  "devDependencies": {
    "@types/node": "^17",
-    "@types/react": "^18.0.15",
+    "@types/react": "^18.0.37",
    "typescript": "^4"
  }
 }
--- a/apps/example-nextjs/pages/api/auth/[...nextauth].ts
+++ b/apps/example-nextjs/pages/api/auth/[...nextauth].ts
@@ -53,6 +53,7 @@ export const authOptions: NextAuthOptions = {
  ],
  theme: {
    colorScheme: "light",
+    logo: "https://next-auth.js.org/img/logo/logo-sm.png",
  },
  callbacks: {
    async jwt({ token }) {
--- a/docs/docs/adapters.md
+++ b/docs/docs/adapters.md
@@ -0,0 +1,23 @@
+---
+id: adapters
+title: Adapters
+---
+
+Visit the [authjs.dev](https://authjs.dev/reference/adapters) page for the up-to-date documentation.
+
+- [Dgraph](https://authjs.dev/reference/adapter/dgraph)
+- [Drizzle](https://authjs.dev/reference/adapter/drizzle)
+- [DynamoDB](https://authjs.dev/reference/adapter/dynamodb)
+- [Fauna](https://authjs.dev/reference/adapter/fauna)
+- [Firebase](https://authjs.dev/reference/adapter/firebase)
+- [kysely](https://authjs.dev/reference/adapter/kysely)
+- [MikroORM](https://authjs.dev/reference/adapter/mikro-orm)
+- [MongoDB](https://authjs.dev/reference/adapter/mongodb)
+- [neo4j](https://authjs.dev/reference/adapter/neo4j)
+- [Prisma](https://authjs.dev/reference/adapter/prisma)
+- [PouchDB](https://authjs.dev/reference/adapter/pouchdb)
+- [Sequelize](https://authjs.dev/reference/adapter/sequelize)
+- [Supabase](https://authjs.dev/reference/adapter/supabase)
+- [TypeORM](https://authjs.dev/reference/adapter/typeorm)
+- [Upstash Redis](https://authjs.dev/reference/adapter/upstash-redis)
+- [Xata](https://authjs.dev/reference/adapter/xata)
--- a/docs/docs/adapters/dgraph.md
+++ b/docs/docs/adapters/dgraph.md
@@ -1,250 +0,0 @@
---
-id: dgraph
-title: Dgraph
---
-
-# Dgraph
-
-This is the Dgraph Adapter for [`next-auth`](https://next-auth.js.org).
-
-## Getting Started
-
-1. Install the necessary packages
-
-```bash npm2yarn2pnpm
-npm install next-auth @next-auth/dgraph-adapter
-```
-
-2. Add this adapter to your `pages/api/auth/[...nextauth].js` next-auth configuration object.
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import { DgraphAdapter } from "@next-auth/dgraph-adapter"
-
-// For more information on each option (and a full list of options) go to
-// https://next-auth.js.org/configuration/options
-export default NextAuth({
-  // https://next-auth.js.org/configuration/providers
-  providers: [],
-  adapter: DgraphAdapter({
-    endpoint: process.env.DGRAPH_GRAPHQL_ENDPOINT,
-    authToken: process.env.DGRAPH_GRAPHQL_KEY,
-
-    // you can omit the following properties if you are running an unsecure schema
-    authHeader: process.env.AUTH_HEADER, // default: "Authorization",
-    jwtSecret: process.env.SECRET,
-  }),
-})
-```
-
-## Quick start with the unsecure schema
-
-The quickest way to use Dgraph is by applying the unsecure schema to your [local](https://dgraph.io/docs/graphql/admin/#modifying-a-schema) Dgraph instance or if using Dgraph [cloud](https://dgraph.io/docs/cloud/cloud-quick-start/#the-schema) you can paste the schema in the codebox to update.
-
-:::warning
-This approach is not secure or for production use, and does not require a `jwtSecret`.
-:::
-
-> This schema is adapted for use in Dgraph and based upon our main [schema](/adapters/models)
-
-#### Unsecure schema
-
-```graphql
-type Account {
-  id: ID
-  type: String
-  provider: String @search(by: [hash])
-  providerAccountId: String @search(by: [hash])
-  refreshToken: String
-  expires_at: Int64
-  accessToken: String
-  token_type: String
-  refresh_token: String
-  access_token: String
-  scope: String
-  id_token: String
-  session_state: String
-  user: User @hasInverse(field: "accounts")
-}
-type Session {
-  id: ID
-  expires: DateTime
-  sessionToken: String @search(by: [hash])
-  user: User @hasInverse(field: "sessions")
-}
-type User {
-  id: ID
-  name: String
-  email: String @search(by: [hash])
-  emailVerified: DateTime
-  image: String
-  accounts: [Account] @hasInverse(field: "user")
-  sessions: [Session] @hasInverse(field: "user")
-}
-
-type VerificationToken {
-  id: ID
-  identifier: String @search(by: [hash])
-  token: String @search(by: [hash])
-  expires: DateTime
-}
-```
-
-## Securing your database
-
-For production deployments you will want to restrict the access to the types used
-by next-auth. The main form of access control used in Dgraph is via `@auth` directive alongide types in the schema.
-
-#### Secure schema
-
-```graphql
-type Account
-  @auth(
-    delete: { rule: "{$nextAuth: { eq: true } }" }
-    add: { rule: "{$nextAuth: { eq: true } }" }
-    query: { rule: "{$nextAuth: { eq: true } }" }
-    update: { rule: "{$nextAuth: { eq: true } }" }
-  ) {
-  id: ID
-  type: String
-  provider: String @search(by: [hash])
-  providerAccountId: String @search(by: [hash])
-  refreshToken: String
-  expires_at: Int64
-  accessToken: String
-  token_type: String
-  refresh_token: String
-  access_token: String
-  scope: String
-  id_token: String
-  session_state: String
-  user: User @hasInverse(field: "accounts")
-}
-type Session
-  @auth(
-    delete: { rule: "{$nextAuth: { eq: true } }" }
-    add: { rule: "{$nextAuth: { eq: true } }" }
-    query: { rule: "{$nextAuth: { eq: true } }" }
-    update: { rule: "{$nextAuth: { eq: true } }" }
-  ) {
-  id: ID
-  expires: DateTime
-  sessionToken: String @search(by: [hash])
-  user: User @hasInverse(field: "sessions")
-}
-type User
-  @auth(
-    query: {
-      or: [
-        {
-          rule: """
-          query ($userId: String!) {queryUser(filter: { id: { eq: $userId } } ) {id}}
-          """
-        }
-        { rule: "{$nextAuth: { eq: true } }" }
-      ]
-    }
-    delete: { rule: "{$nextAuth: { eq: true } }" }
-    add: { rule: "{$nextAuth: { eq: true } }" }
-    update: {
-      or: [
-        {
-          rule: """
-          query ($userId: String!) {queryUser(filter: { id: { eq: $userId } } ) {id}}
-          """
-        }
-        { rule: "{$nextAuth: { eq: true } }" }
-      ]
-    }
-  ) {
-  id: ID
-  name: String
-  email: String @search(by: [hash])
-  emailVerified: DateTime
-  image: String
-  accounts: [Account] @hasInverse(field: "user")
-  sessions: [Session] @hasInverse(field: "user")
-}
-
-type VerificationToken
-  @auth(
-    delete: { rule: "{$nextAuth: { eq: true } }" }
-    add: { rule: "{$nextAuth: { eq: true } }" }
-    query: { rule: "{$nextAuth: { eq: true } }" }
-    update: { rule: "{$nextAuth: { eq: true } }" }
-  ) {
-  id: ID
-  identifier: String @search(by: [hash])
-  token: String @search(by: [hash])
-  expires: DateTime
-}
-
-# Dgraph.Authorization {"VerificationKey":"<YOUR JWT SECRET HERE>","Header":"<YOUR AUTH HEADER HERE>","Namespace":"<YOUR CUSTOM NAMESPACE HERE>","Algo":"HS256"}
-```
-
-#### Dgraph.Authorization
-
-In order to secure your graphql backend define the `Dgraph.Authorization` object at the
-bottom of your schema and provide `authHeader` and `jwtSecret` values to the DgraphClient.
-
-```js
-# Dgraph.Authorization {"VerificationKey":"<YOUR JWT SECRET HERE>","Header":"<YOUR AUTH HEADER HERE>","Namespace":"YOUR CUSTOM NAMESPACE HERE","Algo":"HS256"}
-```
-
-#### VerificationKey and jwtSecret
-
-This is the key used to sign the JWT. Ex. `process.env.SECRET` or `process.env.APP_SECRET`.
-
-#### Header and authHeader
-
-The `Header` tells Dgraph where to lookup a JWT within the headers of the incoming requests made to the dgraph server.
-You have to configure it at the bottom of your schema file. This header is the same as the `authHeader` property you
-provide when you instantiate the `DgraphClient`.
-
-#### The nextAuth secret
-
-The `$nextAuth` secret is securely generated using the `jwtSecret` and injected by the DgraphAdapter in order to allow interacting with the JWT DgraphClient for anonymous user requests made within the system `ie. login, register`. This allows
-secure interactions to be made with all the auth types required by next-auth. You have to specify it for each auth rule of
-each type defined in your secure schema.
-
-```js
-type VerificationRequest
-  @auth(
-    delete: { rule: "{$nextAuth: { eq: true } }" },
-    add: { rule: "{$nextAuth: { eq: true } }" },
-    query: { rule: "{$nextAuth: { eq: true } }" },
-    update: { rule: "{$nextAuth: { eq: true } }" }
-  ) {
- ...
-}
-```
-
-## Working with JWT session and @auth directive
-
-Dgraph only works with HS256 or RS256 algorithms. If you want to use session jwt to securely interact with your dgraph
-database you must customize next-auth `encode` and `decode` functions, as the default algorithm is HS512. You can
-further customize the jwt with roles if you want to implement [`RBAC logic`](https://dgraph.io/docs/graphql/authorization/directive/#role-based-access-control).
-
-```js
-import * as jwt from "jsonwebtoken"
-export default NextAuth({
-  session: {
-    strategy: "jwt",
-  },
-  jwt: {
-    secret: process.env.SECRET,
-    encode: async ({ secret, token }) => {
-      return jwt.sign({ ...token, userId: token.id }, secret, {
-        algorithm: "HS256",
-        expiresIn: 30 * 24 * 60 * 60, // 30 days
-      })
-    },
-    decode: async ({ secret, token }) => {
-      return jwt.verify(token, secret, { algorithms: ["HS256"] })
-    },
-  },
-})
-```
-
-Once your `Dgraph.Authorization` is defined in your schema and the JWT settings are set, this will allow you to define
-[`@auth rules`](https://dgraph.io/docs/graphql/authorization/authorization-overview/) for every part of your schema.
--- a/docs/docs/adapters/dynamodb.md
+++ b/docs/docs/adapters/dynamodb.md
@@ -1,147 +0,0 @@
---
-id: dynamodb
-title: DynamoDB
---
-
-# DynamoDB
-
-This is the AWS DynamoDB Adapter for next-auth. This package can only be used in conjunction with the primary next-auth package. It is not a standalone package.
-
-By default, the adapter expects a table with a partition key `pk` and a sort key `sk`, as well as a global secondary index named `GSI1` with `GSI1PK` as partition key and `GSI1SK` as sorting key. To automatically delete sessions and verification requests after they expire using [dynamodb TTL](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/TTL.html) you should [enable the TTL](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/time-to-live-ttl-how-to.html) with attribute name 'expires'. You can set whatever you want as the table name and the billing method.
-
-You can find the full schema in the table structure section below.
-
-## Getting Started
-
-1. Install `next-auth` and `@next-auth/dynamodb-adapter`
-
-```bash npm2yarn2pnpm
-npm install next-auth @next-auth/dynamodb-adapter
-```
-
-2. Add this adapter to your `pages/api/auth/[...nextauth].js` next-auth configuration object.
-
-You need to pass `DynamoDBDocument` client from the modular [`aws-sdk`](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/dynamodb-example-dynamodb-utilities.html) v3 to the adapter.
-The default table name is `next-auth`, but you can customise that by passing `{ tableName: 'your-table-name' }` as the second parameter in the adapter.
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import { DynamoDB } from "@aws-sdk/client-dynamodb"
-import { DynamoDBDocument } from "@aws-sdk/lib-dynamodb"
-import NextAuth from "next-auth";
-import Providers from "next-auth/providers";
-import { DynamoDBAdapter } from "@next-auth/dynamodb-adapter"
-
-const config: DynamoDBClientConfig = {
-  credentials: {
-    accessKeyId: process.env.NEXT_AUTH_AWS_ACCESS_KEY as string,
-    secretAccessKey: process.env.NEXT_AUTH_AWS_SECRET_KEY as string,
-  },
-  region: process.env.NEXT_AUTH_AWS_REGION,
-};
-
-const client = DynamoDBDocument.from(new DynamoDB(config), {
-  marshallOptions: {
-    convertEmptyValues: true,
-    removeUndefinedValues: true,
-    convertClassInstanceToMap: true,
-  },
-})
-
-export default NextAuth({
-  // Configure one or more authentication providers
-  providers: [
-    Providers.GitHub({
-      clientId: process.env.GITHUB_ID,
-      clientSecret: process.env.GITHUB_SECRET,
-    }),
-    Providers.Email({
-      server: process.env.EMAIL_SERVER,
-      from: process.env.EMAIL_FROM,
-    }),
-    // ...add more providers here
-  ],
-  adapter: DynamoDBAdapter(
-    client
-  ),
-  ...
-});
-```
-
-(AWS secrets start with `NEXT_AUTH_` in order to not conflict with [Vercel's reserved environment variables](https://vercel.com/docs/environment-variables#reserved-environment-variables).)
-
-## Schema
-
-The table respects the single table design pattern. This has many advantages:
-
- Only one table to manage, monitor and provision.
- Querying relations is faster than with multi-table schemas (for eg. retrieving all sessions for a user).
- Only one table needs to be replicated, if you want to go multi-region.
-
-> This schema is adapted for use in DynamoDB and based upon our main [schema](/adapters/models)
-
-![DynamoDB Table](https://i.imgur.com/hGZtWDq.png)
-
-You can create this table with infrastructure as code using [`aws-cdk`](https://github.com/aws/aws-cdk) with the following table definition:
-
-```javascript title=stack.ts
-new dynamodb.Table(this, `NextAuthTable`, {
-  tableName: "next-auth",
-  partitionKey: { name: "pk", type: dynamodb.AttributeType.STRING },
-  sortKey: { name: "sk", type: dynamodb.AttributeType.STRING },
-  timeToLiveAttribute: "expires",
-}).addGlobalSecondaryIndex({
-  indexName: "GSI1",
-  partitionKey: { name: "GSI1PK", type: dynamodb.AttributeType.STRING },
-  sortKey: { name: "GSI1SK", type: dynamodb.AttributeType.STRING },
-})
-```
-
-Alternatively you can use this cloudformation template:
-
-```yaml title=cloudformation.yaml
-NextAuthTable:
-  Type: "AWS::DynamoDB::Table"
-  Properties:
-    TableName: next-auth
-    AttributeDefinitions:
-      - AttributeName: pk
-        AttributeType: S
-      - AttributeName: sk
-        AttributeType: S
-      - AttributeName: GSI1PK
-        AttributeType: S
-      - AttributeName: GSI1SK
-        AttributeType: S
-    KeySchema:
-      - AttributeName: pk
-        KeyType: HASH
-      - AttributeName: sk
-        KeyType: RANGE
-    GlobalSecondaryIndexes:
-      - IndexName: GSI1
-        Projection:
-          ProjectionType: ALL
-        KeySchema:
-          - AttributeName: GSI1PK
-            KeyType: HASH
-          - AttributeName: GSI1SK
-            KeyType: RANGE
-    TimeToLiveSpecification:
-      AttributeName: expires
-      Enabled: true
-```
-
-## Custom Schema
-
-You can configure your custom table schema by passing the `options` key to the adapter constructor:
-
-```
-const adapter = DynamoDBAdapter(client, {
-  tableName: "custom-table-name",
-  partitionKey: "custom-pk",
-  sortKey: "custom-sk",
-  indexName: "custom-index-name",
-  indexPartitionKey: "custom-index-pk",
-  indexSortKey: "custom-index-sk",
-})
-```
--- a/docs/docs/adapters/fauna.md
+++ b/docs/docs/adapters/fauna.md
@@ -1,85 +0,0 @@
---
-id: fauna
-title: FaunaDB
---
-
-# FaunaDB
-
-This is the Fauna Adapter for [`next-auth`](https://next-auth.js.org). This package can only be used in conjunction with the primary `next-auth` package. It is not a standalone package.
-
-You can find the Fauna schema and seed information in the docs at [next-auth.js.org/adapters/fauna](https://next-auth.js.org/adapters/fauna).
-
-## Getting Started
-
-1. Install the necessary packages
-
-```bash npm2yarn2pnpm
-npm install next-auth @next-auth/fauna-adapter faunadb
-```
-
-2. Add this adapter to your `pages/api/auth/[...nextauth].js` next-auth configuration object.
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import { Client as FaunaClient } from "faunadb"
-import { FaunaAdapter } from "@next-auth/fauna-adapter"
-
-const client = new FaunaClient({
-  secret: "secret",
-  scheme: "http",
-  domain: "localhost",
-  port: 8443,
-})
-
-// For more information on each option (and a full list of options) go to
-// https://next-auth.js.org/configuration/options
-export default NextAuth({
-  // https://next-auth.js.org/providers/overview
-  providers: [],
-  adapter: FaunaAdapter(client)
-  ...
-})
-```
-
-## Schema
-
-Run the following commands inside of the `Shell` tab in the Fauna dashboard to setup the appropriate collections and indexes.
-
-```javascript
-CreateCollection({ name: "accounts" })
-CreateCollection({ name: "sessions" })
-CreateCollection({ name: "users" })
-CreateCollection({ name: "verification_tokens" })
-```
-
-```javascript
-CreateIndex({
-  name: "account_by_provider_and_provider_account_id",
-  source: Collection("accounts"),
-  unique: true,
-  terms: [
-    { field: ["data", "provider"] },
-    { field: ["data", "providerAccountId"] },
-  ],
-})
-CreateIndex({
-  name: "session_by_session_token",
-  source: Collection("sessions"),
-  unique: true,
-  terms: [{ field: ["data", "sessionToken"] }],
-})
-CreateIndex({
-  name: "user_by_email",
-  source: Collection("users"),
-  unique: true,
-  terms: [{ field: ["data", "email"] }],
-})
-CreateIndex({
-  name: "verification_token_by_identifier_and_token",
-  source: Collection("verification_tokens"),
-  unique: true,
-  terms: [{ field: ["data", "identifier"] }, { field: ["data", "token"] }],
-})
-```
-
-> This schema is adapted for use in Fauna and based upon our main [schema](/adapters/models)
--- a/docs/docs/adapters/firebase.md
+++ b/docs/docs/adapters/firebase.md
@@ -1,91 +0,0 @@
---
-id: firebase
-title: Firebase
---
-
-# Firebase
-
-This is the Firebase (Firestore) Adapter for [`next-auth`](https://next-auth.js.org). This package can only be used in conjunction with the primary `next-auth` package. It is not a standalone package.
-
-## Getting Started
-
-1. Install the necessary packages
-
-```bash npm2yarn2pnpm
-npm install next-auth @next-auth/firebase-adapter
-```
-
-2. Add this adapter to your `pages/api/auth/[...nextauth].js` next-auth configuration object.
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import GoogleProvider from "next-auth/providers/google"
-import { FirestoreAdapter } from "@next-auth/firebase-adapter"
-
-// For more information on each option (and a full list of options) go to
-// https://next-auth.js.org/configuration/options
-export default NextAuth({
-  // https://next-auth.js.org/providers
-  providers: [
-    GoogleProvider({
-      clientId: process.env.GOOGLE_ID,
-      clientSecret: process.env.GOOGLE_SECRET,
-    }),
-  ],
-  adapter: FirestoreAdapter({
-    apiKey: process.env.FIREBASE_API_KEY,
-    appId: process.env.FIREBASE_APP_ID,
-    authDomain: process.env.FIREBASE_AUTH_DOMAIN,
-    databaseURL: process.env.FIREBASE_DATABASE_URL,
-    projectId: process.env.FIREBASE_PROJECT_ID,
-    storageBucket: process.env.FIREBASE_STORAGE_BUCKET,
-    messagingSenderId: process.env.FIREBASE_MESSAGING_SENDER_ID,
-    // Optional emulator config (see below for options)
-    emulator: {},
-  }),
-  // ...
-});
-```
-
-## Options
-
-When initializing the firestore adapter, you must pass in the firebase config object with the details from your project. More details on how to obtain that config object can be found [here](https://support.google.com/firebase/answer/7015592).
-
-An example firebase config looks like this:
-
-```js
-const firebaseConfig = {
-  apiKey: "AIzaSyDOCAbC123dEf456GhI789jKl01-MnO",
-  authDomain: "myapp-project-123.firebaseapp.com",
-  databaseURL: "https://myapp-project-123.firebaseio.com",
-  projectId: "myapp-project-123",
-  storageBucket: "myapp-project-123.appspot.com",
-  messagingSenderId: "65211879809",
-  appId: "1:65211879909:web:3ae38ef1cdcb2e01fe5f0c",
-  measurementId: "G-8GSGZQ44ST",
-}
-```
-
-See [firebase.google.com/docs/web/setup](https://firebase.google.com/docs/web/setup) for more details.
-
-You can optionally pass in emulator options to automatically connect to your local Firebase emulator.
-
-```js
-FirestoreAdapter({
-  // ...
-  // Passing in an enable object will enable the emulator
-  emulator: {
-    // Optional host, defaults to `localhost`
-    host: 'localhost',
-  // Optional port, defaults to `3001`
-    port: 3001,
-  },
-}),
-```
-
-:::tip **From Firebase**
-
-**Caution**: We do not recommend manually modifying an app's Firebase config file or object. If you initialize an app with invalid or missing values for any of these required "Firebase options", then your end users may experience serious issues.
-
-For open source projects, we generally do not recommend including the app's Firebase config file or object in source control because, in most cases, your users should create their own Firebase projects and point their apps to their own Firebase resources (via their own Firebase config file or object).
-:::
--- a/docs/docs/adapters/mikro-orm.md
+++ b/docs/docs/adapters/mikro-orm.md
@@ -1,113 +0,0 @@
---
-id: mikro-orm
-title: MikroORM
---
-
-To use this Adapter, you need to install Mikro ORM, the driver that suits your database, and the separate `@next-auth/mikro-orm-adapter` package:
-
-```bash npm2yarn2pnpm
-npm install next-auth @next-auth/mikro-orm-adapter @mikro-orm/core @mikro-orm/[YOUR DRIVER]
-```
-
-Configure NextAuth.js to use the MikroORM Adapter:
-
-```typescript title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import { MikroOrmAdapter } from "@next-auth/mikro-orm-adapter"
-
-export default NextAuth({
-  adapter: MikroOrmAdapter({
-    // MikroORM options object. Ref: https://mikro-orm.io/docs/next/configuration#driver
-    dbName: "./db.sqlite",
-    type: "sqlite",
-    debug: process.env.DEBUG === "true" || process.env.DEBUG?.includes("db"),
-  }),
-  providers: [],
-})
-```
-
-## Setup
-
-### Passing custom entities
-
-The MikroORM adapter ships with its own set of entities. If you'd like to extend them, you can optionally pass them to the adapter.
-
-> This schema is adapted for use in MikroORM and based upon our main [schema](/adapters/models)
-
-```typescript title="pages/api/auth/[...nextauth].ts"
-import config from "config/mikro-orm.ts"
-import {
-  Cascade,
-  Collection,
-  Entity,
-  OneToMany,
-  PrimaryKey,
-  Property,
-  Unique,
-} from "@mikro-orm/core"
-import { defaultEntities } from "@next-auth/mikro-orm-adapter"
-
-const { Account, Session } = defaultEntities
-
-@Entity()
-export class User implements defaultEntities.User {
-  @PrimaryKey()
-  id: string = randomUUID()
-
-  @Property({ nullable: true })
-  name?: string
-
-  @Property({ nullable: true })
-  @Unique()
-  email?: string
-
-  @Property({ type: "Date", nullable: true })
-  emailVerified: Date | null = null
-
-  @Property({ nullable: true })
-  image?: string
-
-  @OneToMany({
-    entity: () => Session,
-    mappedBy: (session) => session.user,
-    hidden: true,
-    orphanRemoval: true,
-    cascade: [Cascade.ALL],
-  })
-  sessions = new Collection<Session>(this)
-
-  @OneToMany({
-    entity: () => Account,
-    mappedBy: (account) => account.user,
-    hidden: true,
-    orphanRemoval: true,
-    cascade: [Cascade.ALL],
-  })
-  accounts = new Collection<Account>(this)
-
-  @Enum({ hidden: true })
-  role = "ADMIN"
-}
-
-export default NextAuth({
-  adapter: MikroOrmAdapter(config, { entities: { User } }),
-})
-```
-
-### Including the default entities in your MikroORM config
-
-You may want to include the defaultEntities in your MikroORM configuration to include them in Migrations etc.
-
-To achieve that include them in your "entities" array:
-
-```typescript title="config/mikro-orm.ts"
-import { Options } from "@mikro-orm/core";
-import { defaultEntities } from "@next-auth/mikro-orm-adapter"
-
-const config: Options = {
-  ...
-  entities: [VeryImportantEntity, ...Object.values(defaultEntities)],
-};
-
-export default config;
-```
--- a/docs/docs/adapters/models.md
+++ b/docs/docs/adapters/models.md
@@ -1,118 +0,0 @@
---
-id: models
-title: Models
---
-
-NextAuth.js can be used with any database. Models tell you what structures NextAuth.js expects from your database. Models will vary slightly depending on which adapter you use, but in general, will look something like this. Each adapter's model/schema will be slightly adapted for its needs, but will look very much like this schema below:
-
-```mermaid
-erDiagram
-  User ||--|{ Account : ""
-  User {
-  string id
-  string name
-  string email
-  timestamp emailVerified
-  string image
-  }
-  User ||--|{ Session : ""
-  Session {
-  string id
-  timestamp expires
-  string sessionToken
-  string userId
-  }
-  Account {
-  string id
-  string userId
-  string type
-  string provider
-  string providerAccountId
-  string refresh_token
-  string access_token
-  int expires_at
-  string token_type
-  string scope
-  string id_token
-  string session_state
-  string oauth_token_secret
-  string oauth_token
-  }
-  VerificationToken {
-  string identifier
-  string token
-  timestamp expires
-  }
-```
-
-More information about each Model / Table can be found below.
-
-:::note
-You can [create your own adapter](/tutorials/creating-a-database-adapter) if you want to use NextAuth.js with a database that is not supported out of the box, or you have to change fields on any of the models.
-:::
-
---
-
-## User
-
-The User model is for information such as the user's name and email address.
-
-Email address is optional, but if one is specified for a User then it must be unique.
-
-:::note
-If a user first signs in with OAuth then their email address is automatically populated using the one from their OAuth profile, if the OAuth provider returns one.
-
-This provides a way to contact users and for users to maintain access to their account and sign in using email in the event they are unable to sign in with the OAuth provider in future (if the [Email Provider](/providers/email) is configured).
-:::
-
-User creation in the database is automatic, and happens when the user is logging in for the first time with a provider. The default data saved is `id`, `name`, `email` and `image`. You can add more profile data by returning extra fields in your [OAuth provider's `profile()`](/configuration/providers/oauth#options) callback.
-
-## Account
-
-The Account model is for information about OAuth accounts associated with a User. It will usually contain `access_token`, `id_token` and other OAuth specific data. [`TokenSet`](https://github.com/panva/node-openid-client/blob/main/docs/README.md#new-tokensetinput) from `openid-client` might give you an idea of all the fields.
-
-:::note
-In case of an OAuth 1.0 provider (like Twitter), you will have to look for `oauth_token` and `oauth_token_secret` string fields. GitHub also has an extra `refresh_token_expires_in` integer field. You have to make sure that your database schema includes these fields.
-:::
-
-A single User can have multiple Accounts, but each Account can only have one User.
-
-Linking Accounts to Users happen automatically, only when they have the same e-mail address, and the user is currently signed in. Check the [FAQ](/faq#security) for more information why this is a requirement.
-
-:::tip
-You can manually unlink accounts, if your adapter implements the `unlinkAccount` method. Make sure to take all the necessary security steps to avoid data loss.
-:::
-
-:::note
-Linking and unlinking accounts through an API is a planned feature: https://github.com/nextauthjs/next-auth/issues/230
-:::
-
-## Session
-
-The Session model is used for database sessions. It is not used if JSON Web Tokens are enabled. Keep in mind, that you can use a database to persist Users and Accounts, and still use JWT for sessions. See the [`session.strategy`](/configuration/options#session) option.
-
-A single User can have multiple Sessions, each Session can only have one User.
-
-:::tip
-When a Session is read, we check if it's `expires` field indicates an invalid session, and delete it from the database. You can also do this clean-up periodically in the background to avoid our extra delete call to the database during an active session retrieval. This might result in a slight performance increase in a few cases.
-:::
-
-## Verification Token
-
-The Verification Token model is used to store tokens for passwordless sign in.
-
-A single User can have multiple open Verification Tokens (e.g. to sign in to different devices).
-
-It has been designed to be extendable for other verification purposes in the future (e.g. 2FA / short codes).
-
-:::note
-NextAuth.js makes sure that every token is usable only once, and by default has a short (1 day, can be configured by [`maxAge`](/configuration/providers/email#options)) lifetime. If your user did not manage to finish the sign-in flow in time, they will have to start the sign-in process again.
-:::
-
-:::tip
-Due to users forgetting or failing at the sign-in flow, you might end up with unwanted rows in your database, that you might have to periodically clean up to avoid filling the database up with unnecessary data.
-:::
-
-## RDBMS Naming Convention
-
-In the NextAuth.js v4 some schemas for the providers which support classic RDBMS type databases, like Prisma and TypeORM, have ended up with column names with mixed casing, i.e. snake_case and camelCase. If this is an issue for you or your underlying database system, please take a look at the "Naming Convention" section in the Prisma or TypeORM page.
--- a/docs/docs/adapters/mongodb.md
+++ b/docs/docs/adapters/mongodb.md
@@ -1,66 +0,0 @@
---
-id: mongodb
-title: MongoDB
---
-
-# MongoDB
-
-The MongoDB adapter does not handle connections automatically, so you will have to make sure that you pass the Adapter a `MongoClient` that is connected already. Below you can see an example how to do this.
-
-## Usage
-
-1. Install the necessary packages
-
-```bash npm2yarn2pnpm
-npm install next-auth @next-auth/mongodb-adapter mongodb
-```
-
-2. Add `lib/mongodb.ts`
-
-```ts
-// This approach is taken from https://github.com/vercel/next.js/tree/canary/examples/with-mongodb
-import { MongoClient } from 'mongodb'
-
-if (!process.env.MONGODB_URI) {
-  throw new Error('Invalid/Missing environment variable: "MONGODB_URI"')
-}
-
-const uri = process.env.MONGODB_URI
-const options = {}
-
-let client
-let clientPromise: Promise<MongoClient>
-
-if (process.env.NODE_ENV === 'development') {
-  // In development mode, use a global variable so that the value
-  // is preserved across module reloads caused by HMR (Hot Module Replacement).
-  if (!global._mongoClientPromise) {
-    client = new MongoClient(uri, options)
-    global._mongoClientPromise = client.connect()
-  }
-  clientPromise = global._mongoClientPromise
-} else {
-  // In production mode, it's best to not use a global variable.
-  client = new MongoClient(uri, options)
-  clientPromise = client.connect()
-}
-
-// Export a module-scoped MongoClient promise. By doing this in a
-// separate module, the client can be shared across functions.
-export default clientPromise
-```
-
-3. Add this adapter to your `pages/api/auth/[...nextauth].js` next-auth configuration object.
-
-```js
-import NextAuth from "next-auth"
-import { MongoDBAdapter } from "@next-auth/mongodb-adapter"
-import clientPromise from "../../../lib/mongodb"
-
-// For more information on each option (and a full list of options) go to
-// https://next-auth.js.org/configuration/options
-export default NextAuth({
-  adapter: MongoDBAdapter(clientPromise),
-  ...
-})
-```
--- a/docs/docs/adapters/neo4j.md
+++ b/docs/docs/adapters/neo4j.md
@@ -1,117 +0,0 @@
---
-id: neo4j
-title: Neo4j
---
-
-# Neo4j
-
-This is the Neo4j Adapter for [`next-auth`](https://next-auth.js.org). This package can only be used in conjunction with the primary `next-auth` package. It is not a standalone package.
-
-## Getting Started
-
-1. Install the necessary packages
-
-```bash npm2yarn2pnpm
-npm install next-auth @next-auth/neo4j-adapter neo4j-driver
-```
-
-2. Add this adapter to your `pages/api/auth/[...nextauth].js` next-auth configuration object.
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import neo4j from "neo4j-driver"
-import { Neo4jAdapter } from "@next-auth/neo4j-adapter"
-
-const driver = neo4j.driver(
-  "bolt://localhost",
-  neo4j.auth.basic("neo4j", "password")
-)
-
-const neo4jSession = driver.session()
-
-// For more information on each option (and a full list of options) go to
-// https://next-auth.js.org/configuration/options
-export default NextAuth({
-  // https://next-auth.js.org/configuration/providers
-  providers: [],
-  adapter: Neo4jAdapter(neo4jSession),
-  ...
-})
-```
-
-## Schema
-
-### Node labels
-
-The following node labels are used.
-
- User
- Account
- Session
- VerificationToken
-
-### Relationships
-
-The following relationships and relationship labels are used.
-
- (:User)-[:HAS_ACCOUNT]->(:Account)
- (:User)-[:HAS_SESSION]->(:Session)
-
-### Properties
-
-This schema is adapted for use in Neo4J and is based upon our main [models](/adapters/models). Please check there for the node properties. Relationships have no properties.
-
-### Indexes
-
-Optimum indexes will vary on your edition of Neo4j i.e. community or enterprise, and in case you have your own additional data on the nodes. Below are basic suggested indexes.
-
-1. For **both** Community Edition & Enterprise Edition create constraints and indexes
-
-```cypher
-
-CREATE CONSTRAINT user_id_constraint IF NOT EXISTS
-ON (u:User) ASSERT u.id IS UNIQUE;
-
-CREATE INDEX user_id_index IF NOT EXISTS
-FOR (u:User) ON (u.id);
-
-CREATE INDEX user_email_index IF NOT EXISTS
-FOR (u:User) ON (u.email);
-
-CREATE CONSTRAINT session_session_token_constraint IF NOT EXISTS
-ON (s:Session) ASSERT s.sessionToken IS UNIQUE;
-
-CREATE INDEX session_session_token_index IF NOT EXISTS
-FOR (s:Session) ON (s.sessionToken);
-```
-
-2.a. For Community Edition **only** create single-property indexes
-
-```cypher
-CREATE INDEX account_provider_index IF NOT EXISTS
-FOR (a:Account) ON (a.provider);
-
-CREATE INDEX account_provider_account_id_index IF NOT EXISTS
-FOR (a:Account) ON (a.providerAccountId);
-
-CREATE INDEX verification_token_identifier_index IF NOT EXISTS
-FOR (v:VerificationToken) ON (v.identifier);
-
-CREATE INDEX verification_token_token_index IF NOT EXISTS
-FOR (v:VerificationToken) ON (v.token);
-```
-
-2.b. For Enterprise Edition **only** create composite node key constraints and indexes
-
-```cypher
-CREATE CONSTRAINT account_provider_composite_constraint IF NOT EXISTS
-ON (a:Account) ASSERT (a.provider, a.providerAccountId) IS NODE KEY;
-
-CREATE INDEX account_provider_composite_index IF NOT EXISTS
-FOR (a:Account) ON (a.provider, a.providerAccountId);
-
-CREATE CONSTRAINT verification_token_composite_constraint IF NOT EXISTS
-ON (v:VerificationToken) ASSERT (v.identifier, v.token) IS NODE KEY;
-
-CREATE INDEX verification_token_composite_index IF NOT EXISTS
-FOR (v:VerificationToken) ON (v.identifier, v.token);
-```
--- a/docs/docs/adapters/overview.md
+++ b/docs/docs/adapters/overview.md
@@ -1,54 +0,0 @@
---
-id: overview
-title: Overview
---
-
-An **Adapter** in NextAuth.js connects your application to whatever database or backend system you want to use to store data for users, their accounts, sessions, etc. Adapters are optional, unless you need to persist user information in your own database, or you want to implement certain flows. The [Email Provider](/providers/email) requires an adapter to be able to save [Verification Tokens](/adapters/models#verification-token).
-
-:::tip
-When using a database, you can still use JWT for session handling for fast access. See the [`session.strategy`](/configuration/options#session) option. Read about the trade-offs of JWT in the [FAQ](/faq#json-web-tokens).
-:::
-
-We have a list of official adapters that are distributed as their own packages under the `@next-auth/{name}-adapter` namespace. Their source code is available in their various adapters package directories at [`nextauthjs/next-auth`](https://github.com/nextauthjs/next-auth/tree/main/packages).
-
- [`xata`](./xata)
- [`prisma`](./prisma)
- [`fauna`](./fauna)
- [`dynamodb`](./dynamodb)
- [`firebase`](./firebase)
- [`pouchdb`](./pouchdb)
- [`mongodb`](./mongodb)
- [`neo4j`](./neo4j)
- [`typeorm-legacy`](./typeorm)
- [`sequelize`](./sequelize)
- [`supabase`](./supabase)
- [`dgraph`](./dgraph)
- [`upstash-redis`](./upstash-redis)
-
-## Custom Adapter
-
-If you have a database/backend that we don't officially support, you can create your own adapter.
-See the tutorial for [creating a database Adapter](/tutorials/creating-a-database-adapter) for more information.
-
-:::tip
-If you would like to see a new adapter in the official repository, please [open a PR](https://github.com/nextauthjs/next-auth/issues/new) and we will help you to get it merged. Tell us if you are interested in becoming one of the maintainers of any of the official adapters.
-:::
-
-### Editor integration
-
-Adapters are strongly typed, and they rely on the single `Adapter` interface imported from `next-auth/adapters`.
-
-When writing your own custom Adapter in plain JavaScript, note that you can use **JSDoc** to get helpful editor hints and auto-completion like so:
-
-```js
-/** @return { import("next-auth/adapters").Adapter } */
-function MyAdapter() {
-  return {
-    // your adapter methods here
-  }
-}
-```
-
-:::note
-This will work in code editors with a strong TypeScript integration like VSCode or WebStorm. It might not work if you're using more lightweight editors like VIM or Atom.
-:::
--- a/docs/docs/adapters/pouchdb.md
+++ b/docs/docs/adapters/pouchdb.md
@@ -1,65 +0,0 @@
---
-id: pouchdb
-title: PouchDB
---
-
-# PouchDB
-
-:::warning
-This adapter is still experimental and does not work with NextAuth.js 4 or newer. If you would like to help out upgrading it, please [open a PR](https://github.com/nextauthjs/next-auth/tree/main/packages)
-:::
-
-This is the PouchDB Adapter for [`next-auth`](https://next-auth.js.org). This package can only be used in conjunction with the primary `next-auth` package. It is not a standalone package.
-
-Depending on your architecture you can use PouchDB's http adapter to reach any database compliant with the CouchDB protocol (CouchDB, Cloudant, ...) or use any other PouchDB compatible adapter (leveldb, in-memory, ...)
-
-## Getting Started
-
-> **Prerequisites**: Your PouchDB instance MUST provide the `pouchdb-find` plugin since it is used internally by the adapter to build and manage indexes
-
-1. Install `next-auth` and `@next-auth/pouchdb-adapter`
-
-```bash npm2yarn2pnpm
-npm install next-auth @next-auth/pouchdb-adapter
-```
-
-2. Add this adapter to your `pages/api/auth/[...nextauth].js` next-auth configuration object
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import GoogleProvider from "next-auth/providers/google"
-import { PouchDBAdapter } from "@next-auth/pouchdb-adapter"
-import PouchDB from "pouchdb"
-
-// Setup your PouchDB instance and database
-PouchDB.plugin(require("pouchdb-adapter-leveldb")) // Any other adapter
-  .plugin(require("pouchdb-find")) // Don't forget the `pouchdb-find` plugin
-
-const pouchdb = new PouchDB("auth_db", { adapter: "leveldb" })
-
-// For more information on each option (and a full list of options) go to
-// https://next-auth.js.org/configuration/options
-export default NextAuth({
-  // https://next-auth.js.org/providers/overview
-  providers: [
-    GoogleProvider({
-      clientId: process.env.GOOGLE_ID,
-      clientSecret: process.env.GOOGLE_SECRET,
-    }),
-  ],
-  adapter: PouchDBAdapter(pouchdb),
-  // ...
-})
-```
-
-## Advanced
-
-### Memory-First Caching Strategy
-
-If you need to boost your authentication layer performance, you may use PouchDB's powerful sync features and various adapters, to build a memory-first caching strategy.
-
-Use an in-memory PouchDB as your main authentication database, and synchronize it with any other persisted PouchDB. You may do a one way, one-off replication at startup from the persisted PouchDB into the in-memory PouchDB, then two-way, continuous, retriable sync.
-
-This will most likely not increase performance much in a serverless environment due to various reasons such as concurrency, function startup time increases, etc.
-
-For more details, please see https://pouchdb.com/api.html#sync
--- a/docs/docs/adapters/prisma.md
+++ b/docs/docs/adapters/prisma.md
@@ -1,226 +0,0 @@
---
-id: prisma
-title: Prisma
---
-
-# Prisma
-
-To use this Adapter, you need to install Prisma Client, Prisma CLI, and the separate `@next-auth/prisma-adapter` package:
-
-```bash npm2yarn2pnpm
-npm install next-auth @prisma/client @next-auth/prisma-adapter
-npm install prisma --save-dev
-```
-
-Create a file with your Prisma Client:
-
-```typescript title="lib/prismadb.ts"
-import { PrismaClient } from "@prisma/client"
-
-declare global {
-  var prisma: PrismaClient | undefined
-}
-
-const client = globalThis.prisma || new PrismaClient()
-if (process.env.NODE_ENV !== "production") globalThis.prisma = client
-
-export default client
-```
-
-Configure your NextAuth.js to use the Prisma Adapter:
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import GoogleProvider from "next-auth/providers/google"
-import { PrismaAdapter } from "@next-auth/prisma-adapter"
-import prisma from "../../../lib/prismadb"
-
-export default NextAuth({
-  adapter: PrismaAdapter(prisma),
-  providers: [
-    GoogleProvider({
-      clientId: process.env.GOOGLE_CLIENT_ID,
-      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
-    }),
-  ],
-})
-```
-
-Schema for the Prisma Adapter (`@next-auth/prisma-adapter`)
-
-## Setup
-
-### Create the Prisma schema
-
-You need to use at least Prisma 2.26.0. Create a schema file in `prisma/schema.prisma` similar to this one:
-
-> This schema is adapted for use in Prisma and based upon our main [schema](/adapters/models)
-
-```json title="schema.prisma"
-datasource db {
-  provider = "postgresql"
-  url      = env("DATABASE_URL")
-  shadowDatabaseUrl = env("SHADOW_DATABASE_URL") // Only needed when using a cloud provider that doesn't support the creation of new databases, like Heroku. Learn more: https://pris.ly/migrate-shadow
-}
-
-generator client {
-  provider        = "prisma-client-js"
-  previewFeatures = ["referentialActions"] // You won't need this in Prisma 3.X or higher.
-}
-
-model Account {
-  id                 String  @id @default(cuid())
-  userId             String
-  type               String
-  provider           String
-  providerAccountId  String
-  refresh_token      String?  @db.Text
-  access_token       String?  @db.Text
-  expires_at         Int?
-  token_type         String?
-  scope              String?
-  id_token           String?  @db.Text
-  session_state      String?
-
-  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
-
-  @@unique([provider, providerAccountId])
-}
-
-model Session {
-  id           String   @id @default(cuid())
-  sessionToken String   @unique
-  userId       String
-  expires      DateTime
-  user         User     @relation(fields: [userId], references: [id], onDelete: Cascade)
-}
-
-model User {
-  id            String    @id @default(cuid())
-  name          String?
-  email         String?   @unique
-  emailVerified DateTime?
-  image         String?
-  accounts      Account[]
-  sessions      Session[]
-}
-
-model VerificationToken {
-  identifier String
-  token      String   @unique
-  expires    DateTime
-
-  @@unique([identifier, token])
-}
-```
-
-:::note
-When using the MySQL connector for Prisma, the [Prisma `String` type](https://www.prisma.io/docs/reference/api-reference/prisma-schema-reference#string) gets mapped to `varchar(191)` which may not be long enough to store fields such as `id_token` in the `Account` model. This can be avoided by explicitly using the `Text` type with `@db.Text`.
-:::
-
-### Create the database schema with Prisma Migrate
-
-**Warning:** Make sure to back up your database before running using Prisma Migrate.
-
-```
-npx prisma migrate dev
-```
-
-This will create an SQL migration file and execute it.
-
-Note that you will need to specify your database connection string in the environment variable `DATABASE_URL`. You can do this by setting it in a `.env` file at the root of your project.
-
-To learn more about [Prisma Migrate](https://www.prisma.io/migrate), check out the [Migrate docs](https://www.prisma.io/docs/concepts/components/prisma-migrate).
-
-### Generate Client
-
-Once you have saved your schema, use the Prisma CLI to generate the Prisma Client:
-
-```
-npx prisma generate
-```
-
-To configure your database to use the new schema (i.e. create tables and columns) use the `prisma migrate` command:
-
-```
-npx prisma migrate dev
-```
-
-### MongoDB
-
-Prisma supports MongoDB, and so does NextAuth.js. Following the instructions of the [Prisma documentation](https://www.prisma.io/docs/concepts/database-connectors/mongodb) on the MongoDB connector, things you have to change are:
-
-1. Make sure that the id fields are mapped correctly
-
-```prisma
-id  String  @id @default(auto()) @map("_id") @db.ObjectId
-```
-
-2. The Native database type attribute to `@db.String` from `@db.Text`.
-
-```prisma
-refresh_token      String?  @db.String
-access_token       String?  @db.String
-id_token           String?  @db.String
-```
-
-Everything else should be the same.
-
-## Naming Conventions
-
-If mixed snake_case and camelCase column names is an issue for you and/or your underlying database system, we recommend using Prisma's `@map()`([see the documentation here](https://www.prisma.io/docs/concepts/components/prisma-schema/names-in-underlying-database)) feature to change the field names. This won't affect NextAuth.js, but will allow you to customize the column names to whichever naming convention you wish.
-
-For example, moving to `snake_case` and plural table names.
-
-```json title="schema.prisma"
-model Account {
-  id                 String  @id @default(cuid())
-  userId             String  @map("user_id")
-  type               String
-  provider           String
-  providerAccountId  String  @map("provider_account_id")
-  refresh_token      String? @db.Text
-  access_token       String? @db.Text
-  expires_at         Int?
-  token_type         String?
-  scope              String?
-  id_token           String? @db.Text
-  session_state      String?
-
-  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
-
-  @@unique([provider, providerAccountId])
-  @@map("accounts")
-}
-
-model Session {
-  id           String   @id @default(cuid())
-  sessionToken String   @unique @map("session_token")
-  userId       String   @map("user_id")
-  expires      DateTime
-  user         User     @relation(fields: [userId], references: [id], onDelete: Cascade)
-
-  @@map("sessions")
-}
-
-model User {
-  id            String    @id @default(cuid())
-  name          String?
-  email         String?   @unique
-  emailVerified DateTime? @map("email_verified")
-  image         String?
-  accounts      Account[]
-  sessions      Session[]
-
-  @@map("users")
-}
-
-model VerificationToken {
-  identifier String
-  token      String   @unique
-  expires    DateTime
-
-  @@unique([identifier, token])
-  @@map("verificationtokens")
-}
-```
--- a/docs/docs/adapters/sequelize.md
+++ b/docs/docs/adapters/sequelize.md
@@ -1,88 +0,0 @@
---
-id: sequelize
-title: Sequelize
---
-
-# Sequelize
-
-This is the Sequelize Adapter for [`next-auth`](https://next-auth.js.org).
-
-## Getting Started
-
-1. Install the necessary packages
-
-```bash npm2yarn2pnpm
-npm install next-auth @next-auth/sequelize-adapter sequelize
-```
-
-:::warning
-You'll also have to manually install [the driver for your database](https://sequelize.org/master/manual/getting-started.html) of choice.
-:::
-
-2. Add this adapter to your `pages/api/auth/[...nextauth].js` next-auth configuration object.
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import SequelizeAdapter from "@next-auth/sequelize-adapter"
-import { Sequelize } from "sequelize"
-
-// https://sequelize.org/master/manual/getting-started.html#connecting-to-a-database
-const sequelize = new Sequelize("yourconnectionstring")
-
-// For more information on each option (and a full list of options) go to
-// https://next-auth.js.org/configuration/options
-export default NextAuth({
-  // https://next-auth.js.org/providers/overview
-  providers: [],
-  adapter: SequelizeAdapter(sequelize),
-})
-```
-
-## Updating the database schema
-
-By default, the sequelize adapter will not create tables in your database. In production, best practice is to create the [required tables](https://next-auth.js.org/adapters/models) in your database via [migrations](https://sequelize.org/master/manual/migrations.html). In development, you are able to call [`sequelize.sync()`](https://sequelize.org/master/manual/model-basics.html#model-synchronization) to have sequelize create the necessary tables, foreign keys and indexes:
-
-> This schema is adapted for use in Sequelize and based upon our main [schema](/adapters/models)
-
-```js
-import NextAuth from "next-auth"
-import SequelizeAdapter from "@next-auth/sequelize-adapter"
-import Sequelize from 'sequelize'
-
-const sequelize = new Sequelize("sqlite::memory:")
-const adapter = SequelizeAdapter(sequelize)
-
-// Calling sync() is not recommended in production
-sequelize.sync()
-
-export default NextAuth({
-  ...
-  adapter
-  ...
-})
-```
-
-## Using custom models
-
-Sequelize models are option to customization like so:
-
-```js
-import NextAuth from "next-auth"
-import SequelizeAdapter, { models } from "@next-auth/sequelize-adapter"
-import Sequelize, { DataTypes } from "sequelize"
-
-const sequelize = new Sequelize("sqlite::memory:")
-
-export default NextAuth({
-  // https://next-auth.js.org/providers/overview
-  providers: [],
-  adapter: SequelizeAdapter(sequelize, {
-    models: {
-      User: sequelize.define("user", {
-        ...models.User,
-        phoneNumber: DataTypes.STRING,
-      }),
-    },
-  }),
-})
-```
--- a/docs/docs/adapters/supabase.md
+++ b/docs/docs/adapters/supabase.md
@@ -1,309 +0,0 @@
---
-id: supabase
-title: Supabase
---
-
-# Supabase
-
-This is the Supabase Adapter for [`next-auth`](https://next-auth.js.org). This package can only be used in conjunction with the primary `next-auth` package. It is not a standalone package.
-
-:::note
-This adapter is developed by the community and not officially maintained or supported by Supabase. It uses the Supabase Database to store user and session data in a separate `next_auth` schema. It is a standalone Auth server that does not interface with Supabase Auth and therefore provides a different feature set.
-
-If you’re looking for an officially maintained Auth server with additional features like [built-in email server](https://supabase.com/docs/guides/auth/auth-email#configure-email-settings?utm_source=next-auth-docs&medium=referral&campaign=next-auth), [phone auth](https://supabase.com/docs/guides/auth/auth-twilio?utm_source=next-auth-docs&medium=referral&campaign=next-auth), and [Multi Factor Authentication (MFA / 2FA)](https://supabase.com/contact/mfa?utm_source=next-auth-docs&medium=referral&campaign=next-auth), please use [Supabase Auth](https://supabase.com/auth) with the [Auth Helpers for Next.js](https://supabase.com/docs/guides/auth/auth-helpers/nextjs?utm_source=next-auth-docs&medium=referral&campaign=next-auth).
-:::
-
-## Getting Started
-
-1. Install `@supabase/supabase-js`, `next-auth` and `@next-auth/supabase-adapter`.
-
-```bash npm2yarn2pnpm
-npm install @supabase/supabase-js next-auth @next-auth/supabase-adapter
-```
-
-2. Add this adapter to your `pages/api/[...nextauth].js` next-auth configuration object.
-
-```js title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import { SupabaseAdapter } from "@next-auth/supabase-adapter"
-
-// For more information on each option (and a full list of options) go to
-// https://next-auth.js.org/configuration/options
-export default NextAuth({
-  // https://next-auth.js.org/configuration/providers
-  providers: [...],
-  adapter: SupabaseAdapter({
-    url: process.env.NEXT_PUBLIC_SUPABASE_URL,
-    secret: process.env.SUPABASE_SERVICE_ROLE_KEY,
-  }),
-  // ...
-})
-```
-
-## Setup
-
-### Create the `next_auth` schema in Supabase
-
-Setup your database as described in our main [schema](/adapters/models), by copying the SQL schema below in the Supabase [SQL Editor](https://app.supabase.com/project/_/sql).
-
-Alternatively you can select the NextAuth Quickstart card on the [SQL Editor page](https://app.supabase.com/project/_/sql), or [create a migration with the Supabase CLI](https://supabase.com/docs/guides/cli/local-development#database-migrations?utm_source=next-auth-docs&medium=referral&campaign=next-auth).
-
-```sql
--
-- Name: next_auth; Type: SCHEMA;
--
-CREATE SCHEMA next_auth;
-
-GRANT USAGE ON SCHEMA next_auth TO service_role;
-GRANT ALL ON SCHEMA next_auth TO postgres;
-
--
-- Create users table
--
-CREATE TABLE IF NOT EXISTS next_auth.users
-(
-    id uuid NOT NULL DEFAULT uuid_generate_v4(),
-    name text,
-    email text,
-    "emailVerified" timestamp with time zone,
-    image text,
-    CONSTRAINT users_pkey PRIMARY KEY (id),
-    CONSTRAINT email_unique UNIQUE (email)
-);
-
-GRANT ALL ON TABLE next_auth.users TO postgres;
-GRANT ALL ON TABLE next_auth.users TO service_role;
-
--- uid() function to be used in RLS policies
-CREATE FUNCTION next_auth.uid() RETURNS uuid
-    LANGUAGE sql STABLE
-    AS $$
-  select
-  	coalesce(
-		nullif(current_setting('request.jwt.claim.sub', true), ''),
-		(nullif(current_setting('request.jwt.claims', true), '')::jsonb ->> 'sub')
-	)::uuid
-$$;
-
--
-- Create sessions table
--
-CREATE TABLE IF NOT EXISTS  next_auth.sessions
-(
-    id uuid NOT NULL DEFAULT uuid_generate_v4(),
-    expires timestamp with time zone NOT NULL,
-    "sessionToken" text NOT NULL,
-    "userId" uuid,
-    CONSTRAINT sessions_pkey PRIMARY KEY (id),
-    CONSTRAINT sessionToken_unique UNIQUE ("sessionToken"),
-    CONSTRAINT "sessions_userId_fkey" FOREIGN KEY ("userId")
-        REFERENCES  next_auth.users (id) MATCH SIMPLE
-        ON UPDATE NO ACTION
-        ON DELETE CASCADE
-);
-
-GRANT ALL ON TABLE next_auth.sessions TO postgres;
-GRANT ALL ON TABLE next_auth.sessions TO service_role;
-
--
-- Create accounts table
--
-CREATE TABLE IF NOT EXISTS  next_auth.accounts
-(
-    id uuid NOT NULL DEFAULT uuid_generate_v4(),
-    type text NOT NULL,
-    provider text NOT NULL,
-    "providerAccountId" text NOT NULL,
-    refresh_token text,
-    access_token text,
-    expires_at bigint,
-    token_type text,
-    scope text,
-    id_token text,
-    session_state text,
-    oauth_token_secret text,
-    oauth_token text,
-    "userId" uuid,
-    CONSTRAINT accounts_pkey PRIMARY KEY (id),
-    CONSTRAINT provider_unique UNIQUE (provider, "providerAccountId"),
-    CONSTRAINT "accounts_userId_fkey" FOREIGN KEY ("userId")
-        REFERENCES  next_auth.users (id) MATCH SIMPLE
-        ON UPDATE NO ACTION
-        ON DELETE CASCADE
-);
-
-GRANT ALL ON TABLE next_auth.accounts TO postgres;
-GRANT ALL ON TABLE next_auth.accounts TO service_role;
-
--
-- Create verification_tokens table
--
-CREATE TABLE IF NOT EXISTS  next_auth.verification_tokens
-(
-    identifier text,
-    token text,
-    expires timestamp with time zone NOT NULL,
-    CONSTRAINT verification_tokens_pkey PRIMARY KEY (token),
-    CONSTRAINT token_unique UNIQUE (token),
-    CONSTRAINT token_identifier_unique UNIQUE (token, identifier)
-);
-
-GRANT ALL ON TABLE next_auth.verification_tokens TO postgres;
-GRANT ALL ON TABLE next_auth.verification_tokens TO service_role;
-```
-
-### Expose the `next_auth` schema in Supabase
-
-Expose the `next_auth` schema via the Serverless API in the [API settings](https://app.supabase.com/project/_/settings/api) by adding `next_auth` to the "Exposed schemas" list.
-
-When developing locally add `next_auth` to the `schemas` array in the `config.toml` file in the `supabase` folder that was generated by the [Supabase CLI](https://supabase.com/docs/guides/cli/local-development#initialize-your-project?utm_source=next-auth-docs&medium=referral&campaign=next-auth).
-
-## Enabling Row Level Security (RLS)
-
-Postgres provides a powerful feature called [Row Level Security (RLS)](https://supabase.com/docs/guides/auth/row-level-security?utm_source=next-auth-docs&medium=referral&campaign=next-auth) to limit access to data.
-
-This works by sending a signed JWT to your [Supabase Serverless API](https://supabase.com/docs/guides/api?utm_source=next-auth-docs&medium=referral&campaign=next-auth). There is two steps to make this work with NextAuth:
-
-### 1. Generate the Supabase `access_token` JWT in the session callback
-
-To sign the JWT use the `jsonwebtoken` package:
-
-```bash npm2yarn2pnpm
-npm install jsonwebtoken
-```
-
-Using the [NexthAuth Session callback](https://next-auth.js.org/configuration/callbacks#session-callback) create the Supabase `access_token` and append it to the `session` object.
-
-To sign the JWT use the Supabase JWT secret which can be found in the [API settings](https://app.supabase.com/project/_/settings/api)
-
-```js title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import { SupabaseAdapter } from "@next-auth/supabase-adapter"
-import jwt from "jsonwebtoken"
-
-// For more information on each option (and a full list of options) go to
-// https://next-auth.js.org/configuration/options
-export default NextAuth({
-  // https://next-auth.js.org/configuration/providers
-  providers: [...],
-  adapter: SupabaseAdapter({
-    url: process.env.NEXT_PUBLIC_SUPABASE_URL,
-    secret: process.env.SUPABASE_SERVICE_ROLE_KEY,
-  }),
-	callbacks: {
-    async session({ session, user }) {
-      const signingSecret = process.env.SUPABASE_JWT_SECRET
-      if (signingSecret) {
-        const payload = {
-          aud: "authenticated",
-          exp: Math.floor(new Date(session.expires).getTime() / 1000),
-          sub: user.id,
-          email: user.email,
-          role: "authenticated",
-        }
-        session.supabaseAccessToken = jwt.sign(payload, signingSecret)
-      }
-      return session
-    },
-  },
-  // ...
-})
-```
-
-### 2. Inject the Supabase `access_token` JWT into the Supabase Client
-
-For example, given the following public schema:
-
-```sql
-/**
-* USERS
-* Note: This table contains user data. Users should only be able to view and update their own data.
-*/
-create table users (
-  -- UUID from next_auth.users
-  id uuid not null primary key,
-  name text,
-  email text,
-  image text,
-  constraint "users_id_fkey" foreign key ("id")
-        references  next_auth.users (id) match simple
-        on update no action
-        on delete cascade -- if user is deleted in NextAuth they will also be deleted in our public table.
-);
-alter table users enable row level security;
-create policy "Can view own user data." on users for select using (next_auth.uid() = id);
-create policy "Can update own user data." on users for update using (next_auth.uid() = id);
-
-/**
-* This trigger automatically creates a user entry when a new user signs up via NextAuth.
-*/
-create function public.handle_new_user()
-returns trigger as $$
-begin
-  insert into public.users (id, name, email, image)
-  values (new.id, new.name, new.email, new.image);
-  return new;
-end;
-$$ language plpgsql security definer;
-create trigger on_auth_user_created
-  after insert on next_auth.users
-  for each row execute procedure public.handle_new_user();
-```
-
-The `supabaseAccessToken` is now available on the `session` object and can be passed to the supabase-js client. This works in any environment: client-side, server-side (API routes, SSR), as well as in middleware edge functions!
-
-```js
-// ...
-// Use `useSession()` or `getServerSession()` to get the NextAuth session.
-
-const { supabaseAccessToken } = session
-
-const supabase = createClient(
-  process.env.NEXT_PUBLIC_SUPABASE_URL,
-  process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY,
-  {
-    global: {
-      headers: {
-        Authorization: `Bearer ${supabaseAccessToken}`,
-      },
-    },
-  }
-)
-// Now you can query with RLS enabled.
-const { data, error } = await supabase.from("users").select("*")
-```
-
-## Usage with TypeScript
-
-You can pass types that were [generated with the Supabase CLI](https://supabase.com/docs/reference/javascript/typescript-support#generating-types) to the Supabase Client to get enhanced type safety and auto completion.
-
-Creating a new supabase client object:
-
-```tsx
-import { createClient } from "@supabase/supabase-js"
-import { Database } from "../database.types"
-
-const supabase = createClient<Database>()
-```
-
-### Extend the session type with the `supabaseAccessToken`
-
-In order to extend the `session` object with the `supabaseAccessToken` we need to extend the `session` interface in a `types/next-auth.d.ts` file:
-
-```ts title="types/next-auth.d.ts"
-import NextAuth, { DefaultSession } from "next-auth"
-
-declare module "next-auth" {
-  /**
-   * Returned by `useSession`, `getSession` and received as a prop on the `SessionProvider` React Context
-   */
-  interface Session {
-    // A JWT which can be used as Authorization header with supabase-js for RLS.
-    supabaseAccessToken?: string
-    user: {
-      /** The user's postal address. */
-      address: string
-    } & DefaultSession["user"]
-  }
-}
-```
--- a/docs/docs/adapters/typeorm.md
+++ b/docs/docs/adapters/typeorm.md
@@ -1,237 +0,0 @@
---
-id: typeorm
-title: TypeORM
---
-
-# TypeORM
-
-This Adapter is used to support SQL-flavored databases (like SQLite, MySQL, MSSQL, MariaDB, CockroachDB, etc.) through [TypeORM](https://typeorm.io).
-
-:::note
-If you previously used this Adapter with MongoDB, check out the [MongoDB Adapter](/adapters/mongodb) instead.
-:::
-
-:::note
-In the future, we might split up this adapter to support single flavors of SQL for easier maintenance and reduced bundle size.
-:::
-
-## Usage
-
-:::warning
-[`typeorm`](https://github.com/typeorm/typeorm) is still in active development and has not yet published a stable release. Because of this, you can expect breaking changes in minor versions. This adapter expects `typeorm@0.3.7` and is not validated against previous or future releases.
-:::
-
-To use this Adapter, you need to install the following packages:
-
-```bash npm2yarn2pnpm
-npm install next-auth @next-auth/typeorm-legacy-adapter typeorm
-```
-
-Configure your NextAuth.js to use the TypeORM Adapter:
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import { TypeORMLegacyAdapter } from "@next-auth/typeorm-legacy-adapter"
-
-
-export default NextAuth({
-  adapter: TypeORMLegacyAdapter("yourconnectionstring"),
-  ...
-})
-```
-
-`TypeORMLegacyAdapter` takes either a connection string, or a [`DataSourceOptions`](https://github.com/typeorm/typeorm/blob/master/docs/data-source-options.md) object as its first parameter.
-
-## Custom models
-
-The TypeORM adapter uses [`Entity` classes](https://github.com/typeorm/typeorm/blob/master/docs/entities.md) to define the shape of your data.
-
-If you want to override the default entities (for example to add a `role` field to your `UserEntity`), you will have to do the following:
-
-> This schema is adapted for use in TypeORM and based upon our main [schema](/adapters/models)
-
-1. Create a file containing your modified entities:
-
-(The file below is based on the [default entities](https://github.com/nextauthjs/next-auth/blob/main/packages/adapter-typeorm-legacy/src/entities.ts))
-
-```diff title="lib/entities.ts"
-import {
-  Entity,
-  PrimaryGeneratedColumn,
-  Column,
-  ManyToOne,
-  OneToMany,
-  ValueTransformer,
-} from "typeorm"
-
-const transformer: Record<"date" | "bigint", ValueTransformer> = {
-  date: {
-    from: (date: string | null) => date && new Date(parseInt(date, 10)),
-    to: (date?: Date) => date?.valueOf().toString(),
-  },
-  bigint: {
-    from: (bigInt: string | null) => bigInt && parseInt(bigInt, 10),
-    to: (bigInt?: number) => bigInt?.toString(),
-  },
-}
-
-@Entity({ name: "users" })
-export class UserEntity {
-  @PrimaryGeneratedColumn("uuid")
-  id!: string
-
-  @Column({ type: "varchar", nullable: true })
-  name!: string | null
-
-  @Column({ type: "varchar", nullable: true, unique: true })
-  email!: string | null
-
-  @Column({ type: "varchar", nullable: true, transformer: transformer.date })
-  emailVerified!: string | null
-
-  @Column({ type: "varchar", nullable: true })
-  image!: string | null
-
-+ @Column({ type: "varchar", nullable: true })
-+ role!: string | null
-
-  @OneToMany(() => SessionEntity, (session) => session.userId)
-  sessions!: SessionEntity[]
-
-  @OneToMany(() => AccountEntity, (account) => account.userId)
-  accounts!: AccountEntity[]
-}
-
-@Entity({ name: "accounts" })
-export class AccountEntity {
-  @PrimaryGeneratedColumn("uuid")
-  id!: string
-
-  @Column({ type: "uuid" })
-  userId!: string
-
-  @Column()
-  type!: string
-
-  @Column()
-  provider!: string
-
-  @Column()
-  providerAccountId!: string
-
-  @Column({ type: "varchar", nullable: true })
-  refresh_token!: string | null
-
-  @Column({ type: "varchar", nullable: true })
-  access_token!: string | null
-
-  @Column({
-    nullable: true,
-    type: "bigint",
-    transformer: transformer.bigint,
-  })
-  expires_at!: number | null
-
-  @Column({ type: "varchar", nullable: true })
-  token_type!: string | null
-
-  @Column({ type: "varchar", nullable: true })
-  scope!: string | null
-
-  @Column({ type: "varchar", nullable: true })
-  id_token!: string | null
-
-  @Column({ type: "varchar", nullable: true })
-  session_state!: string | null
-
-  @Column({ type: "varchar", nullable: true })
-  oauth_token_secret!: string | null
-
-  @Column({ type: "varchar", nullable: true })
-  oauth_token!: string | null
-
-  @ManyToOne(() => UserEntity, (user) => user.accounts, {
-    createForeignKeyConstraints: true,
-  })
-  user!: UserEntity
-}
-
-@Entity({ name: "sessions" })
-export class SessionEntity {
-  @PrimaryGeneratedColumn("uuid")
-  id!: string
-
-  @Column({ unique: true })
-  sessionToken!: string
-
-  @Column({ type: "uuid" })
-  userId!: string
-
-  @Column({ transformer: transformer.date })
-  expires!: string
-
-  @ManyToOne(() => UserEntity, (user) => user.sessions)
-  user!: UserEntity
-}
-
-@Entity({ name: "verification_tokens" })
-export class VerificationTokenEntity {
-  @PrimaryGeneratedColumn("uuid")
-  id!: string
-
-  @Column()
-  token!: string
-
-  @Column()
-  identifier!: string
-
-  @Column({ transformer: transformer.date })
-  expires!: string
-}
-```
-
-2. Pass them to `TypeORMLegacyAdapter`
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import { TypeORMLegacyAdapter } from "@next-auth/typeorm-legacy-adapter"
-import * as entities from "lib/entities"
-
-export default NextAuth({
-  adapter: TypeORMLegacyAdapter("yourconnectionstring", { entities }),
-  ...
-})
-```
-
-:::tip Synchronize your database ♻
-The `synchronize: true` option in TypeORM will generate SQL that exactly matches the entities. This will automatically apply any changes it finds in the entity model. This is a useful option in development.
-:::
-
-:::warning Using synchronize in production
-`synchronize: true` should not be enabled against production databases as it may cause data loss if the configured schema does not match the expected schema! We recommend that you synchronize/migrate your production database at build-time.
-:::
-
-## Naming Conventions
-
-If mixed snake_case and camelCase column names are an issue for you and/or your underlying database system, we recommend using TypeORM's naming strategy feature to change the target field names. There is a package called `typeorm-naming-strategies` which includes a `snake_case` strategy which will translate the fields from how NextAuth.js expects them, to snake_case in the actual database.
-
-For example, you can add the naming convention option to the connection object in your NextAuth config.
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import { TypeORMLegacyAdapter } from "@next-auth/typeorm-legacy-adapter"
-import { SnakeNamingStrategy } from 'typeorm-naming-strategies'
-
-export default NextAuth({
-  adapter: TypeORMLegacyAdapter({
-    type: "mysql",
-    host: "localhost",
-    port: 3306,
-    username: "test",
-    password: "test",
-    database: "test",
-    namingStrategy: new SnakeNamingStrategy()
-  }),
-  ...
-})
-```
--- a/docs/docs/adapters/upstash-redis.md
+++ b/docs/docs/adapters/upstash-redis.md
@@ -1,69 +0,0 @@
---
-id: upstash-redis
-title: Upstash Redis
---
-
-# Upstash Redis
-
-To use this Adapter, you need to install `@upstash/redis` and `@next-auth/upstash-redis-adapter` package:
-
-```bash npm2yarn2pnpm
-npm install @upstash/redis @next-auth/upstash-redis-adapter
-```
-
-Configure your NextAuth.js to use the Upstash Redis Adapter:
-
-```javascript title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import GoogleProvider from "next-auth/providers/google"
-import { UpstashRedisAdapter } from "@next-auth/upstash-redis-adapter"
-import { Redis } from "@upstash/redis"
-
-const redis = new Redis({
-  url: process.env.UPSTASH_REDIS_URL,
-  token: process.env.UPSTASH_REDIS_TOKEN
-})
-
-export default NextAuth({
-  adapter: UpstashRedisAdapter(redis),
-  providers: [
-    GoogleProvider({
-      clientId: process.env.GOOGLE_CLIENT_ID,
-      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
-    }),
-  ],
-})
-```
-
-## Using Multiple Apps with a Single Upstash Redis Instance
-
-The Upstash free-tier allows for only one Redis instance. If you have multiple Next-Auth connected apps using this instance, you need different key prefixes for every app.
-
-You can change the prefixes by passing an `options` object as the second argument to the adapter factory function.
-
-The default values for this object are:
-
-```js
-const defaultOptions = {
-  baseKeyPrefix: "",
-  accountKeyPrefix: "user:account:",
-  accountByUserIdPrefix: "user:account:by-user-id:",
-  emailKeyPrefix: "user:email:",
-  sessionKeyPrefix: "user:session:",
-  sessionByUserIdKeyPrefix: "user:session:by-user-id:",
-  userKeyPrefix: "user:",
-  verificationTokenKeyPrefix: "user:token:",
-}
-```
-
-Usually changing the `baseKeyPrefix` should be enough for this scenario, but for more custom setups, you can also change the prefixes of every single key.
-
-Example:
-
-```js
-export default NextAuth({
-  ...
-  adapter: UpstashRedisAdapter(redis, {baseKeyPrefix: "app2:"})
-  ...
-})
-```
--- a/docs/docs/adapters/xata.md
+++ b/docs/docs/adapters/xata.md
@@ -1,242 +0,0 @@
---
-id: xata
-title: Xata
---
-
-# Xata
-
-This adapter allows using next-auth with Xata as a database to store users, sessions, and more. The preferred way to create a Xata project and use Xata databases is using the [Xata Command Line Interface (CLI)](https://docs.xata.io/cli/getting-started). The CLI allows generating a `XataClient` that will help you work with Xata in a safe way, and that this adapter depends on.
-
-<!-- @todo add GIFs -->
-
-## Getting Started
-
-Let's first make sure we have everything installed and configured. We're going to need:
-
- next-auth + adapter
- the Xata CLI
- to configure the CLI
-
-We can do this like so:
-
-```bash npm2yarn2pnpm
-# Install next-auth + adapter
-npm install next-auth @next-auth/xata-adapter
-
-# Install the Xata CLI globally if you don't already have it
-npm install --location=global @xata.io/cli
-
-# Login
-xata auth login
-```
-
-Now that we're ready, let's create a new Xata project using our next-auth schema that the Xata adapter can work with. To do that, copy and paste this schema file into your project's directory:
-
-```json title="schema.json"
-{
-  "formatVersion": "",
-  "tables": [
-    {
-      "name": "nextauth_users",
-      "columns": [
-        {
-          "name": "email",
-          "type": "email"
-        },
-        {
-          "name": "emailVerified",
-          "type": "datetime"
-        },
-        {
-          "name": "name",
-          "type": "string"
-        },
-        {
-          "name": "image",
-          "type": "string"
-        }
-      ]
-    },
-    {
-      "name": "nextauth_accounts",
-      "columns": [
-        {
-          "name": "user",
-          "type": "link",
-          "link": {
-            "table": "nextauth_users"
-          }
-        },
-        {
-          "name": "type",
-          "type": "string"
-        },
-        {
-          "name": "provider",
-          "type": "string"
-        },
-        {
-          "name": "providerAccountId",
-          "type": "string"
-        },
-        {
-          "name": "refresh_token",
-          "type": "string"
-        },
-        {
-          "name": "access_token",
-          "type": "string"
-        },
-        {
-          "name": "expires_at",
-          "type": "int"
-        },
-        {
-          "name": "token_type",
-          "type": "string"
-        },
-        {
-          "name": "scope",
-          "type": "string"
-        },
-        {
-          "name": "id_token",
-          "type": "text"
-        },
-        {
-          "name": "session_state",
-          "type": "string"
-        }
-      ]
-    },
-    {
-      "name": "nextauth_verificationTokens",
-      "columns": [
-        {
-          "name": "identifier",
-          "type": "string"
-        },
-        {
-          "name": "token",
-          "type": "string"
-        },
-        {
-          "name": "expires",
-          "type": "datetime"
-        }
-      ]
-    },
-    {
-      "name": "nextauth_users_accounts",
-      "columns": [
-        {
-          "name": "user",
-          "type": "link",
-          "link": {
-            "table": "nextauth_users"
-          }
-        },
-        {
-          "name": "account",
-          "type": "link",
-          "link": {
-            "table": "nextauth_accounts"
-          }
-        }
-      ]
-    },
-    {
-      "name": "nextauth_users_sessions",
-      "columns": [
-        {
-          "name": "user",
-          "type": "link",
-          "link": {
-            "table": "nextauth_users"
-          }
-        },
-        {
-          "name": "session",
-          "type": "link",
-          "link": {
-            "table": "nextauth_sessions"
-          }
-        }
-      ]
-    },
-    {
-      "name": "nextauth_sessions",
-      "columns": [
-        {
-          "name": "sessionToken",
-          "type": "string"
-        },
-        {
-          "name": "expires",
-          "type": "datetime"
-        },
-        {
-          "name": "user",
-          "type": "link",
-          "link": {
-            "table": "nextauth_users"
-          }
-        }
-      ]
-    }
-  ]
-}
-```
-
-Now, run the following command:
-
-```bash
-xata init --schema=./path/to/your/schema.json
-```
-
-The CLI will walk you through a setup process where you choose a [workspace](https://docs.xata.io/concepts/workspaces) (kind of like a GitHub org or a Vercel team) and an appropriate database. We recommend using a fresh database for this, as we'll augment it with tables that next-auth needs.
-
-Once you're done, you can continue using next-auth in your project as expected, like creating a `./pages/api/auth/[...nextauth]` route.
-
-```typescript title="pages/api/auth/[...nextauth].ts"
-import NextAuth from "next-auth"
-import GoogleProvider from "next-auth/providers/google"
-
-const client = new XataClient()
-
-export default NextAuth({
-  providers: [
-    GoogleProvider({
-      clientId: process.env.GOOGLE_CLIENT_ID,
-      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
-    }),
-  ],
-})
-```
-
-Now to Xata-fy this route, let's add the Xata client and adapter:
-
-```diff
-import NextAuth from "next-auth"
-import GoogleProvider from "next-auth/providers/google"
-+import { XataAdapter } from "@next-auth/xata-adapter"
-+import { XataClient } from "../../../xata" // or wherever you've chosen to create the client
-
-+const client = new XataClient()
-
-export default NextAuth({
-+ adapter: XataAdapter(client),
-  providers: [
-    GoogleProvider({
-      clientId: process.env.GOOGLE_CLIENT_ID,
-      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
-    }),
-  ],
-})
-```
-
-This fully sets up your next-auth site to work with Xata.
-
-## Contributing
-
-This is an open-source project created by humans, and as such, might have a few issues. If you experience any of these, we recommend [opening issues](https://github.com/nextauthjs/next-auth/issues/new?assignees=&labels=triage&template=1_bug_framework.yml&title=Issue%20on%20Xata%20adapter&description=I%20experienced%20this%20issue:\n##%20Reproduction%20Steps:\n\n-) that can help us solve problems and build reliable software.
--- a/docs/docs/configuration/callbacks.md
+++ b/docs/docs/configuration/callbacks.md
@@ -139,8 +139,8 @@ The session callback is called whenever a session is checked. By default, **only

 e.g. `getSession()`, `useSession()`, `/api/auth/session`

- When using database sessions, the User object is passed as an argument.
- When using JSON Web Tokens for sessions, the JWT payload is provided instead.
+- When using database sessions, the User (`user`) object is passed as an argument.
+- When using JSON Web Tokens for sessions, the JWT payload (`token`) is provided instead.

 ```js title="pages/api/auth/[...nextauth].js"
 ...
--- a/docs/docs/configuration/databases.md
+++ b/docs/docs/configuration/databases.md
@@ -3,7 +3,7 @@ id: databases
 title: Databases
 ---

-NextAuth.js offers multiple database adapters. Check out [the overview](/adapters/overview).
+NextAuth.js offers multiple database adapters. Check out [the overview](https://authjs.dev/reference/adapters).

 > As of **v4** NextAuth.js no longer ships with an adapter included by default. If you would like to persist any information, you need to install one of the many available adapters yourself. See the individual adapter documentation pages for more details.

@@ -13,4 +13,4 @@ To learn more about databases in NextAuth.js and how they are used, check out [d

 ## How to use a database

-See the [documentation for adapters](/adapters/overview) for more information on advanced configuration, including how to use NextAuth.js with other databases using a [custom adapter](/tutorials/creating-a-database-adapter).
+See the [documentation for adapters](https://authjs.dev/reference/adapters) for more information on advanced configuration, including how to use NextAuth.js with other databases using a [custom adapter](/tutorials/creating-a-database-adapter).
--- a/docs/docs/configuration/initialization.md
+++ b/docs/docs/configuration/initialization.md
@@ -3,17 +3,23 @@ id: initialization
 title: Initialization
 ---

+The main entry point of NextAuth.js is the `NextAuth` method that you import from `next-auth`. It handles different types of requests, as defined in the [REST API](../getting-started/rest-api.md) section.
+
+
+:::info
+NextAuth.js cannot use the run [Edge Runtime](https://nextjs.org/docs/api-reference/edge-runtime) for initialization. The upcoming [`@auth/nextjs` library](https://authjs.dev/reference/nextjs) (which will replace `next-auth`) on the other hand will be fully compatible.
+:::
+
+You can initialize NextAuth.js in a few different ways.
+
+## Simple initialization
+### API Routes (`pages`)
+
 In Next.js, you can define an API route that will catch all requests that begin with a certain path. Conveniently, this is called [Catch all API routes](https://nextjs.org/docs/api-routes/dynamic-api-routes#catch-all-api-routes).

 When you define a `/pages/api/auth/[...nextauth]` JS/TS file, you instruct NextAuth.js that every API request beginning with `/api/auth/*` should be handled by the code written in the `[...nextauth]` file.

-Depending on your use case, you can initialize NextAuth.js in two different ways:
-
-## Simple initialization
-
-In most cases, you won't need to worry about what `NextAuth.js` does, and you will get by just fine with the following initialization:
-
-```ts title="/pages/api/auth/[...nextauth].js"
+```ts title="/pages/api/auth/[...nextauth].ts"
 import NextAuth from "next-auth"

 export default NextAuth({
@@ -25,9 +31,37 @@ Here, you only need to pass your [options](/configuration/options) to `NextAuth`

 This is the preferred initialization in tutorials/other parts of the documentation, as it simplifies the code and reduces potential errors in the authentication flow.

+### Route Handlers (`app/`)
+
+[Next.js 13.2](https://nextjs.org/blog/next-13-2#custom-route-handlers) introduced [Route Handlers](https://beta.nextjs.org/docs/routing/route-handlers), the preferred way to handle REST-like requests in App Router (`app/`).
+
+You can initialize NextAuth.js with a Route Handler too, very similar to API Routes.
+
+```ts title="/app/api/auth/[...nextauth]/route.ts"
+import NextAuth from "next-auth"
+
+const handler = NextAuth({
+  ...
+})
+
+export { handler as GET, handler as POST }
+```
+
+Internally, NextAuth.js detects that it is being initialized in a Route Handler (by understanding that it is passed a Web [`Request` instance](https://developer.mozilla.org/en-US/docs/Web/API/Request)), and will return a handler that returns a [`Response` instance](https://developer.mozilla.org/en-US/docs/Web/API/Response). A Route Handler file expects you to export some named handler functions that handle a request and return a response. NextAuth.js needs the `GET` and `POST` handlers to function properly, so we export those two.
+
+:::info
+Technically, in a Route Handler, the `api/` prefix is not necessary, but we decided to keep it required for an easier migration.
+:::
+
 ## Advanced initialization

-If you have a specific use case and need to make NextAuth.js do something slightly different than what it is designed for, keep in mind, the `[...nextauth].js` config file is still just **a regular [API Route](https://nextjs.org/docs/api-routes/introduction)** at the end of the day.
+:::info
+The following describes the advanced initialization with API Routes, but everything will apply similarily when using [Route Handlers](https://beta.nextjs.org/docs/routing/route-handlers) too.
+Instead, `NextAuth` will receive the first two arguments of a Route Handler, and the third argument will be the [auth options](../configuration/options.md)
+:::
+
+If you have a specific use case and need to make NextAuth.js do something slightly different than what it is designed for, keep in mind, the `[...nextauth].ts` config file is just **a regular [API Route](https://nextjs.org/docs/api-routes/introduction)**.
+

 That said, you can initialize NextAuth.js like this:

@@ -91,7 +125,7 @@ export default async function auth(req: NextApiRequest, res: NextApiResponse) {

 A practical example could be to not show a certain provider on the default sign-in page, but still be able to sign in with it. (The idea is taken from [this discussion](https://github.com/nextauthjs/next-auth/discussions/3133)):

-```js title="/pages/api/auth/[...nextauth].js"
+```js title="/pages/api/auth/[...nextauth].ts"
 import NextAuth from "next-auth"
 import CredentialsProvider from "next-auth/providers/credentials"
 import GoogleProvider from "next-auth/providers/google"
--- a/docs/docs/configuration/nextjs.md
+++ b/docs/docs/configuration/nextjs.md
@@ -1,14 +1,29 @@
 # Next.js

-## `unstable_getServerSession`
-
-This method was renamed to `getServerSession`. See the documentation below.
-
 ## `getServerSession`

-When calling from server-side i.e. in API routes or in `getServerSideProps`, we recommend using this function instead of `getSession` to retrieve the `session` object. This method is especially useful when you are using NextAuth.js with a database. This method can _drastically_ reduce response time when used over `getSession` server-side, due to avoiding an extra `fetch` to an API Route (this is generally [not recommended in Next.js](https://nextjs.org/docs/basic-features/data-fetching/get-server-side-props#getserversideprops-or-api-routes)). In addition, `getServerSession` will correctly update the cookie expiry time and update the session content if `callbacks.jwt` or `callbacks.session` changed something.
+:::tip
+You can create a helper function so you don't need to pass `authOptions` around:

-Otherwise, if you only want to get the session token, see [`getToken`](/tutorials/securing-pages-and-api-routes#using-gettoken).
+```ts title=auth.ts
+import type { GetServerSidePropsContext, NextApiRequest, NextApiResponse } from "next"
+import type { NextAuthOptions } from "next-auth"
+import { getServerSession } from "next-auth"
+
+// You'll need to import and pass this
+// to `NextAuth` in `app/api/auth/[...nextauth]/route.ts`
+export const config = {
+  providers: [], // rest of your config
+} satisfies NextAuthOptions
+
+// Use it in server contexts
+export function auth(...args: [GetServerSidePropsContext["req"], GetServerSidePropsContext["res"]] | [NextApiRequest, NextApiResponse] | []) {
+  return getServerSession(...args, config)
+}
+```
+:::
+
+When calling from the server-side i.e. in Route Handlers, React Server Components, API routes or in `getServerSideProps`, we recommend using this function instead of `getSession` to retrieve the `session` object. This method is especially useful when you are using NextAuth.js with a database. This method can _drastically_ reduce response time when used over `getSession` on server-side, due to avoiding an extra `fetch` to an API Route (this is generally [not recommended in Next.js](https://nextjs.org/docs/basic-features/data-fetching/get-server-side-props#getserversideprops-or-api-routes)). In addition, `getServerSession` will correctly update the cookie expiry time and update the session content if `callbacks.jwt` or `callbacks.session` changed something.

 `getServerSession` requires passing the same object you would pass to `NextAuth` when initializing NextAuth.js. To do so, you can export your NextAuth.js options in the following way:

@@ -55,7 +70,7 @@ import { authOptions } from 'pages/api/auth/[...nextauth]'
 import { getServerSession } from "next-auth/next"


-export async function handler(req, res) {
+export default async function handler(req, res) {
  const session = await getServerSession(req, res, authOptions)

  if (!session) {
@@ -69,7 +84,7 @@ export async function handler(req, res) {
 }
 ```

-### In `app/` directory:
+### In App Router:

 You can also use `getServerSession` in Next.js' server components:

@@ -84,9 +99,18 @@ export default async function Page() {
 ```

 :::warning
-Currently, the underlying Next.js `cookies()` method does [only provides read access](https://beta.nextjs.org/docs/api-reference/cookies) to the request cookies. This means that the `expires` value is stripped away from `session` in Server Components. Furthermore, there is a hard expiry on sessions, after which the user will be required to sign in again. (The default expiry is 30 days).
+Currently, the underlying Next.js `cookies()` method [only provides read access](https://beta.nextjs.org/docs/api-reference/cookies) to the request cookies. This means that the `expires` value is stripped away from `session` in Server Components. Furthermore, there is a hard expiry on sessions, after which the user will be required to sign in again. (The default expiry is 30 days).
 :::

+### Caching
+
+Note that using this function implies personalized data and that you should not store pages or APIs using this in a [public cache](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control). For example a host like [Vercel](https://vercel.com/docs/concepts/functions/serverless-functions/edge-caching) will implicitly prevent you from caching publicly due to the `set-cookie` header set by this function.
+
+
+## `unstable_getServerSession`
+
+This method was renamed to `getServerSession`. See the documentation above.
+
 ## Middleware

 You can use a Next.js Middleware with NextAuth.js to protect your site.
@@ -154,22 +178,27 @@ Callbacks are asynchronous functions you can use to control what happens when an

 #### Description

-Specify URLs to be used if you want to create custom sign in, and error pages. Pages specified will override the corresponding built-in page.
+Specify URLs to be used if you want to create custom sign-in and error pages. The pages specified will override the corresponding built-in page.

-:::note
-This should match the `pages` configuration that's found in `[...nextauth].ts`.
+:::info
+The `pages` configuration should match the same configuration in `[...nextauth].ts`. This is so that the `next-auth` Middleware is aware of your custom pages, so it won't end up redirecting to itself when an unauthenticated condition is met.
 :::

 #### Example (default value)

 ```js
-pages: {
-  signIn: '/api/auth/signin',
-  error: '/api/auth/error',
-}
+import { withAuth } from "next-auth/middleware"
+
+export default withAuth({
+  // Matches the pages config in `[...nextauth]`
+  pages: {
+    signIn: '/login',
+    error: '/error',
+  }
+})
 ```

-See the documentation for the [pages option](/configuration/pages) for more information.
+For more information, see the documentation for the [pages option](/configuration/pages).

 ---

@@ -179,7 +208,7 @@ See the documentation for the [pages option](/configuration/pages) for more info

 #### Description

-The same `secret` used in the [NextAuth.js config](/configuration/options#options).
+The same `secret` is used in the [NextAuth.js config](/configuration/options#options).

 #### Example (default value)

@@ -225,7 +254,6 @@ The `middleware` function will only be invoked if the `authorized` callback retu

 If you have a custom jwt decode method set in `[...nextauth].ts`, you must also pass the same `decode` method to `withAuth` in order to read the custom-signed JWT correctly. You may want to extract the encode/decode logic to a separate function for consistency.

-``
 ```ts title="/api/auth/[...nextauth].ts"
 import type { NextAuthOptions } from "next-auth"
 import NextAuth from "next-auth"
@@ -253,7 +281,7 @@ import withAuth from "next-auth/middleware"
 import { authOptions } from "pages/api/auth/[...nextauth]";

 export default withAuth({
-  jwt: { decode: authOptions.jwt },
+  jwt: { decode: authOptions.jwt?.decode },
  callbacks: {
    authorized: ({ token }) => !!token,
  },
--- a/docs/docs/configuration/options.md
+++ b/docs/docs/configuration/options.md
@@ -27,7 +27,7 @@ Using [System Environment Variables](https://vercel.com/docs/concepts/projects/e

 ### NEXTAUTH_SECRET

-Used to encrypt the NextAuth.js JWT, and to hash [email verification tokens](/adapters/models#verification-token). This is the default value for the `secret` option in [NextAuth](/configuration/options#secret) and [Middleware](/configuration/nextjs#secret).
+Used to encrypt the NextAuth.js JWT, and to hash [email verification tokens](https://authjs.dev/reference/adapters#verification-token). This is the default value for the `secret` option in [NextAuth](/configuration/options#secret) and [Middleware](/configuration/nextjs#secret).


 ### NEXTAUTH_URL_INTERNAL
@@ -310,7 +310,7 @@ events: {

 #### Description

-By default NextAuth.js does not include an adapter any longer. If you would like to persist user / account data, please install one of the many available adapters. More information can be found in the [adapter documentation](/adapters/overview).
+By default NextAuth.js does not include an adapter any longer. If you would like to persist user / account data, please install one of the many available adapters. More information can be found in the [adapter documentation](https://authjs.dev/reference/adapters).

 ---

--- a/docs/docs/configuration/pages.md
+++ b/docs/docs/configuration/pages.md
@@ -77,10 +77,13 @@ In addition, you can define a `theme.brandColor` to define a custom accent color

 In order to get the available authentication providers and the URLs to use for them, you can make a request to the API endpoint `/api/auth/providers`:

-```jsx title="pages/auth/signin.js"
+```tsx title="pages/auth/signin.tsx"
+import type { GetServerSidePropsContext, InferGetServerSidePropsType } from "next";
 import { getProviders, signIn } from "next-auth/react"
+import { getServerSession } from "next-auth/next"
+import { authOptions } from "../api/auth/[...nextauth]";

-export default function SignIn({ providers }) {
+export default function SignIn({ providers }: InferGetServerSidePropsType<typeof getServerSideProps>) {
  return (
    <>
      {Object.values(providers).map((provider) => (
@@ -94,10 +97,20 @@ export default function SignIn({ providers }) {
  )
 }

-export async function getServerSideProps(context) {
-  const providers = await getProviders()
+export async function getServerSideProps(context: GetServerSidePropsContext) {
+  const session = await getServerSession(context.req, context.res, authOptions);
+  
+  // If the user is already logged in, redirect.
+  // Note: Make sure not to redirect to the same page
+  // To avoid an infinite loop!
+  if (session) {
+    return { redirect: { destination: "/" } };
+  }
+
+  const providers = await getProviders();
+  
  return {
-    props: { providers },
+    props: { providers: providers ?? [] },
  }
 }
 ```
@@ -108,10 +121,11 @@ There is another, more fully styled example signin page available [here](https:/

 If you create a custom sign in form for email sign in, you will need to submit both fields for the **email** address and **csrfToken** from **/api/auth/csrf** in a POST request to **/api/auth/signin/email**.

-```jsx title="pages/auth/email-signin.js"
+```tsx title="pages/auth/email-signin.tsx"
+import type { GetServerSidePropsContext, InferGetServerSidePropsType } from "next";
 import { getCsrfToken } from "next-auth/react"

-export default function SignIn({ csrfToken }) {
+export default function SignIn({ csrfToken }: InferGetServerSidePropsType<typeof getServerSideProps>) {
  return (
    <form method="post" action="/api/auth/signin/email">
      <input name="csrfToken" type="hidden" defaultValue={csrfToken} />
@@ -124,7 +138,7 @@ export default function SignIn({ csrfToken }) {
  )
 }

-export async function getServerSideProps(context) {
+export async function getServerSideProps(context: GetServerSidePropsContext) {
  const csrfToken = await getCsrfToken(context)
  return {
    props: { csrfToken },
@@ -134,7 +148,7 @@ export async function getServerSideProps(context) {

 You can also use the `signIn()` function which will handle obtaining the CSRF token for you:

-```js
+```ts
 signIn("email", { email: "jsmith@example.com" })
 ```

@@ -142,10 +156,11 @@ signIn("email", { email: "jsmith@example.com" })

 If you create a sign in form for credentials based authentication, you will need to pass a **csrfToken** from **/api/auth/csrf** in a POST request to **/api/auth/callback/credentials**.

-```jsx title="pages/auth/credentials-signin.js"
+```tsx title="pages/auth/credentials-signin.tsx"
+import type { GetServerSidePropsContext, InferGetServerSidePropsType } from "next";
 import { getCsrfToken } from "next-auth/react"

-export default function SignIn({ csrfToken }) {
+export default function SignIn({ csrfToken }: InferGetServerSidePropsType<typeof getServerSideProps>) {
  return (
    <form method="post" action="/api/auth/callback/credentials">
      <input name="csrfToken" type="hidden" defaultValue={csrfToken} />
@@ -162,7 +177,7 @@ export default function SignIn({ csrfToken }) {
  )
 }

-export async function getServerSideProps(context) {
+export async function getServerSideProps(context: GetServerSidePropsContext) {
  return {
    props: {
      csrfToken: await getCsrfToken(context),
@@ -173,7 +188,7 @@ export async function getServerSideProps(context) {

 You can also use the `signIn()` function which will handle obtaining the CSRF token for you:

-```js
+```ts
 signIn("credentials", { username: "jsmith", password: "1234" })
 ```

--- a/docs/docs/configuration/providers/credentials.md
+++ b/docs/docs/configuration/providers/credentials.md
@@ -22,7 +22,7 @@ providers: [
    // You can pass any HTML attribute to the <input> tag through the object.
    credentials: {
      username: { label: "Username", type: "text", placeholder: "jsmith" },
-      password: {  label: "Password", type: "password" }
+      password: { label: "Password", type: "password" }
    },
    async authorize(credentials, req) {
      // You need to provide your own logic here that takes the credentials
--- a/docs/docs/configuration/providers/email.md
+++ b/docs/docs/configuration/providers/email.md
@@ -3,6 +3,12 @@ id: email
 title: Email
 ---

+### Install nodemailer
+
+```bash npm2yarn2pnpm
+npm install nodemailer
+```
+
 ### How to

 The Email provider sends "magic links" via email that the user can click on to sign in.
@@ -35,10 +41,10 @@ The email provider requires a database, it cannot be used without one.

 |          Name           |                                     Description                                     |               Type               | Required |
 | :---------------------: | :---------------------------------------------------------------------------------: | :------------------------------: | :------: |
-|           id            |                             Unique ID for the provider                              |             `string`             |   Yes    |
-|          name           |                          Descriptive name for the provider                          |             `string`             |   Yes    |
-|          type           |                       Type of provider, in this case `email`                        |            `"email"`             |   Yes    |
-|         server          |                     Path or object pointing to the email server                     |       `string` or `Object`       |   Yes    |
-| sendVerificationRequest |               Callback to execute when a verification request is sent               | `(params) => Promise<undefined>` |   Yes    |
+|           id            |                             Unique ID for the provider                              |             `string`             |    No    |
+|          name           |                          Descriptive name for the provider                          |             `string`             |    No    |
+|          type           |                       Type of provider, in this case `email`                        |            `"email"`             |    No    |
+|         server          |                     Path or object pointing to the email server                     |       `string` or `Object`       |   No    |
+| sendVerificationRequest |     Callback to execute to send a verification request, default uses nodemailer     | `(params) => Promise<undefined>` |    No    |
 |          from           |   The email address from which emails are sent, default: "<no-reply@example.com>"   |             `string`             |    No    |
 |         maxAge          | How long until the e-mail can be used to log the user in seconds. Defaults to 1 day |             `number`             |    No    |
--- a/docs/docs/configuration/providers/oauth.md
+++ b/docs/docs/configuration/providers/oauth.md
@@ -40,7 +40,7 @@ sequenceDiagram
    Note left of Browser: User inserts their<br/>credentials in Github
    Browser->>Auth Server (Github): Github validates the inserted credentials
    Auth Server (Github)->>Auth Server (Github): Generates one time access code<br/>and calls callback<br>URL defined in<br/>App settings
-    Auth Server (Github)->>App Server: GET<br/>"api/auth/github/callback?code=123"
+    Auth Server (Github)->>App Server: GET<br/>"api/auth/callback/github?code=123"
    App Server->>App Server: Grabs code<br/>to exchange it for<br/>access token
    App Server->>Auth Server (Github): POST<br/>"github.com/login/oauth/access_token"<br/>{code: 123}
    Auth Server (Github)->>Auth Server (Github): Verifies code is<br/>valid and generates<br/>access token
@@ -424,17 +424,3 @@ GoogleProvider({
  allowDangerousEmailAccountLinking: true,
 })
 ```
-
-### Adding a new built-in provider
-
-If you think your custom provider might be useful to others, we encourage you to open a PR and add it to the built-in list so others can discover it much more easily!
-
-You only need to add three changes:
-
-1. Add your config: [`src/providers/{provider}.ts`](https://github.com/nextauthjs/next-auth/tree/main/packages/next-auth/src/providers)<br />
-    - Make sure you use a named default export, like this: `export default function YourProvider`
-    - Add two SVG's of the provider logo, like `google-dark.svg` (dark mode) and `google.svg` (light mode), to the `/packages/next-auth/provider-logos/` directory as well as the styling config to the provider config object. See existing provider for example
-2. Add provider documentation: [`/docs/providers/{provider}.md`](https://github.com/nextauthjs/next-auth/tree/main/docs/docs/providers)
-3. Add the new provider name to the `Provider type` dropdown options in [`the provider issue template`](https://github.com/nextauthjs/next-auth/edit/main/.github/ISSUE_TEMPLATE/2_bug_provider.yml)
-
-That's it! 🎉 Others will be able to discover and use this provider much more easily now!
--- a/docs/docs/deployment.md
+++ b/docs/docs/deployment.md
@@ -18,8 +18,8 @@ See below for more detailed provider settings.

 1. Make sure to expose the Vercel [System Environment Variables](https://vercel.com/docs/concepts/projects/environment-variables#system-environment-variables) in your project settings.
 2. Create a `NEXTAUTH_SECRET` environment variable for all environments.
-   a. You can use `openssl rand -base64 32` or https://generate-secret.vercel.app/32 to generate a random value.
-   b. You **do not** need the `NEXTAUTH_URL` environment variable in Vercel.
+    - You can use `openssl rand -base64 32` or https://generate-secret.vercel.app/32 to generate a random value.
+    - You **do not** need the `NEXTAUTH_URL` environment variable in Vercel.
 3. Add your provider's client ID and client secret to environment variables. _(Skip this step if not using an [OAuth Provider](/configuration/providers/oauth))_
 4. Deploy!

@@ -79,7 +79,7 @@ export default NextAuth({

 #### Using the branch based preview URL

-Preview deployments at Vercel are often available via multiple URLs. For example, PR's merged to `master` or `main`, will be available the commit and PR specific preview URLs, but also the branch specific preview URLs. This branch specific URL will obviously not change as long as you work with that same branch. Therefore, you could add to your OAuth provider your `{project}-git-main-{user}.vercel.app` preview URL. As this will stay constant for that branch, you can reuse that preview deployment / URL for testing any authentication related deployments.
+Preview deployments at Vercel are often available via multiple URLs. For example, PR's merged to `master` or `main`, will be available via commit and PR specific preview URLs, but also the branch specific preview URLs. This branch specific URL will obviously not change as long as you work with that same branch. Therefore, you could add to your OAuth provider your `{project}-git-main-{user}.vercel.app` preview URL. As this will stay constant for that branch, you can reuse that preview deployment / URL for testing any authentication related deployments.

 ## Netlify

--- a/docs/docs/errors.md
+++ b/docs/docs/errors.md
@@ -21,7 +21,7 @@ This error occurs when the `SessionProvider` Context has a problem fetching sess

 #### CLIENT_FETCH_ERROR

-If you see `CLIENT_FETCH_ERROR` make sure you have configured the `NEXTAUTH_URL` environment variable.
+This can happen for multiple reasons. Make sure that you [configured](/configuration/initialization) NextAuth.js correctly, and if you used [`NEXTAUTH_URL`](https://next-auth.js.org/configuration/options#nextauth_url) that it's correctly set.

 ---

--- a/docs/docs/faq.md
+++ b/docs/docs/faq.md
@@ -67,7 +67,7 @@ _If you use a custom credentials provider user accounts will not be persisted in
 </summary>
 <p>

-NextAuth.js was originally designed for use with Next.js and Serverless. However, today you could use the NextAuth.js core with any other framework. Checkout the examples for <a href="https://github.com/nextauthjs/next-auth/tree/main/apps/playground-gatsby" target="_blank">Gatsby</a> and <a href="https://sveltekit.authjs.dev/" target="_blank">SvelteKit</a>. If you would add another integration with other frameworks, feel free to work on it and send a pull request. Make sure to check if there's any on-going work before open a new issue.
+NextAuth.js was originally designed for use with Next.js and Serverless. However, today you could use the NextAuth.js core with any other framework. Checkout the examples for <a href="https://github.com/nextauthjs/next-auth/tree/main/apps/playground-gatsby" target="_blank">Gatsby</a> and <a href="https://sveltekit.authjs.dev/" target="_blank">SvelteKit</a>. If you would add another integration with other frameworks, feel free to work on it and send a pull request. Make sure to check if there's any on-going work before opening a new issue.

 </p>
 </details>
@@ -207,7 +207,7 @@ NextAuth.js records Refresh Tokens and Access Tokens on sign in (if supplied by

 You can then look them up from the database or persist them to the JSON Web Token.

-Note: NextAuth.js does not currently handle Access Token rotation for OAuth providers for you, however you can check out [this tutorial](/tutorials/refresh-token-rotation) if you want to implement it.
+Note: NextAuth.js does not currently handle Access Token rotation for OAuth providers for you, however you can check out [this tutorial](https://authjs.dev/guides/basics/refresh-token-rotation) if you want to implement it.

 We also have an [example repository](https://github.com/nextauthjs/next-auth-refresh-token-example) / project based upon NextAuth.js v4 where we demonstrate how to use a refresh token to refresh the provided access token.

@@ -289,7 +289,7 @@ Ultimately if your request is not accepted or is not actively in development, yo
 </summary>
 <p>

-NextAuth.js by default uses JSON Web Tokens for saving the user's session. However, if you use a [database adapter](/adapters/overview), the database will be used to persist the user's session. You can force the usage of JWT when using a database [through the configuration options](/configuration/options#session). Since v4 all our JWT tokens are now encrypted by default with A256GCM.
+NextAuth.js by default uses JSON Web Tokens for saving the user's session. However, if you use a [database adapter](https://authjs.dev/reference/adapters), the database will be used to persist the user's session. You can force the usage of JWT when using a database [through the configuration options](/configuration/options#session). Since v4 all our JWT tokens are now encrypted by default with A256GCM.

 </p>
 </details>
--- a/docs/docs/getting-started/client.md
+++ b/docs/docs/getting-started/client.md
@@ -148,10 +148,133 @@ Because of how `_app` is written, it won't unnecessarily contact the `/api/auth/

 More information can be found in the following [GitHub Issue](https://github.com/nextauthjs/next-auth/issues/1210).

-### NextAuth.js + React Query
+### Updating the session

-You can create your own session management solution using data fetching libraries like [React Query](https://tanstack.com/query/v4/docs/adapters/react-query) or [SWR](https://swr.vercel.app). You can use the [original implementation of `@next-auth/react-query`](https://github.com/nextauthjs/react-query) and look at the [`next-auth/react` source code](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/react/index.tsx) as a starting point.
+The `useSession()` hook exposes a `update(data?: any): Promise<Session | null>` method that can be used to update the session, without reloading the page.

+You can optionally pass an arbitrary object as the first argument, which will be accessible on the server to merge with the session object.
+
+If you are not passing any argument, the session will be reloaded from the server. (This is useful if you want to update the session after a server-side mutation, like updating in the database.)
+
+:::caution
+The data object is coming from the client, so it needs to be validated on the server before saving.
+:::
+
+#### Example
+
+```tsx title="pages/profile.tsx"
+import { useSession } from "next-auth/react"
+
+export default function Page() {
+  const { data: session, status, update } = useSession()
+
+  if (status === "authenticated") {
+    return (
+      <>
+        <p>Signed in as {session.user.name}</p>
+        
+        {/* Update the value by sending it to the backend. */}
+        <button onClick={() => update({ name: "John Doe" })}>
+          Edit name
+        </button>
+        {/*
+          * Only trigger a session update, assuming you already updated the value server-side.
+          * All `useSession().data` references will be updated.
+          */}
+        <button onClick={() => update()}>
+          Edit name
+        </button>
+      </>
+    )
+  }
+
+  return <a href="/api/auth/signin">Sign in</a>
+}
+```
+
+Assuming a `strategy: "jwt"` is used, the `update()` method will trigger a `jwt` callback with the `trigger: "update"` option. You can use this to update the session object on the server.
+
+```ts title="pages/api/auth/[...nextauth].ts"
+...
+export default NextAuth({
+  ...
+  callbacks: {
+    // Using the `...rest` parameter to be able to narrow down the type based on `trigger`
+    jwt({ token, trigger, session }) {
+      if (trigger === "update" && session?.name) {
+        // Note, that `session` can be any arbitrary object, remember to validate it!
+        token.name = session.name
+      }
+      return token
+    }
+  }
+})
+```
+
+Assuming a `strategy: "database"` is used, the `update()` method will trigger the `session` callback with the `trigger: "update"` option. You can use this to update the session object on the server.
+
+```ts title="pages/api/auth/[...nextauth].ts"
+...
+const adapter = PrismaAdapter(prisma)
+export default NextAuth({
+  ...
+  adapter,
+  callbacks: {
+    // Using the `...rest` parameter to be able to narrow down the type based on `trigger`
+    async session({ session, trigger, newSession }) {
+      // Note, that `rest.session` can be any arbitrary object, remember to validate it!
+      if (trigger === "update" && newSession?.name) {
+        // You can update the session in the database if it's not already updated.
+        // await adapter.updateUser(session.user.id, { name: newSession.name })
+
+        // Make sure the updated value is reflected on the client
+        session.name = newSession.name
+      }
+      return session
+    }
+  }
+})
+```
+
+### Refetching the session
+
+[`SessionProvider#refetchInterval`](#refetch-interval) and [`SessionProvider#refetchOnWindowFocus`](#refetch-on-window-focus) can be replaced with the `update()` method too.
+
+:::note
+The `update()` method won't sync between tabs as the `refetchInterval` and `refetchOnWindowFocus` options do.
+:::
+
+```tsx title="pages/profile.tsx"
+import {useEffect} from "react"
+import { useSession } from "next-auth/react"
+
+export default function Page() {
+  const { data: session, status, update } = useSession()
+
+  // Polling the session every 1 hour
+  useEffect(() => {
+    // TIP: You can also use `navigator.onLine` and some extra event handlers
+    // to check if the user is online and only update the session if they are.
+    // https://developer.mozilla.org/en-US/docs/Web/API/Navigator/onLine
+    const interval = setInterval(() => update(), 1000 * 60 * 60)
+    return () => clearInterval(interval)
+  }, [update])
+
+  // Listen for when the page is visible, if the user switches tabs
+  // and makes our tab visible again, re-fetch the session
+  useEffect(() => {
+    const visibilityHandler = () => document.visibilityState === "visible" && update()
+    window.addEventListener("visibilitychange", visibilityHandler, false)
+    return () => window.removeEventListener("visibilitychange", visibilityHandler, false)
+  }, [update])
+
+  return (
+    <pre>
+      {JSON.stringify(session, null, 2)}
+    </pre>
+  )
+}
+```
 ---

 ## getSession()
@@ -236,7 +359,7 @@ export default async (req, res) => {
 ```

 :::note
-Unlike and `getCsrfToken()`, when calling `getProviders()` server side, you don't need to pass anything, just as calling it client side.
+Unlike `getCsrfToken()`, when calling `getProviders()` server side, you don't need to pass anything, just as calling it client side.
 :::

 ---
@@ -396,7 +519,11 @@ where `data.url` is the validated URL you can redirect the user to without any f

 ## SessionProvider

-Using the supplied `<SessionProvider>` allows instances of `useSession()` to share the session object across components, by using [React Context](https://reactjs.org/docs/context.html) under the hood. It also takes care of keeping the session updated and synced between tabs/windows.
+:::note
+If you are using the App Router, we encourage you to use [`getServerSession`](/configuration/nextjs#getserversession) in server contexts instead. (`SessionProvider` *can* be used in the App Router, which might be the easier choice if you are migrating from pages.)
+:::
+
+Using the supplied `<SessionProvider>` allows instances of `useSession()` to share the session object across components, by using [React Context](https://react.dev/learn/passing-data-deeply-with-context) under the hood. It also takes care of keeping the session updated and synced between tabs/windows.

 ```jsx title="pages/_app.js"
 import { SessionProvider } from "next-auth/react"
@@ -479,6 +606,8 @@ If you are using a custom base path, and your application entry point is not at

 #### Refetch interval

+See [Session Refetching](#refetching-the-session) for an alternative option.
+
 The `refetchInterval` option can be used to contact the server to avoid a session expiring.

 When `refetchInterval` is set to `0` (the default) there will be no session polling.
@@ -491,6 +620,8 @@ By default, session polling will keep trying, even when the device has no intern

 #### Refetch On Window Focus

+See [Session Refetching](#refetching-the-session) for an alternative option.
+
 The `refetchOnWindowFocus` option can be used to control whether it automatically updates the session state when you switch a focus on tabs/windows.

 When `refetchOnWindowFocus` is set to `true` (the default) tabs/windows will be updated and initialize the components' state when they gain or lose focus.
--- a/docs/docs/getting-started/example.md
+++ b/docs/docs/getting-started/example.md
@@ -26,6 +26,8 @@ If you are using TypeScript, NextAuth.js comes with its types definitions within

 To add NextAuth.js to a project create a file called `[...nextauth].js` in `pages/api/auth`. This contains the dynamic route handler for NextAuth.js which will also contain all of your global NextAuth.js configurations.

+If you're using [Next.js 13.2](https://nextjs.org/blog/next-13-2#custom-route-handlers) or above with the new App Router (`app/`), you can initialize the configuration using the new [Route Handlers](https://nextjs.org/docs/app/building-your-application/routing/router-handlers) by following our [guide](https://next-auth.js.org/configuration/initialization#route-handlers-app).
+
 ```javascript title="pages/api/auth/[...nextauth].js" showLineNumbers
 import NextAuth from "next-auth"
 import GithubProvider from "next-auth/providers/github"
@@ -74,6 +76,7 @@ Instances of `useSession` will then have access to the session data and status.

 :::tip
 Check out the [client documentation](/getting-started/client) to see how you can improve the user experience and page performance by using the NextAuth.js client.
+If you are using the Next.js App Router, please note that `<SessionProvider />` requires a client component and therefore cannot be put inside the root layout. For more details, check out the [Next.js documentation](https://nextjs.org/docs/app/building-your-application/routing/pages-and-layouts).
 :::

 ### Frontend - Add React Hook
--- a/docs/docs/getting-started/introduction.md
+++ b/docs/docs/getting-started/introduction.md
@@ -16,7 +16,7 @@ It is designed from the ground up to support Next.js and Serverless.
 - Designed to work with any [OAuth service, it supports OAuth 1.0, 1.0A, 2.0 and OpenID Connect](/providers)
 - Built-in support for [many popular sign-in services](/configuration/providers/oauth)
 - Supports [email / passwordless authentication](/providers/email)
- Supports stateless authentication with [any backend](/adapters/overview) (Active Directory, LDAP, etc)
+- Supports stateless authentication with [any backend](https://authjs.dev/reference/adapters) (Active Directory, LDAP, etc)
 - Supports both JSON Web Tokens and database sessions
 - Designed for Serverless but runs anywhere (AWS Lambda, Docker, Heroku, etc…)

--- a/docs/docs/getting-started/typescript.md
+++ b/docs/docs/getting-started/typescript.md
@@ -6,7 +6,7 @@ title: TypeScript
 NextAuth.js has its own type definitions to use in your TypeScript projects safely. Even if you don't use TypeScript, IDEs like VSCode will pick this up to provide you with a better developer experience. While you are typing, you will get suggestions about what certain objects/functions look like, and sometimes links to documentation, examples, and other valuable resources.

 Check out the example repository showcasing how to use `next-auth` on a Next.js application with TypeScript:  
-https://github.com/nextauthjs/next-auth-typescript-example
+https://github.com/nextauthjs/next-auth-example

 ---

--- a/docs/docs/getting-started/upgrade-to-v4.md
+++ b/docs/docs/getting-started/upgrade-to-v4.md
@@ -311,7 +311,7 @@ export default NextAuth({

 3. The `typeorm-legacy` adapter has been upgraded to use the newer adapter API, but has retained the `typeorm-legacy` name. We aim to migrate this to individual lighter weight adapters for each database type in the future, or switch out `typeorm`.

-4. MongoDB has been moved to its own adapter under `@next-auth/mongodb-adapter`. See the [MongoDB Adapter docs](/adapters/mongodb).
+4. MongoDB has been moved to its own adapter under `@next-auth/mongodb-adapter`. See the [MongoDB Adapter docs](https://authjs.dev/reference/adapter/mongodb).

 Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.8 and https://github.com/nextauthjs/next-auth/pull/2361

@@ -319,7 +319,7 @@ Introduced in https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.8

 **This does not require any changes from the user - these are adapter specific changes only**

-The Adapter API has been rewritten and significantly simplified in NextAuth.js v4. The adapters now have less work to do as some functionality has been migrated to the core of NextAuth, like hashing the [verification token](/adapters/models/#verification-token).
+The Adapter API has been rewritten and significantly simplified in NextAuth.js v4. The adapters now have less work to do as some functionality has been migrated to the core of NextAuth, like hashing the [verification token](https://authjs.dev/reference/adapters#verification-token).

 If you are an adapter maintainer or are interested in writing your own adapter, you can find more information about this change in https://github.com/nextauthjs/next-auth/pull/2361 and release https://github.com/nextauthjs/next-auth/releases/tag/v4.0.0-next.22.

@@ -351,8 +351,8 @@ User {
  id
  name
  email
- emailVerified
-+ email_verified
+ emailVerified
+- email_verified
  image
 -  created_at
 -  updated_at
@@ -405,7 +405,7 @@ VerificationToken {
 </pre>
 </details>

-For more info, see the [Models page](/adapters/models).
+For more info, see the [Models page](https://authjs.dev/reference/adapters#models).

 ### Database migration

--- a/docs/docs/guides/fullstack.md
+++ b/docs/docs/guides/fullstack.md
@@ -3,7 +3,7 @@ id: fullstack
 title: Fullstack
 ---

-### [Refresh Token Rotation](/tutorials/refresh-token-rotation)
+### [Refresh Token Rotation](https://authjs.dev/guides/basics/refresh-token-rotation)

 - How to implement refresh token rotation.

@@ -21,7 +21,7 @@ title: Fullstack

 ## Database

-### [Custom models with TypeORM](/adapters/typeorm#custom-models)
+### [Custom models with TypeORM](https://authjs.dev/reference/adapter/typeorm#custom-models)

 - How to use models with custom properties using the TypeORM adapter.

@@ -29,6 +29,6 @@ title: Fullstack

 - How to create a custom adapter, to use any database to fetch and store user / account data.

-### [Adding role based login to database session strategy](/tutorials/role-based-login-strategy)
+### [Adding role based login to database session strategy](https://authjs.dev/guides/basics/role-based-access-control)

 - Implement a role based login system by adding a custom session callback.
--- a/docs/docs/providers/42.md
+++ b/docs/docs/providers/42.md
@@ -4,7 +4,7 @@ title: 42 School
 ---

 :::note
-42 returns a field on `Account` called `created_at` which is a number. See the [docs](https://api.intra.42.fr/apidoc/guides/getting_started#make-basic-requests). Make sure to add this field to your database schema, in case if you are using an [Adapter](/adapters/overview).
+42 returns a field on `Account` called `created_at` which is a number. See the [docs](https://api.intra.42.fr/apidoc/guides/getting_started#make-basic-requests). Make sure to add this field to your database schema, in case if you are using an [Adapter](https://authjs.dev/reference/adapters).
 :::

 ## Documentation
--- a/docs/docs/providers/apple.md
+++ b/docs/docs/providers/apple.md
@@ -64,7 +64,7 @@ Edit your host file and point your site to `127.0.0.1`.
 _Linux/macOS_

 ```
-sudo echo '127.0.0.1 dev.example.com' >> /etc/hosts
+echo '127.0.0.1 dev.example.com' | sudo tee -a /etc/hosts
 ```

 _Windows_ (run PowerShell as administrator)
--- a/docs/docs/providers/azure-ad-b2c.md
+++ b/docs/docs/providers/azure-ad-b2c.md
@@ -11,7 +11,7 @@ Azure AD B2C returns the following fields on `Account`:
 - `id_token_expires_in` (number)
 - `profile_info` (string).

-See their [docs](https://docs.microsoft.com/en-us/azure/active-directory-b2c/access-tokens). Remember to add these fields to your database schema, in case if you are using an [Adapter](/adapters/overview).
+See their [docs](https://docs.microsoft.com/en-us/azure/active-directory-b2c/access-tokens). Remember to add these fields to your database schema, in case if you are using an [Adapter](https://authjs.dev/reference/adapters).
 :::

 ## Documentation
--- a/docs/docs/providers/azure-ad.md
+++ b/docs/docs/providers/azure-ad.md
@@ -3,6 +3,17 @@ id: azure-ad
 title: Azure Active Directory
 ---

+:::note
+Azure Active Directory returns the following fields on `Account`:
+
+- `token_type` (string)
+- `expires_in` (number)
+- `ext_expires_in` (number)
+- `access_token` (string).
+
+Remember to add these fields to your database schema, in case if you are using an [Adapter](https://authjs.dev/reference/adapters).
+:::
+
 ## Documentation

 https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
@@ -20,7 +31,7 @@ https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-regis
 - Pay close attention to "Who can use this application or access this API?"
  - This allows you to scope access to specific types of user accounts
  - Only your tenant, all azure tenants, or all azure tenants and public Microsoft accounts (Skype, Xbox, Outlook.com, etc.)
- When asked for a redirection URL, use `https://yourapplication.com/api/auth/callback/azure-ad` or for development `http://localhost:3000/api/auth/callback/azure-ad`.
+- When asked for a redirection URL, select the platform type "Web" and use `https://yourapplication.com/api/auth/callback/azure-ad` or for development `http://localhost:3000/api/auth/callback/azure-ad`.
 - After your App Registration is created, under "Client Credential" create your Client secret.
 - Now copy your:
  - Application (client) ID
@@ -37,6 +48,10 @@ AZURE_AD_TENANT_ID=<copy the tenant id here>

 That will default the tenant to use the `common` authorization endpoint. [For more details see here](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols#endpoints).

+:::note
+When you see `ResourceNotFound` error code while accessing an API, make sure to use the correct tenant ID. For instance, when the intended access is for a personal account, the tenant ID should not be provided.
+:::
+
 :::note
 Azure AD returns the profile picture in an ArrayBuffer, instead of just a URL to the image, so our provider converts it to a base64 encoded image string and returns that instead. See: https://docs.microsoft.com/en-us/graph/api/profilephoto-get?view=graph-rest-1.0#examples. The default image size is 48x48 to avoid [running out of space](https://next-auth.js.org/faq#:~:text=What%20are%20the%20disadvantages%20of%20JSON%20Web%20Tokens%3F) in case the session is saved as a JWT.
 :::
--- a/docs/docs/providers/credentials.md
+++ b/docs/docs/providers/credentials.md
@@ -19,7 +19,7 @@ The functionality provided for credentials based authentication is intentionally

 The **Credentials Provider** comes with a set of default options:

- [Credentials Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/credentials.ts)
+- [Credentials Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/credentials.ts)

 You can override any of the options to suit your own use case.

@@ -125,7 +125,7 @@ providers: [
      return user
    },
    credentials: {
-      email: { label: "Username", type: "text ", placeholder: "jsmith" },
+      username: { label: "Username", type: "text ", placeholder: "jsmith" },
      "2fa-key": { label: "2FA Key" },
    },
  }),
--- a/docs/docs/providers/duende-identity-server6.md
+++ b/docs/docs/providers/duende-identity-server6.md
@@ -0,0 +1,53 @@
+---
+id: duende-identityserver6
+title: DuendeIdentityServer6
+---
+
+## Documentation
+
+https://docs.duendesoftware.com/identityserver/v6
+
+## Options
+
+The **DuendeIdentityServer6 Provider** comes with a set of default options:
+
+- [DuendeIdentityServer6 Provider options](https://github.com/nextauthjs/next-auth/blob/v4/packages/next-auth/src/providers/duende-identity-server6.ts)
+
+You can override any of the options to suit your own use case.
+
+## Example
+
+```js
+import DuendeIDS6Provider from "next-auth/providers/duende-identity-server6"
+
+...
+providers: [
+  DuendeIDS6Provider({
+    clientId: process.env.DUENDE_IDS6_ID,
+    clientSecret: process.env.DUENDE_IDS6_SECRET,
+    issuer: process.env.DUENDE_IDS6_ISSUER,
+  })
+]
+...
+```
+
+## Demo IdentityServer
+
+The configuration below is for the demo server at https://demo.duendesoftware.com/
+
+If you want to try it out, you can copy and paste the configuration below.
+
+You can sign in to the demo service with either <b>bob/bob</b> or <b>alice/alice</b>.
+
+```js
+import DuendeIDS6Provider from "next-auth/providers/duende-identity-server6"
+...
+providers: [
+  DuendeIDS6Provider({
+    clientId: "interactive.confidential",
+    clientSecret: "secret",
+    issuer: "https://demo.duendesoftware.com",
+  })
+]
+...
+```
--- a/docs/docs/providers/email.md
+++ b/docs/docs/providers/email.md
@@ -32,11 +32,19 @@ You can override any of the options to suit your own use case.

 ## Configuration

+NextAuth.js lets you send emails either via HTTP or SMTP.
+
+### HTTP
+
+Check out our [HTTP-based Email Provider](https://authjs.dev/guides/providers/email-http) guide.
+
+### SMTP
+
 1. NextAuth.js does not include `nodemailer` as a dependency, so you'll need to install it yourself if you want to use the Email Provider. Run `npm install nodemailer` or `yarn add nodemailer`.
 2. You will need an SMTP account; ideally for one of the [services known to work with `nodemailer`](https://community.nodemailer.com/2-0-0-beta/setup-smtp/well-known-services/).
 3. There are two ways to configure the SMTP server connection.

-You can either use a connection string or a `nodemailer` configuration object.
+You can either use a connection string or a `nodemailer` configuration object or transport.

 2.1 **Using a connection string**

@@ -92,7 +100,7 @@ providers: [
 ],
 ```

-3. Do not forget to setup one of the database [adapters](/adapters/overview) for storing the Email verification token.
+3. Do not forget to setup one of the database [adapters](https://authjs.dev/reference/adapters) for storing the Email verification token.

 4. You can now sign in with an email address at `/api/auth/signin`.

@@ -252,3 +260,27 @@ By default, NextAuth.js will normalize the email address. It treats values as ca
 :::warning
 Always make sure this returns a single e-mail address, even if multiple ones were passed in.
 :::
+
+
+## Sending Magic Links To Existing Users
+
+You can ensure that only existing users are sent a magic login link. You will need to grab the email the user entered and check your database to see if the email already exists in the "User" collection in your database. If it exists, it will send the user a magic link but otherwise, you can send the user to another page, such as "/register". 
+
+  ```js title="pages/api/auth/[...nextauth].js"
+  import User from "../../../models/User"; 
+  import db from "../../../utils/db"; 
+  ...
+  callbacks: {
+    async signIn({ user, account, email }) { 
+      await db.connect(); 
+      const userExists = await User.findOne({ 
+        email: user.email,  //the user object has an email property, which contains the email the user entered.
+      });
+      if (userExists) {
+        return true;   //if the email exists in the User collection, email them a magic login link
+      } else {
+        return "/register"; 
+      }
+    },
+   ...
+  ``` 
--- a/docs/docs/providers/github.md
+++ b/docs/docs/providers/github.md
@@ -4,7 +4,7 @@ title: GitHub
 ---

 :::note
-GitHub returns a field on `Account` called `refresh_token_expires_in` which is a number. See their [docs](https://docs.github.com/en/developers/apps/building-github-apps/refreshing-user-to-server-access-tokens#response). Remember to add this field to your database schema, in case if you are using an [Adapter](/adapters/overview).
+GitHub returns a field on `Account` called `refresh_token_expires_in` which is a number. See their [docs](https://docs.github.com/en/developers/apps/building-github-apps/refreshing-user-to-server-access-tokens#response). Remember to add this field to your database schema, in case if you are using an [Adapter](https://authjs.dev/reference/adapters).
 :::

 ## Documentation
--- a/docs/docs/providers/gitlab.md
+++ b/docs/docs/providers/gitlab.md
@@ -3,6 +3,10 @@ id: gitlab
 title: GitLab
 ---

+:::note
+GitLab returns a field on `Account` called `created_at` which is a number. See their [docs](https://docs.gitlab.com/ee/api/oauth2.html). Remember to add this field as optional to your database schema, in case if you are using an [Adapter](https://authjs.dev/reference/adapters).
+:::
+
 ## Documentation

 https://docs.gitlab.com/ee/api/oauth2.html
--- a/docs/docs/providers/kakao.md
+++ b/docs/docs/providers/kakao.md
@@ -15,7 +15,7 @@ https://developers.kakao.com/docs/latest/en/kakaologin/common

 The **Kakao Provider** comes with a set of default options:

- [Kakao Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/kakao.js)
+- [Kakao Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/kakao.ts)

 You can override any of the options to suit your own use case.

--- a/docs/docs/providers/osu.md
+++ b/docs/docs/providers/osu.md
@@ -1,6 +1,6 @@
 ---
 id: osu
-title: Osu!
+title: osu!
 ---

 ## Documentation
--- a/docs/docs/providers/salesforce.md
+++ b/docs/docs/providers/salesforce.md
@@ -11,7 +11,7 @@ https://help.salesforce.com/articleView?id=remoteaccess_authenticate.htm&type=5

 The **Salesforce Provider** comes with a set of default options:

- [Salesforce Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/salesforce.js)
+- [Salesforce Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/salesforce.ts)

 You can override any of the options to suit your own use case.

--- a/docs/docs/providers/twitter.md
+++ b/docs/docs/providers/twitter.md
@@ -4,7 +4,7 @@ title: Twitter
 ---

 :::note
-Twitter is currently the only built-in provider using the OAuth 1.0 spec. This means that you won't receive an `access_token` or `refresh_token`, but an `oauth_token` and `oauth_token_secret` respectively. Remember to add these to your database schema, in case if you are using an [Adapter](/adapters/overview).
+Twitter is currently the only built-in provider using the OAuth 1.0 spec. This means that you won't receive an `access_token` or `refresh_token`, but an `oauth_token` and `oauth_token_secret` respectively. Remember to add these to your database schema, in case if you are using an [Adapter](https://authjs.dev/reference/adapters).
 :::

 ## Documentation
--- a/docs/docs/providers/vk.md
+++ b/docs/docs/providers/vk.md
@@ -15,7 +15,7 @@ https://vk.com/apps?act=manage

 The **VK Provider** comes with a set of default options:

- [VK Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/vk.js)
+- [VK Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/vk.ts)

 You can override any of the options to suit your own use case.

@@ -34,7 +34,7 @@ providers: [
 ```

 :::note
-By default the provider uses `5.126` version of the API. See https://vk.com/dev/versions for more info.
+By default the provider uses `5.131` version of the API. See https://vk.com/dev/versions for more info.
 :::

 If you want to use a different version, you can pass it to provider's options object:
@@ -42,7 +42,7 @@ If you want to use a different version, you can pass it to provider's options ob
 ```js
 // pages/api/auth/[...nextauth].js

-const apiVersion = "5.126"
+const apiVersion = "5.131"
 ...
 providers: [
  VkProvider({
--- a/docs/docs/providers/zoho.md
+++ b/docs/docs/providers/zoho.md
@@ -3,6 +3,10 @@ id: zoho
 title: Zoho
 ---

+:::note
+Zoho returns a field on `Account` called `api_domain` which is a string. See their [docs](https://www.zoho.com/accounts/protocol/oauth/web-apps/access-token.html). Remember to add this field to your database schema, in case if you are using an [Adapter](https://authjs.dev/reference/adapters).
+:::
+
 ## Documentation

 https://www.zoho.com/accounts/protocol/oauth/web-server-applications.html
--- a/docs/docs/tutorials/avoid-corporate-link-checking-email-provider.md
+++ b/docs/docs/tutorials/avoid-corporate-link-checking-email-provider.md
@@ -30,7 +30,7 @@ import NextAuth from "next-auth"
 export default async function auth(req: NextApiRequest, res: NextApiResponse) {

  if(req.method === "HEAD") {
-     return res.status(200)
+     return res.status(200).end()
  }

  ...
--- a/docs/docs/tutorials/creating-a-database-adapter.md
+++ b/docs/docs/tutorials/creating-a-database-adapter.md
@@ -7,7 +7,7 @@ Using a custom adapter you can connect to any database back-end or even several

 ## How to create an adapter

-For more information about the data these methods need to manage see [models](/adapters/models).
+For more information about the data these methods need to manage see [models](https://authjs.dev/reference/adapters#models).

 _See the code below for practical example._

--- a/docs/docs/tutorials/refresh-token-rotation.md
+++ b/docs/docs/tutorials/refresh-token-rotation.md
@@ -1,137 +0,0 @@
---
-id: refresh-token-rotation
-title: Refresh Token Rotation
---
-
-While NextAuth.js doesn't automatically handle access token rotation for OAuth providers yet, this functionality can be implemented using [callbacks](https://next-auth.js.org/configuration/callbacks).
-
-## Source Code
-
-A working example can be accessed [here](https://github.com/nextauthjs/next-auth-refresh-token-example).
-
-## Implementation
-
-### Server Side
-
-Using a [JWT callback](https://next-auth.js.org/configuration/callbacks#jwt-callback) and a [session callback](https://next-auth.js.org/configuration/callbacks#session-callback), we can persist OAuth tokens and refresh them when they expire.
-
-Below is a sample implementation using Google's Identity Provider. Please note that the OAuth 2.0 request in the `refreshAccessToken()` function will vary between different providers, but the core logic should remain similar.
-
-```js title="pages/api/auth/[...nextauth].js"
-import NextAuth from "next-auth"
-import GoogleProvider from "next-auth/providers/google"
-
-const GOOGLE_AUTHORIZATION_URL =
-  "https://accounts.google.com/o/oauth2/v2/auth?" +
-  new URLSearchParams({
-    prompt: "consent",
-    access_type: "offline",
-    response_type: "code",
-  })
-
-/**
- * Takes a token, and returns a new token with updated
- * `accessToken` and `accessTokenExpires`. If an error occurs,
- * returns the old token and an error property
- */
-async function refreshAccessToken(token) {
-  try {
-    const url =
-      "https://oauth2.googleapis.com/token?" +
-      new URLSearchParams({
-        client_id: process.env.GOOGLE_CLIENT_ID,
-        client_secret: process.env.GOOGLE_CLIENT_SECRET,
-        grant_type: "refresh_token",
-        refresh_token: token.refreshToken,
-      })
-
-    const response = await fetch(url, {
-      headers: {
-        "Content-Type": "application/x-www-form-urlencoded",
-      },
-      method: "POST",
-    })
-
-    const refreshedTokens = await response.json()
-
-    if (!response.ok) {
-      throw refreshedTokens
-    }
-
-    return {
-      ...token,
-      accessToken: refreshedTokens.access_token,
-      accessTokenExpires: Date.now() + refreshedTokens.expires_at * 1000,
-      refreshToken: refreshedTokens.refresh_token ?? token.refreshToken, // Fall back to old refresh token
-    }
-  } catch (error) {
-    console.log(error)
-
-    return {
-      ...token,
-      error: "RefreshAccessTokenError",
-    }
-  }
-}
-
-export default NextAuth({
-  providers: [
-    GoogleProvider({
-      clientId: process.env.GOOGLE_CLIENT_ID,
-      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
-      authorization: GOOGLE_AUTHORIZATION_URL,
-    }),
-  ],
-  callbacks: {
-    async jwt({ token, user, account }) {
-      // Initial sign in
-      if (account && user) {
-        return {
-          accessToken: account.access_token,
-          accessTokenExpires: Date.now() + account.expires_at * 1000,
-          refreshToken: account.refresh_token,
-          user,
-        }
-      }
-
-      // Return previous token if the access token has not expired yet
-      if (Date.now() < token.accessTokenExpires) {
-        return token
-      }
-
-      // Access token has expired, try to update it
-      return refreshAccessToken(token)
-    },
-    async session({ session, token }) {
-      session.user = token.user
-      session.accessToken = token.accessToken
-      session.error = token.error
-
-      return session
-    },
-  },
-})
-```
-
-### Client Side
-
-The `RefreshAccessTokenError` error that is caught in the `refreshAccessToken()` method is passed all the way to the client. This means that you can direct the user to the sign in flow if we cannot refresh their token.
-
-We can handle this functionality as a side effect:
-
-```js title="pages/home.js"
-import { signIn, useSession } from "next-auth/react";
-import { useEffect } from "react";
-
-const HomePage() {
-  const { data: session } = useSession();
-
-  useEffect(() => {
-    if (session?.error === "RefreshAccessTokenError") {
-      signIn(); // Force sign in to hopefully resolve error
-    }
-  }, [session]);
-
-return (...)
-}
-```
--- a/docs/docs/tutorials/role-based-login-strategy.md
+++ b/docs/docs/tutorials/role-based-login-strategy.md
@@ -1,61 +0,0 @@
-To add role based authentication to your application, you must do three things.
-
-1. Update your database schema
-2. Add the `role` to the session object
-3. Check for `role` in your pages/components
-
-First modify the `user` table and add a `role` column with the type of `String?`.
-
-Below is an example Prisma schema file.
-
-```javascript title="/prisma/schema.prisma"
-model User {
-  id            String    @id @default(cuid())
-  name          String?
-  email         String?   @unique
-  emailVerified DateTime?
-  image         String?
-  role          String?  // New Column
-  accounts      Account[]
-  sessions      Session[]
-}
-
-```
-
-Next, implement a custom session callback in the `[...nextauth].js` file, as shown below.
-
-```javascript title="/pages/api/auth/[...nextauth].js"
-callbacks: {
-  async session({ session, token, user }) {
-    session.user.role = user.role; // Add role value to user object so it is passed along with session
-    return session;
-  }
-},
-```
-
-Going forward, when using the `getSession` hook, check that `session.user.role` matches the required role. The example below assumes the role `'admin'` is required.
-
-```javascript title="/pages/admin.js"
-import { getSession } from "next-auth/react"
-
-export default function Page() {
-  const session = await getSession({ req })
-
-  if (session && session.user.role === "admin") {
-    return (
-      <div>
-        <h1>Admin</h1>
-        <p>Welcome to the Admin Portal!</p>
-      </div>
-    )
-  } else {
-    return (
-      <div>
-        <h1>You are not authorized to view this page!</h1>
-      </div>
-    )
-  }
-}
-```
-
-Then it is up to you how you manage your roles, either through direct database access or building your own role update API.
--- a/docs/package.json
+++ b/docs/package.json
@@ -7,7 +7,7 @@
  "name": "next-auth-docs",
  "version": "0.2.0",
  "scripts": {
-    "start": "npm run generate-providers && docusaurus start --no-open --port 8000",
+    "start": "npm run generate-providers && docusaurus start --no-open",
    "dev": "npm run start",
    "build": "npm run generate-providers && docusaurus build",
    "docusaurus": "docusaurus",
@@ -29,15 +29,20 @@
    "react": "^18.1.0",
    "react-dom": "^18.1.0",
    "react-marquee-slider": "^1.1.5",
-    "remark-github": "^10.1.0",
-    "styled-components": "5.3.3"
+    "remark-github": "^10.1.0"
  },
  "devDependencies": {
    "@docusaurus/core": "2.1.0",
    "@docusaurus/module-type-aliases": "2.1.0",
    "@docusaurus/preset-classic": "2.1.0",
    "@docusaurus/theme-common": "2.1.0",
-    "@docusaurus/types": "2.1.0"
+    "@docusaurus/types": "2.1.0",
+    "autoprefixer": "^10.4.7",
+    "framer-motion": "^10.16.4",
+    "postcss": "^8.4.14",
+    "postcss-nested": "^5.0.6",
+    "styled-components": "5.3.3",
+    "tailwindcss": "^3.3.3"
  },
  "browserslist": {
    "production": [
--- a/docs/postcss.config.js
+++ b/docs/postcss.config.js
@@ -0,0 +1,7 @@
+module.exports = {
+  plugins: [
+    require("tailwindcss"),
+    require("autoprefixer"),
+    require("postcss-nested"),
+  ],
+}
--- a/docs/sidebars.js
+++ b/docs/sidebars.js
@@ -1,3 +1,17 @@
+/** @type {import('@docusaurus/plugin-content-docs').PropSidebarItemHtml} */
+const clerk = {
+  type: "html",
+  value: `
+  <a href="https://clerk.com?utm_source=sponsorship&utm_medium=docs&utm_campaign=authjs&utm_content=callout">
+    <picture>
+      <source media="(prefers-color-scheme: dark)" srcset="/img/clerk-sidebar-light.png">
+      <source media="(prefers-color-scheme: light)" srcset="/img/clerk-sidebar-dark.png">
+      <img alt="Clerk – Authentication & User Management" src="/img/clerk-sidebar-dark.png">
+    </picture>
+  </a>`,
+  defaultStyle: true,
+}
+
 module.exports = {
  docs: [
    {
@@ -49,28 +63,7 @@ module.exports = {
        },
      ],
    },
-    {
-      type: "category",
-      label: "Adapters",
-      link: { type: "doc", id: "adapters/overview" },
-      collapsed: true,
-      items: [
-        "adapters/models",
-        "adapters/prisma",
-        "adapters/fauna",
-        "adapters/dynamodb",
-        "adapters/firebase",
-        "adapters/pouchdb",
-        "adapters/mongodb",
-        "adapters/neo4j",
-        "adapters/typeorm",
-        "adapters/sequelize",
-        "adapters/supabase",
-        "adapters/mikro-orm",
-        "adapters/dgraph",
-        "adapters/upstash-redis",
-      ],
-    },
+    "adapters",
    "warnings",
    "errors",
    "deployment",
@@ -81,6 +74,7 @@ module.exports = {
      collapsed: true,
      items: ["guides/basics", "guides/fullstack", "guides/testing"],
    },
+    clerk,
    {
      type: "html",
      value:
--- a/docs/src/components/clerk.js
+++ b/docs/src/components/clerk.js
@@ -0,0 +1,553 @@
+import { motion, useAnimationControls, useInView } from "framer-motion"
+import * as React from "react"
+const { useEffect, useId, useRef, useState } = React
+
+const width = 76
+const height = 76
+const animationDuration = 1
+
+function easeOut(x) {
+  return x === 1 ? 1 : 1 - Math.pow(2, -10 * x)
+}
+
+export function Clerk() {
+  let inViewRef = useRef(null)
+  let isInView = useInView(inViewRef)
+  return (
+    <span className="tailwind">
+      <section
+        ref={inViewRef}
+        className="h-[430px] w-full overflow-hidden py-8 sm:h-[480px] pb-24 mb-24"
+      >
+        <div className="relative mx-auto flex h-full w-full max-w-6xl flex-col">
+          <div className="absolute -top-1 inline-flex w-fit self-center rounded-md ring-black/[0.07] px-6 pt-1 pb-1.5 text-[12px] font-medium tracking-tighter text-[#B2B2B2] shadow-[inset_0px_1px_1px_rgba(0,0,0,0.07),inset_1px_0px_1px_rgba(0,0,0,0.07),inset_-1px_0px_1px_rgba(0,0,0,0.07)] [mask:linear-gradient(180deg,black,black_54%,transparent)] dark:ring-white/[0.07] dark:text-white dark:shadow-[inset_0px_1px_1px_rgba(255,255,255,0.07),inset_1px_0px_1px_rgba(255,255,255,0.07),inset_-1px_0px_1px_rgba(255,255,255,0.07)] ">
+            Sponsored by
+          </div>
+          <div className="flex flex-1 items-center justify-center">
+            <AnimatedLogo />
+          </div>
+          <div className="relative isolate flex flex-1 flex-col items-center justify-between">
+            <div className="absolute -top-5 z-50 h-10 w-full [mask:linear-gradient(90deg,transparent,black_20%,black_80%,transparent)] before:absolute before:inset-0 before:top-5 before:h-[1px] before:bg-gradient-to-r before:from-[#AE48FF] before:via-[#6C47FF] before:via-[25%] before:to-[#18CCFC] before:opacity-50 before:blur-[2px] after:absolute after:inset-0 after:left-1/2 after:top-5 after:h-[1px] after:w-3/4 after:-translate-x-1/2 after:bg-gradient-to-r after:from-[#AE48FF] after:via-[#6C47FF] after:via-[25%] after:to-[#18CCFC] after:[mask:linear-gradient(90deg,transparent,black,black,transparent)]">
+              <motion.div
+                initial={{ x: "-100%" }}
+                animate={isInView ? { x: "100%" } : {}}
+                transition={{
+                  delay: 2.5,
+                  duration: isInView ? 1 : 0,
+                  ease: "easeInOut",
+                  repeat: Infinity,
+                  repeatDelay: 3,
+                }}
+                className="absolute inset-x-0 top-5 z-10 h-[1px] bg-gradient-to-l from-white/75 to-transparent to-50% dark:from-white/25"
+              />
+            </div>
+            <div className="absolute inset-0 isolate -z-10 overflow-hidden before:absolute before:inset-0 before:bg-[url(/img/background-pattern.svg)] before:[mask:radial-gradient(ellipse_farthest-side_at_50%_-25vw,black,transparent)] dark:before:opacity-10">
+              <div className="absolute left-1/2 top-0 h-12 w-1/2 -translate-x-1/2 -translate-y-3/4 rounded-[50%] bg-gradient-to-r from-[#AE48FF] via-[#6C47FF] via-[25%] to-[#18CCFC] opacity-20 blur-xl" />
+            </div>
+
+            <h2>
+              <span className="sr-only">Clerk complete user management</span>
+            </h2>
+
+            <p className="text-center text-base leading-tight dark:text-white tracking-tight">
+              More than authentication...
+              <br />
+              <span className="text-2xl font-bold text-[#6C47FF] sm:text-[28px]">
+                Complete user management.
+              </span>
+            </p>
+
+            <div className="relative isolate">
+              <a
+                href="https://clerk.com?utm_source=sponsorship&utm_medium=website&utm_campaign=authjs&utm_content=09_01_2023"
+                className="relative isolate inline-flex h-8 items-center gap-1.5 rounded-[8px] px-4 text-[13px] font-semibold text-white before:absolute before:inset-0 before:-z-10 before:rounded-[inherit] before:shadow-lg before:shadow-[rgb(100_48_247/0.3)] after:absolute after:inset-0 after:rounded-[inherit] after:bg-[#6C47FF] after:shadow-[inset_0px_-8px_16px_-4px_#6430F7,inset_0px_0px_1px_1px_theme(colors.white/4%),inset_0px_1px_0px_theme(colors.white/10%),0px_0px_0px_1px_#6C47FF] dark:before:shadow-black"
+              >
+                <span className="z-20 flex items-center gap-1.5 bg-gradient-to-b from-white from-50% to-[#D7D4FF] bg-clip-text text-transparent drop-shadow-[0px_1px_1px_rgb(86_30_227/60%)]">
+                  <span>Get started for free</span>
+                  <ArrowIcon />
+                </span>
+              </a>
+
+              {[0, 1, 2, 3].map((i) => (
+                <Ring key={i} i={i} isInView={isInView} />
+              ))}
+            </div>
+
+            <div className="absolute left-1/2 top-0 -z-10 h-[140px] w-3/4 -translate-x-1/2 -translate-y-1/3 rotate-12 transform-gpu rounded-[50%] bg-gradient-to-r from-[#6C47FF] via-[#4818BF] via-25% to-sky-500 opacity-10 blur-3xl" />
+          </div>
+        </div>
+      </section>
+    </span>
+  )
+}
+
+function Ring({ i, isInView }) {
+  const transition = {
+    delay: i * 1,
+    duration: 4,
+    ease: "linear",
+    repeat: Infinity,
+    times: [0, 0.1, 1],
+  }
+
+  return (
+    <motion.div
+      className="pointer-events-none absolute left-1/2 top-1/2 -z-10 h-[275%] w-[135%] rounded-[22px] border border-[#6C47FF]/[.15] dark:border-[#6C47FF]/25"
+      style={{ x: "-50%", y: "-50%" }}
+      initial={{ opacity: 0, scaleX: 0.75, scaleY: 0.4 }}
+      animate={isInView ? { opacity: [0, 1, 0], scaleX: 1, scaleY: 1 } : {}}
+      transition={isInView ? transition : {}}
+    />
+  )
+}
+
+function ArrowIcon() {
+  const id = useId()
+
+  return (
+    <svg
+      width="10"
+      height="8"
+      viewBox="0 0 10 8"
+      fill="none"
+      xmlns="http://www.w3.org/2000/svg"
+    >
+      <path
+        d="M9.25 4.00144L5.78125 0.78125M9.25 4.00144L5.78125 7.21875M9.25 4.00144H0.765625"
+        stroke={`url(#${id})`}
+        strokeWidth="1.5"
+        strokeLinecap="round"
+        strokeLinejoin="round"
+      />
+      <defs>
+        <linearGradient
+          id={id}
+          x1="4.50"
+          y1="0.50"
+          x2="4.50"
+          y2="7.50"
+          gradientUnits="userSpaceOnUse"
+        >
+          <stop offset="0.50" stopColor="white" />
+          <stop offset="1" stopColor="#D7D4FF" />
+        </linearGradient>
+      </defs>
+    </svg>
+  )
+}
+
+export function AnimatedLogo() {
+  let inViewRef = useRef(null)
+  let isInView = useInView(inViewRef, {
+    amount: "all",
+    margin: "0px 0px -200px 0px",
+    once: true,
+  })
+
+  let [isAnimationFinished] = useState(false)
+
+  let wrapperContainer = useAnimationControls()
+  let iconContainer = useAnimationControls()
+
+  let iconShapeMono = useAnimationControls()
+  let iconPathMono = useAnimationControls()
+  let startCapMono = useAnimationControls()
+  let endCapMono = useAnimationControls()
+
+  let iconPathSpectrumContainer = useAnimationControls()
+  let iconPathSpectrum = useAnimationControls()
+  let startCapSpectrum = useAnimationControls()
+  let endCapSpectrum = useAnimationControls()
+
+  let iconDot = useAnimationControls()
+
+  let logoType = useAnimationControls()
+
+  useEffect(() => {
+    async function startAnimationSequence() {
+      await Promise.all([
+        iconContainer.start({
+          rotate: -135,
+          transition: { duration: animationDuration, ease: easeOut },
+        }),
+        startCapMono.start({ opacity: 1, transition: { duration: 0.1 } }),
+        endCapMono.start({
+          opacity: 1,
+          rotate: 0,
+          transition: {
+            duration: animationDuration,
+            ease: easeOut,
+            opacity: { duration: 0.1 },
+          },
+        }),
+        iconPathMono.start({
+          opacity: 1,
+          pathLength: 1,
+          transition: {
+            duration: animationDuration,
+            ease: easeOut,
+            opacity: { duration: 0.1 },
+          },
+        }),
+      ])
+
+      await Promise.all([
+        iconShapeMono.start({ opacity: 1, transition: { duration: 0 } }),
+        startCapMono.start({ opacity: 0, transition: { duration: 0 } }),
+      ])
+
+      await Promise.all([
+        iconContainer.start({
+          rotate: 0,
+          transition: { duration: animationDuration, ease: easeOut },
+          x: 0,
+        }),
+        endCapMono.start({
+          opacity: 1,
+          rotate: -180,
+          transition: {
+            duration: animationDuration,
+            ease: easeOut,
+            opacity: { duration: 0.1 },
+          },
+        }),
+        iconPathMono.start({
+          opacity: 1,
+          pathLength: 0,
+          transition: {
+            duration: animationDuration,
+            ease: easeOut,
+            opacity: { duration: 0.1 },
+          },
+        }),
+        iconPathSpectrumContainer.start({
+          rotate: 0,
+          transition: { duration: animationDuration, ease: easeOut },
+        }),
+        iconPathSpectrum.start({
+          opacity: 1,
+          pathLength: 1,
+          transition: {
+            duration: animationDuration,
+            ease: easeOut,
+            opacity: { duration: 0.1 },
+          },
+        }),
+        endCapSpectrum.start({
+          opacity: 1,
+          transition: { duration: 0.1 },
+        }),
+        startCapSpectrum.start({
+          opacity: 1,
+          rotate: 0,
+          transition: {
+            duration: animationDuration,
+            ease: easeOut,
+            opacity: { duration: 0.1 },
+          },
+        }),
+        iconDot.start({
+          opacity: 1,
+          scale: 1,
+          transition: {
+            duration: animationDuration,
+            ease: easeOut,
+            opacity: { duration: 0.2 },
+          },
+        }),
+        logoType.start({
+          WebkitMaskPosition: "100% 0%",
+          opacity: 1,
+          transition: {
+            WebkitMaskPosition: {
+              duration: animationDuration * 3,
+              ease: easeOut,
+            },
+            duration: animationDuration,
+            ease: easeOut,
+          },
+          x: 0,
+        }),
+      ])
+
+      // setIsAnimationFinished(true)
+
+      return
+    }
+
+    if (isInView) {
+      startAnimationSequence()
+    }
+  }, [
+    iconContainer,
+    endCapMono,
+    iconDot,
+    iconPathMono,
+    iconShapeMono,
+    logoType,
+    startCapMono,
+    wrapperContainer,
+    iconPathSpectrumContainer,
+    iconPathSpectrum,
+    endCapSpectrum,
+    startCapSpectrum,
+    isInView,
+  ])
+
+  return (
+    <motion.div
+      ref={inViewRef}
+      animate={wrapperContainer}
+      className="relative isolate flex scale-75 items-center gap-2 sm:scale-100"
+    >
+      {!isAnimationFinished && (
+        <motion.div
+          style={{ x: "138%" }}
+          animate={iconContainer}
+          className="relative"
+        >
+          <motion.svg
+            initial={{ opacity: 0 }}
+            animate={iconShapeMono}
+            width={width}
+            height={height}
+            viewBox="0 0 32 32"
+            fill="none"
+            xmlns="http://www.w3.org/2000/svg"
+          >
+            <path
+              d="M25.0101 27.8385C25.4355 28.2639 25.3928 28.9682 24.8929 29.303C22.3497 31.0065 19.2909 32 16 32C12.7091 32 9.65026 31.0065 7.10707 29.303C6.60723 28.9682 6.56452 28.2639 6.98992 27.8385L10.6439 24.1845C10.9741 23.8543 11.4864 23.8021 11.9021 24.0151C13.1312 24.6447 14.5241 25 16 25C17.4759 25 18.8688 24.6447 20.0979 24.0151C20.5136 23.8021 21.0259 23.8543 21.3561 24.1845L25.0101 27.8385Z"
+              className="fill-[#1C0452] dark:fill-white"
+            />
+            <path
+              d="M24.8929 2.697C25.3928 3.0318 25.4355 3.73609 25.0101 4.16149L21.3561 7.81545C21.0259 8.14569 20.5135 8.19786 20.0979 7.98491C18.8688 7.35525 17.4759 7 16 7C11.0294 7 7 11.0294 7 16C7 17.4759 7.35525 18.8688 7.98491 20.0979C8.19786 20.5135 8.14569 21.0259 7.81545 21.3561L4.16149 25.0101C3.73609 25.4355 3.0318 25.3928 2.697 24.8929C0.993528 22.3497 0 19.2909 0 16C0 7.16344 7.16344 0 16 0C19.2909 0 22.3497 0.993528 24.8929 2.697Z"
+              className="fill-[#1C0452] dark:fill-white"
+            />
+          </motion.svg>
+
+          <svg
+            className="absolute inset-0"
+            width={width}
+            height={height}
+            viewBox="0 0 32 32"
+            xmlns="http://www.w3.org/2000/svg"
+          >
+            <motion.path
+              className="stroke-[#1C0452] dark:stroke-white"
+              initial={{ opacity: 0, pathLength: 0 }}
+              animate={iconPathMono}
+              d="M4.7719 21.5C3.95737 19.8403 3.5 17.9736 3.5 16C3.5 9.09644 9.09644 3.5 16 3.5C17.5864 3.5 19.1037 3.79551 20.5 4.33449C25.1801 6.14103 28.5 10.6828 28.5 16C28.5 22.9036 22.9036 28.5 16 28.5C14.0264 28.5 11.875 27.9297 10.25 27.1016"
+              strokeWidth="7"
+              fill="none"
+            />
+            <motion.path
+              className="fill-[#1C0452] dark:fill-white"
+              initial={{ opacity: 0 }}
+              animate={startCapMono}
+              d="M7.8413 19.8045L1.49564 22.7635C1.84251 23.5061 2.24473 24.2177 2.697 24.8929C3.0318 25.3927 3.73609 25.4355 4.16149 25.0101L7.81545 21.3561C8.14569 21.0259 8.19786 20.5135 7.98492 20.0979C7.93533 20.0011 7.88745 19.9033 7.8413 19.8045Z"
+            />
+          </svg>
+
+          {/* End cap */}
+          <motion.svg
+            initial={{ opacity: 0, rotate: -322 }}
+            animate={endCapMono}
+            className="absolute inset-0 fill-[#1C0452] dark:fill-white"
+            width={width}
+            height={height}
+            viewBox="0 0 32 32"
+            xmlns="http://www.w3.org/2000/svg"
+          >
+            <path d="M7.10709 29.303C6.60725 28.9682 6.56454 28.2639 6.98994 27.8385L10.6439 24.1846C10.9741 23.8543 11.4865 23.8021 11.9021 24.0151C11.9989 24.0647 12.0967 24.1126 12.1955 24.1587L9.23649 30.5044C8.49388 30.1575 7.78231 29.7553 7.10709 29.303Z" />
+          </motion.svg>
+
+          <svg
+            className="absolute inset-0 fill-[#1C0452] dark:fill-white"
+            width={width}
+            height={height}
+            viewBox="0 0 32 32"
+            xmlns="http://www.w3.org/2000/svg"
+          >
+            <motion.circle
+              initial={{ opacity: 0, scale: 0.75 }}
+              animate={iconDot}
+              cx="16"
+              cy="16"
+              r="5"
+            />
+          </svg>
+
+          <motion.svg
+            initial={{ rotate: 180 }}
+            animate={iconPathSpectrumContainer}
+            className="absolute inset-0"
+            width={width}
+            height={height}
+            viewBox="0 0 32 32"
+            fill="none"
+            xmlns="http://www.w3.org/2000/svg"
+          >
+            <motion.path
+              initial={{ opacity: 0, pathLength: 0 }}
+              animate={iconPathSpectrum}
+              d="M21.6661,4.85498C21.2881,4.66241 20.899,4.48851 20.5,4.33449C19.1037,3.79551 17.5864,3.5 16,3.5C9.09644,3.5 3.5,9.09644 3.5,16C3.5,17.9736 3.95737,19.8403 4.7719,21.5"
+              stroke="url(#paint0_linear_45_194)"
+              strokeWidth="7"
+            />
+
+            <motion.path
+              initial={{ opacity: 0, pathLength: 0 }}
+              animate={endCapSpectrum}
+              d="M25.0101 4.16148C25.4355 3.73608 25.3927 3.03179 24.8929 2.69699C24.8134 2.64375 24.7335 2.59121 24.653 2.53938C24.0497 2.15079 23.4187 1.80165 22.7635 1.49561L19.8045 7.84128L19.8069 7.84239C19.9048 7.88819 20.0019 7.93571 20.0979 7.9849C20.5135 8.19784 21.0259 8.14568 21.3561 7.81543L25.0101 4.16148Z"
+              fill="url(#paint0_linear_45_213)"
+            />
+            <defs>
+              <linearGradient
+                id="paint0_linear_45_194"
+                x1="24.5"
+                y1="3.5"
+                x2="3.5"
+                y2="24.5"
+                gradientUnits="userSpaceOnUse"
+              >
+                <stop stopColor="#56C2FF" />
+                <stop offset="0.66" stopColor="#6C47FF" />
+                <stop offset="1" stopColor="#9C49FE" />
+              </linearGradient>
+              <linearGradient
+                id="paint0_linear_45_213"
+                x1="3.5"
+                y1="25"
+                x2="25.4653"
+                y2="3.98633"
+                gradientUnits="userSpaceOnUse"
+              >
+                <stop stopColor="#9B48FD" />
+                <stop offset="0.389423" stopColor="#6C47FF" />
+                <stop offset="1" stopColor="#55C1FF" />
+              </linearGradient>
+            </defs>
+          </motion.svg>
+
+          <motion.svg
+            initial={{ opacity: 0, rotate: 322 }}
+            animate={startCapSpectrum}
+            className="absolute inset-0"
+            width={width}
+            height={height}
+            viewBox="0 0 32 32"
+            fill="none"
+            xmlns="http://www.w3.org/2000/svg"
+          >
+            <path
+              d="M1.55694 22.8933C1.88964 23.5891 2.27113 24.2571 2.697 24.8929C2.7783 25.0143 2.8814 25.1087 2.99701 25.176C3.29792 25.3512 3.68357 25.3427 3.99016 25.1477C4.05078 25.1091 4.10831 25.0632 4.16149 25.0101L7.81544 21.3561C7.85673 21.3148 7.89366 21.2707 7.92628 21.2243C8.15459 20.8993 8.17124 20.4616 7.98491 20.0979C7.97999 20.0883 7.97509 20.0787 7.9702 20.069C7.92584 19.9817 7.88287 19.8935 7.8413 19.8045L1.49563 22.7635C1.51588 22.8069 1.53632 22.8501 1.55694 22.8933Z"
+              fill="url(#paint0_linear_45_202)"
+            />
+            <defs>
+              <linearGradient
+                id="paint0_linear_45_202"
+                x1="3.5"
+                y1="25"
+                x2="25.4653"
+                y2="3.98633"
+                gradientUnits="userSpaceOnUse"
+              >
+                <stop stopColor="#9B48FD" />
+                <stop offset="0.33" stopColor="#6C47FF" />
+                <stop offset="1" stopColor="#55C1FF" />
+              </linearGradient>
+            </defs>
+          </motion.svg>
+        </motion.div>
+      )}
+
+      {isAnimationFinished && (
+        <svg
+          width={width}
+          height={height}
+          viewBox="0 0 32 32"
+          fill="none"
+          xmlns="http://www.w3.org/2000/svg"
+        >
+          <path
+            d="M25.0101 27.8385C25.4355 28.2639 25.3928 28.9682 24.8929 29.303C22.3497 31.0064 19.2909 32 16 32C12.7091 32 9.65028 31.0064 7.10708 29.303C6.60725 28.9682 6.56453 28.2639 6.98993 27.8385L10.6439 24.1845C10.9741 23.8543 11.4864 23.8021 11.9021 24.0151C13.1312 24.6447 14.5241 25 16 25C17.4759 25 18.8688 24.6447 20.0979 24.0151C20.5136 23.8021 21.0259 23.8543 21.3561 24.1845L25.0101 27.8385Z"
+            className="fill-[#1C0452] dark:fill-white"
+          />
+          <circle
+            className="fill-[#1C0452] dark:fill-white"
+            cx="16"
+            cy="16"
+            r="5"
+          />
+          <path
+            d="M4.7719 21.5C3.95737 19.8403 3.5 17.9736 3.5 16C3.5 9.09644 9.09644 3.5 16 3.5C17.5864 3.5 19.1037 3.79551 20.5 4.33449C20.899 4.48851 21.2881 4.66241 21.6661 4.85498"
+            stroke="url(#paint0_linear_52_261)"
+            strokeWidth="7"
+          />
+          <path
+            d="M1.55691 22.8933C1.88961 23.5891 2.2711 24.2571 2.69697 24.8929C2.77828 25.0143 2.88138 25.1087 2.99698 25.176C3.29789 25.3512 3.68354 25.3427 3.99013 25.1477C4.05075 25.1091 4.10828 25.0632 4.16146 25.0101L7.81542 21.3561C7.8567 21.3148 7.89363 21.2707 7.92625 21.2243C8.15456 20.8993 8.17121 20.4616 7.98488 20.0979C7.97996 20.0883 7.97506 20.0787 7.97017 20.069C7.92581 19.9817 7.88284 19.8935 7.84127 19.8045L1.49561 22.7635C1.51585 22.8069 1.53629 22.8501 1.55691 22.8933Z"
+            fill="url(#paint1_linear_52_261)"
+          />
+          <path
+            d="M25.0101 4.16148C25.4355 3.73608 25.3928 3.03179 24.8929 2.69699C24.8135 2.64375 24.7335 2.59121 24.653 2.53938C24.0498 2.15079 23.4187 1.80165 22.7635 1.49561L19.8045 7.84128L19.8069 7.84239C19.9049 7.88819 20.0019 7.93571 20.0979 7.9849C20.5136 8.19784 21.0259 8.14568 21.3561 7.81543L25.0101 4.16148Z"
+            fill="url(#paint2_linear_52_261)"
+          />
+          <defs>
+            <linearGradient
+              id="paint0_linear_52_261"
+              x1="24.5"
+              y1="3.5"
+              x2="3.5"
+              y2="24.5"
+              gradientUnits="userSpaceOnUse"
+            >
+              <stop stopColor="#56C2FF" />
+              <stop offset="0.66" stopColor="#6C47FF" />
+              <stop offset="1" stopColor="#9C49FE" />
+            </linearGradient>
+            <linearGradient
+              id="paint1_linear_52_261"
+              x1="3.49997"
+              y1="25"
+              x2="25.4652"
+              y2="3.98633"
+              gradientUnits="userSpaceOnUse"
+            >
+              <stop stopColor="#9B48FD" />
+              <stop offset="0.389423" stopColor="#6C47FF" />
+              <stop offset="1" stopColor="#55C1FF" />
+            </linearGradient>
+            <linearGradient
+              id="paint2_linear_52_261"
+              x1="3.50003"
+              y1="25"
+              x2="25.4653"
+              y2="3.98633"
+              gradientUnits="userSpaceOnUse"
+            >
+              <stop stopColor="#9B48FD" />
+              <stop offset="0.389423" stopColor="#6C47FF" />
+              <stop offset="1" stopColor="#55C1FF" />
+            </linearGradient>
+          </defs>
+        </svg>
+      )}
+
+      <motion.svg
+        className="fill-[#1C0452] [mask-image:linear-gradient(90deg,transparent_30%,black_60%)] [mask-size:300%_100%] dark:fill-white"
+        initial={{ WebkitMaskPosition: "0% 0%", opacity: 0, x: "-20%" }}
+        animate={logoType}
+        width={67 * 3}
+        height={22 * 3}
+        viewBox="0 0 67 22"
+        xmlns="http://www.w3.org/2000/svg"
+      >
+        <path
+          fillRule="evenodd"
+          clipRule="evenodd"
+          d="M17.1071 0H20.7394V21.7459H17.1071V0ZM12.407 17.1147C11.887 17.6425 11.2626 18.061 10.5719 18.3447C9.88121 18.6285 9.13867 18.7713 8.3897 18.7646C7.75719 18.7834 7.12745 18.6751 6.53933 18.4465C5.9512 18.2179 5.41705 17.8738 4.96982 17.4354C4.15743 16.6055 3.68984 15.4206 3.68984 14.0081C3.68984 11.1806 5.56976 9.24662 8.3897 9.24662C9.14602 9.2362 9.89539 9.38947 10.5842 9.69537C11.2731 10.0014 11.8844 10.4525 12.3746 11.0165L14.8145 8.90395C13.2245 7.01405 10.6446 6.03728 8.19471 6.03728C3.39992 6.03728 0 9.27362 0 14.035C0 16.39 0.844958 18.373 2.2699 19.7732C3.69483 21.1735 5.72483 21.996 8.06721 21.996C11.1096 21.996 13.537 20.7867 14.8995 19.2665L12.407 17.1147ZM38.3352 13.8163C38.3285 14.2935 38.2951 14.77 38.2352 15.2436H26.7081C27.188 17.4296 28.8731 18.7638 31.208 18.7638C31.964 18.7796 32.7135 18.6246 33.3986 18.3109C34.0836 17.9971 34.6856 17.5331 35.1578 16.9547L35.2753 17.0526L37.6553 19.1163C36.3228 20.7761 34.1003 22 31.013 22C26.4131 22 22.9433 18.8274 22.9433 14.0073C22.9433 11.6425 23.7607 9.65951 25.1231 8.25928C25.8423 7.53925 26.7044 6.971 27.6563 6.58957C28.6081 6.20813 29.6297 6.02156 30.6579 6.04136C35.3202 6.04136 38.3352 9.30707 38.3352 13.8163ZM27.7356 10.5262C27.2625 11.0604 26.9303 11.7 26.7681 12.389H34.6678C34.2203 10.5164 32.9203 9.24586 30.8454 9.24586C30.2635 9.22748 29.6844 9.3324 29.1476 9.5533C28.611 9.77433 28.1292 10.1062 27.7356 10.5262ZM49.5641 5.99467V9.96047C49.1441 9.92871 48.7217 9.89682 48.4642 9.89682C45.7142 9.89682 44.1543 11.8308 44.1543 14.3694V21.7454H40.527V6.21501H44.1543V8.56754H44.1869C45.4193 6.91759 47.1867 5.99958 49.1117 5.99958L49.5641 5.99467ZM55.3999 18.0984L58.0223 15.2414H58.0898L62.2047 21.7459H66.287L60.4872 12.5143L66.187 6.26454H61.8772L55.3999 13.3393V0H51.77V21.7459H55.3999V18.0984Z"
+        />
+      </motion.svg>
+    </motion.div>
+  )
+}
--- a/docs/src/css/index.css
+++ b/docs/src/css/index.css
@@ -1,3 +1,9 @@
+.tailwind {
+  @tailwind base;
+  @tailwind components;
+  @tailwind utilities;
+}
+
 /* stylelint-disable docusaurus/copyright-header */
 /**
 * Any CSS included here will be global. The classic template
--- a/docs/src/pages/index.js
+++ b/docs/src/pages/index.js
@@ -8,6 +8,7 @@ import CodeBlock from "@theme/CodeBlock"
 import ProviderMarquee from "../components/ProviderMarquee"
 import Seo from "./seo"
 import styles from "./index.module.css"
+import { Clerk } from "../components/clerk"

 const features = [
  {
@@ -152,6 +153,7 @@ function Home() {
                  </h2>
                </div>
              </div>
+              <Clerk />
              <div className="row">
                {features.map((props, idx) => (
                  <Feature key={idx} {...props} />
--- a/docs/static/img/background-pattern.svg
+++ b/docs/static/img/background-pattern.svg
@@ -0,0 +1,100 @@
+<svg
+  width="48"
+  height="36"
+  viewBox="0 0 56 42"
+  fill="none"
+  xmlns="http://www.w3.org/2000/svg"
+  stroke="#E7E8F1"
+  stroke-width="1"
+>
+  <path
+    d="M45.8935 7.4645L41.483 11.8749C41.3445 12.0134 41.1633 12.1013 40.9689 12.1245C40.7743 12.1478 40.5777 12.105 40.4103 12.0032C38.6755 10.9566 36.6746 10.4346 34.6494 10.5003C32.6242 10.566 30.6615 11.2165 28.998 12.3734C27.975 13.0855 27.0866 13.9738 26.3745 14.9969C25.219 16.6614 24.5691 18.6242 24.5029 20.6494C24.4367 22.6746 24.957 24.6758 26.0014 26.4122C26.1025 26.5792 26.1448 26.7752 26.1216 26.9692C26.0983 27.163 26.0109 27.3435 25.8731 27.482L21.4627 31.8923C21.3739 31.9817 21.2668 32.0509 21.1488 32.095C21.0308 32.1393 20.9046 32.1573 20.7789 32.1483C20.6532 32.1391 20.531 32.103 20.4206 32.0422C20.3102 31.9814 20.2142 31.8975 20.1393 31.7961C17.753 28.5161 16.5197 24.5383 16.632 20.4836C16.7444 16.4289 18.1959 12.5255 20.7602 9.38257C21.543 8.42097 22.4221 7.54189 23.3837 6.75906C26.5264 4.19551 30.4292 2.74437 34.4833 2.63205C38.5373 2.51973 42.5145 3.75255 45.7943 6.13816C45.8964 6.21286 45.9809 6.3088 46.0422 6.41934C46.1036 6.52989 46.1402 6.65241 46.1497 6.77848C46.1592 6.90455 46.1411 7.03117 46.0969 7.1496C46.0526 7.26803 45.9832 7.37547 45.8935 7.4645Z"
+  />
+  <path
+    d="M45.8897 34.5161L41.4792 30.1057C41.3407 29.9672 41.1595 29.8794 40.9651 29.8561C40.7706 29.8328 40.5739 29.8755 40.4065 29.9773C38.7707 30.9641 36.8965 31.4858 34.9861 31.4858C33.0756 31.4858 31.2014 30.9641 29.5656 29.9773C29.3983 29.8755 29.2016 29.8328 29.007 29.8561C28.8125 29.8794 28.6315 29.9672 28.4929 30.1057L24.0824 34.5161C23.9899 34.6049 23.9182 34.7132 23.8722 34.8329C23.8261 34.9527 23.8071 35.0811 23.8163 35.2091C23.8254 35.3371 23.8626 35.4614 23.9253 35.5734C23.9879 35.6854 24.0744 35.7822 24.1786 35.8569C27.3181 38.1412 31.1007 39.3716 34.9832 39.3716C38.8656 39.3716 42.6482 38.1412 45.7877 35.8569C45.8923 35.7827 45.9793 35.6862 46.0425 35.5744C46.1056 35.4627 46.1434 35.3385 46.1532 35.2105C46.1629 35.0825 46.1443 34.9539 46.0989 34.834C46.0532 34.714 45.9819 34.6054 45.8897 34.5161Z"
+  />
+  <path
+    d="M34.997 26.244C37.8964 26.244 40.247 23.8935 40.247 20.994C40.247 18.0946 37.8964 15.744 34.997 15.744C32.0975 15.744 29.747 18.0946 29.747 20.994C29.747 23.8935 32.0975 26.244 34.997 26.244Z"
+  />
+  <path
+    d="M-10.8935 -13.5355L-6.48304 -9.12508C-6.34447 -8.98664 -6.16334 -8.89874 -5.96889 -8.87548C-5.77429 -8.85223 -5.5777 -8.89496 -5.41035 -8.99681C-3.67546 -10.0434 -1.67461 -10.5654 0.350573 -10.4997C2.37576 -10.434 4.33849 -9.78347 6.00196 -8.6266C7.02502 -7.91449 7.91335 -7.02616 8.62548 -6.00309C9.78097 -4.33862 10.4309 -2.37576 10.4971 -0.350574C10.5633 1.67461 10.0429 3.67576 8.99861 5.41218C8.89748 5.57923 8.85516 5.77521 8.87841 5.9692C8.90165 6.16304 8.98912 6.34355 9.12687 6.48196L13.5373 10.8923C13.6261 10.9817 13.7332 11.0509 13.8512 11.095C13.9692 11.1393 14.0954 11.1573 14.2211 11.1483C14.3468 11.1391 14.469 11.103 14.5794 11.0422C14.6898 10.9814 14.7858 10.8975 14.8607 10.7961C17.247 7.51607 18.4803 3.53827 18.368 -0.516392C18.2556 -4.57108 16.8041 -8.47452 14.2398 -11.6174C13.457 -12.579 12.5779 -13.4581 11.6163 -14.2409C8.47363 -16.8045 4.57076 -18.2556 0.516696 -18.368C-3.53735 -18.4803 -7.51454 -17.2474 -10.7943 -14.8618C-10.8964 -14.7871 -10.981 -14.6912 -11.0422 -14.5807C-11.1036 -14.4701 -11.1402 -14.3476 -11.1497 -14.2215C-11.1592 -14.0955 -11.1411 -13.9688 -11.0969 -13.8504C-11.0526 -13.732 -10.9832 -13.6245 -10.8935 -13.5355Z"
+  />
+  <path
+    d="M-10.8897 13.5161L-6.47923 9.10565C-6.34066 8.96724 -6.15953 8.87936 -5.96508 8.85608C-5.77063 8.83281 -5.57388 8.87553 -5.40654 8.97735C-3.77071 9.96414 -1.89649 10.4858 0.0138683 10.4858C1.92438 10.4858 3.79857 9.96414 5.43441 8.97735C5.60174 8.87553 5.79843 8.83281 5.99295 8.85608C6.18747 8.87936 6.36853 8.96724 6.50713 9.10565L10.9176 13.5161C11.01 13.6049 11.0818 13.7132 11.1278 13.8329C11.1738 13.9527 11.1929 14.0811 11.1837 14.2091C11.1746 14.3371 11.1373 14.4614 11.0747 14.5734C11.0121 14.6854 10.9256 14.7822 10.8214 14.8569C7.68191 17.1412 3.89931 18.3716 0.016777 18.3716C-3.86564 18.3716 -7.64822 17.1412 -10.7877 14.8569C-10.8923 14.7827 -10.9793 14.6862 -11.0425 14.5744C-11.1056 14.4627 -11.1434 14.3385 -11.1532 14.2105C-11.1629 14.0825 -11.1443 13.9539 -11.0989 13.834C-11.0532 13.714 -10.9819 13.6054 -10.8897 13.5161Z"
+  />
+  <path
+    d="M0.00299549 5.24402C-2.89638 5.24402 -5.24701 2.89352 -5.24701 -0.00602722C-5.24701 -2.90543 -2.89638 -5.25598 0.00299549 -5.25598C2.90252 -5.25598 5.25299 -2.90543 5.25299 -0.00602722C5.25299 2.89352 2.90252 5.24402 0.00299549 5.24402Z"
+  />
+  <path
+    d="M45.1065 -13.5355L49.517 -9.12508C49.6555 -8.98664 49.8367 -8.89874 50.0311 -8.87548C50.2257 -8.85223 50.4223 -8.89496 50.5897 -8.99681C52.3245 -10.0434 54.3254 -10.5654 56.3506 -10.4997C58.3758 -10.434 60.3385 -9.78347 62.002 -8.6266C63.025 -7.91449 63.9134 -7.02616 64.6255 -6.00309C65.781 -4.33862 66.4309 -2.37576 66.4971 -0.350574C66.5633 1.67461 66.0429 3.67576 64.9986 5.41218C64.8975 5.57923 64.8552 5.77521 64.8784 5.9692C64.9016 6.16304 64.9891 6.34355 65.1269 6.48196L69.5373 10.8923C69.6261 10.9817 69.7332 11.0509 69.8512 11.095C69.9692 11.1393 70.0954 11.1573 70.2211 11.1483C70.3468 11.1391 70.469 11.103 70.5794 11.0422C70.6898 10.9814 70.7858 10.8975 70.8607 10.7961C73.247 7.51607 74.4803 3.53827 74.368 -0.516392C74.2556 -4.57108 72.8041 -8.47452 70.2398 -11.6174C69.457 -12.579 68.5779 -13.4581 67.6163 -14.2409C64.4736 -16.8045 60.5708 -18.2556 56.5167 -18.368C52.4626 -18.4803 48.4855 -17.2474 45.2057 -14.8618C45.1036 -14.7871 45.019 -14.6912 44.9578 -14.5807C44.8964 -14.4701 44.8598 -14.3476 44.8503 -14.2215C44.8408 -14.0955 44.8589 -13.9688 44.9031 -13.8504C44.9474 -13.732 45.0168 -13.6245 45.1065 -13.5355Z"
+  />
+  <path
+    d="M45.1103 13.5161L49.5208 9.10565C49.6593 8.96724 49.8405 8.87936 50.0349 8.85608C50.2294 8.83281 50.4261 8.87553 50.5935 8.97735C52.2293 9.96414 54.1035 10.4858 56.0139 10.4858C57.9244 10.4858 59.7986 9.96414 61.4344 8.97735C61.6017 8.87553 61.7984 8.83281 61.993 8.85608C62.1875 8.87936 62.3685 8.96724 62.5071 9.10565L66.9176 13.5161C67.01 13.6049 67.0818 13.7132 67.1278 13.8329C67.1739 13.9527 67.1929 14.0811 67.1837 14.2091C67.1746 14.3371 67.1373 14.4614 67.0747 14.5734C67.0121 14.6854 66.9256 14.7822 66.8214 14.8569C63.6819 17.1412 59.8993 18.3716 56.0168 18.3716C52.1344 18.3716 48.3518 17.1412 45.2123 14.8569C45.1077 14.7827 45.0207 14.6862 44.9575 14.5744C44.8944 14.4627 44.8566 14.3385 44.8468 14.2105C44.8371 14.0825 44.8557 13.9539 44.9011 13.834C44.9468 13.714 45.0181 13.6054 45.1103 13.5161Z"
+  />
+  <path
+    d="M56.003 5.24402C53.1036 5.24402 50.753 2.89352 50.753 -0.00602722C50.753 -2.90543 53.1036 -5.25598 56.003 -5.25598C58.9025 -5.25598 61.253 -2.90543 61.253 -0.00602722C61.253 2.89352 58.9025 5.24402 56.003 5.24402Z"
+  />
+  <path
+    d="M-10.8935 28.4645L-6.48304 32.8749C-6.34447 33.0134 -6.16334 33.1013 -5.96889 33.1245C-5.77429 33.1478 -5.5777 33.105 -5.41035 33.0032C-3.67546 31.9566 -1.67461 31.4346 0.350573 31.5003C2.37576 31.566 4.33849 32.2165 6.00196 33.3734C7.02502 34.0855 7.91335 34.9738 8.62548 35.9969C9.78097 37.6614 10.4309 39.6242 10.4971 41.6494C10.5633 43.6746 10.0429 45.6758 8.99861 47.4122C8.89748 47.5792 8.85516 47.7752 8.87841 47.9692C8.90165 48.163 8.98912 48.3436 9.12687 48.482L13.5373 52.8923C13.6261 52.9817 13.7332 53.0509 13.8512 53.095C13.9692 53.1393 14.0954 53.1573 14.2211 53.1483C14.3468 53.1391 14.469 53.103 14.5794 53.0422C14.6898 52.9814 14.7858 52.8975 14.8607 52.7962C17.247 49.5161 18.4803 45.5383 18.368 41.4836C18.2556 37.4289 16.8041 33.5255 14.2398 30.3826C13.457 29.421 12.5779 28.5419 11.6163 27.7591C8.47363 25.1955 4.57076 23.7444 0.516696 23.632C-3.53735 23.5197 -7.51454 24.7526 -10.7943 27.1382C-10.8964 27.2129 -10.981 27.3088 -11.0422 27.4193C-11.1036 27.5299 -11.1402 27.6524 -11.1497 27.7785C-11.1592 27.9045 -11.1411 28.0312 -11.0969 28.1496C-11.0526 28.268 -10.9832 28.3755 -10.8935 28.4645Z"
+  />
+  <path
+    d="M-10.8897 55.5161L-6.47923 51.1057C-6.34066 50.9672 -6.15953 50.8794 -5.96508 50.8561C-5.77063 50.8328 -5.57388 50.8755 -5.40654 50.9773C-3.77071 51.9641 -1.89649 52.4858 0.0138683 52.4858C1.92438 52.4858 3.79857 51.9641 5.43441 50.9773C5.60174 50.8755 5.79843 50.8328 5.99295 50.8561C6.18747 50.8794 6.36853 50.9672 6.50713 51.1057L10.9176 55.5161C11.01 55.6049 11.0818 55.7132 11.1278 55.8329C11.1738 55.9527 11.1929 56.0811 11.1837 56.2091C11.1746 56.3371 11.1373 56.4614 11.0747 56.5734C11.0121 56.6854 10.9256 56.7822 10.8214 56.8569C7.68191 59.1412 3.89931 60.3716 0.016777 60.3716C-3.86564 60.3716 -7.64822 59.1412 -10.7877 56.8569C-10.8923 56.7827 -10.9793 56.6862 -11.0425 56.5744C-11.1056 56.4627 -11.1434 56.3385 -11.1532 56.2105C-11.1629 56.0825 -11.1443 55.9539 -11.0989 55.834C-11.0532 55.714 -10.9819 55.6054 -10.8897 55.5161Z"
+  />
+  <path
+    d="M0.00299549 47.244C-2.89638 47.244 -5.24701 44.8935 -5.24701 41.994C-5.24701 39.0946 -2.89638 36.744 0.00299549 36.744C2.90252 36.744 5.25299 39.0946 5.25299 41.994C5.25299 44.8935 2.90252 47.244 0.00299549 47.244Z"
+  />
+  <path
+    d="M45.1065 28.4645L49.517 32.8749C49.6555 33.0134 49.8367 33.1013 50.0311 33.1245C50.2257 33.1478 50.4223 33.105 50.5897 33.0032C52.3245 31.9566 54.3254 31.4346 56.3506 31.5003C58.3758 31.566 60.3385 32.2165 62.002 33.3734C63.025 34.0855 63.9134 34.9738 64.6255 35.9969C65.781 37.6614 66.4309 39.6242 66.4971 41.6494C66.5633 43.6746 66.0429 45.6758 64.9986 47.4122C64.8975 47.5792 64.8552 47.7752 64.8784 47.9692C64.9016 48.163 64.9891 48.3436 65.1269 48.482L69.5373 52.8923C69.6261 52.9817 69.7332 53.0509 69.8512 53.095C69.9692 53.1393 70.0954 53.1573 70.2211 53.1483C70.3468 53.1391 70.469 53.103 70.5794 53.0422C70.6898 52.9814 70.7858 52.8975 70.8607 52.7962C73.247 49.5161 74.4803 45.5383 74.368 41.4836C74.2556 37.4289 72.8041 33.5255 70.2398 30.3826C69.457 29.421 68.5779 28.5419 67.6163 27.7591C64.4736 25.1955 60.5708 23.7444 56.5167 23.632C52.4626 23.5197 48.4855 24.7526 45.2057 27.1382C45.1036 27.2129 45.019 27.3088 44.9578 27.4193C44.8964 27.5299 44.8598 27.6524 44.8503 27.7785C44.8408 27.9045 44.8589 28.0312 44.9031 28.1496C44.9474 28.268 45.0168 28.3755 45.1065 28.4645Z"
+  />
+  <path
+    d="M45.1103 55.5161L49.5208 51.1057C49.6593 50.9672 49.8405 50.8794 50.0349 50.8561C50.2294 50.8328 50.4261 50.8755 50.5935 50.9773C52.2293 51.9641 54.1035 52.4858 56.0139 52.4858C57.9244 52.4858 59.7986 51.9641 61.4344 50.9773C61.6017 50.8755 61.7984 50.8328 61.993 50.8561C62.1875 50.8794 62.3685 50.9672 62.5071 51.1057L66.9176 55.5161C67.01 55.6049 67.0818 55.7132 67.1278 55.8329C67.1739 55.9527 67.1929 56.0811 67.1837 56.2091C67.1746 56.3371 67.1373 56.4614 67.0747 56.5734C67.0121 56.6854 66.9256 56.7822 66.8214 56.8569C63.6819 59.1412 59.8993 60.3716 56.0168 60.3716C52.1344 60.3716 48.3518 59.1412 45.2123 56.8569C45.1077 56.7827 45.0207 56.6862 44.9575 56.5744C44.8944 56.4627 44.8566 56.3385 44.8468 56.2105C44.8371 56.0825 44.8557 55.9539 44.9011 55.834C44.9468 55.714 45.0181 55.6054 45.1103 55.5161Z"
+  />
+  <path
+    d="M56.003 47.244C53.1036 47.244 50.753 44.8935 50.753 41.994C50.753 39.0946 53.1036 36.744 56.003 36.744C58.9025 36.744 61.253 39.0946 61.253 41.994C61.253 44.8935 58.9025 47.244 56.003 47.244Z"
+  />
+  <path
+    d="M45.8935 7.4645L41.483 11.8749C41.3445 12.0134 41.1633 12.1013 40.9689 12.1245C40.7743 12.1478 40.5777 12.105 40.4103 12.0032C38.6755 10.9566 36.6746 10.4346 34.6494 10.5003C32.6242 10.566 30.6615 11.2165 28.998 12.3734C27.975 13.0855 27.0866 13.9738 26.3745 14.9969C25.219 16.6614 24.5691 18.6242 24.5029 20.6494C24.4367 22.6746 24.957 24.6758 26.0014 26.4122C26.1025 26.5792 26.1448 26.7752 26.1216 26.9692C26.0983 27.163 26.0109 27.3435 25.8731 27.482L21.4627 31.8923C21.3739 31.9817 21.2668 32.0509 21.1488 32.095C21.0308 32.1393 20.9046 32.1573 20.7789 32.1483C20.6532 32.1391 20.531 32.103 20.4206 32.0422C20.3102 31.9814 20.2142 31.8975 20.1393 31.7961C17.753 28.5161 16.5197 24.5383 16.632 20.4836C16.7444 16.4289 18.1959 12.5255 20.7602 9.38257C21.543 8.42097 22.4221 7.54189 23.3837 6.75906C26.5264 4.19551 30.4292 2.74437 34.4833 2.63205C38.5373 2.51973 42.5145 3.75255 45.7943 6.13816C45.8964 6.21286 45.9809 6.3088 46.0422 6.41934C46.1036 6.52989 46.1402 6.65241 46.1497 6.77848C46.1592 6.90455 46.1411 7.03117 46.0969 7.1496C46.0526 7.26803 45.9832 7.37547 45.8935 7.4645Z"
+  />
+  <path
+    d="M45.8897 34.5161L41.4792 30.1057C41.3407 29.9672 41.1595 29.8794 40.9651 29.8561C40.7706 29.8328 40.5739 29.8755 40.4065 29.9773C38.7707 30.9641 36.8965 31.4858 34.9861 31.4858C33.0756 31.4858 31.2014 30.9641 29.5656 29.9773C29.3983 29.8755 29.2016 29.8328 29.007 29.8561C28.8125 29.8794 28.6315 29.9672 28.4929 30.1057L24.0824 34.5161C23.9899 34.6049 23.9182 34.7132 23.8722 34.8329C23.8261 34.9527 23.8071 35.0811 23.8163 35.2091C23.8254 35.3371 23.8626 35.4614 23.9253 35.5734C23.9879 35.6854 24.0744 35.7822 24.1786 35.8569C27.3181 38.1412 31.1007 39.3716 34.9832 39.3716C38.8656 39.3716 42.6482 38.1412 45.7877 35.8569C45.8923 35.7827 45.9793 35.6862 46.0425 35.5744C46.1056 35.4627 46.1434 35.3385 46.1532 35.2105C46.1629 35.0825 46.1443 34.9539 46.0989 34.834C46.0532 34.714 45.9819 34.6054 45.8897 34.5161Z"
+  />
+  <path
+    d="M34.997 26.244C37.8964 26.244 40.247 23.8935 40.247 20.994C40.247 18.0946 37.8964 15.744 34.997 15.744C32.0975 15.744 29.747 18.0946 29.747 20.994C29.747 23.8935 32.0975 26.244 34.997 26.244Z"
+  />
+  <path
+    d="M-10.8935 -13.5355L-6.48304 -9.12508C-6.34447 -8.98664 -6.16334 -8.89874 -5.96889 -8.87548C-5.77429 -8.85223 -5.5777 -8.89496 -5.41035 -8.99681C-3.67546 -10.0434 -1.67461 -10.5654 0.350573 -10.4997C2.37576 -10.434 4.33849 -9.78347 6.00196 -8.6266C7.02502 -7.91449 7.91335 -7.02616 8.62548 -6.00309C9.78097 -4.33862 10.4309 -2.37576 10.4971 -0.350574C10.5633 1.67461 10.0429 3.67576 8.99861 5.41218C8.89748 5.57923 8.85516 5.77521 8.87841 5.9692C8.90165 6.16304 8.98912 6.34355 9.12687 6.48196L13.5373 10.8923C13.6261 10.9817 13.7332 11.0509 13.8512 11.095C13.9692 11.1393 14.0954 11.1573 14.2211 11.1483C14.3468 11.1391 14.469 11.103 14.5794 11.0422C14.6898 10.9814 14.7858 10.8975 14.8607 10.7961C17.247 7.51607 18.4803 3.53827 18.368 -0.516392C18.2556 -4.57108 16.8041 -8.47452 14.2398 -11.6174C13.457 -12.579 12.5779 -13.4581 11.6163 -14.2409C8.47363 -16.8045 4.57076 -18.2556 0.516696 -18.368C-3.53735 -18.4803 -7.51454 -17.2474 -10.7943 -14.8618C-10.8964 -14.7871 -10.981 -14.6912 -11.0422 -14.5807C-11.1036 -14.4701 -11.1402 -14.3476 -11.1497 -14.2215C-11.1592 -14.0955 -11.1411 -13.9688 -11.0969 -13.8504C-11.0526 -13.732 -10.9832 -13.6245 -10.8935 -13.5355Z"
+  />
+  <path
+    d="M-10.8897 13.5161L-6.47923 9.10565C-6.34066 8.96724 -6.15953 8.87936 -5.96508 8.85608C-5.77063 8.83281 -5.57388 8.87553 -5.40654 8.97735C-3.77071 9.96414 -1.89649 10.4858 0.0138683 10.4858C1.92438 10.4858 3.79857 9.96414 5.43441 8.97735C5.60174 8.87553 5.79843 8.83281 5.99295 8.85608C6.18747 8.87936 6.36853 8.96724 6.50713 9.10565L10.9176 13.5161C11.01 13.6049 11.0818 13.7132 11.1278 13.8329C11.1738 13.9527 11.1929 14.0811 11.1837 14.2091C11.1746 14.3371 11.1373 14.4614 11.0747 14.5734C11.0121 14.6854 10.9256 14.7822 10.8214 14.8569C7.68191 17.1412 3.89931 18.3716 0.016777 18.3716C-3.86564 18.3716 -7.64822 17.1412 -10.7877 14.8569C-10.8923 14.7827 -10.9793 14.6862 -11.0425 14.5744C-11.1056 14.4627 -11.1434 14.3385 -11.1532 14.2105C-11.1629 14.0825 -11.1443 13.9539 -11.0989 13.834C-11.0532 13.714 -10.9819 13.6054 -10.8897 13.5161Z"
+  />
+  <path
+    d="M0.00299549 5.24402C-2.89638 5.24402 -5.24701 2.89352 -5.24701 -0.00602722C-5.24701 -2.90543 -2.89638 -5.25598 0.00299549 -5.25598C2.90252 -5.25598 5.25299 -2.90543 5.25299 -0.00602722C5.25299 2.89352 2.90252 5.24402 0.00299549 5.24402Z"
+  />
+  <path
+    d="M45.1065 -13.5355L49.517 -9.12508C49.6555 -8.98664 49.8367 -8.89874 50.0311 -8.87548C50.2257 -8.85223 50.4223 -8.89496 50.5897 -8.99681C52.3245 -10.0434 54.3254 -10.5654 56.3506 -10.4997C58.3758 -10.434 60.3385 -9.78347 62.002 -8.6266C63.025 -7.91449 63.9134 -7.02616 64.6255 -6.00309C65.781 -4.33862 66.4309 -2.37576 66.4971 -0.350574C66.5633 1.67461 66.0429 3.67576 64.9986 5.41218C64.8975 5.57923 64.8552 5.77521 64.8784 5.9692C64.9016 6.16304 64.9891 6.34355 65.1269 6.48196L69.5373 10.8923C69.6261 10.9817 69.7332 11.0509 69.8512 11.095C69.9692 11.1393 70.0954 11.1573 70.2211 11.1483C70.3468 11.1391 70.469 11.103 70.5794 11.0422C70.6898 10.9814 70.7858 10.8975 70.8607 10.7961C73.247 7.51607 74.4803 3.53827 74.368 -0.516392C74.2556 -4.57108 72.8041 -8.47452 70.2398 -11.6174C69.457 -12.579 68.5779 -13.4581 67.6163 -14.2409C64.4736 -16.8045 60.5708 -18.2556 56.5167 -18.368C52.4626 -18.4803 48.4855 -17.2474 45.2057 -14.8618C45.1036 -14.7871 45.019 -14.6912 44.9578 -14.5807C44.8964 -14.4701 44.8598 -14.3476 44.8503 -14.2215C44.8408 -14.0955 44.8589 -13.9688 44.9031 -13.8504C44.9474 -13.732 45.0168 -13.6245 45.1065 -13.5355Z"
+  />
+  <path
+    d="M45.1103 13.5161L49.5208 9.10565C49.6593 8.96724 49.8405 8.87936 50.0349 8.85608C50.2294 8.83281 50.4261 8.87553 50.5935 8.97735C52.2293 9.96414 54.1035 10.4858 56.0139 10.4858C57.9244 10.4858 59.7986 9.96414 61.4344 8.97735C61.6017 8.87553 61.7984 8.83281 61.993 8.85608C62.1875 8.87936 62.3685 8.96724 62.5071 9.10565L66.9176 13.5161C67.01 13.6049 67.0818 13.7132 67.1278 13.8329C67.1739 13.9527 67.1929 14.0811 67.1837 14.2091C67.1746 14.3371 67.1373 14.4614 67.0747 14.5734C67.0121 14.6854 66.9256 14.7822 66.8214 14.8569C63.6819 17.1412 59.8993 18.3716 56.0168 18.3716C52.1344 18.3716 48.3518 17.1412 45.2123 14.8569C45.1077 14.7827 45.0207 14.6862 44.9575 14.5744C44.8944 14.4627 44.8566 14.3385 44.8468 14.2105C44.8371 14.0825 44.8557 13.9539 44.9011 13.834C44.9468 13.714 45.0181 13.6054 45.1103 13.5161Z"
+  />
+  <path
+    d="M56.003 5.24402C53.1036 5.24402 50.753 2.89352 50.753 -0.00602722C50.753 -2.90543 53.1036 -5.25598 56.003 -5.25598C58.9025 -5.25598 61.253 -2.90543 61.253 -0.00602722C61.253 2.89352 58.9025 5.24402 56.003 5.24402Z"
+  />
+  <path
+    d="M-10.8935 28.4645L-6.48304 32.8749C-6.34447 33.0134 -6.16334 33.1013 -5.96889 33.1245C-5.77429 33.1478 -5.5777 33.105 -5.41035 33.0032C-3.67546 31.9566 -1.67461 31.4346 0.350573 31.5003C2.37576 31.566 4.33849 32.2165 6.00196 33.3734C7.02502 34.0855 7.91335 34.9738 8.62548 35.9969C9.78097 37.6614 10.4309 39.6242 10.4971 41.6494C10.5633 43.6746 10.0429 45.6758 8.99861 47.4122C8.89748 47.5792 8.85516 47.7752 8.87841 47.9692C8.90165 48.163 8.98912 48.3436 9.12687 48.482L13.5373 52.8923C13.6261 52.9817 13.7332 53.0509 13.8512 53.095C13.9692 53.1393 14.0954 53.1573 14.2211 53.1483C14.3468 53.1391 14.469 53.103 14.5794 53.0422C14.6898 52.9814 14.7858 52.8975 14.8607 52.7962C17.247 49.5161 18.4803 45.5383 18.368 41.4836C18.2556 37.4289 16.8041 33.5255 14.2398 30.3826C13.457 29.421 12.5779 28.5419 11.6163 27.7591C8.47363 25.1955 4.57076 23.7444 0.516696 23.632C-3.53735 23.5197 -7.51454 24.7526 -10.7943 27.1382C-10.8964 27.2129 -10.981 27.3088 -11.0422 27.4193C-11.1036 27.5299 -11.1402 27.6524 -11.1497 27.7785C-11.1592 27.9045 -11.1411 28.0312 -11.0969 28.1496C-11.0526 28.268 -10.9832 28.3755 -10.8935 28.4645Z"
+  />
+  <path
+    d="M-10.8897 55.5161L-6.47923 51.1057C-6.34066 50.9672 -6.15953 50.8794 -5.96508 50.8561C-5.77063 50.8328 -5.57388 50.8755 -5.40654 50.9773C-3.77071 51.9641 -1.89649 52.4858 0.0138683 52.4858C1.92438 52.4858 3.79857 51.9641 5.43441 50.9773C5.60174 50.8755 5.79843 50.8328 5.99295 50.8561C6.18747 50.8794 6.36853 50.9672 6.50713 51.1057L10.9176 55.5161C11.01 55.6049 11.0818 55.7132 11.1278 55.8329C11.1738 55.9527 11.1929 56.0811 11.1837 56.2091C11.1746 56.3371 11.1373 56.4614 11.0747 56.5734C11.0121 56.6854 10.9256 56.7822 10.8214 56.8569C7.68191 59.1412 3.89931 60.3716 0.016777 60.3716C-3.86564 60.3716 -7.64822 59.1412 -10.7877 56.8569C-10.8923 56.7827 -10.9793 56.6862 -11.0425 56.5744C-11.1056 56.4627 -11.1434 56.3385 -11.1532 56.2105C-11.1629 56.0825 -11.1443 55.9539 -11.0989 55.834C-11.0532 55.714 -10.9819 55.6054 -10.8897 55.5161Z"
+  />
+  <path
+    d="M0.00299549 47.244C-2.89638 47.244 -5.24701 44.8935 -5.24701 41.994C-5.24701 39.0946 -2.89638 36.744 0.00299549 36.744C2.90252 36.744 5.25299 39.0946 5.25299 41.994C5.25299 44.8935 2.90252 47.244 0.00299549 47.244Z"
+  />
+  <path
+    d="M45.1065 28.4645L49.517 32.8749C49.6555 33.0134 49.8367 33.1013 50.0311 33.1245C50.2257 33.1478 50.4223 33.105 50.5897 33.0032C52.3245 31.9566 54.3254 31.4346 56.3506 31.5003C58.3758 31.566 60.3385 32.2165 62.002 33.3734C63.025 34.0855 63.9134 34.9738 64.6255 35.9969C65.781 37.6614 66.4309 39.6242 66.4971 41.6494C66.5633 43.6746 66.0429 45.6758 64.9986 47.4122C64.8975 47.5792 64.8552 47.7752 64.8784 47.9692C64.9016 48.163 64.9891 48.3436 65.1269 48.482L69.5373 52.8923C69.6261 52.9817 69.7332 53.0509 69.8512 53.095C69.9692 53.1393 70.0954 53.1573 70.2211 53.1483C70.3468 53.1391 70.469 53.103 70.5794 53.0422C70.6898 52.9814 70.7858 52.8975 70.8607 52.7962C73.247 49.5161 74.4803 45.5383 74.368 41.4836C74.2556 37.4289 72.8041 33.5255 70.2398 30.3826C69.457 29.421 68.5779 28.5419 67.6163 27.7591C64.4736 25.1955 60.5708 23.7444 56.5167 23.632C52.4626 23.5197 48.4855 24.7526 45.2057 27.1382C45.1036 27.2129 45.019 27.3088 44.9578 27.4193C44.8964 27.5299 44.8598 27.6524 44.8503 27.7785C44.8408 27.9045 44.8589 28.0312 44.9031 28.1496C44.9474 28.268 45.0168 28.3755 45.1065 28.4645Z"
+  />
+  <path
+    d="M45.1103 55.5161L49.5208 51.1057C49.6593 50.9672 49.8405 50.8794 50.0349 50.8561C50.2294 50.8328 50.4261 50.8755 50.5935 50.9773C52.2293 51.9641 54.1035 52.4858 56.0139 52.4858C57.9244 52.4858 59.7986 51.9641 61.4344 50.9773C61.6017 50.8755 61.7984 50.8328 61.993 50.8561C62.1875 50.8794 62.3685 50.9672 62.5071 51.1057L66.9176 55.5161C67.01 55.6049 67.0818 55.7132 67.1278 55.8329C67.1739 55.9527 67.1929 56.0811 67.1837 56.2091C67.1746 56.3371 67.1373 56.4614 67.0747 56.5734C67.0121 56.6854 66.9256 56.7822 66.8214 56.8569C63.6819 59.1412 59.8993 60.3716 56.0168 60.3716C52.1344 60.3716 48.3518 59.1412 45.2123 56.8569C45.1077 56.7827 45.0207 56.6862 44.9575 56.5744C44.8944 56.4627 44.8566 56.3385 44.8468 56.2105C44.8371 56.0825 44.8557 55.9539 44.9011 55.834C44.9468 55.714 45.0181 55.6054 45.1103 55.5161Z"
+  />
+  <path
+    d="M56.003 47.244C53.1036 47.244 50.753 44.8935 50.753 41.994C50.753 39.0946 53.1036 36.744 56.003 36.744C58.9025 36.744 61.253 39.0946 61.253 41.994C61.253 44.8935 58.9025 47.244 56.003 47.244Z"
+  />
+</svg>
--- a/docs/static/img/clerk-sidebar-dark.png
+++ b/docs/static/img/clerk-sidebar-dark.png
--- a/docs/static/img/clerk-sidebar-light.png
+++ b/docs/static/img/clerk-sidebar-light.png
--- a/docs/tailwind.config.js
+++ b/docs/tailwind.config.js
@@ -0,0 +1,7 @@
+/** @type {import('tailwindcss').Config} */
+module.exports = {
+  darkMode: ["class", '[data-theme="dark"]'],
+  content: ["./src/**/*.js"],
+  theme: { extend: {} },
+  plugins: [],
+}
--- a/docs/vercel.json
+++ b/docs/vercel.json
@@ -1,30 +1,17 @@
 {
+  "$schema": "https://openapi.vercel.sh/vercel.json",
  "headers": [
    {
      "source": "/(.*)",
      "headers": [
-        {
-          "key": "X-Content-Type-Options",
-          "value": "nosniff"
-        },
-        {
-          "key": "X-Frame-Options",
-          "value": "DENY"
-        },
-        {
-          "key": "X-XSS-Protection",
-          "value": "1; mode=block"
-        }
+        { "key": "X-Content-Type-Options", "value": "nosniff" },
+        { "key": "X-Frame-Options", "value": "DENY" },
+        { "key": "X-XSS-Protection", "value": "1; mode=block" }
      ]
    },
    {
      "source": "/beta(.*)",
-      "headers": [
-        {
-          "key": "X-Robots-Tag",
-          "value": "noindex"
-        }
-      ]
+      "headers": [{ "key": "X-Robots-Tag", "value": "noindex" }]
    }
  ],
  "redirects": [
@@ -57,6 +44,66 @@
      "source": "/schemas/adapters",
      "destination": "/adapters/overview",
      "permanent": true
+    },
+    {
+      "source": "/tutorials/role-based-login-strategy",
+      "destination": "https://authjs.dev/guides/basics/role-based-authentication",
+      "permanent": true
+    },
+    {
+      "source": "/adapters/firebase",
+      "destination": "https://authjs.dev/reference/adapter/firebase",
+      "permanent": true
+    },
+    {
+      "source": "/adapters/dgraph",
+      "destination": "https://authjs.dev/reference/adapter/dgraph",
+      "permanent": true
+    },
+    {
+      "source": "/adapters/prisma",
+      "destination": "https://authjs.dev/reference/adapter/prisma",
+      "permanent": true
+    },
+    {
+      "source": "/adapters/typeorm",
+      "destination": "https://authjs.dev/reference/adapter/typeorm",
+      "permanent": true
+    },
+    {
+      "source": "/adapters/mongodb",
+      "destination": "https://authjs.dev/reference/adapter/mongodb",
+      "permanent": true
+    },
+    {
+      "source": "/adapters/dynamodb",
+      "destination": "https://authjs.dev/reference/adapter/dynamodb",
+      "permanent": true
+    },
+    {
+      "source": "/adapters/fauna",
+      "destination": "https://authjs.dev/reference/adapter/fauna",
+      "permanent": true
+    },
+    {
+      "source": "/adapters/pouchdb",
+      "destination": "https://authjs.dev/reference/adapter/pouchdb",
+      "permanent": true
+    },
+    {
+      "source": "/adapters/overview",
+      "destination": "https://authjs.dev/reference/adapters",
+      "permanent": true
+    },
+    {
+      "source": "/adapters/models",
+      "destination": "https://authjs.dev/reference/adapters#models",
+      "permanent": true
+    },
+    {
+      "source": "/tutorials/refresh-token-rotation",
+      "destination": "https://authjs.dev/guides/basics/refresh-token-rotation",
+      "permanent": true
    }
  ]
 }
--- a/docs/versioned_docs/version-v3/adapters/prisma.md
+++ b/docs/versioned_docs/version-v3/adapters/prisma.md
@@ -118,7 +118,7 @@ Once you have saved your schema, use the Prisma CLI to generate the Prisma Clien
 npx prisma generate
 ```

-To configure you database to use the new schema (i.e. create tables and columns) use the `prisma migrate` command:
+To configure your database to use the new schema (i.e. create tables and columns) use the `prisma migrate` command:

 ```
 npx prisma migrate dev
--- a/docs/versioned_docs/version-v3/configuration/databases.md
+++ b/docs/versioned_docs/version-v3/configuration/databases.md
@@ -18,7 +18,7 @@ NextAuth.js comes with multiple ways of connecting to a database:

 **This document covers the default adapter (TypeORM).**

-See the [documentation for adapters](/adapters/overview) to learn more about using Prisma adapter or using a custom adapter.
+See the [documentation for adapters](https://authjs.dev/reference/adapters) to learn more about using Prisma adapter or using a custom adapter.

 To learn more about databases in NextAuth.js and how they are used, check out [databases in the FAQ](/faq#databases).

@@ -218,4 +218,4 @@ database: "sqlite://localhost/:memory:"

 ## Other databases

-See the [documentation for adapters](/adapters/overview) for more information on advanced configuration, including how to use NextAuth.js with other databases using a [custom adapter](/tutorials/creating-a-database-adapter).
+See the [documentation for adapters](https://authjs.dev/reference/adapters) for more information on advanced configuration, including how to use NextAuth.js with other databases using a [custom adapter](/tutorials/creating-a-database-adapter).
--- a/docs/versioned_docs/version-v3/configuration/options.md
+++ b/docs/versioned_docs/version-v3/configuration/options.md
@@ -309,7 +309,7 @@ By default NextAuth.js uses a database adapter that uses TypeORM and supports My

 You can use the `adapter` option to use the Prisma adapter - or pass in your own adapter if you want to use a database that is not supported by one of the built-in adapters.

-See the [adapter documentation](/adapters/overview) for more information.
+See the [adapter documentation](https://authjs.dev/reference/adapters) for more information.

 :::note
 If the `adapter` option is specified it overrides the `database` option, only specify one or the other.
--- a/docs/versioned_docs/version-v3/faq.md
+++ b/docs/versioned_docs/version-v3/faq.md
@@ -117,7 +117,7 @@ NextAuth.js records Refresh Tokens and Access Tokens on sign in (if supplied by

 You can then look them up from the database or persist them to the JSON Web Token.

-Note: NextAuth.js does not currently handle Access Token rotation for OAuth providers for you, however you can check out [this tutorial](/tutorials/refresh-token-rotation) if you want to implement it.
+Note: NextAuth.js does not currently handle Access Token rotation for OAuth providers for you, however you can check out [this tutorial](https://authjs.dev/guides/basics/refresh-token-rotation) if you want to implement it.

 ### When I sign in with another account with the same email address, why are accounts not linked automatically?

--- a/docs/versioned_docs/version-v3/tutorials/refresh-token-rotation.md
+++ b/docs/versioned_docs/version-v3/tutorials/refresh-token-rotation.md
@@ -121,7 +121,7 @@ The `RefreshAccessTokenError` error that is caught in the `refreshAccessToken()`

 We can handle this functionality as a side effect:

-```js title="pages/api/auth/[...nextauth].js"
+```js title="pages/index.js"
 import { signIn, useSession } from "next-auth/client";
 import { useEffect } from "react";

--- a/docs/versioned_docs/version-v3/tutorials/typeorm-custom-models.md
+++ b/docs/versioned_docs/version-v3/tutorials/typeorm-custom-models.md
@@ -3,7 +3,7 @@ id: typeorm-custom-models
 title: Custom models with TypeORM
 ---

-NextAuth.js provides a set of [models and schemas](/adapters/models) for the built-in TypeORM adapter that you can easily extend.
+NextAuth.js provides a set of [models and schemas](https://authjs.dev/reference/adapters#models) for the built-in TypeORM adapter that you can easily extend.

 You can use these models with MySQL, MariaDB, Postgres, MongoDB and SQLite.

--- a/package.json
+++ b/package.json
@@ -5,7 +5,7 @@
  "repository": "https://github.com/nextauthjs/next-auth.git",
  "scripts": {
    "build:app": "turbo run build --filter=next-auth-app",
-    "build": "turbo run build --filter=next-auth --filter=@next-auth/* --no-deps",
+    "build": "turbo run build --filter=next-auth --no-deps",
    "lint": "turbo run lint --filter=!next-auth-docs --parallel",
    "test": "turbo run test --concurrency=1 --filter=!@next-auth/pouchdb-adapter --filter=!@next-auth/upstash-redis-adapter --filter=!next-auth-* --filter=[HEAD^1]",
    "clean": "turbo run clean --no-cache",
--- a/packages/next-auth/README.md
+++ b/packages/next-auth/README.md
@@ -41,7 +41,7 @@ This is a monorepo containing the following packages / projects:
 ## Getting Started

 ```
-npm install --save next-auth
+npm install next-auth
 ```

 The easiest way to continue getting started, is to follow the [getting started](https://next-auth.js.org/getting-started/example) section in our docs.
@@ -168,7 +168,7 @@ export default function App({

 ## Security

-If you think you have found a vulnerability (or not sure) in NextAuth.js or any of the related packages (i.e. Adapters), we ask you to have a read of our [Security Policy](https://github.com/nextauthjs/next-auth/blob/main/SECURITY.md) to reach out responsibly. Please do not open Pull Requests/Issues/Discussions before consulting with us.
+If you think you have found a vulnerability (or not sure) in NextAuth.js or any of the related packages (i.e. Adapters), we ask you to have a read of our [Security Policy](https://github.com/nextauthjs/next-auth/security/policy) to reach out responsibly. Please do not open Pull Requests/Issues/Discussions before consulting with us.

 ## Acknowledgments

@@ -204,8 +204,8 @@ We're happy to announce we've recently created an [OpenCollective](https://openc
        <sub>🥉 Bronze Financial Sponsor</sub>
      </td>
      <td align="center" valign="top">
-        <a href="https://clerk.dev" target="_blank">
-          <img width="128px" src="https://avatars.githubusercontent.com/u/49538330?s=200&v=4" alt="Prisma Logo" />
+        <a href="https://clerk.com" target="_blank">
+          <img width="128px" src="https://avatars.githubusercontent.com/u/49538330?s=200&v=4" alt="Clerk Logo" />
        </a><br />
        <div>Clerk</div><br />
        <sub>🥉 Bronze Financial Sponsor</sub>
@@ -247,7 +247,7 @@ We're happy to announce we've recently created an [OpenCollective](https://openc
 ## Contributing

 We're open to all community contributions! If you'd like to contribute in any way, please first read
-our [Contributing Guide](https://github.com/nextauthjs/next-auth/blob/main/CONTRIBUTING.md).
+our [Contributing Guide](https://github.com/nextauthjs/.github/blob/main/CONTRIBUTING.md).

 ## License

--- a/packages/next-auth/package.json
+++ b/packages/next-auth/package.json
@@ -1,6 +1,6 @@
 {
  "name": "next-auth",
-  "version": "4.19.1",
+  "version": "4.24.3",
  "description": "Authentication for Next.js",
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth.git",
@@ -9,7 +9,7 @@
    "Balázs Orbán <info@balazsorban.com>",
    "Nico Domino <yo@ndo.dev>",
    "Lluis Agusti <hi@llu.lu>",
-    "Thang Huu Vu <thvu@hey.com>"
+    "Thang Huu Vu <hi@thvu.dev>"
  ],
  "main": "index.js",
  "module": "index.js",
@@ -27,19 +27,42 @@
    "nextauth"
  ],
  "exports": {
-    ".": "./index.js",
-    "./jwt": "./jwt/index.js",
-    "./react": "./react/index.js",
-    "./core": "./core/index.js",
-    "./next": "./next/index.js",
-    "./middleware": "./middleware.js",
-    "./client/_utils": "./client/_utils.js",
-    "./providers/*": "./providers/*.js"
+    ".": {
+      "types": "./index.d.ts",
+      "default": "./index.js"
+    },
+    "./adapters": {
+      "types": "./adapters.d.ts"
+    },
+    "./jwt": {
+      "types": "./jwt/index.d.ts",
+      "default": "./jwt/index.js"
+    },
+    "./react": {
+      "types": "./react/index.d.ts",
+      "default": "./react/index.js"
+    },
+    "./next": {
+      "types": "./next/index.d.ts",
+      "default": "./next/index.js"
+    },
+    "./middleware": {
+      "types": "./middleware.d.ts",
+      "default": "./middleware.js"
+    },
+    "./client/_utils": {
+      "types": "./client/_utils.d.ts",
+      "default": "./client/_utils.js"
+    },
+    "./providers/*": {
+      "types": "./providers/*.d.ts",
+      "default": "./providers/*.js"
+    }
  },
  "scripts": {
    "build": "pnpm clean && pnpm build:js && pnpm build:css",
    "build:js": "pnpm clean && pnpm generate-providers && pnpm tsc --project tsconfig.json && babel --config-file ./config/babel.config.js src --out-dir . --extensions \".tsx,.ts,.js,.jsx\"",
-    "clean": "rm -rf coverage client css utils providers core jwt react next index.d.ts index.js adapters.d.ts middleware.d.ts middleware.js",
+    "clean": "rm -rf coverage client css utils providers core jwt react next lib ./*.js ./*.ts*",
    "build:css": "postcss --config config/postcss.config.js src/**/*.css --base src --dir . && node config/wrap-css.js",
    "dev": "pnpm clean && pnpm generate-providers && concurrently \"pnpm watch:css\" \"pnpm watch:ts\"",
    "watch:ts": "pnpm tsc --project tsconfig.dev.json",
@@ -50,29 +73,27 @@
    "lint": "eslint src config tests"
  },
  "files": [
-    "lib",
+    "client",
+    "core",
    "css",
    "jwt",
-    "react",
+    "lib",
    "next",
-    "client",
    "providers",
-    "core",
-    "index.d.ts",
-    "index.js",
-    "adapters.d.ts",
-    "middleware.d.ts",
-    "middleware.js",
-    "utils"
+    "react",
+    "src",
+    "utils",
+    "*.d.ts*",
+    "*.js"
  ],
  "license": "ISC",
  "dependencies": {
-    "@babel/runtime": "^7.16.3",
-    "@panva/hkdf": "^1.0.1",
+    "@babel/runtime": "^7.20.13",
+    "@panva/hkdf": "^1.0.2",
    "cookie": "^0.5.0",
-    "jose": "^4.9.3",
+    "jose": "^4.11.4",
    "oauth": "^0.9.15",
-    "openid-client": "^5.1.0",
+    "openid-client": "^5.4.0",
    "preact": "^10.6.3",
    "preact-render-to-string": "^5.1.19",
    "uuid": "^8.3.2"
@@ -109,7 +130,7 @@
    "@types/node": "^17.0.42",
    "@types/nodemailer": "^6.4.4",
    "@types/oauth": "^0.9.1",
-    "@types/react": "^18.0.15",
+    "@types/react": "18.0.37",
    "@types/react-dom": "^18.0.6",
    "autoprefixer": "^10.4.7",
    "babel-plugin-jsx-pragmatic": "^1.0.2",
@@ -120,7 +141,7 @@
    "jest-environment-jsdom": "^28.1.1",
    "jest-watch-typeahead": "^1.1.0",
    "msw": "^0.42.3",
-    "next": "13.0.6",
+    "next": "13.3.0",
    "postcss": "^8.4.14",
    "postcss-cli": "^9.1.0",
    "postcss-nested": "^5.0.6",
--- a/packages/next-auth/src/adapters.ts
+++ b/packages/next-auth/src/adapters.ts
@@ -59,37 +59,22 @@ export interface VerificationToken {
 * [Adapters Overview](https://next-auth.js.org/adapters/overview) |
 * [Create a custom adapter](https://next-auth.js.org/tutorials/creating-a-database-adapter)
 */
-export type Adapter<WithVerificationToken = boolean> = DefaultAdapter &
-  (WithVerificationToken extends true
-    ? {
-        createVerificationToken: (
-          verificationToken: VerificationToken
-        ) => Awaitable<VerificationToken | null | undefined>
-        /**
-         * Return verification token from the database
-         * and delete it so it cannot be used again.
-         */
-        useVerificationToken: (params: {
-          identifier: string
-          token: string
-        }) => Awaitable<VerificationToken | null>
-      }
-    : {})
-
-export interface DefaultAdapter {
-  createUser: (user: Omit<AdapterUser, "id">) => Awaitable<AdapterUser>
-  getUser: (id: string) => Awaitable<AdapterUser | null>
-  getUserByEmail: (email: string) => Awaitable<AdapterUser | null>
+export interface Adapter {
+  createUser?: (user: Omit<AdapterUser, "id">) => Awaitable<AdapterUser>
+  getUser?: (id: string) => Awaitable<AdapterUser | null>
+  getUserByEmail?: (email: string) => Awaitable<AdapterUser | null>
  /** Using the provider id and the id of the user for a specific account, get the user. */
-  getUserByAccount: (
+  getUserByAccount?: (
    providerAccountId: Pick<AdapterAccount, "provider" | "providerAccountId">
  ) => Awaitable<AdapterUser | null>
-  updateUser: (user: Partial<AdapterUser>) => Awaitable<AdapterUser>
+  updateUser?: (
+    user: Partial<AdapterUser> & Pick<AdapterUser, "id">
+  ) => Awaitable<AdapterUser>
  /** @todo Implement */
  deleteUser?: (
    userId: string
  ) => Promise<void> | Awaitable<AdapterUser | null | undefined>
-  linkAccount: (
+  linkAccount?: (
    account: AdapterAccount
  ) => Promise<void> | Awaitable<AdapterAccount | null | undefined>
  /** @todo Implement */
@@ -97,15 +82,15 @@ export interface DefaultAdapter {
    providerAccountId: Pick<AdapterAccount, "provider" | "providerAccountId">
  ) => Promise<void> | Awaitable<AdapterAccount | undefined>
  /** Creates a session for the user and returns it. */
-  createSession: (session: {
+  createSession?: (session: {
    sessionToken: string
    userId: string
    expires: Date
  }) => Awaitable<AdapterSession>
-  getSessionAndUser: (
+  getSessionAndUser?: (
    sessionToken: string
  ) => Awaitable<{ session: AdapterSession; user: AdapterUser } | null>
-  updateSession: (
+  updateSession?: (
    session: Partial<AdapterSession> & Pick<AdapterSession, "sessionToken">
  ) => Awaitable<AdapterSession | null | undefined>
  /**
@@ -113,7 +98,7 @@ export interface DefaultAdapter {
   * It is preferred that this method also returns the session
   * that is being deleted for logging purposes.
   */
-  deleteSession: (
+  deleteSession?: (
    sessionToken: string
  ) => Promise<void> | Awaitable<AdapterSession | null | undefined>
  createVerificationToken?: (
--- a/packages/next-auth/src/client/_utils.ts
+++ b/packages/next-auth/src/client/_utils.ts
@@ -18,8 +18,8 @@ export interface AuthClientConfig {
 }

 export interface CtxOrReq {
-  req?: IncomingMessage
-  ctx?: { req: IncomingMessage }
+  req?: Partial<IncomingMessage> & { body?: any }
+  ctx?: { req: Partial<IncomingMessage> & { body?: any } }
 }

 /**
@@ -37,9 +37,18 @@ export async function fetchData<T = any>(
 ): Promise<T | null> {
  const url = `${apiBaseUrl(__NEXTAUTH)}/${path}`
  try {
-    const options = req?.headers.cookie
-      ? { headers: { cookie: req.headers.cookie } }
-      : {}
+    const options: RequestInit = {
+      headers: {
+        "Content-Type": "application/json",
+        ...(req?.headers?.cookie ? { cookie: req.headers.cookie } : {}),
+      },
+    }
+
+    if (req?.body) {
+      options.body = JSON.stringify(req.body)
+      options.method = "POST"
+    }
+
    const res = await fetch(url, options)
    const data = await res.json()
    if (!res.ok) throw data
--- a/packages/next-auth/src/core/errors.ts
+++ b/packages/next-auth/src/core/errors.ts
@@ -1,4 +1,4 @@
-import type { EventCallbacks, LoggerInstance } from ".."
+import type { EventCallbacks, InternalOptions, LoggerInstance } from ".."

 /**
 * Same as the default `Error`, but it is JSON serializable.
@@ -106,7 +106,7 @@ export function eventsErrorHandler(
 export function adapterErrorHandler<TAdapter>(
  adapter: TAdapter | undefined,
  logger: LoggerInstance
-): TAdapter | undefined {
+): InternalOptions["adapter"] | undefined {
  if (!adapter) return

  return Object.keys(adapter).reduce<any>((acc, name) => {
--- a/packages/next-auth/src/core/index.ts
+++ b/packages/next-auth/src/core/index.ts
@@ -1,5 +1,5 @@
 import logger, { setLogger } from "../utils/logger"
-import { detectHost } from "../utils/detect-host"
+import { detectOrigin } from "../utils/detect-origin"
 import * as routes from "./routes"
 import renderPage from "./pages"
 import { init } from "./init"
@@ -13,7 +13,7 @@ import { parse as parseCookie } from "cookie"

 export interface RequestInternal {
  /** @default "http://localhost:3000" */
-  host?: string
+  origin?: string
  method?: string
  cookies?: Partial<Record<string, string>>
  headers?: Record<string, any>
@@ -70,10 +70,18 @@ async function toInternalRequest(
      cookies: parseCookie(req.headers.get("cookie") ?? ""),
      providerId: nextauth[1],
      error: url.searchParams.get("error") ?? nextauth[1],
-      host: detectHost(headers["x-forwarded-host"] ?? headers.host),
+      origin: detectOrigin(
+        headers["x-forwarded-host"] ?? headers.host,
+        headers["x-forwarded-proto"]
+      ),
      query,
    }
  }
+
+  const { headers } = req
+  const host = headers?.["x-forwarded-host"] ?? headers?.host
+  req.origin = detectOrigin(host, headers?.["x-forwarded-proto"])
+
  return req
 }

@@ -132,7 +140,7 @@ export async function AuthHandler<
    authOptions,
    action,
    providerId,
-    host: req.host,
+    origin: req.origin,
    callbackUrl: req.body?.callbackUrl ?? req.query?.callbackUrl,
    csrfToken: req.body?.csrfToken,
    cookies: req.cookies,
@@ -231,7 +239,7 @@ export async function AuthHandler<
  } else if (method === "POST") {
    switch (action) {
      case "signin":
-        // Verified CSRF Token required for all sign in routes
+        // Verified CSRF Token required for all sign-in routes
        if (options.csrfTokenVerified && options.provider) {
          const signin = await routes.signin({
            query: req.query,
@@ -274,7 +282,7 @@ export async function AuthHandler<
          return { ...callback, cookies }
        }
        break
-      case "_log":
+      case "_log": {
        if (authOptions.logger) {
          try {
            const { code, level, ...metadata } = req.body ?? {}
@@ -285,6 +293,24 @@ export async function AuthHandler<
          }
        }
        return {}
+      }
+      case "session": {
+        // Verified CSRF Token required for session updates
+        if (options.csrfTokenVerified) {
+          const session = await routes.session({
+            options,
+            sessionStore,
+            newSession: req.body?.data,
+            isUpdate: true,
+          })
+          if (session.cookies) cookies.push(...session.cookies)
+          return { ...session, cookies } as any
+        }
+
+        // If CSRF token is invalid, return a 400 status code
+        // we should not redirect to a page as this is an API route
+        return { status: 400, body: {} as any, cookies }
+      }
      default:
    }
  }
--- a/packages/next-auth/src/core/init.ts
+++ b/packages/next-auth/src/core/init.ts
@@ -15,7 +15,7 @@ import type { InternalOptions } from "./types"
 import parseUrl from "../utils/parse-url"

 interface InitParams {
-  host?: string
+  origin?: string
  authOptions: AuthOptions
  providerId?: string
  action: InternalOptions["action"]
@@ -33,7 +33,7 @@ export async function init({
  authOptions,
  providerId,
  action,
-  host,
+  origin,
  cookies: reqCookies,
  callbackUrl: reqCallbackUrl,
  csrfToken: reqCsrfToken,
@@ -42,7 +42,7 @@ export async function init({
  options: InternalOptions
  cookies: cookie.Cookie[]
 }> {
-  const url = parseUrl(host)
+  const url = parseUrl(origin)

  const secret = createSecret({ authOptions, url })

--- a/packages/next-auth/src/core/lib/assert.ts
+++ b/packages/next-auth/src/core/lib/assert.ts
@@ -48,7 +48,7 @@ export function assertConfig(params: {
  const warnings: WarningCode[] = []

  if (!warned) {
-    if (!req.host) warnings.push("NEXTAUTH_URL")
+    if (!req.origin) warnings.push("NEXTAUTH_URL")

    // TODO: Make this throw an error in next major. This will also get rid of `NODE_ENV`
    if (!options.secret && process.env.NODE_ENV !== "production")
@@ -70,7 +70,7 @@ export function assertConfig(params: {

  const callbackUrlParam = req.query?.callbackUrl as string | undefined

-  const url = parseUrl(req.host)
+  const url = parseUrl(req.origin)

  if (callbackUrlParam && !isValidHttpUrl(callbackUrlParam, url.base)) {
    return new InvalidCallbackUrl(
--- a/packages/next-auth/src/core/lib/cookie.ts
+++ b/packages/next-auth/src/core/lib/cookie.ts
@@ -114,7 +114,7 @@ export function defaultCookies(useSecureCookies: boolean): CookiesOptions {
        path: "/",
        secure: useSecureCookies,
      },
-    }
+    },
  }
 }

@@ -161,8 +161,21 @@ export class SessionStore {
    }
  }

+  /**
+   * The JWT Session or database Session ID
+   * constructed from the cookie chunks.
+   */
  get value() {
-    return Object.values(this.#chunks)?.join("")
+    // Sort the chunks by their keys before joining
+    const sortedKeys = Object.keys(this.#chunks).sort((a, b) => {
+      const aSuffix = parseInt(a.split(".").pop() ?? "0")
+      const bSuffix = parseInt(b.split(".").pop() ?? "0")
+
+      return aSuffix - bSuffix
+    })
+
+    // Use the sorted keys to join the chunks in the correct order
+    return sortedKeys.map((key) => this.#chunks[key]).join("")
  }

  /** Given a cookie, return a list of cookies, chunked to fit the allowed cookie size. */
--- a/packages/next-auth/src/core/lib/email/getUserFromEmail.ts
+++ b/packages/next-auth/src/core/lib/email/getUserFromEmail.ts
@@ -12,6 +12,7 @@ export default async function getAdapterUserFromEmail({
  email: string
  adapter: InternalOptions<"email">["adapter"]
 }): Promise<AdapterUser> {
+  // @ts-expect-error -- adapter is checked to be defined in `init`
  const { getUserByEmail } = adapter
  const adapterUser = email ? await getUserByEmail(email) : null
  if (adapterUser) return adapterUser
--- a/packages/next-auth/src/core/lib/email/signin.ts
+++ b/packages/next-auth/src/core/lib/email/signin.ts
@@ -36,7 +36,8 @@ export default async function email(
      theme,
    }),
    // Save in database
-    adapter.createVerificationToken({
+    // @ts-expect-error -- adapter is checked to be defined in `init`
+    adapter.createVerificationToken?.({
      identifier,
      token: hashToken(token, options),
      expires,
--- a/packages/next-auth/src/core/lib/oauth/authorization-url.ts
+++ b/packages/next-auth/src/core/lib/oauth/authorization-url.ts
@@ -1,8 +1,6 @@
 import { openidClient } from "./client"
 import { oAuth1Client, oAuth1TokenStore } from "./client-legacy"
-import { createState } from "./state-handler"
-import { createNonce } from "./nonce-handler"
-import { createPKCE } from "./pkce-handler"
+import * as checks from "./checks"

 import type { AuthorizationParameters } from "openid-client"
 import type { InternalOptions } from "../../types"
@@ -54,24 +52,9 @@ export default async function getAuthorizationUrl({
  const authorizationParams: AuthorizationParameters = params
  const cookies: Cookie[] = []

-  const state = await createState(options)
-  if (state) {
-    authorizationParams.state = state.value
-    cookies.push(state.cookie)
-  }
-
-  const nonce = await createNonce(options)
-  if (nonce) {
-    authorizationParams.nonce = nonce.value
-    cookies.push(nonce.cookie)
-  }
-
-  const pkce = await createPKCE(options)
-  if (pkce) {
-    authorizationParams.code_challenge = pkce.code_challenge
-    authorizationParams.code_challenge_method = pkce.code_challenge_method
-    cookies.push(pkce.cookie)
-  }
+  await checks.state.create(options, cookies, authorizationParams)
+  await checks.pkce.create(options, cookies, authorizationParams)
+  await checks.nonce.create(options, cookies, authorizationParams)

  const url = client.authorizationUrl(authorizationParams)

--- a/packages/next-auth/src/core/lib/oauth/callback.ts
+++ b/packages/next-auth/src/core/lib/oauth/callback.ts
@@ -1,12 +1,10 @@
 import { TokenSet } from "openid-client"
 import { openidClient } from "./client"
 import { oAuth1Client, oAuth1TokenStore } from "./client-legacy"
-import { useState } from "./state-handler"
-import { usePKCECodeVerifier } from "./pkce-handler"
-import { useNonce } from "./nonce-handler"
+import * as _checks from "./checks"
 import { OAuthCallbackError } from "../../errors"

-import type { CallbackParamsType, OpenIDCallbackChecks } from "openid-client"
+import type { CallbackParamsType } from "openid-client"
 import type { LoggerInstance, Profile } from "../../.."
 import type { OAuthChecks, OAuthConfig } from "../../../providers"
 import type { InternalOptions } from "../../types"
@@ -73,24 +71,9 @@ export default async function oAuthCallback(params: {
    const checks: OAuthChecks = {}
    const resCookies: Cookie[] = []

-    const state = await useState(cookies?.[options.cookies.state.name], options)
-    if (state) {
-      checks.state = state.value
-      resCookies.push(state.cookie)
-    }
-
-    const nonce = await useNonce(cookies?.[options.cookies.nonce.name], options)
-    if (nonce && provider.idToken) {
-      ;(checks as OpenIDCallbackChecks).nonce = nonce.value
-      resCookies.push(nonce.cookie)
-    }
-
-    const codeVerifier = cookies?.[options.cookies.pkceCodeVerifier.name]
-    const pkce = await usePKCECodeVerifier(codeVerifier, options)
-    if (pkce) {
-      checks.code_verifier = pkce.codeVerifier
-      resCookies.push(pkce.cookie)
-    }
+    await _checks.state.use(cookies, resCookies, options, checks)
+    await _checks.pkce.use(cookies, resCookies, options, checks)
+    await _checks.nonce.use(cookies, resCookies, options, checks)

    const params: CallbackParamsType = {
      ...client.callbackParams({
--- a/packages/next-auth/src/core/lib/oauth/checks.ts
+++ b/packages/next-auth/src/core/lib/oauth/checks.ts
@@ -0,0 +1,181 @@
+import {
+  AuthorizationParameters,
+  generators,
+  OpenIDCallbackChecks,
+} from "openid-client"
+import * as jwt from "../../../jwt"
+
+import type { RequestInternal } from "../.."
+import type { OAuthChecks } from "../../../providers"
+import type { CookiesOptions, InternalOptions } from "../../types"
+import type { Cookie } from "../cookie"
+
+/** Returns a signed cookie. */
+export async function signCookie(
+  type: keyof CookiesOptions,
+  value: string,
+  maxAge: number,
+  options: InternalOptions<"oauth">
+): Promise<Cookie> {
+  const { cookies, logger } = options
+
+  logger.debug(`CREATE_${type.toUpperCase()}`, { value, maxAge })
+
+  const expires = new Date()
+  expires.setTime(expires.getTime() + maxAge * 1000)
+  return {
+    name: cookies[type].name,
+    value: await jwt.encode({ ...options.jwt, maxAge, token: { value } }),
+    options: { ...cookies[type].options, expires },
+  }
+}
+
+const PKCE_MAX_AGE = 60 * 15 // 15 minutes in seconds
+export const PKCE_CODE_CHALLENGE_METHOD = "S256"
+export const pkce = {
+  async create(
+    options: InternalOptions<"oauth">,
+    cookies: Cookie[],
+    resParams: AuthorizationParameters
+  ) {
+    if (!options.provider?.checks?.includes("pkce")) return
+    const code_verifier = generators.codeVerifier()
+    const value = generators.codeChallenge(code_verifier)
+    resParams.code_challenge = value
+    resParams.code_challenge_method = PKCE_CODE_CHALLENGE_METHOD
+
+    const maxAge =
+      options.cookies.pkceCodeVerifier.options.maxAge ?? PKCE_MAX_AGE
+
+    cookies.push(
+      await signCookie("pkceCodeVerifier", code_verifier, maxAge, options)
+    )
+  },
+  /**
+   * Returns code_verifier if the provider is configured to use PKCE,
+   * and clears the container cookie afterwards.
+   * An error is thrown if the code_verifier is missing or invalid.
+   * @see https://www.rfc-editor.org/rfc/rfc7636
+   * @see https://danielfett.de/2020/05/16/pkce-vs-nonce-equivalent-or-not/#pkce
+   */
+  async use(
+    cookies: RequestInternal["cookies"],
+    resCookies: Cookie[],
+    options: InternalOptions<"oauth">,
+    checks: OAuthChecks
+  ): Promise<string | undefined> {
+    if (!options.provider?.checks?.includes("pkce")) return
+
+    const codeVerifier = cookies?.[options.cookies.pkceCodeVerifier.name]
+
+    if (!codeVerifier)
+      throw new TypeError("PKCE code_verifier cookie was missing.")
+
+    const value = (await jwt.decode({
+      ...options.jwt,
+      token: codeVerifier,
+    })) as any
+
+    if (!value?.value)
+      throw new TypeError("PKCE code_verifier value could not be parsed.")
+
+    resCookies.push({
+      name: options.cookies.pkceCodeVerifier.name,
+      value: "",
+      options: { ...options.cookies.pkceCodeVerifier.options, maxAge: 0 },
+    })
+
+    checks.code_verifier = value.value
+  },
+}
+
+const STATE_MAX_AGE = 60 * 15 // 15 minutes in seconds
+export const state = {
+  async create(
+    options: InternalOptions<"oauth">,
+    cookies: Cookie[],
+    resParams: AuthorizationParameters
+  ) {
+    if (!options.provider.checks?.includes("state")) return
+    const value = generators.state()
+    resParams.state = value
+    const maxAge = options.cookies.state.options.maxAge ?? STATE_MAX_AGE
+    cookies.push(await signCookie("state", value, maxAge, options))
+  },
+  /**
+   * Returns state if the provider is configured to use state,
+   * and clears the container cookie afterwards.
+   * An error is thrown if the state is missing or invalid.
+   * @see https://www.rfc-editor.org/rfc/rfc6749#section-10.12
+   * @see https://www.rfc-editor.org/rfc/rfc6749#section-4.1.1
+   */
+  async use(
+    cookies: RequestInternal["cookies"],
+    resCookies: Cookie[],
+    options: InternalOptions<"oauth">,
+    checks: OAuthChecks
+  ) {
+    if (!options.provider.checks?.includes("state")) return
+
+    const state = cookies?.[options.cookies.state.name]
+
+    if (!state) throw new TypeError("State cookie was missing.")
+
+    const value = (await jwt.decode({ ...options.jwt, token: state })) as any
+
+    if (!value?.value) throw new TypeError("State value could not be parsed.")
+
+    resCookies.push({
+      name: options.cookies.state.name,
+      value: "",
+      options: { ...options.cookies.state.options, maxAge: 0 },
+    })
+
+    checks.state = value.value
+  },
+}
+
+const NONCE_MAX_AGE = 60 * 15 // 15 minutes in seconds
+export const nonce = {
+  async create(
+    options: InternalOptions<"oauth">,
+    cookies: Cookie[],
+    resParams: AuthorizationParameters
+  ) {
+    if (!options.provider.checks?.includes("nonce")) return
+    const value = generators.nonce()
+    resParams.nonce = value
+    const maxAge = options.cookies.nonce.options.maxAge ?? NONCE_MAX_AGE
+    cookies.push(await signCookie("nonce", value, maxAge, options))
+  },
+  /**
+   * Returns nonce if the provider is configured to use nonce,
+   * and clears the container cookie afterwards.
+   * An error is thrown if the nonce is missing or invalid.
+   * @see https://openid.net/specs/openid-connect-core-1_0.html#NonceNotes
+   * @see https://danielfett.de/2020/05/16/pkce-vs-nonce-equivalent-or-not/#nonce
+   */
+  async use(
+    cookies: RequestInternal["cookies"],
+    resCookies: Cookie[],
+    options: InternalOptions<"oauth">,
+    checks: OpenIDCallbackChecks
+  ): Promise<string | undefined> {
+    if (!options.provider?.checks?.includes("nonce")) return
+
+    const nonce = cookies?.[options.cookies.nonce.name]
+    if (!nonce) throw new TypeError("Nonce cookie was missing.")
+
+    const value = (await jwt.decode({ ...options.jwt, token: nonce })) as any
+
+    if (!value?.value) throw new TypeError("Nonce value could not be parsed.")
+
+    resCookies.push({
+      name: options.cookies.nonce.name,
+      value: "",
+      options: { ...options.cookies.nonce.options, maxAge: 0 },
+    })
+
+    checks.nonce = value.value
+  },
+}
--- a/packages/next-auth/src/core/lib/oauth/client.ts
+++ b/packages/next-auth/src/core/lib/oauth/client.ts
@@ -25,6 +25,7 @@ export async function openidClient(
      authorization_endpoint: provider.authorization?.url,
      token_endpoint: provider.token?.url,
      userinfo_endpoint: provider.userinfo?.url,
+      jwks_uri: provider.jwks_endpoint,
    })
  }

--- a/packages/next-auth/src/core/lib/oauth/nonce-handler.ts
+++ b/packages/next-auth/src/core/lib/oauth/nonce-handler.ts
@@ -1,75 +0,0 @@
-import * as jwt from "../../../jwt"
-import { generators } from "openid-client"
-import type { InternalOptions } from "../../types"
-import type { Cookie } from "../cookie"
-
-const NONCE_MAX_AGE = 60 * 15 // 15 minutes in seconds
-
-/** 
- * Returns nonce if the provider supports it
- * and saves it in a cookie */
-export async function createNonce(options: InternalOptions<"oauth">): Promise<
-  | undefined
-  | {
-      value: string
-      cookie: Cookie
-    }
-> {
-  const { cookies, logger, provider } = options
-  if (!provider.checks?.includes("nonce")) {
-    // Provider does not support nonce, return nothing.
-    return
-  }
-
-  const nonce = generators.nonce()
-
-  const expires = new Date()
-  expires.setTime(expires.getTime() + NONCE_MAX_AGE * 1000)
-
-  // Encrypt nonce and save it to an encrypted cookie
-  const encryptedNonce = await jwt.encode({
-    ...options.jwt,
-    maxAge: NONCE_MAX_AGE,
-    token: { nonce },
-  })
-
-  logger.debug("CREATE_ENCRYPTED_NONCE", {
-    nonce,
-    maxAge: NONCE_MAX_AGE,
-  })
-
-  return {
-    cookie: {
-      name: cookies.nonce.name,
-      value: encryptedNonce,
-      options: { ...cookies.nonce.options, expires },
-    },
-    value: nonce,
-  }
-}
-
-/**
- * Returns nonce from if the provider supports nonce,
- * and clears the container cookie afterwards.
- */
-export async function useNonce(
-  nonce: string | undefined,
-  options: InternalOptions<"oauth">
-): Promise<{ value: string; cookie: Cookie } | undefined> {
-  const { cookies, provider } = options
-
-  if (!provider?.checks?.includes("nonce") || !nonce) {
-    return
-  }
-
-  const value = (await jwt.decode({...options.jwt, token: nonce })) as any
-
-  return {
-    value: value?.nonce ?? undefined,
-    cookie: {
-      name: cookies.nonce.name,
-      value: "",
-      options: { ...cookies.nonce.options, maxAge: 0 },
-    },
-  }
-}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
SrIzan10	0bcdec7857	docs: remove capitalization on osu!	2023-10-27 16:11:46 +02:00
Simone Ruberto	93f9153d77	docs: fix Broken link (#8935 )	2023-10-24 20:25:42 +02:00
Thang Vu	2c43f83fa6	chore(release): bump version [skip ci]	2023-10-18 22:05:32 +07:00
Thang Vu	7446969587	fix: css build error	2023-10-18 22:04:55 +07:00
Thang Vu	701edba1c1	chore(release): bump version [skip ci]	2023-10-18 21:57:34 +07:00
Thang Vu	8141c7e217	fix: css build error	2023-10-18 21:55:25 +07:00
Thang Vu	ab3f78bbae	chore(release): bump version [skip ci]	2023-10-18 21:36:50 +07:00
Thang Vu	ff4519bdda	chore: only build next-auth in v4	2023-10-18 21:31:36 +07:00
Thang Vu	52a93d0409	fix: css build error	2023-10-18 21:31:24 +07:00
Thang Vu	39ecfbd255	chore(release): bump version [skip ci]	2023-10-18 21:07:53 +07:00
Thang Vu	a39d35b341	feat: tweak default sign-in page (#8888 )	2023-10-18 20:52:54 +07:00
Balázs Orbán	1cee92563f	docs: Update sidebars.js	2023-10-16 15:04:51 +01:00
Balázs Orbán	e3845270c6	docs: add sponsor	2023-10-10 15:59:08 +02:00
Thang Vu	2510f74809	chore(release): bump version [skip ci]	2023-10-02 18:57:37 +07:00
Thang Vu	27b2519b84	fix(next): returns correct status for signing in with `redirect: false` for route handler (#8775 ) * fix: returns status for signing in with credentials provider `redirect: false` * chore: format cookie.ts	2023-10-02 18:48:36 +07:00
Ahmed Abdelbaset	5f15b0704a	docs: fix typo (#8767 ) fix typo	2023-10-02 01:03:25 +01:00
Balázs Orbán	e4573ffff5	docs: typo	2023-10-02 01:37:14 +02:00
Balázs Orbán	4ce1951a2b	docs: close admonition	2023-10-02 01:34:55 +02:00
Balázs Orbán	c95531d651	docs: mention `auth()` convention under `getServerSession`	2023-10-02 01:32:35 +02:00
Balázs Orbán	654d52bb56	docs: mention `getServerSession` under `SessionProvider`	2023-10-02 01:27:35 +02:00
Herbie Vine	b72d7be9be	docs: set decode fn not jwt obj (#8742 ) Co-authored-by: Balázs Orbán <info@balazsorban.com>	2023-09-29 15:36:32 +02:00
Balázs Orbán	76fcc4e70c	chore: don't sync example from v4 branch	2023-09-27 12:49:25 +02:00
Balázs Orbán	4cacf504dd	docs: clarify `pages` in middleware	2023-09-26 13:23:04 +02:00
Balázs Orbán	50eb23f626	fix: update security policy link	2023-09-25 11:30:27 +02:00
Balázs Orbán	d813c00b3e	fix(ts): fix typo	2023-09-20 19:48:30 +01:00
Soheil Nazari	fc4448a85a	docs: add extra tips for next app router (#8227 ) * Update example.md * Update example.md * Update example.md * Update docs/docs/getting-started/example.md * Update docs/docs/getting-started/example.md * Update docs/docs/getting-started/example.md --------- Co-authored-by: Thang Vu <hi@thvu.dev>	2023-09-20 13:46:47 +07:00
Thang Vu	16f781c091	chore: update email	2023-09-16 12:07:27 +07:00
Jared Wyce	ebfdaece0e	fix: remove trailing `?` from signIn URL (#8466 ) * fix: 🎣 avoid phishing categorization by VPNs * Update packages/next-auth/src/react/index.tsx * Update packages/next-auth/src/react/index.tsx --------- Co-authored-by: Thang Vu <hi@thvu.dev>	2023-09-06 12:55:03 +07:00
Devdat Kumar	64a190e549	docs: Update adapters.md (#8397 ) "Drizzle" and "Kysely" links have been added to the list, and the list has been sorted. https://next-auth.js.org/adapters	2023-08-24 10:23:41 +01:00
Arif Shanji	e11f898c10	docs: typo (#8366 )	2023-08-21 13:53:35 +02:00
Balázs Orbán	dcb11da2e2	docs: update error page closes #8174	2023-08-18 09:22:25 +01:00
Thang Vu	9f900befe6	chore(release): bump version [skip ci]	2023-08-16 14:43:26 +07:00
Gabriel Villenave	09c2a89df8	fix: use `default` submodules export in `package.json` (#8330 ) Use `default` submodules export in `package.json` to ensure compatibility, as specified in https://nodejs.org/api/packages.html#conditional-exports	2023-08-16 09:33:07 +02:00
Balázs Orbán	20c3fe3331	fix(ts): correctly expose `next-auth/adapters` Fixes https://github.com/nextauthjs/next-auth/issues/8283#issuecomment-1675939280	2023-08-12 16:37:18 +02:00
Manuel Cattelan	e26f500d18	docs(providers): add warning for gitlab provider (#8292 )	2023-08-11 13:56:56 +02:00
Balázs Orbán	494d16e54d	chore(release): bump version [skip ci]	2023-08-11 13:43:03 +02:00
Balázs Orbán	5a8aa2e5e5	feat(providers): add Passage by 1Password	2023-08-11 13:39:52 +02:00
Balázs Orbán	05ff6ae221	fix(ts): correctly export submodule types	2023-08-11 11:31:35 +02:00
Jonathan Edenström	1fbc684f53	fix: sort cookie chunks correctly (#8284 )	2023-08-10 12:17:41 +01:00
Balázs Orbán	124be4fb1f	chore(release): bump version [skip ci]	2023-08-08 19:21:49 +02:00
Balázs Orbán	3b0128c3ca	fix(ts): match `next-auth/adapter` & `@auth/core/adapters`	2023-08-08 19:20:30 +02:00
Balázs Orbán	36b97aafb8	docs: amplify note	2023-08-08 18:00:41 +02:00
Thang Vu	175d37499b	chore(release): bump version [skip ci]	2023-08-06 22:52:13 +07:00
Thang Vu	08a6835a70	fix: don't return `res.end()` in api handler (#8244 ) Move #8069 to v4 branch co-authored by @maritz Co-authored-by: maritz <159633+maritz@users.noreply.github.com>	2023-08-06 22:38:57 +07:00
Thang Vu	448a11ff0a	chore: add turbo env vars	2023-08-06 21:47:08 +07:00
Thang Vu	f39f9708bd	fix(ts) : add missing function overload for Route Handler (#8236 ) Pick up https://github.com/nextauthjs/next-auth/pull/8211 & tweak some changes Co-authored-by: Max Quinn <max.t.quinn@gmail.com>	2023-08-05 19:57:29 +07:00
Matt Azlin	6d98b8b33c	docs: fixing broken link in documentation (#8208 )	2023-08-03 16:11:11 +02:00
Balázs Orbán	ef7ec044c5	docs: clarify `getServerSession`	2023-08-03 16:05:32 +02:00
Balázs Orbán	e89e3143d7	docs: move `unstable_getServerSession`	2023-08-03 16:03:48 +02:00
Noam Al Rifaï	12f0795a0a	docs: Typo fixed (#8206 )	2023-08-03 16:01:58 +02:00
Trent	9e0036bc73	docs(providers): mention HTTP-based Email guide (#8214 ) Co-authored-by: Balázs Orbán <info@balazsorban.com>	2023-08-03 15:57:57 +02:00
MohammadAli Saeidi	27aa5ef09b	docs: Update object key "email" to "username" (#8113 )	2023-07-25 14:45:38 +02:00
Thang Vu	903bd6fac9	fix: remove RSC warning in `getServerSession` (#8108 )	2023-07-25 12:13:51 +02:00
Ricardo van Noort	998b7a0db4	docs: Update upgrade-to-v4.md (#8123 )	2023-07-25 12:12:57 +02:00
Thang Vu	465644f9e4	fix(ts): SignInResponse.error type (#8109 ) Co-authored-by: smcg468 <49883535+smcg468@users.noreply.github.com>	2023-07-22 12:39:23 +07:00
GhibliMagic	d12bd5a799	doc: Add a guide on sending magic links to existing users only (#7663 )	2023-07-22 11:57:52 +07:00
Tony Worm	3897d47db2	docs: Update refresh-token-rotation.md - fix example client code filename (#8088 )	2023-07-20 01:09:06 +02:00
Doug	e44dccc42d	docs(providers): updated docs with missing account attribute (#8084 )	2023-07-19 15:24:41 +02:00
Balázs Orbán	733a81bd3a	chore(release): bump version [skip ci]	2023-07-18 22:53:27 +02:00
Balázs Orbán	f06f3bbc96	chore(release): bump version [skip ci]	2023-07-18 15:53:30 +02:00
Thang Vu	aea27a1fa8	fix: remove unused TS types	2023-07-16 22:32:55 +07:00
Thang Vu	bd37c55241	fix(ts): adapter interface (#8054 )	2023-07-16 20:47:18 +07:00
Rexford Essilfie	169a5230db	fix(ts): add overloads to withAuth middleware (#7999 ) * fix(ts): add overloads to withAuth middleware * fix: allow extends Request on returned middleware handler * chore: simplify return type for withAuth returning middleware * chore: remove withAuth overloads generics --------- Co-authored-by: Thang Vu <hi@thvu.dev>	2023-07-12 10:49:50 +07:00
Francis Gulotta	f48eb0478e	fix(providers): fix `nodemailer`/required types (#7950 ) Co-authored-by: Balázs Orbán <info@balazsorban.com>	2023-07-11 12:57:37 +02:00
Stephen Cronin	b25a090c17	docs: fix `getServerSession` API Routes example (#7978 ) * Fix Next.js getServerSession API Routes example Example API code threw an error in Next.js. Fixed the example to work. * Update docs/docs/configuration/nextjs.md --------- Co-authored-by: Balázs Orbán <info@balazsorban.com>	2023-07-09 14:03:02 +02:00
Matt Jared	0167e9368b	docs: Update example.md (#7879 )	2023-06-27 14:29:17 +02:00
Mikalai S	dcb576f01b	docs: Mention a possible cause of ResourceNotFound issue (#7758 )	2023-06-09 14:56:55 +02:00
Balázs Orbán	9417822a41	Update oauth.ts Closes #7608 Co-authored-by: aaazzz <akrm@hey.com>	2023-06-01 11:17:23 +01:00
Balázs Orbán	14f8f0cb58	docs: rephrase Closes #7531 Co-authored-by: Trey Speakman <100887275+treyspeakman@users.noreply.github.com>	2023-05-19 00:58:27 +01:00
Nick Radford	212272a839	docs: Update sub-bullet about vercel deployment specifics (#7537 )	2023-05-14 12:59:49 +02:00
Balázs Orbán	a8e8b7542c	docs: Update initialization.md	2023-05-11 23:30:53 +01:00
browny	14cecb9b73	docs: update react docs link (#7521 )	2023-05-11 14:45:39 +02:00
Ivan Medina	28bec0fbcc	docs: Update client.md (#7458 )	2023-05-06 12:09:10 +01:00
Thang Vu	bc683a5b72	chore: merge changes back to v4 (#7430 ) * docs: Remove --save from install command (#7277) Remove --save from install command --save is no longer needed on npm install. * chore: fix "Contributing guide" link (#7279) * fix: detect origin when `instanceof Request` check fails (#7303) * docs: Update Clerk sponsorship URL (#7305) - Change Clerk URL from `https://clerk.dev` to `https://clerk.com` - Fix alt from copy/paste * chore: bump react types * fix(docs): fix default `maxAge` formula (#7406) * Update pnpm-lock.yaml * sync package.json change --------- Co-authored-by: Chris Hayes <6013871+Christopher-Hayes@users.noreply.github.com> Co-authored-by: Raul <57044803+Leprekus@users.noreply.github.com> Co-authored-by: Balázs Orbán <info@balazsorban.com> Co-authored-by: Nick Parsons <nparsons08@gmail.com> Co-authored-by: Victor <saptefrativictor@gmail.com>	2023-05-04 20:05:33 +01:00
Sebastián Iturra	e7b8597f73	docs: Update email.md (#7391 )	2023-04-28 13:53:27 +01:00
Kjetil Hårtveit	5c89a21bfa	docs: mention caching in App Router (#7206 ) I spent at least a day figuring out why my tRPC caches were all [MISSing](https://vercel.com/docs/concepts/edge-network/caching#miss) even though I set the correct Cache-Control headers (my stack: NextAuth, NextJS, tRPC, Vercel). I wish information could be placed where appropriate so that others don't need to debug like I had too. I realise it's a bit convoluted as tRPC suggested I could fetch the session in the context and then use it throughout my routers. It was not obvious to me that this caused all the public caches to fail, even on query procedures that were not using the session. The caches were MISSing because `getServerSession` refreshes the cookies via the `set-cookie` header and [Vercel won't allow this](https://vercel.com/docs/concepts/functions/serverless-functions/edge-caching). I'm not saying the refreshing of cookies is wrong, it's a nice feature, and it's kind of handy this implicitly means Vercel doesn't cache. So how I got here has many causes and it's futile to find anyone to "blame". The factors are: - tRPC suggests `getSession()` in their [documentation for context](https://trpc.io/docs/server/context). - I see tRPC does not suggest `getSession()` in the page for [caching](https://trpc.io/docs/server/caching) which is correct but wasn't obvious to me what I had done wrong. - my misunderstanding about the link between session and personalized data (it makes sense to me now but it wasn't that obvious to see the link: get session means no public cache)	2023-04-26 13:05:01 +01:00
Andreas Jagiella	6e9c8b5b3c	docs(providers): mention non-standard properties (#7290 ) ~ needed database entries ~ type of redirect uri	2023-04-26 13:03:08 +01:00
Ilya	91a9e5f601	docs(providers): update default vk provider version and options link (#7354 ) Update version by default and options link Now by default VK provider uses `5.131` version. And provider options link changed to .ts.	2023-04-26 12:58:09 +01:00
Balázs Orbán	cb916f4848	docs: Update typescript.md closes #7288	2023-04-17 21:01:11 +01:00
muoi	8259cd4fc6	docs : fix typo (#7258 ) Update link to Kakao Provider options	2023-04-17 10:35:15 +01:00
Dorijan Hašpl	7a8c0068c4	docs: mention Route Handler initialization in getting started (#7213 ) Updated the Getting Started documentation file (section about adding NextAuth API routes) to refer to another documentation section where the NextAuth API routes are handled using the new App Router and Route Handlers	2023-04-12 11:39:09 +01:00
Balázs Orbán	6edb6ddaaf	fix: respect protocol too, when host is trusted (#7214 ) * fix: respect protocol too when host is trusted * simplify	2023-04-12 11:30:20 +01:00
Balázs Orbán	0711d32a00	chore(release): bump version [skip ci]	2023-04-09 11:54:51 +02:00
Balázs Orbán	c261af4695	feat: support Route Handlers (#6777 ) * feat: support Route Handlers * update dev app * init NextAuth via Route Handler in dev app * import as type * fix labeler * default secret to `NEXTAUTH_SECRET` * handle redirects * support advanced init in Route Handlers * use port 3000 for docs dev * document initialization with Route Handlers * upgrade to latest `next` * upgrade to 13.3.0 * remove workaround * cleanup	2023-04-09 10:51:49 +01:00
Balázs Orbán	d69f311ddc	chore(release): bump version [skip ci]	2023-04-03 12:15:24 +02:00
Julius Marminge	ec8a34308b	fix(ts): revert `session` callback type changes (#7136 ) Fixes https://github.com/t3-oss/create-t3-app/issues/1328	2023-04-03 12:14:24 +02:00
Balázs Orbán	c0bf2f15fb	chore(release): bump version [skip ci]	2023-04-02 11:30:53 +02:00
Thang Vu	d8901777bf	fix: revert #6814 (#7125 )	2023-04-02 11:27:52 +02:00
Balázs Orbán	319f2ce165	fix(ts): mark `id` in `updateUser` as always defined Closes #7027	2023-03-29 14:16:58 +02:00
Balázs Orbán	2d907f0004	feat: make it possible to update the session (#7056 )	2023-03-29 05:43:48 +02:00
JakobSchlichting	2954588be7	docs: fix typo (#7094 )	2023-03-29 05:39:57 +02:00
Balázs Orbán	4026183411	docs: fix adapters links	2023-03-27 01:48:23 +02:00
Abdulaziz Askaraliev	86d031faba	fix(providers): add types for yandex provider (#7073 ) * fix(providers): yandex add types * chore(providers): yandex added comments * Update yandex.ts --------- Co-authored-by: Balázs Orbán <info@balazsorban.com>	2023-03-27 00:39:54 +01:00
Thomas Knickman	1e3745d22a	chore(docs): update broken links (#7069 ) fix(docs): update broken links	2023-03-26 21:51:05 +02:00
Balázs Orbán	feaeda9e2a	chore: release with declaration maps	2023-03-25 16:18:38 +01:00
Balázs Orbán	e127600ad4	chore: fix tests	2023-03-25 15:37:17 +01:00
Balázs Orbán	cb3137133c	docs: fix title	2023-03-25 13:46:35 +01:00
Balázs Orbán	b3eaf6329e	docs: fix broken links	2023-03-25 13:22:56 +01:00
Peter	8aa1789697	fix(oauth): allow jwks_uri to be set for non-wellKnown (#7014 ) fix(oauth): allow jwks_uri to be set for non-wellKnown flow by passing jwks_endpoint Co-authored-by: Thang Vu <hi@thvu.dev>	2023-03-25 18:57:22 +07:00
Balázs Orbán	a7601d0b45	chore: redirect rest of the adapters	2023-03-24 01:57:41 +01:00
Balázs Orbán	bb8d826bc7	Update sidebars.js	2023-03-20 20:43:03 +00:00
Balázs Orbán	f787809cd4	Update overview.md	2023-03-20 20:36:47 +00:00
Balázs Orbán	7789fa17b5	Delete pouchdb.md	2023-03-20 20:36:34 +00:00
Balázs Orbán	740c505901	Update vercel.json	2023-03-20 20:36:06 +00:00
Balázs Orbán	1e579cbaa6	Merge branch 'v4' of github.com:nextauthjs/next-auth into v4	2023-03-16 03:21:37 +01:00
Balázs Orbán	65aacbe97a	docs: fix links	2023-03-16 03:21:33 +01:00
Balázs Orbán	7dbfa5da4d	docs: fix sidebar, remove duplicates	2023-03-16 03:13:36 +01:00
Balázs Orbán	98bd774b75	Update vercel.json	2023-03-16 01:51:34 +00:00
Norbert Hüthmayr	3661ca68b0	doca: Prevent Stalled Request Warning (#6967 ) Added call to end() Missing end causes `stalled request` warning	2023-03-16 01:30:12 +01:00
Balázs Orbán	7ba986b01e	Update vercel.json	2023-03-09 11:34:27 +00:00
Balázs Orbán	e638ec5eb1	chore: redirect to new reference page	2023-03-09 11:25:25 +00:00
Abheek Dhawan	7327468697	docs: remove incorrect space in MikroORM (#6886 )	2023-03-08 16:56:26 +00:00
Balázs Orbán	9a9c24897d	docs: redirect prisma	2023-03-05 17:20:30 +01:00
Balázs Orbán	e362653819	chore: format	2023-03-05 16:08:35 +01:00
Balázs Orbán	a92e348ed3	chore: remove duplicate articles	2023-03-05 15:56:43 +01:00
Balázs Orbán	ab0857a99e	chore: correct ts import	2023-03-02 20:32:28 +01:00
Balázs Orbán	50b117dfbb	chore(release): bump version [skip ci]	2023-03-02 20:08:55 +01:00
Balázs Orbán	e6590ffc20	fix: unify checks	2023-03-02 20:08:28 +01:00
Balázs Orbán	26c846594f	chore(release): bump version [skip ci]	2023-03-02 01:53:44 +01:00
Balázs Orbán	2432ce9001	fix: throw error on missing state	2023-03-02 01:50:05 +01:00
Anthony Jocks	0a689b4f4e	docs: typo in faq.md (#6826 )	2023-02-28 12:53:44 +01:00
Thang Vu	2fb34bab51	feat: priortize `NEXTAUTH_URL_INTERNAL` (#6814 )	2023-02-25 18:51:16 +00:00
Olabode Lawal-Shittabey	d0e7689d07	docs: fix typo on 'nextjs#getserversession' page (#6790 )	2023-02-23 14:56:58 +01:00
Balázs Orbán	c004659174	docs: add IDS6 documentation	2023-02-22 02:00:56 +00:00
Tom	c212e96f83	docs(providers): fix broken sudo pipe in hostname example (#6769 ) `sudo echo > /etc/hosts` attempts to write to /etc/hosts as a non-priv user, which will fail. `echo \| sudo tee /etc/hosts` works.	2023-02-22 01:49:05 +00:00
Balázs Orbán	d41f2a4a02	docs: fix typo	2023-02-21 18:28:05 +01:00
Raúl Marín	5ecf20a804	fix: Add missing logo to Default Signin Page (#6728 ) fix(packages\next-auth\src\core\pages\signin.tsx): add missing logo	2023-02-17 10:23:10 +07:00
Steve Fuller	9e423f3252	docs: Update custom sign in getProvider example (#6706 ) According to the function declaration for [getProviders()](https://github.com/nextauthjs/next-auth/blob/v4/packages/next-auth/src/react/index.tsx#L187) it doesn't accept any parameters. Therefore have removed passing of an argument in the doc example. Using the documentation as is will result in multiple type errors as [referenced in an issue I've posted about](https://github.com/nextauthjs/next-auth/issues/6704)	2023-02-13 12:56:10 +00:00
Jiří Hofman	cf810f246a	docs: fix wording for deployment on Vercel preview (#6705 )	2023-02-13 12:50:14 +00:00
Balázs Orbán	05fe398b1a	docs: redirect to new refresh token article	2023-02-10 11:59:18 +01:00
Balázs Orbán	8659c02366	docs: stop encouraging adding providers to legacy	2023-02-10 02:01:10 +01:00
Balázs Orbán	2e039643b6	docs: fix path closes #6663	2023-02-10 01:59:41 +01:00
Balázs Orbán	3943f9b7b2	fix(next-auth): remove `engines` requirement on `openid-client` (#6654 )	2023-02-09 01:52:50 +01:00
Balázs Orbán	f2e85c2113	chore: redirect to more up-to-date docs	2023-02-05 15:13:14 +01:00
Robin	c53c868288	docs: update pages configuration example to typescript (#6596 ) * Update examples to TS * docs: update files names to corresponding TSX having jsx syntax, file needs to be jsx/tsx. * Apply suggestions from code review --------- Co-authored-by: Balázs Orbán <info@balazsorban.com>	2023-02-03 13:59:36 +00:00
Balázs Orbán	0bc4fcb51a	docs: clarify `token` and `user` in `session` callback closes #6602	2023-02-03 13:52:12 +00:00
Ojoechem Chinonso	139c2edb50	docs: redirect from custom sign in page if signed in (#6589 ) * Add success handler to getServerSideProps This change adds a code that gives the user a sense of direction on what to do if the OAuth sign in is successful. * Update docs/docs/configuration/pages.md This is noted Co-authored-by: Balázs Orbán <info@balazsorban.com> * Update getSession to getServerSession Change the getSession in getServerSideProps to the new getServerSession * Apply suggestions from code review * Apply suggestions from code review * Apply suggestions from code review --------- Co-authored-by: Balázs Orbán <info@balazsorban.com>	2023-02-03 12:59:22 +00:00
Balázs Orbán	4e94d89554	chore(release): bump version	2023-02-02 02:16:28 +01:00
Balázs Orbán	43d66fcb23	fix(ts): stop using typeof + generic together (#6595 )	2023-02-02 02:15:43 +01:00