chore(release): bump package version(s) [skip ci]

See: https://github.com/nextauthjs/.github

.eslintignore

@@ -0,0 +1,70 @@
+.eslintrc.js
+.cache-loader
+.DS_Store
+.pnpm-debug.log
+.turbo
+.vscode/generated*
+/_work
+/actions-runner
+node_modules
+patches
+pnpm-lock.yaml
+.github/actions/issue-validator/index.mjs
+*.cjs
+*.js
+*.d.ts
+*.d.ts.map
+
+.svelte-kit
+.next
+.nuxt
+
+# --------------- Docs ---------------
+
+.docusaurus
+build
+docs/docs/reference/03-core
+docs/docs/reference/04-sveltekit
+static
+
+# --------------- Packages ---------------
+
+coverage
+dist
+
+# @auth/core
+packages/core/src/providers/oauth-types.ts
+packages/core/src/lib/pages/styles.ts
+
+# @auth/sveltekit
+packages/frameworks-sveltekit/package
+packages/frameworks-sveltekit/vite.config.{js,ts}.timestamp-*
+
+# next-auth
+packages/next-auth/src/providers/oauth-types.ts
+packages/next-auth/css/index.css
+
+
+# Adapters
+.branches
+db.sqlite
+dev.db
+dynamodblocal-bin
+firebase-debug.log
+firestore-debug.log
+migrations
+test.schema.gql
+
+# --------------- Apps ---------------
+
+
+# Examples should have their own Prettier config since they are templates too
+apps/example-sveltekit
+
+# Development app
+apps
+
+
+# --------------- Tests ---------------
+# TODO: these should be linted
+packages/**/*test*

.eslintrc.js

@@ -1,40 +1,75 @@
-const path = require("path")
+// @ts-check
 
+/** @type {import("eslint").ESLint.ConfigData} */
 module.exports = {
-  root: true,
-  parser: "@typescript-eslint/parser",
+  env: { browser: true, es2022: true, node: true },
+  extends: ["eslint:recommended", "prettier"],
   overrides: [
     {
       files: ["*.ts", "*.tsx"],
-      extends: ["standard-with-typescript", "prettier"],
-      rules: {
-        camelcase: "off",
-        "@typescript-eslint/naming-convention": "off",
-        "@typescript-eslint/strict-boolean-expressions": "off",
-        "@typescript-eslint/explicit-function-return-type": "off",
-        "@typescript-eslint/restrict-template-expressions": "off",
-      },
-
+      parser: "@typescript-eslint/parser",
       parserOptions: {
-        project: [
-          path.resolve(__dirname, "./packages/**/tsconfig.eslint.json"),
-          path.resolve(__dirname, "./apps/**/tsconfig.json"),
-        ],
+        project: ["./packages/**/tsconfig.json", "./apps/**/tsconfig.json"],
+      },
+      settings: { react: { version: "18" } },
+      extends: [
+        "plugin:react/recommended",
+        "plugin:react/jsx-runtime",
+        "standard-with-typescript",
+        "prettier",
+      ],
+      rules: {
+        "@typescript-eslint/explicit-function-return-type": "off",
+        "@typescript-eslint/method-signature-style": "off",
+        "@typescript-eslint/naming-convention": "off",
+        "@typescript-eslint/no-non-null-assertion": "off",
+        "@typescript-eslint/restrict-template-expressions": "off",
+        "@typescript-eslint/strict-boolean-expressions": "off",
+        "react/prop-types": "off",
+        "react/no-unescaped-entities": "off",
       },
     },
+    {
+      files: ["*.test.ts", "*.test.js"],
+      extends: ["plugin:jest/recommended"],
+      env: { jest: true },
+    },
+    {
+      files: ["docs/**"],
+      plugins: ["@docusaurus"],
+      extends: ["plugin:@docusaurus/recommended"],
+    },
+    {
+      // TODO: Expand to all packages
+      files: ["packages/{core,sveltekit}/*.ts"],
+      plugins: ["jsdoc"],
+      extends: ["plugin:jsdoc/recommended"],
+      rules: {
+        "jsdoc/require-param": "off",
+        "jsdoc/require-returns": "off",
+        "jsdoc/require-jsdoc": [
+          "warn",
+          { publicOnly: true, enableFixer: false },
+        ],
+        "jsdoc/no-multi-asterisks": ["warn", { allowWhitespace: true }],
+        "jsdoc/tag-lines": "off",
+      },
+    },
+    {
+      files: ["packages/frameworks-sveltekit"],
+      plugins: ["svelte3"],
+      overrides: [{ files: ["*.svelte"], processor: "svelte3/svelte3" }],
+      settings: {
+        "svelte3/typescript": () => require("typescript"),
+      },
+      parserOptions: { sourceType: "module", ecmaVersion: 2020 },
+      env: { browser: true, es2017: true, node: true },
+    },
   ],
-  extends: ["prettier"],
-  globals: {
-    localStorage: "readonly",
-    location: "readonly",
-    fetch: "readonly",
+  parserOptions: {
+    sourceType: "module",
+    ecmaVersion: "latest",
+    ecmaFeatures: { jsx: true },
   },
-  rules: {
-    camelcase: "off",
-  },
-  plugins: ["jest"],
-  env: {
-    "jest/globals": true,
-  },
-  ignorePatterns: [".eslintrc.js"],
+  root: true,
 }

.github/ISSUE_TEMPLATE/config.yml

@@ -1 +1 @@
-blank_issues_enabled: false
+blank_issues_enabled: false

.github/actions/issue-validator/repro.md

@@ -35,4 +35,3 @@ Upvoting issues to show your interest will help us prioritize and address them a
 - [How to create a Minimal, Complete, and Verifiable example](https://stackoverflow.com/help/mcve)
 - [Reporting a NextAuth.js bug](https://github.com/nextauthjs/next-auth/blob/main/.github/ISSUE_TEMPLATE/1_bug_framework.yml)
 - [How to Contribute to Open Source (Next.js)](https://www.youtube.com/watch?v=cuoNzXFLitc)
-

.github/actions/issue-validator/src/index.mjs

@@ -4,11 +4,8 @@ import * as github from "@actions/github"
 // @ts-expect-error
 import * as core from "@actions/core"
 import { readFileSync } from "node:fs"
-import { join } from "node:path"
 
 const addReproductionLabel = "incomplete"
-const __dirname =
-  "/home/runner/work/nextauthjs/next-auth/.github/actions/issue-validator"
 
 /**
  * @typedef {{
@@ -73,7 +70,7 @@ async function run() {
         }),
         client.issues.createComment({
           ...issueCommon,
-          body: readFileSync(join(__dirname, "repro.md"), "utf8"),
+          body: readFileSync("repro.md", "utf8"),
         }),
       ])
       return core.info(

.github/sync.yml

@@ -1,12 +1,14 @@
-nextauthjs/next-auth-example:
-  - source: apps/example-nextjs
+# Note that nextauthjs/next-auth-example syncs from the v4 branch
+
+nextauthjs/sveltekit-auth-example:
+  - source: apps/example-sveltekit
     dest: .
     deleteOrphaned: true
   - .github/FUNDING.yml
   - LICENSE
 
 nextauthjs/next-auth-gatsby-example:
-  - source: apps/example-gatsby
+  - source: apps/playground-gatsby
     dest: .
     deleteOrphaned: true
   - .github/FUNDING.yml

.github/workflows/issue-validator.yml

@@ -11,7 +11,7 @@ jobs:
       - uses: actions/setup-node@v3
         with:
           node-version: 18
-      - name: 'Run issue validator'
-        run: node ./.github/actions/issue-validator/index.mjs
+      - name: "Run issue validator"
+        run: node /home/runner/work/next-auth/next-auth/.github/actions/issue-validator/index.mjs
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release.yml

@@ -20,8 +20,6 @@ jobs:
           fetch-depth: 2
       - name: Install pnpm
         uses: pnpm/action-setup@v2.2.4
-        with:
-          version: 7.5.1
       - name: Setup Node
         uses: actions/setup-node@v3
         with:
@@ -29,8 +27,6 @@ jobs:
           cache: "pnpm"
       - name: Install dependencies
         run: pnpm install
-      - name: Build
-        run: pnpm build
       - name: Run tests
         run: pnpm test
         env:
@@ -52,10 +48,9 @@ jobs:
         uses: actions/checkout@v3
         with:
           fetch-depth: 0
+          token: ${{ secrets.GH_PAT_CLASSIC }}
       - name: Install pnpm
         uses: pnpm/action-setup@v2.2.4
-        with:
-          version: 7.5.1
       - name: Setup Node
         uses: actions/setup-node@v3
         with:
@@ -64,15 +59,12 @@ jobs:
       - name: Install dependencies
         run: pnpm install
       - name: Publish to npm and GitHub
-        run: |
-          git config --global user.email "balazsorban44@users.noreply.github.com"
-          git config --global user.name "Balázs Orbán"
-          pnpm release
+        run: pnpm release
         env:
-          RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
-          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
-          NPM_TOKEN_PKG: ${{ secrets.NPM_TOKEN_PKG }}
-          NPM_TOKEN_ORG: ${{ secrets.NPM_TOKEN_ORG }}
+          # Use GH_PAT when this is fixed:
+          # https://github.com/github/roadmap/issues/622
+          GITHUB_TOKEN: ${{ secrets.GH_PAT_CLASSIC }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
   release-pr:
     name: Publish PR
     runs-on: ubuntu-latest
@@ -84,8 +76,6 @@ jobs:
         uses: actions/checkout@v3
       - name: Install pnpm
         uses: pnpm/action-setup@v2.2.4
-        with:
-          version: 7.5.1
       - name: Setup Node
         uses: actions/setup-node@v3
         with:
@@ -100,19 +90,19 @@ jobs:
           PR_NUMBER: ${{ github.event.number }}
       - name: Publish to npm
         run: |
-          cd packages/next-auth
+          cd packages/core
           echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> .npmrc
           pnpm publish --no-git-checks --access public --tag experimental
         env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN_PKG }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
       - name: Comment version on PR
         uses: NejcZdovc/comment-pr@v2
         with:
           message:
-            "🎉 Experimental release [published 📦️ on npm](https://npmjs.com/package/next-auth/v/${{ env.VERSION }})!\n \
-            ```sh\npnpm add next-auth@${{ env.VERSION }}\n```\n \
-            ```sh\nyarn add next-auth@${{ env.VERSION }}\n```\n \
-            ```sh\nnpm i next-auth@${{ env.VERSION }}\n```"
+            "🎉 Experimental release [published 📦️ on npm](https://npmjs.com/package/@auth/core/v/${{ env.VERSION }})!\n \
+            ```sh\npnpm add @auth/core@${{ env.VERSION }}\n```\n \
+            ```sh\nyarn add @auth/core@${{ env.VERSION }}\n```\n \
+            ```sh\nnpm i @auth/core@${{ env.VERSION }}\n```"
         env:
           VERSION: ${{ steps.determine-version.outputs.version }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GH_PAT }}

.github/workflows/sync-examples.yml

@@ -16,3 +16,4 @@ jobs:
         with:
           GH_PAT: ${{ secrets.SYNC_EXAMPLE_PAT }}
           SKIP_PR: true
+          ORIGINAL_MESSAGE: true

.gitignore

@@ -1,7 +1,7 @@
 # Misc
 .DS_Store
 .npmrc
-
+.eslintcache
 .env
 .env.local
 .env.development.local
@@ -51,7 +51,7 @@ apps/dev/typeorm
 /.vs/slnx.sqlite-journal
 /.vs/slnx.sqlite
 /.vs
-.vscode
+.vscode/generated*
 
 # Jetbrains
 .idea
@@ -78,4 +78,22 @@ test.schema.gql
 
 # docusaurus
 docs/.docusaurus
-docs/providers.json
+docs/providers.json
+
+# Core
+packages/core/*.js
+packages/core/*.d.ts
+packages/core/*.d.ts.map
+packages/core/lib
+packages/core/providers
+docs/docs/reference/03-core
+docs/docs/reference/04-sveltekit
+
+
+# SvelteKit
+packages/frameworks-sveltekit/index.*
+packages/frameworks-sveltekit/client.*
+packages/frameworks-sveltekit/.svelte-kit
+packages/frameworks-sveltekit/package
+packages/frameworks-sveltekit/vite.config.js.timestamp-*
+packages/frameworks-sveltekit/vite.config.ts.timestamp-*

.husky/.gitignore

@@ -1 +0,0 @@
-_

.husky/pre-commit

@@ -1,4 +0,0 @@
-#!/bin/sh
-. "$(dirname "$0")/_/husky.sh"
-
-# npx pretty-quick --staged

.prettierignore

@@ -0,0 +1,66 @@
+.cache-loader
+.DS_Store
+.pnpm-debug.log
+.turbo
+.vscode/generated*
+/_work
+/actions-runner
+node_modules
+patches
+pnpm-lock.yaml
+.github/actions/issue-validator/index.mjs
+*.d.ts
+*.d.ts.map
+
+.svelte-kit
+.next
+.nuxt
+
+# --------------- Docs ---------------
+
+.docusaurus
+build
+docs/docs/reference/03-core
+docs/docs/reference/04-sveltekit
+static
+
+# --------------- Packages ---------------
+
+coverage
+dist
+packages/**/*.cjs
+packages/**/*.js
+
+# @auth/core
+packages/core/src/providers/oauth-types.ts
+packages/core/src/lib/pages/styles.ts
+
+# @auth/sveltekit
+packages/frameworks-sveltekit/package
+packages/frameworks-sveltekit/vite.config.{js,ts}.timestamp-*
+
+# next-auth
+packages/next-auth/src/providers/oauth-types.ts
+packages/next-auth/css/index.css
+
+
+# Adapters
+.branches
+db.sqlite
+dev.db
+dynamodblocal-bin
+firebase-debug.log
+firestore-debug.log
+migrations
+test.schema.gql
+
+# --------------- Apps ---------------
+
+
+# Examples should have their own Prettier config since they are templates too
+apps/example-sveltekit
+
+# Development app
+apps/dev/prisma
+apps/dev/migrations
+apps/dev/typeorm

.prettierrc.js

@@ -0,0 +1,16 @@
+// @ts-check
+
+/** @type {import("prettier").Config} */
+module.exports = {
+  semi: false,
+  singleQuote: false,
+  overrides: [
+    {
+      files: [
+        "apps/dev/pages/api/auth/[...nextauth].ts",
+        "docs/{sidebars,docusaurus.config}.js",
+      ],
+      options: { printWidth: 150 },
+    },
+  ],
+}

.vscode/settings.json

@@ -0,0 +1,8 @@
+{
+  "files.exclude": {
+    "packages/core/{lib,providers,*.js,*.d.ts,*.d.ts.map}": true,
+    "packages/next-auth/{client,core,css,jwt,next,providers,react,utils,*.js,*.d.ts}": true
+  },
+  "typescript.tsdk": "node_modules/typescript/lib",
+  "openInGitHub.remote.branch": "main"
+}

.vscode/snippets.code-snippets

@@ -0,0 +1,14 @@
+{
+  "oauth2-spec": {
+    "description": "Markdown link to OAuth 2 specification",
+    "scope": "typescript",
+    "prefix": "oauth2",
+    "body": ["[OAuth 2](https://datatracker.ietf.org/doc/html/rfc6749)"]
+  },
+  "oidc-spec": {
+    "description": "Markdown link to OpenID Connect specification",
+    "scope": "typescript",
+    "prefix": "oidc",
+    "body": ["[OIDC](https://openid.net/specs/openid-connect-core-1_0.html)"]
+  }
+}

CHANGELOG.md

@@ -1,5 +0,0 @@
-# CHANGELOG
-
-The changelog is automatically updated using
-[scripts/release/index.ts](https://github.com/nextauthjs/next-auth/tree/main/scripts/index.ts). You
-can see it on the [releases page](../../releases).

CODE_OF_CONDUCT.md

@@ -1,76 +0,0 @@
-# Contributor Covenant Code of Conduct
-
-## Our Pledge
-
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in our project and
-our community a harassment-free experience for everyone, regardless of age, body
-size, disability, ethnicity, sex characteristics, gender identity and expression,
-level of experience, education, socio-economic status, nationality, personal
-appearance, race, religion, or sexual identity and orientation.
-
-## Our Standards
-
-Examples of behavior that contributes to creating a positive environment
-include:
-
-- Using welcoming and inclusive language
-- Being respectful of differing viewpoints and experiences
-- Gracefully accepting constructive criticism
-- Focusing on what is best for the community
-- Showing empathy towards other community members
-
-Examples of unacceptable behavior by participants include:
-
-- The use of sexualized language or imagery and unwelcome sexual attention or
-  advances
-- Trolling, insulting/derogatory comments, and personal or political attacks
-- Public or private harassment
-- Publishing others' private information, such as a physical or electronic
-  address, without explicit permission
-- Other conduct which could reasonably be considered inappropriate in a
-  professional setting
-
-## Our Responsibilities
-
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
-
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
-
-## Scope
-
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an appointed
-representative at an online or offline event. Representation of a project may be
-further defined and clarified by project maintainers.
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting hi@thvu.dev, info@balazsorban.com, yo@ndo.dev and me@iaincollins.com.
-All complaints will be reviewed and investigated and will result in a response
-that is deemed necessary and appropriate to the circumstances. The project team
-is obligated to maintain confidentiality with regard to the reporter of an
-incident. Further details of specific enforcement policies may be posted separately.
-
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
-available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
-
-[homepage]: https://www.contributor-covenant.org
-
-For answers to common questions about this code of conduct, see
-https://www.contributor-covenant.org/faq

CONTRIBUTING.md

@@ -1,122 +0,0 @@
-# Contributing guide
-
-Contributions and feedback on your experience of using this software are welcome.
-
-This includes bug reports, feature requests, ideas, pull requests, and examples of how you have used this software.
-
-Please see the [Code of Conduct](CODE_OF_CONDUCT.md) and follow any templates configured in GitHub when reporting bugs, requesting enhancements, or contributing code.
-
-Please raise any significant new functionality or breaking change an issue for discussion before raising a Pull Request for it.
-
-## For contributors
-
-Anyone can be a contributor. Either you found a typo, or you have an awesome feature request you could implement, we encourage you to create a Pull Request.
-
-Before contributing, we recommend you read the [Tour de Source: NextAuth.js](https://sourcegraph.com/notebooks/Tm90ZWJvb2s6MTc2MQ==) post to become more familiar with the libraries inner workings.
-
-### Pull Requests
-
-- The latest changes are always in `main`, so please make your Pull Request against that branch.
-- Pull Requests should be raised for any change
-- Pull Requests need approval of a [core contributor](https://next-auth.js.org/contributors#core-team) before merging
-- We use ESLint/Prettier for linting/formatting, so please run `pnpm lint:fix` before committing to make resolving conflicts easier (VSCode users, check out [this ESLint extension](https://marketplace.visualstudio.com/items?itemName=dbaeumer.vscode-eslint) and [this Prettier extension](https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode) to fix lint and formatting issues in development)
-- We encourage you to test your changes, and if you have the opportunity, please make those tests part of the Pull Request
-- If you add new functionality, please provide the corresponding documentation as well and make it part of the Pull Request
-
-### Setting up local environment
-
-
-A quick guide on how to setup _next-auth_ locally to work on it and test out any changes:
-
-1. Clone the repo:
-
-```sh
-git clone git@github.com:nextauthjs/next-auth.git
-cd next-auth
-```
-
-2. Set up the correct pnpm version, using [Corepack](https://nodejs.org/api/corepack.html). Run the following in the project'a root:
-
-```sh
-corepack enable pnpm
-```
-
-(Now, if you run `pnpm --version`, it should print the same verion as the `packageManager` property in the [`package.json` file](https://github.com/nextauthjs/next-auth/blob/main/package.json))
-
-3. Install packages. Developing requires Node.js v18:
-
-```sh
-pnpm install
-```
-
-4. Populate `.env.local`:
-
-Copy `apps/dev/.env.local.example` to `apps/dev/.env.local`, and add your env variables for each provider you want to test.
-
-```sh
-cd apps/dev
-cp .env.local.example .env.local
-```
-
-> NOTE: You can add any environment variables to .env.local that you would like to use in your dev app.
-> You can find the next-auth config under`apps/dev/pages/api/auth/[...nextauth].js`.
-
-5. Start the developer application/server:
-
-```sh
-pnpm dev
-```
-
-Your developer application will be available on `http://localhost:3000`
-
-That's it! 🎉
-
-If you need an example project to link to, you can use [next-auth-example](https://github.com/iaincollins/next-auth-example).
-
-#### Hot reloading
-
-When running `pnpm dev`, you start a Next.js developer server on `http://localhost:3000`, which includes hot reloading out-of-the-box. Make changes on any of the files in `src` and see the changes immediately.
-
-> NOTE: When working on CSS, you will have to manually refresh the page after changes. The reason for this is our pages using CSS are server-side rendered (using API routes). (Improving this through a PR is very welcome!)
-
-> NOTE: The setup is as follows: The development application lives inside the `app` folder, and whenever you make a change to the `src` folder in the root (where next-auth is), it gets copied into `app` every time (gitignored), so Next.js can pick them up and apply hot reloading. This is to avoid some annoying issues with how symlinks are working with different React builds, and also to provide a super-fast feedback loop while developing core features.
-
-#### Providers
-
-If you think your custom provider might be useful to others, we encourage you to open a PR and add it to the built-in list so others can discover it much more easily! You only need to add two changes:
-
-1. Add your config: [`src/providers/{provider}.js`](https://github.com/nextauthjs/next-auth/tree/main/packages/next-auth/src/providers) (Make sure you use a named default export, like `export default function YourProvider`!)
-2. Add provider documentation: [`www/docs/providers/{provider}.md`](https://github.com/nextauthjs/next-auth/tree/main/www/docs/providers)
-3. Add provider logo svgs, like `google-dark.svg` (dark mode) and `google.svg` (light mode) to the `/packages/next-auth/provider-logos/` directory. Don't forget to set the provider's styling options in the `provider.style` config object.
-
-That's it! 🎉 Others will be able to discover this provider much more easily now!
-
-You can look at the existing built-in providers for inspiration.
-
-#### Databases
-
-If you would like to contribute to an existing database adapter or help create a new one, head over to the [nextauthjs/adapters](https://www.github.com/nextauthjs/adapters) repository and follow the instructions provided there.
-
-#### Testing
-
-Tests can be run with `pnpm test`.
-
-Automated tests are currently crude and limited in functionality, but improvements are in development.
-
-## For maintainers
-
-We use [a custom script](https://github.com/nextauthjs/next-auth/blob/main/scripts/release/index.ts) together with [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0) to automate releases. This makes the maintenance process easier and less error-prone. Please study the "Conventional Commits" site to understand how to write a good commit message.
-
-When accepting Pull Requests, make sure the following:
-
-- Use "Squash and merge"
-- Make sure you merge contributor PRs into `main`
-- Rewrite the commit message to conform to the `Conventional Commits` style.
-  - Using `fix` releases a patch (x.x.1)
-  - Using `feat` releases a minor (x.1.x)
-  - Using `feat` when `BREAKING CHANGE` is present in the commit message releases a major (1.x.x)
-- Optionally link issues the PR will resolve (You can add "close" in front of the issue numbers to close the issues automatically, when the PR is merged. `semantic-release` will also comment back to connected issues and PRs, notifying the users that a feature is added/bug fixed, etc.)
-
-### Skipping a release
-
-If a commit contains `[skip release]` in their message, it will be excluded from the commit analysis and won't participate in the release type determination. This is useful, if the PR being merged should not trigger a new `npm` release.

LICENSE

@@ -1,6 +1,6 @@
 ISC License
 
-Copyright (c) 2018-2021, Iain Collins
+Copyright (c) 2022-2023, Balázs Orbán
 
 Permission to use, copy, modify, and/or distribute this software for any
 purpose with or without fee is hereby granted, provided that the above
@@ -12,4 +12,4 @@ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

SECURITY.md

@@ -1,24 +0,0 @@
-# Security Policy
-
-NextAuth.js practices responsible disclosure.
-
-## Reporting a Vulnerability
-
-We request that you contact us directly to report serious issues that might impact the security of sites using NextAuth.js.
-
-If you contact us regarding a serious issue:
-
-- We will endeavor to get back to you within 72 hours.
-- We will aim to publish a fix within 30 days.
-- We will disclose the issue (and credit you, with your consent) once a fix to resolve the issue has been released.
-- If 90 days has elapsed and we still don't have a fix, we will disclose the issue publicly.
-
-The best way to report an issue is by contacting us via email at hi@thvu.dev, info@balazsorban.com, yo@ndo.dev and me@iaincollins.com, or raise a public issue requesting someone get in touch with you via whatever means you prefer for more details. (Please do not disclose sensitive details publicly at this stage.)
-
-> For less serious issues (e.g. RFC compliance for unsupported flows or potential issues that may cause a problem in the future) it is appropriate to submit these publicly as bug reports or feature requests or to raise a question to open a discussion around them.
-
-## Supported Versions
-
-Security updates are only released for the current version.
-
-Old releases are not maintained and do not receive updates.

apps/dev/.vscode/settings.json

@@ -0,0 +1,4 @@
+{
+  "typescript.tsdk": "../../node_modules/.pnpm/typescript@4.8.4/node_modules/typescript/lib",
+  "typescript.enablePromptUseWorkspaceTsdk": true
+}

apps/dev/README.md

@@ -3,4 +3,4 @@
 This folder contains a Next.js app using NextAuth.js for local development. See the following section on how to start:
 
 [Setting up local environment
-](https://github.com/nextauthjs/next-auth/blob/main/CONTRIBUTING.md#setting-up-local-environment)
+](https://github.com/nextauthjs/next-auth/blob/main/CONTRIBUTING.md#setting-up-local-environment)

apps/dev/components/footer.js

@@ -8,10 +8,10 @@ export default function Footer() {
       <hr />
       <ul className={styles.navItems}>
         <li className={styles.navItem}>
-          <a href="https://next-auth.js.org">Documentation</a>
+          <a href="https://authjs.dev">Documentation</a>
         </li>
         <li className={styles.navItem}>
-          <a href="https://www.npmjs.com/package/next-auth">NPM</a>
+          <a href="https://www.npmjs.com/package/@auth/core">NPM</a>
         </li>
         <li className={styles.navItem}>
           <a href="https://github.com/nextauthjs/next-auth-example">GitHub</a>

apps/dev/components/footer.module.css

@@ -11,4 +11,4 @@
 .navItem {
   display: inline-block;
   margin-right: 1rem;
-}
+}

apps/dev/components/header.module.css

@@ -11,10 +11,10 @@
   top: 0;
   opacity: 1;
   overflow: hidden;
-  border-radius: 0 0 .6rem .6rem;
-  padding: .6rem 1rem;
+  border-radius: 0 0 0.6rem 0.6rem;
+  padding: 0.6rem 1rem;
   margin: 0;
-  background-color: rgba(0,0,0,.05);
+  background-color: rgba(0, 0, 0, 0.05);
   transition: all 0.2s ease-in;
 }
 
@@ -26,13 +26,13 @@
 .signedInText,
 .notSignedInText {
   position: absolute;
-  padding-top: .8rem;
+  padding-top: 0.8rem;
   left: 1rem;
   right: 6.5rem;
   white-space: nowrap;
   text-overflow: ellipsis;
   overflow: hidden;
-  display: inherit;  
+  display: inherit;
   z-index: 1;
   line-height: 1.3rem;
 }
@@ -55,13 +55,13 @@
 .button,
 .buttonPrimary {
   float: right;
-  margin-right: -.4rem;
+  margin-right: -0.4rem;
   font-weight: 500;
-  border-radius: .3rem;
+  border-radius: 0.3rem;
   cursor: pointer;
   font-size: 1rem;
   line-height: 1.4rem;
-  padding: .7rem .8rem;
+  padding: 0.7rem 0.8rem;
   position: relative;
   z-index: 10;
   background-color: transparent;
@@ -73,11 +73,11 @@
   border-color: #346df1;
   color: #fff;
   text-decoration: none;
-  padding: .7rem 1.4rem;
+  padding: 0.7rem 1.4rem;
 }
 
 .buttonPrimary:hover {
-  box-shadow: inset 0 0 5rem rgba(0,0,0,0.2)
+  box-shadow: inset 0 0 5rem rgba(0, 0, 0, 0.2);
 }
 
 .navItems {
@@ -89,4 +89,4 @@
 .navItem {
   display: inline-block;
   margin-right: 1rem;
-}
+}

apps/dev/components/layout.js

@@ -1,13 +1,11 @@
-import Header from 'components/header'
-import Footer from 'components/footer'
+import Header from "components/header"
+import Footer from "components/footer"
 
-export default function Layout ({ children }) {
+export default function Layout({ children }) {
   return (
     <>
       <Header />
-      <main>
-        {children}
-      </main>
+      <main>{children}</main>
       <Footer />
     </>
   )

apps/dev/package.json

@@ -6,7 +6,6 @@
   "scripts": {
     "clean": "rm -rf .next",
     "dev": "next dev",
-    "lint": "next lint",
     "build": "next build",
     "start": "next start",
     "email": "fake-smtp-server",
@@ -23,6 +22,7 @@
     "faunadb": "^4",
     "next": "13.0.6",
     "next-auth": "workspace:*",
+    "@auth/core": "workspace:*",
     "nodemailer": "^6",
     "react": "^18",
     "react-dom": "^18"

apps/dev/pages/api-example.js

@@ -1,17 +1,19 @@
-import Layout from '../components/layout'
+import Layout from "../components/layout"
 
-export default function Page () {
+export default function Page() {
   return (
     <Layout>
       <h1>API Example</h1>
       <p>The examples below show responses from the example API endpoints.</p>
-      <p><em>You must be signed in to see responses.</em></p>
+      <p>
+        <em>You must be signed in to see responses.</em>
+      </p>
       <h2>Session</h2>
       <p>/api/examples/session</p>
-      <iframe src='/api/examples/session' />
+      <iframe src="/api/examples/session" />
       <h2>JSON Web Token</h2>
       <p>/api/examples/jwt</p>
-      <iframe src='/api/examples/jwt' />
+      <iframe src="/api/examples/jwt" />
     </Layout>
   )
 }

apps/dev/pages/api/auth/[...nextauth].ts

@@ -1,39 +1,39 @@
-import NextAuth, { type NextAuthOptions } from "next-auth"
+import { Auth, type AuthConfig } from "@auth/core"
 
 // Providers
-import Apple from "next-auth/providers/apple"
-import Auth0 from "next-auth/providers/auth0"
-import AzureAD from "next-auth/providers/azure-ad"
-import AzureB2C from "next-auth/providers/azure-ad-b2c"
-import BoxyHQSAML from "next-auth/providers/boxyhq-saml"
-import Cognito from "next-auth/providers/cognito"
-import Credentials from "next-auth/providers/credentials"
-import Discord from "next-auth/providers/discord"
-import DuendeIDS6 from "next-auth/providers/duende-identity-server6"
-import Email from "next-auth/providers/email"
-import Facebook from "next-auth/providers/facebook"
-import Foursquare from "next-auth/providers/foursquare"
-import Freshbooks from "next-auth/providers/freshbooks"
-import GitHub from "next-auth/providers/github"
-import Gitlab from "next-auth/providers/gitlab"
-import Google from "next-auth/providers/google"
-import IDS4 from "next-auth/providers/identity-server4"
-import Instagram from "next-auth/providers/instagram"
-import Keycloak from "next-auth/providers/keycloak"
-import Line from "next-auth/providers/line"
-import LinkedIn from "next-auth/providers/linkedin"
-import Mailchimp from "next-auth/providers/mailchimp"
-import Okta from "next-auth/providers/okta"
-import Osu from "next-auth/providers/osu"
-import Patreon from "next-auth/providers/patreon"
-import Slack from "next-auth/providers/slack"
-import Spotify from "next-auth/providers/spotify"
-import Trakt from "next-auth/providers/trakt"
-import Twitch from "next-auth/providers/twitch"
-import Twitter, { TwitterLegacy } from "next-auth/providers/twitter"
-import Vk from "next-auth/providers/vk"
-import Wikimedia from "next-auth/providers/wikimedia"
-import WorkOS from "next-auth/providers/workos"
+import Apple from "@auth/core/providers/apple"
+import Auth0 from "@auth/core/providers/auth0"
+import AzureAD from "@auth/core/providers/azure-ad"
+import AzureB2C from "@auth/core/providers/azure-ad-b2c"
+import BoxyHQSAML from "@auth/core/providers/boxyhq-saml"
+// import Cognito from "@auth/core/providers/cognito"
+import Credentials from "@auth/core/providers/credentials"
+import Discord from "@auth/core/providers/discord"
+import DuendeIDS6 from "@auth/core/providers/duende-identity-server6"
+// import Email from "@auth/core/providers/email"
+import Facebook from "@auth/core/providers/facebook"
+import Foursquare from "@auth/core/providers/foursquare"
+import Freshbooks from "@auth/core/providers/freshbooks"
+import GitHub from "@auth/core/providers/github"
+import Gitlab from "@auth/core/providers/gitlab"
+import Google from "@auth/core/providers/google"
+// import IDS4 from "@auth/core/providers/identity-server4"
+import Instagram from "@auth/core/providers/instagram"
+// import Keycloak from "@auth/core/providers/keycloak"
+import Line from "@auth/core/providers/line"
+import LinkedIn from "@auth/core/providers/linkedin"
+import Mailchimp from "@auth/core/providers/mailchimp"
+// import Okta from "@auth/core/providers/okta"
+import Osu from "@auth/core/providers/osu"
+import Patreon from "@auth/core/providers/patreon"
+import Slack from "@auth/core/providers/slack"
+import Spotify from "@auth/core/providers/spotify"
+import Trakt from "@auth/core/providers/trakt"
+import Twitch from "@auth/core/providers/twitch"
+import Twitter from "@auth/core/providers/twitter"
+import Vk from "@auth/core/providers/vk"
+import Wikimedia from "@auth/core/providers/wikimedia"
+import WorkOS from "@auth/core/providers/workos"
 
 // // Prisma
 // import { PrismaClient } from "@prisma/client"
@@ -66,9 +66,9 @@ import WorkOS from "next-auth/providers/workos"
 //   secret: process.env.SUPABASE_SERVICE_ROLE_KEY,
 // })
 
-export const authOptions: NextAuthOptions = {
+export const authConfig: AuthConfig = {
   // adapter,
-  debug: process.env.NODE_ENV !== "production",
+  // debug: process.env.NODE_ENV !== "production",
   theme: {
     logo: "https://next-auth.js.org/img/logo/logo-sm.png",
     brandColor: "#1786fb",
@@ -78,15 +78,19 @@ export const authOptions: NextAuthOptions = {
       credentials: { password: { label: "Password", type: "password" } },
       async authorize(credentials) {
         if (credentials.password !== "pw") return null
-        return { name: "Fill Murray", email: "bill@fillmurray.com", image: "https://www.fillmurray.com/64/64" }
+        return { name: "Fill Murray", email: "bill@fillmurray.com", image: "https://www.fillmurray.com/64/64", id: "1", foo: "" }
       },
     }),
     Apple({ clientId: process.env.APPLE_ID, clientSecret: process.env.APPLE_SECRET }),
     Auth0({ clientId: process.env.AUTH0_ID, clientSecret: process.env.AUTH0_SECRET, issuer: process.env.AUTH0_ISSUER }),
-    AzureAD({ clientId: process.env.AZURE_AD_CLIENT_ID, clientSecret: process.env.AZURE_AD_CLIENT_SECRET, tenantId: process.env.AZURE_AD_TENANT_ID }),
+    AzureAD({
+      clientId: process.env.AZURE_AD_CLIENT_ID,
+      clientSecret: process.env.AZURE_AD_CLIENT_SECRET,
+      tenantId: process.env.AZURE_AD_TENANT_ID,
+    }),
     AzureB2C({ clientId: process.env.AZURE_B2C_ID, clientSecret: process.env.AZURE_B2C_SECRET, issuer: process.env.AZURE_B2C_ISSUER }),
     BoxyHQSAML({ issuer: "https://jackson-demo.boxyhq.com", clientId: "tenant=boxyhq.com&product=saml-demo.boxyhq.com", clientSecret: "dummy" }),
-    Cognito({ clientId: process.env.COGNITO_ID, clientSecret: process.env.COGNITO_SECRET, issuer: process.env.COGNITO_ISSUER }),
+    // Cognito({ clientId: process.env.COGNITO_ID, clientSecret: process.env.COGNITO_SECRET, issuer: process.env.COGNITO_ISSUER }),
     Discord({ clientId: process.env.DISCORD_ID, clientSecret: process.env.DISCORD_SECRET }),
     DuendeIDS6({ clientId: "interactive.confidential", clientSecret: "secret", issuer: "https://demo.duendesoftware.com" }),
     Facebook({ clientId: process.env.FACEBOOK_ID, clientSecret: process.env.FACEBOOK_SECRET }),
@@ -95,33 +99,53 @@ export const authOptions: NextAuthOptions = {
     GitHub({ clientId: process.env.GITHUB_ID, clientSecret: process.env.GITHUB_SECRET }),
     Gitlab({ clientId: process.env.GITLAB_ID, clientSecret: process.env.GITLAB_SECRET }),
     Google({ clientId: process.env.GOOGLE_ID, clientSecret: process.env.GOOGLE_SECRET }),
-    IDS4({ clientId: process.env.IDS4_ID, clientSecret: process.env.IDS4_SECRET, issuer: process.env.IDS4_ISSUER }),
+    // IDS4({ clientId: process.env.IDS4_ID, clientSecret: process.env.IDS4_SECRET, issuer: process.env.IDS4_ISSUER }),
     Instagram({ clientId: process.env.INSTAGRAM_ID, clientSecret: process.env.INSTAGRAM_SECRET }),
-    Keycloak({ clientId: process.env.KEYCLOAK_ID, clientSecret: process.env.KEYCLOAK_SECRET, issuer: process.env.KEYCLOAK_ISSUER }),
+    // Keycloak({ clientId: process.env.KEYCLOAK_ID, clientSecret: process.env.KEYCLOAK_SECRET, issuer: process.env.KEYCLOAK_ISSUER }),
     Line({ clientId: process.env.LINE_ID, clientSecret: process.env.LINE_SECRET }),
     LinkedIn({ clientId: process.env.LINKEDIN_ID, clientSecret: process.env.LINKEDIN_SECRET }),
     Mailchimp({ clientId: process.env.MAILCHIMP_ID, clientSecret: process.env.MAILCHIMP_SECRET }),
-    Okta({ clientId: process.env.OKTA_ID, clientSecret: process.env.OKTA_SECRET, issuer: process.env.OKTA_ISSUER }),
+    // Okta({ clientId: process.env.OKTA_ID, clientSecret: process.env.OKTA_SECRET, issuer: process.env.OKTA_ISSUER }),
     Osu({ clientId: process.env.OSU_CLIENT_ID, clientSecret: process.env.OSU_CLIENT_SECRET }),
     Patreon({ clientId: process.env.PATREON_ID, clientSecret: process.env.PATREON_SECRET }),
     Slack({ clientId: process.env.SLACK_ID, clientSecret: process.env.SLACK_SECRET }),
     Spotify({ clientId: process.env.SPOTIFY_ID, clientSecret: process.env.SPOTIFY_SECRET }),
     Trakt({ clientId: process.env.TRAKT_ID, clientSecret: process.env.TRAKT_SECRET }),
     Twitch({ clientId: process.env.TWITCH_ID, clientSecret: process.env.TWITCH_SECRET }),
-    Twitter({ version: "2.0", clientId: process.env.TWITTER_ID, clientSecret: process.env.TWITTER_SECRET }),
-    TwitterLegacy({ clientId: process.env.TWITTER_LEGACY_ID, clientSecret: process.env.TWITTER_LEGACY_SECRET }),
+    Twitter({ clientId: process.env.TWITTER_ID, clientSecret: process.env.TWITTER_SECRET }),
+    // TwitterLegacy({ clientId: process.env.TWITTER_LEGACY_ID, clientSecret: process.env.TWITTER_LEGACY_SECRET }),
     Vk({ clientId: process.env.VK_ID, clientSecret: process.env.VK_SECRET }),
     Wikimedia({ clientId: process.env.WIKIMEDIA_ID, clientSecret: process.env.WIKIMEDIA_SECRET }),
     WorkOS({ clientId: process.env.WORKOS_ID, clientSecret: process.env.WORKOS_SECRET }),
   ],
+  // debug: process.env.NODE_ENV !== "production",
 }
 
-if (authOptions.adapter) {
-  authOptions.providers.unshift(
-    // NOTE: You can start a fake e-mail server with `pnpm email`
-    // and then go to `http://localhost:1080` in the browser
-    Email({ server: "smtp://127.0.0.1:1025?tls.rejectUnauthorized=false" })
-  )
+if (authConfig.adapter) {
+  // TODO:
+  // authOptions.providers.unshift(
+  //   // NOTE: You can start a fake e-mail server with `pnpm email`
+  //   // and then go to `http://localhost:1080` in the browser
+  //   Email({ server: "smtp://127.0.0.1:1025?tls.rejectUnauthorized=false" })
+  // )
 }
 
-export default NextAuth(authOptions)
+// TODO: move to next-auth/edge
+function AuthHandler(...args: any[]) {
+  const envSecret = process.env.AUTH_SECRET ?? process.env.NEXTAUTH_SECRET
+  const envTrustHost = !!(process.env.NEXTAUTH_URL ?? process.env.AUTH_TRUST_HOST ?? process.env.VERCEL ?? process.env.NODE_ENV !== "production")
+  if (args.length === 1) {
+    return async (req: Request) => {
+      args[0].secret ??= envSecret
+      args[0].trustHost ??= envTrustHost
+      return Auth(req, args[0])
+    }
+  }
+  args[1].secret ??= envSecret
+  args[1].trustHost ??= envTrustHost
+  return Auth(args[0], args[1])
+}
+
+export default AuthHandler(authConfig)
+
+export const config = { runtime: "experimental-edge" }

apps/dev/pages/client.js

@@ -1,21 +1,26 @@
-import Layout from '../components/layout'
+import Layout from "../components/layout"
 
-export default function Page () {
+export default function Page() {
   return (
     <Layout>
       <h1>Client Side Rendering</h1>
       <p>
-        This page uses the <strong>useSession()</strong> React Hook in the <strong>&lt;/Header&gt;</strong> component.
+        This page uses the <strong>useSession()</strong> React Hook in the{" "}
+        <strong>&lt;/Header&gt;</strong> component.
       </p>
       <p>
-        The <strong>useSession()</strong> React Hook easy to use and allows pages to render very quickly.
+        The <strong>useSession()</strong> React Hook easy to use and allows
+        pages to render very quickly.
       </p>
       <p>
-        The advantage of this approach is that session state is shared between pages by using the <strong>Provider</strong> in <strong>_app.js</strong> so
-        that navigation between pages using <strong>useSession()</strong> is very fast.
+        The advantage of this approach is that session state is shared between
+        pages by using the <strong>Provider</strong> in <strong>_app.js</strong>{" "}
+        so that navigation between pages using <strong>useSession()</strong> is
+        very fast.
       </p>
       <p>
-        The disadvantage of <strong>useSession()</strong> is that it requires client side JavaScript.
+        The disadvantage of <strong>useSession()</strong> is that it requires
+        client side JavaScript.
       </p>
     </Layout>
   )

apps/dev/pages/index.js

@@ -1,11 +1,12 @@
-import Layout from 'components/layout'
+import Layout from "components/layout"
 
-export default function Page () {
+export default function Page() {
   return (
     <Layout>
       <h1>NextAuth.js Example</h1>
       <p>
-        This is an example site to demonstrate how to use <a href='https://next-auth.js.org'>NextAuth.js</a> for authentication.
+        This is an example site to demonstrate how to use{" "}
+        <a href="https://authjs.dev">NextAuth.js</a> for authentication.
       </p>
     </Layout>
   )

apps/dev/pages/policy.js

@@ -1,29 +1,31 @@
-import Layout from '../components/layout'
+import Layout from "../components/layout"
 
-export default function Page () {
+export default function Page() {
   return (
     <Layout>
       <p>
-        This is an example site to demonstrate how to use <a href='https://next-auth.js.org'>NextAuth.js</a> for authentication.
+        This is an example site to demonstrate how to use{" "}
+        <a href="https://authjs.dev">Auth.js</a> for authentication.
       </p>
       <h2>Terms of Service</h2>
       <p>
-        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-        SOFTWARE.
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+        OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+        MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+        IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+        CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+        TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+        SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
       </p>
       <h2>Privacy Policy</h2>
       <p>
-        This site uses JSON Web Tokens and an in-memory database which resets every ~2 hours.
+        This site uses JSON Web Tokens and an in-memory database which resets
+        every ~2 hours.
       </p>
       <p>
-        Data provided to this site is exclusively used to support signing in
-        and is not passed to any third party services, other than via SMTP or OAuth for the
-        purposes of authentication.
+        Data provided to this site is exclusively used to support signing in and
+        is not passed to any third party services, other than via SMTP or OAuth
+        for the purposes of authentication.
       </p>
     </Layout>
   )

apps/dev/pages/server.js

@@ -1,6 +1,6 @@
 import { unstable_getServerSession } from "next-auth/next"
 import Layout from "../components/layout"
-import { authOptions } from './api/auth/[...nextauth]';
+import { authOptions } from "./api/auth/[...nextauth]"
 
 export default function Page() {
   // As this page uses Server Side Rendering, the `session` will be already

apps/dev/pages/styles.css

@@ -27,6 +27,6 @@ iframe {
   border: 1px solid #ccc;
   height: 10rem;
   width: 100%;
-  border-radius: .5rem;
+  border-radius: 0.5rem;
   filter: invert(1);
-}
+}

apps/dev/pages/supabase-client-rls.js

@@ -9,7 +9,6 @@ export default function Page() {
 
   useEffect(() => {
     if (session) {
-      console.log(session)
       // User is logged in, let's fetch their data.
       const { supabaseAccessToken } = session
       const supabase = createClient(

apps/dev/tsconfig.json

@@ -1,11 +1,7 @@
 {
   "compilerOptions": {
     "target": "esnext",
-    "lib": [
-      "dom",
-      "dom.iterable",
-      "esnext"
-    ],
+    "lib": ["dom", "dom.iterable", "esnext"],
     "allowJs": true,
     "skipLibCheck": true,
     "strict": false,
@@ -25,14 +21,6 @@
       }
     ]
   },
-  "include": [
-    "next-env.d.ts",
-    "**/*.ts",
-    "**/*.tsx",
-    ".next/types/**/*.ts"
-  ],
-  "exclude": [
-    "node_modules",
-    "jest.config.js"
-  ]
+  "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", ".next/types/**/*.ts"],
+  "exclude": ["node_modules", "jest.config.js"]
 }

apps/example-gatsby/README.md

@@ -1,110 +0,0 @@
-> The example repository is maintained from a [monorepo](https://github.com/nextauthjs/next-auth/tree/main/apps/example-gatsby). Pull Requests should be opened against [`nextauthjs/next-auth`](https://github.com/nextauthjs/next-auth).
-
-<p align="center">
-   <br/>
-   <a href="https://next-auth.js.org" target="_blank"><img width="150px" src="https://next-auth.js.org/img/logo/logo-sm.png" /></a>
-   <h3 align="center">NextAuth.js Example App</h3>
-   <p align="center">
-   Open Source. Full Stack. Own Your Data.
-   </p>
-   <p align="center" style="align: center;">
-      <a href="https://npm.im/next-auth">
-        <img alt="npm" src="https://img.shields.io/npm/v/next-auth?color=green&label=next-auth">
-      </a>
-      <a href="https://bundlephobia.com/result?p=next-auth-example">
-        <img src="https://img.shields.io/bundlephobia/minzip/next-auth?label=next-auth" alt="Bundle Size"/>
-      </a>
-      <a href="https://www.npmtrends.com/next-auth">
-        <img src="https://img.shields.io/npm/dm/next-auth?label=next-auth%20downloads" alt="Downloads" />
-      </a>
-   </p>
-</p>
-
-## Overview
-
-NextAuth.js is a complete open source authentication solution.
-
-This is an example application that shows how `next-auth` is applied to a basic Gatsby app. We are showing how to configure the backend both as a [Vercel Function](https://vercel.com/docs/concepts/functions/introduction) for deployment to Vercel, and also for [Gatsby Functions](https://www.gatsbyjs.com/docs/reference/functions) for other platforms.
-
-The deployed version can be found at [`next-auth-gatsby-example.vercel.app`](https://next-auth-gatsby-example.vercel.app)
-
-### About NextAuth.js
-
-NextAuth.js is an easy to implement, full-stack (client/server) open source authentication library originally designed for [Next.js](https://nextjs.org) and [Serverless](https://vercel.com), but this example shows how to use it in a Gatsby project. Our goal is to [support even more frameworks](https://github.com/nextauthjs/next-auth/issues/2294) in the future.
-
-Go to [next-auth.js.org](https://next-auth.js.org) for more information and documentation.
-
-> *NextAuth.js is not officially associated with Vercel or Next.js.*
-
-## Getting Started
-
-### 1. Clone the repository and install dependencies
-
-```
-git clone https://github.com/nextauthjs/next-auth-gatsby-example.git
-cd next-auth-gatsby-example
-npm install
-```
-
-### 2. Configure your local environment
-
-Copy the .env.local.example file in this directory to .env.local (which will be ignored by Git):
-
-```
-cp .env.local.example .env.local
-```
-
-Add details for one or more providers (e.g. Google, Twitter, GitHub, Email, etc).
-
-#### Database
-
-A database is needed to persist user accounts and to support email sign in. However, you can still use NextAuth.js for authentication without a database by using OAuth for authentication. If you do not specify a database, [JSON Web Tokens](https://jwt.io/introduction) will be enabled by default.
-
-You **can** skip configuring a database and come back to it later if you want.
-
-For more information about setting up a database, please check out the following links:
-
-* Docs: [next-auth.js.org/adapters/overview](https://next-auth.js.org/adapters/overview)
-
-### 3. Configure Authentication Providers
-
-1. Review and update options in `nextauth.config.js` as needed.
-
-2. When setting up OAuth, in the developer admin page for each of your OAuth services, you should configure the callback URL to use a callback path of `{server}/api/auth/callback/{provider}`.
-
-  e.g. For Google OAuth you would use: `http://localhost:3000/api/auth/callback/google`
-
-  A list of configured providers and their callback URLs is available from the endpoint `/api/auth/providers`. You can find more information at https://next-auth.js.org/configuration/providers/oauth
-
-3. You can also choose to specify an SMTP server for passwordless sign in via email.
-
-### 4. Start the application
-
-To run your site locally, use:
-
-```
-npm run dev
-```
-
-To run it in production mode, use:
-
-```
-npm run build
-npm run start
-```
-
-### 5. Preparing for Production
-
-Follow the [Deployment documentation](https://next-auth.js.org/deployment)
-
-## Acknowledgements
-
-<a href="https://vercel.com?utm_source=nextauthjs&utm_campaign=oss">
-<img width="170px" src="https://raw.githubusercontent.com/nextauthjs/next-auth/canary/www/static/img/powered-by-vercel.svg" alt="Powered By Vercel" />
-</a>
-<p align="left">Thanks to Vercel sponsoring this project by allowing it to be deployed for free for the entire NextAuth.js Team</p>
-
-## License
-
-ISC
-

apps/example-nextjs/README.md

@@ -9,16 +9,16 @@
    </p>
    <p align="center" style="align: center;">
       <a href="https://npm.im/next-auth">
-        <img alt="npm" src="https://img.shields.io/npm/v/next-auth?color=green&label=next-auth">
+        <img alt="npm" src="https://img.shields.io/npm/v/next-auth?color=green&label=next-auth&style=flat-square">
       </a>
       <a href="https://bundlephobia.com/result?p=next-auth-example">
-        <img src="https://img.shields.io/bundlephobia/minzip/next-auth?label=next-auth" alt="Bundle Size"/>
+        <img src="https://img.shields.io/bundlephobia/minzip/next-auth?label=size&style=flat-square" alt="Bundle Size"/>
       </a>
       <a href="https://www.npmtrends.com/next-auth">
-        <img src="https://img.shields.io/npm/dm/next-auth?label=next-auth%20downloads" alt="Downloads" />
+        <img src="https://img.shields.io/npm/dm/next-auth?label=downloads&style=flat-square" alt="Downloads" />
       </a>
       <a href="https://npm.im/next-auth">
-        <img src="https://img.shields.io/badge/npm-TypeScript-blue" alt="TypeScript" />
+        <img src="https://img.shields.io/badge/TypeScript-blue?style=flat-square" alt="TypeScript" />
       </a>
    </p>
 </p>
@@ -37,7 +37,7 @@ NextAuth.js is an easy to implement, full-stack (client/server) open source auth
 
 Go to [next-auth.js.org](https://next-auth.js.org) for more information and documentation.
 
-> *NextAuth.js is not officially associated with Vercel or Next.js.*
+> _NextAuth.js is not officially associated with Vercel or Next.js._
 
 ## Getting Started
 
@@ -67,7 +67,7 @@ You **can** skip configuring a database and come back to it later if you want.
 
 For more information about setting up a database, please check out the following links:
 
-* Docs: [next-auth.js.org/adapters/overview](https://next-auth.js.org/adapters/overview)
+- Docs: [next-auth.js.org/adapters/overview](https://next-auth.js.org/adapters/overview)
 
 ### 3. Configure Authentication Providers
 
@@ -75,9 +75,9 @@ For more information about setting up a database, please check out the following
 
 2. When setting up OAuth, in the developer admin page for each of your OAuth services, you should configure the callback URL to use a callback path of `{server}/api/auth/callback/{provider}`.
 
-  e.g. For Google OAuth you would use: `http://localhost:3000/api/auth/callback/google`
+e.g. For Google OAuth you would use: `http://localhost:3000/api/auth/callback/google`
 
-  A list of configured providers and their callback URLs is available from the endpoint `/api/auth/providers`. You can find more information at https://next-auth.js.org/configuration/providers/oauth
+A list of configured providers and their callback URLs is available from the endpoint `/api/auth/providers`. You can find more information at https://next-auth.js.org/configuration/providers/oauth
 
 3. You can also choose to specify an SMTP server for passwordless sign in via email.
 
@@ -110,4 +110,3 @@ Follow the [Deployment documentation](https://next-auth.js.org/deployment)
 ## License
 
 ISC
-

apps/example-nextjs/pages/protected.tsx

@@ -18,7 +18,6 @@ export default function ProtectedPage() {
     }
     fetchData()
   }, [session])
- 
 
   // If no session exists, display access denied message
   if (!session) {

apps/example-nextjs/tsconfig.json

@@ -1,11 +1,7 @@
 {
   "compilerOptions": {
     "target": "es5",
-    "lib": [
-      "dom",
-      "dom.iterable",
-      "esnext"
-    ],
+    "lib": ["dom", "dom.iterable", "esnext"],
     "allowJs": true,
     "skipLibCheck": true,
     "strict": true,
@@ -19,6 +15,12 @@
     "jsx": "preserve",
     "incremental": true
   },
-  "include": ["process.d.ts", "next-env.d.ts", "next-auth.d.ts", "**/*.ts", "**/*.tsx"],
+  "include": [
+    "process.d.ts",
+    "next-env.d.ts",
+    "next-auth.d.ts",
+    "**/*.ts",
+    "**/*.tsx"
+  ],
   "exclude": ["node_modules"]
-}
+}

apps/example-sveltekit/.env.example

@@ -0,0 +1,5 @@
+GITHUB_ID=
+GITHUB_SECRET=
+# On UNIX systems you can use `openssl rand -hex 32` or 
+# https://generate-secret.vercel.app/32 to generate a secret.
+AUTH_SECRET=

apps/example-sveltekit/.eslintignore

@@ -0,0 +1,13 @@
+.DS_Store
+node_modules
+/build
+/.svelte-kit
+/package
+.env
+.env.*
+!.env.example
+
+# Ignore files for PNPM, NPM and YARN
+pnpm-lock.yaml
+package-lock.json
+yarn.lock

apps/example-sveltekit/.eslintrc.cjs

@@ -0,0 +1,20 @@
+module.exports = {
+	root: true,
+	parser: '@typescript-eslint/parser',
+	extends: ['eslint:recommended', 'plugin:@typescript-eslint/recommended', 'prettier'],
+	plugins: ['svelte3', '@typescript-eslint'],
+	ignorePatterns: ['*.cjs'],
+	overrides: [{ files: ['*.svelte'], processor: 'svelte3/svelte3' }],
+	settings: {
+		'svelte3/typescript': () => require('typescript')
+	},
+	parserOptions: {
+		sourceType: 'module',
+		ecmaVersion: 2020
+	},
+	env: {
+		browser: true,
+		es2017: true,
+		node: true
+	}
+};

apps/example-sveltekit/.gitignore

@@ -6,3 +6,7 @@ node_modules
 .env
 .env.*
 !.env.example
+.vercel
+.output
+vite.config.js.timestamp-*
+vite.config.ts.timestamp-*

apps/example-sveltekit/.prettierignore

@@ -0,0 +1,13 @@
+.DS_Store
+node_modules
+/build
+/.svelte-kit
+/package
+.env
+.env.*
+!.env.example
+
+# Ignore files for PNPM, NPM and YARN
+pnpm-lock.yaml
+package-lock.json
+yarn.lock

apps/example-sveltekit/.prettierrc

@@ -0,0 +1,6 @@
+{
+  "semi": false,
+  "plugins": ["prettier-plugin-svelte"],
+  "pluginSearchDirs": ["."],
+  "overrides": [{ "files": "*.svelte", "options": { "parser": "svelte" } }]
+}

apps/example-sveltekit/README.md

@@ -0,0 +1,28 @@
+> The example repository is maintained from a [monorepo](https://github.com/nextauthjs/next-auth/tree/main/apps/example-sveltekit). Pull Requests should be opened against [`nextauthjs/next-auth`](https://github.com/nextauthjs/next-auth).
+
+<p align="center">
+   <br/>
+   <a href="https://authjs.dev" target="_blank"><img width="150px" src="https://authjs.dev/img/logo/logo-sm.png" /></a>
+   <h3 align="center">Auth.js Example App with <a href="https://kit.svelte.dev">SvelteKit</a></h3>
+   <p align="center">
+   Open Source. Full Stack. Own Your Data.
+   </p>
+   <p align="center" style="align: center;">
+      <a href="https://npm.im/@auth/sveltekit">
+        <img alt="npm" src="https://img.shields.io/npm/v/@auth/sveltekit?color=green&label=@auth/sveltekit&style=flat-square">
+      </a>
+      <a href="https://bundlephobia.com/result?p=sveltekit-auth-example">
+        <img src="https://img.shields.io/bundlephobia/minzip/@auth/sveltekit?label=size&style=flat-square" alt="Bundle Size"/>
+      </a>
+      <a href="https://www.npmtrends.com/@auth/sveltekit">
+        <img src="https://img.shields.io/npm/dm/@auth/sveltekit?label=%20downloads&style=flat-square" alt="Downloads" />
+      </a>
+      <a href="https://npm.im/next-auth">
+        <img src="https://img.shields.io/badge/TypeScript-blue?style=flat-square" alt="TypeScript" />
+      </a>
+   </p>
+</p>
+
+# Documentation
+
+- [sveltekit.authjs.dev](https://sveltekit.authjs.dev)

apps/example-sveltekit/package.json

@@ -0,0 +1,22 @@
+{
+  "scripts": {
+    "dev": "vite dev",
+    "build": "vite build",
+    "preview": "vite preview",
+    "check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
+    "check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch"
+  },
+  "devDependencies": {
+    "@sveltejs/adapter-auto": "next",
+    "@sveltejs/kit": "next",
+    "svelte": "3.55.0",
+    "svelte-check": "2.10.2",
+    "typescript": "4.9.4",
+    "vite": "4.0.1"
+  },
+  "dependencies": {
+    "@auth/core": "latest",
+    "@auth/sveltekit": "latest"
+  },
+  "type": "module"
+}

apps/example-sveltekit/src/app.d.ts

@@ -0,0 +1 @@
+/// <reference types="@auth/sveltekit" />

apps/example-sveltekit/src/app.html

@@ -2,10 +2,11 @@
 <html lang="en">
   <head>
     <meta charset="utf-8" />
-    <link rel="icon" href="%sveltekit.assets%/favicon.png" />
+    <link rel="icon" href="%sveltekit.assets%/favicon.ico" />
     <meta name="viewport" content="width=device-width" />
     %sveltekit.head%
   </head>
+
   <body>
     <div>%sveltekit.body%</div>
   </body>

apps/example-sveltekit/src/hooks.server.ts

@@ -0,0 +1,7 @@
+import SvelteKitAuth from "@auth/sveltekit"
+import GitHub from "@auth/core/providers/github"
+import { GITHUB_ID, GITHUB_SECRET } from "$env/static/private"
+
+export const handle = SvelteKitAuth({
+  providers: [GitHub({ clientId: GITHUB_ID, clientSecret: GITHUB_SECRET })],
+})

apps/example-sveltekit/src/lib/SignInButton.svelte

@@ -0,0 +1,12 @@
+<script lang="ts">
+  export let provider: any
+</script>
+
+<form action={provider.signinUrl} method="POST">
+  {#if provider.callbackUrl}
+    <input type="hidden" name="callbackUrl" value={provider.callbackUrl} />
+  {/if}
+  <button type="submit" class="button">
+    <slot>Sign in with {provider.name}</slot>
+  </button>
+</form>

apps/example-sveltekit/src/routes/+layout.server.ts

@@ -0,0 +1,7 @@
+import type { LayoutServerLoad } from "./$types"
+
+export const load: LayoutServerLoad = async (event) => {
+  return {
+    session: await event.locals.getSession(),
+  }
+}

apps/example-sveltekit/src/routes/+layout.svelte

@@ -6,8 +6,8 @@
   <header>
     <div class="signedInStatus">
       <p class="nojs-show loaded">
-        {#if Object.keys($page.data.session || {}).length}
-          {#if $page.data.session.user.image}
+        {#if $page.data.session}
+          {#if $page.data.session.user?.image}
             <span
               style="background-image: url('{$page.data.session.user.image}')"
               class="avatar"
@@ -16,14 +16,14 @@
           <span class="signedInText">
             <small>Signed in as</small><br />
             <strong
-              >{$page.data.session.user.email ||
-                $page.data.session.user.name}</strong
+              >{$page.data.session.user?.email ??
+                $page.data.session.user?.name}</strong
             >
           </span>
-          <a href="/api/auth/signout" class="button">Sign out</a>
+          <a href="/auth/signout" class="button">Sign out</a>
         {:else}
           <span class="notSignedInText">You are not signed in</span>
-          <a href="/api/auth/signin" class="buttonPrimary">Sign in</a>
+          <a href="/auth/signin" class="buttonPrimary">Sign in</a>
         {/if}
       </p>
     </div>

apps/example-sveltekit/src/routes/+page.svelte

@@ -0,0 +1,7 @@
+<h1>SvelteKit Auth Example</h1>
+<p>
+  This is an example site to demonstrate how to use <a
+    href="https://kit.svelte.dev/">SvelteKit</a
+  >
+  with <a href="https://sveltekit.authjs.dev">SvelteKit Auth</a> for authentication.
+</p>

apps/example-sveltekit/src/routes/protected/+page.svelte

@@ -7,4 +7,4 @@
   This is a protected content. You can access this content because you are
   signed in.
 </p>
-<p>Session expiry: {$page.data.session.expires}</p>
+<p>Session expiry: {$page.data.session?.expires}</p>

apps/example-sveltekit/svelte.config.js

@@ -0,0 +1,15 @@
+import adapter from '@sveltejs/adapter-auto';
+import { vitePreprocess } from '@sveltejs/kit/vite';
+
+/** @type {import('@sveltejs/kit').Config} */
+const config = {
+	// Consult https://kit.svelte.dev/docs/integrations#preprocessors
+	// for more information about preprocessors
+	preprocess: vitePreprocess(),
+
+	kit: {
+		adapter: adapter()
+	}
+};
+
+export default config;

apps/example-sveltekit/tsconfig.json

@@ -0,0 +1,17 @@
+{
+	"extends": "./.svelte-kit/tsconfig.json",
+	"compilerOptions": {
+		"allowJs": true,
+		"checkJs": true,
+		"esModuleInterop": true,
+		"forceConsistentCasingInFileNames": true,
+		"resolveJsonModule": true,
+		"skipLibCheck": true,
+		"sourceMap": true,
+		"strict": true
+	}
+	// Path aliases are handled by https://kit.svelte.dev/docs/configuration#alias
+	//
+	// If you want to overwrite includes/excludes, make sure to copy over the relevant includes/excludes
+	// from the referenced tsconfig.json - TypeScript does not merge them in
+}

apps/example-sveltekit/vite.config.js

@@ -1,7 +1,7 @@
 import { sveltekit } from "@sveltejs/kit/vite"
-import type { UserConfig } from "vite"
 
-const config: UserConfig = {
+/** @type {import('vite').UserConfig} */
+const config = {
   plugins: [sveltekit()],
 }
 

apps/playground-gatsby/README.md

@@ -0,0 +1,109 @@
+> The example repository is maintained from a [monorepo](https://github.com/nextauthjs/next-auth/tree/main/apps/playground-gatsby). Pull Requests should be opened against [`nextauthjs/next-auth`](https://github.com/nextauthjs/next-auth).
+
+<p align="center">
+   <br/>
+   <a href="https://authjs.dev" target="_blank"><img width="150px" src="https://authjs.dev/img/logo/logo-sm.png" /></a>
+   <h3 align="center">Auth.js Example App</h3>
+   <p align="center">
+   Open Source. Full Stack. Own Your Data.
+   </p>
+   <p align="center" style="align: center;">
+      <a href="https://npm.im/next-auth">
+        <img alt="npm" src="https://img.shields.io/npm/v/@auth/core?color=green&label=@auth/core&style=flat-square">
+      </a>
+      <a href="https://bundlephobia.com/result?p=@auth/core">
+        <img src="https://img.shields.io/bundlephobia/minzip/@auth/core?label=bundle&style=flat-square" alt="Bundle Size"/>
+      </a>
+      <a href="https://www.npmtrends.com/@auth/core">
+        <img src="https://img.shields.io/npm/dm/@auth/core?label=downloads&style=flat-square" alt="Downloads" />
+      </a>
+   </p>
+</p>
+
+## Overview
+
+Auth.js is a complete open source authentication solution.
+
+This is an example application that shows how `@auth/core` is applied to a basic Gatsby app. We are showing how to configure the backend both as a [Vercel Function](https://vercel.com/docs/concepts/functions/introduction) for deployment to Vercel, and also for [Gatsby Functions](https://www.gatsbyjs.com/docs/reference/functions) for other platforms.
+
+The deployed version can be found at [`next-auth-gatsby-example.vercel.app`](https://next-auth-gatsby-example.vercel.app)
+
+### About Auth.js
+
+Auth.js is an easy to implement, full-stack (client/server) open source authentication library originally designed for [Next.js](https://nextjs.org) and [Serverless](https://vercel.com), but this example shows how to use it in a Gatsby project. Our goal is to [support even more frameworks](https://github.com/nextauthjs/next-auth/issues/2294) in the future.
+
+Go to [authjs.dev](https://authjs.dev) for more information and documentation.
+
+> Auth.js is not officially associated with Vercel or Next.js.\_
+
+## Getting Started
+
+### 1. Clone the repository and install dependencies
+
+```
+git clone https://github.com/nextauthjs/next-auth-gatsby-example.git
+cd next-auth-gatsby-example
+npm install
+```
+
+### 2. Configure your local environment
+
+Copy the .env.local.example file in this directory to .env.local (which will be ignored by Git):
+
+```
+cp .env.local.example .env.local
+```
+
+Add details for one or more providers (e.g. Google, Twitter, GitHub, Email, etc).
+
+#### Database
+
+A database is needed to persist user accounts and to support email sign in. However, you can still use Auth.js for authentication without a database by using OAuth for authentication. If you do not specify a database, [JSON Web Tokens](https://jwt.io/introduction) will be enabled by default.
+
+You **can** skip configuring a database and come back to it later if you want.
+
+For more information about setting up a database, please check out the following links:
+
+- Docs: [authjs.dev/reference/adapters/overview](https://authjs.dev/reference/adapters/overview)
+
+### 3. Configure Authentication Providers
+
+1. Review and update options in `nextauth.config.js` as needed.
+
+2. When setting up OAuth, in the developer admin page for each of your OAuth services, you should configure the callback URL to use a callback path of `{server}/api/auth/callback/{provider}`.
+
+e.g. For Google OAuth you would use: `http://localhost:3000/api/auth/callback/google`
+
+A list of configured providers and their callback URLs is available from the endpoint `/api/auth/providers`. You can find more information at [authjs.dev/reference/providers/oauth-builtin](https://authjs.dev/reference/providers/oauth-builtin).
+
+3. You can also choose to specify an SMTP server for passwordless sign in via email.
+
+### 4. Start the application
+
+To run your site locally, use:
+
+```
+npm run dev
+```
+
+To run it in production mode, use:
+
+```
+npm run build
+npm run start
+```
+
+### 5. Preparing for Production
+
+Follow the [Deployment documentation](https://authjs.dev/guides/basics/deployment)
+
+## Acknowledgements
+
+<a href="https://vercel.com?utm_source=authjs&utm_campaign=oss">
+<img width="170px" src="https://powered-by-vercel.api.soraharu.com/powered-by-vercel.svg" alt="Powered By Vercel" />
+</a>
+<p align="left">Thanks to Vercel sponsoring this project by allowing it to be deployed for free for the entire Auth.js Team</p>
+
+## License
+
+ISC

apps/playground-gatsby/api/auth/[nextauth].js

@@ -1,5 +1,5 @@
 // Gatsby Functions are not yet supported on Vercel, so you'll need to use the root `api` folder.
-import NextAuth from "next-auth/next"
+import NextAuth from "next-auth"
 import { authConfig } from "../../nextauth.config"
 
 export default async function handler(req, res) {

apps/playground-gatsby/src/api/[...nextauth].js

@@ -1,6 +1,6 @@
 // If your deployment environment supports Gatsby Functions, you won't need the root `api` folder, only this.
 
-import NextAuth from "next-auth/next"
+import NextAuth from "next-auth"
 import { authConfig } from "../../nextauth.config"
 
 export default async function handler(req, res) {

apps/playground-gatsby/src/pages/index.js

@@ -11,8 +11,7 @@ export default function Home() {
       <h1>NextAuth.js Example</h1>
       <p>
         An example site to demonstrate how to use{" "}
-        <a href="https://next-auth.js.org">NextAuth.js</a> for authentication in
-        Gatsby.
+        <a href="https://authjs.dev">Auth.js</a> for authentication in Gatsby.
       </p>
       {
         {

apps/playground-nuxt/.editorconfig

@@ -1,12 +0,0 @@
-root = true
-
-[*]
-indent_size = 2
-indent_style = space
-end_of_line = lf
-charset = utf-8
-trim_trailing_whitespace = true
-insert_final_newline = true
-
-[*.md]
-trim_trailing_whitespace = false

apps/playground-nuxt/.eslintignore

@@ -1,4 +0,0 @@
-dist
-node_modules
-tsconfig.json
-package.json

apps/playground-nuxt/.eslintrc

@@ -1,10 +0,0 @@
-{
-  "extends": [
-    "@nuxtjs/eslint-config-typescript"
-  ],
-  "rules": {
-    "@typescript-eslint/no-unused-vars": [
-      "off"
-    ]
-  }
-}

apps/playground-nuxt/.eslintrc.cjs

@@ -0,0 +1,7 @@
+module.exports = {
+  root: true,
+  extends: ["@nuxt/eslint-config"],
+  rules: {
+    "vue/multi-word-component-names": "off",
+  },
+}

apps/playground-nuxt/.gitignore

@@ -1,52 +1,4 @@
-# Dependencies
 node_modules
-
-# Logs
-*.log*
-
-# Temp directories
-.temp
-.tmp
-.cache
-
-# Yarn
-**/.yarn/cache
-**/.yarn/*state*
-
-# Generated dirs
-dist
-
-# Nuxt
 .nuxt
-.output
-.vercel_build_output
-.build-*
-.env
-.netlify
-
-# Env
-.env
-
-# Testing
-reports
-coverage
-*.lcov
-.nyc_output
-
-# VSCode
-.vscode
-
-# Intellij idea
-*.iml
-.idea
-
-# OSX
-.DS_Store
-.AppleDouble
-.LSOverride
-.AppleDB
-.AppleDesktop
-Network Trash Folder
-Temporary Items
-.apdisk
-.vercel
+dist
+output

apps/playground-nuxt/.nuxtrc

@@ -1 +0,0 @@
-imports.autoImport=false

apps/playground-nuxt/README.md

@@ -1,21 +1,13 @@
-# NextAuth + Nuxt 3 Playground
+> The example repository is maintained from a [monorepo](https://github.com/nextauthjs/next-auth/tree/main/apps/playground-nuxt). Pull Requests should be opened against [`nextauthjs/next-auth`](https://github.com/nextauthjs/next-auth).
 
-NextAuth.js is committed to bringing easy authentication to other frameworks. [#2294](https://github.com/nextauthjs/next-auth/issues/2294)
-
-Nuxt 3 support with NextAuth.js is currently experimental. This directory contains a minimal, proof-of-concept application. Parts of this is expected to be abstracted away into a package like` @next-auth/nuxt.`
-
-This package uses Nuxt's [module starter](https://github.com/nuxt/starter/tree/module).
-
-Demo: https://next-auth-nuxt-demo.vercel.app
+Nuxt 3 support with Auth.js is currently experimental. This directory contains a minimal, proof-of-concept application. Parts of this is expected to be abstracted away into a package like `@auth/nuxt`.
 
 ## Getting Started
 
-### Add the module to the modules section of `nuxt.config.ts`:
+1. Setup your environment variables in `nuxt.config.ts`:
 
 ```ts
 export default defineNuxtConfig({
-  // temporary module name.
-  modules: ['next-auth-nuxt'],
   // https://v3.nuxtjs.org/migration/runtime-config#runtime-config
   runtimeConfig: {
     secret: process.env.NEXTAUTH_SECRET
@@ -23,86 +15,36 @@ export default defineNuxtConfig({
       clientId: process.env.GITHUB_CLIENT_ID,
       clientSecret: process.env.GITHUB_CLIENT_SECRET
     }
-  },
-  // https://v3.nuxtjs.org/guide/concepts/esm#aliasing-libraries
-  // Fix for GithubProvider (or whichever provider you choose) is not a function error in Vite
-  alias: {
-    'next-auth/providers/github': 'node_modules/next-auth/providers/github.js'
   }
 })
 ```
 
-### Add API route
+2. Set up Auth.js options
 
-To add `NextAuth.js` to a project create a file called `[...].ts` in `server/api/auth`. This contains the dynamic route handler for NextAuth.js which will also contain all of your global NextAuth.js configurations.
+Go to the API handler file (`server/api/auth/[...].ts`) and setup your providers. This file contains the dynamic route handler for Auth.js which will also contain all of your global Auth.js configurations.
+
+Here's an example of what it looks like:
 
 ```ts
-// ~/server/api/auth/[...].ts
-import { NextAuthNuxtHandler } from 'next-auth-nuxt/handler'
-import GithubProvider from 'next-auth/providers/github'
+// server/api/auth/[...].ts
+
+import { NuxtAuthHandler } from "@/lib/auth/server"
+import GithubProvider from "@auth/core/providers/github"
+import type { AuthOptions } from "@auth/core"
 
 const runtimeConfig = useRuntimeConfig()
 
-export const authOptions = {
+export const authOptions: AuthOptions = {
   secret: runtimeConfig.secret,
   providers: [
     GithubProvider({
       clientId: runtimeConfig.github.clientId,
-      clientSecret: runtimeConfig.github.clientSecret
+      clientSecret: runtimeConfig.github.clientSecret,
     }),
   ],
 }
 
-export default NextAuthNuxtHandler(authOptions)
+export default NuxtAuthHandler(authOptions)
 ```
 
-All requests to `/api/auth/*` (`signIn`, `callback`, `signOut`, etc.) will automatically be handled by NextAuth.js.
-
-### Frontend - Add Vue Composable
-
-The `useSession()` Vue Composable is the easiest way to check if someone is signed in.
-
-```html
-<script setup lang="ts">
-const { data: session } = useSession()
-</script>
-
-<template>
-  <div v-if="session">
-    Signed in as {{ session.user.email }} <br />
-    <button @click="signOut">Sign out</button>
-  </div>
-  <div v-else>
-    Not signed in <br />
-    <button @click="signIn">Sign in</button>
-  </div>
-</template>
-```
-
-### Backend - API Route
-
-To protect an API Route, you can use the `getServerSession()` method.
-
-```ts
-import { getServerSession } from 'next-auth-nuxt/handler'
-import { authOptions } from '~/server/api/auth/[...]'
-
-export default defineEventHandler(async (event) => {
-  const session = await getServerSession(event, authOptions)
-
-  if (session) {
-    return {
-      content: 'This is protected content. You can access this content because you are signed in.'
-    }
-  }
-
-  return {
-    error: 'You must be signed in to view the protected content on this page.'
-  }
-})
-```
-
-## Development
-
-- Run `pnpm dev:generate` to generate type stubs.
-- Use `pnpm dev` to start `playground` in development mode.
+All requests to `/api/auth/*` (`signIn`, `callback`, `signOut`, etc.) will automatically be handled by Auth.js.

apps/playground-nuxt/app.vue

@@ -0,0 +1,32 @@
+<template>
+  <div>
+    <Header />
+    <NuxtPage />
+  </div>
+</template>
+
+<style>
+body {
+  font-family: -apple-system, Segoe UI, Roboto, Ubuntu, Cantarell, Noto Sans,
+    sans-serif, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif,
+    "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol";
+  padding: 0 1rem 1rem 1rem;
+  max-width: 680px;
+  margin: 0 auto;
+  background: #fff;
+  color: #333;
+}
+
+li,
+p {
+  line-height: 1.5rem;
+}
+
+a {
+  font-weight: 500;
+}
+
+hr {
+  border: 1px solid #ddd;
+}
+</style>

apps/playground-nuxt/client.d.ts

@@ -1 +0,0 @@
-export * from './dist/runtime/client'

apps/playground-nuxt/components/Header.vue

@@ -0,0 +1,146 @@
+<script setup lang="ts">
+import { signIn, signOut } from "@/lib/auth/client"
+
+const session = useSession()
+</script>
+
+<template>
+  <header>
+    <div class="signedInStatus">
+      <p :class="['nojs-show', 'loaded']">
+        <template v-if="session">
+          <span
+            v-if="session.user?.image"
+            :style="{ backgroundImage: `url(${session.user.image})` }"
+            class="avatar"
+          />
+          <span class="signedInText">
+            <small>Signed in as</small><br />
+            <strong>{{ session.user?.email || session.user?.name }}</strong>
+          </span>
+          <a href="/api/auth/signout" class="button" @click.prevent="signOut"
+            >Sign out</a
+          >
+        </template>
+        <template v-else>
+          <span class="notSignedInText">You are not signed in</span>
+          <a
+            href="/api/auth/signin"
+            class="buttonPrimary"
+            @click.prevent="signIn"
+            >Sign in</a
+          >
+        </template>
+      </p>
+    </div>
+    <nav>
+      <ul class="navItems">
+        <li class="navItem">
+          <NuxtLink to="/"> Home </NuxtLink>
+        </li>
+        <li class="navItem">
+          <NuxtLink to="/protected"> Protected </NuxtLink>
+        </li>
+      </ul>
+    </nav>
+  </header>
+</template>
+
+<style>
+.nojs-show {
+  opacity: 1;
+  top: 0;
+}
+
+.signedInStatus {
+  display: block;
+  min-height: 4rem;
+  width: 100%;
+}
+
+.loading,
+.loaded {
+  position: relative;
+  top: 0;
+  opacity: 1;
+  overflow: hidden;
+  border-radius: 0 0 0.6rem 0.6rem;
+  padding: 0.6rem 1rem;
+  margin: 0;
+  background-color: rgba(0, 0, 0, 0.05);
+  transition: all 0.2s ease-in;
+}
+
+.loading {
+  top: -2rem;
+  opacity: 0;
+}
+
+.signedInText,
+.notSignedInText {
+  position: absolute;
+  padding-top: 0.8rem;
+  left: 1rem;
+  right: 6.5rem;
+  white-space: nowrap;
+  text-overflow: ellipsis;
+  overflow: hidden;
+  display: inherit;
+  z-index: 1;
+  line-height: 1.3rem;
+}
+
+.signedInText {
+  padding-top: 0rem;
+  left: 4.6rem;
+}
+
+.avatar {
+  border-radius: 2rem;
+  float: left;
+  height: 2.8rem;
+  width: 2.8rem;
+  background-color: white;
+  background-size: cover;
+  background-repeat: no-repeat;
+}
+
+.button,
+.buttonPrimary {
+  float: right;
+  margin-right: -0.4rem;
+  font-weight: 500;
+  border-radius: 0.3rem;
+  cursor: pointer;
+  font-size: 1rem;
+  line-height: 1.4rem;
+  padding: 0.7rem 0.8rem;
+  position: relative;
+  z-index: 10;
+  background-color: transparent;
+  color: #555;
+}
+
+.buttonPrimary {
+  background-color: #346df1;
+  border-color: #346df1;
+  color: #fff;
+  text-decoration: none;
+  padding: 0.7rem 1.4rem;
+}
+
+.buttonPrimary:hover {
+  box-shadow: inset 0 0 5rem rgba(0, 0, 0, 0.2);
+}
+
+.navItems {
+  margin-bottom: 2rem;
+  padding: 0;
+  list-style: none;
+}
+
+.navItem {
+  display: inline-block;
+  margin-right: 1rem;
+}
+</style>

apps/playground-nuxt/composables/useSession.ts

@@ -0,0 +1,5 @@
+import { Session } from "@auth/core"
+
+export default function useSession() {
+  return useState<Session | null>("session", () => null)
+}

apps/playground-nuxt/handler.d.ts

@@ -1 +0,0 @@
-export * from './dist/runtime/server/handler'

apps/playground-nuxt/lib/auth/client.ts

@@ -0,0 +1,107 @@
+import type {
+  LiteralUnion,
+  SignInOptions,
+  SignInAuthorizationParams,
+  SignOutParams,
+} from "./types"
+import type {
+  BuiltInProviderType,
+  RedirectableProviderType,
+} from "@auth/core/providers"
+
+/**
+ * Client-side method to initiate a signin flow
+ * or send the user to the signin page listing all possible providers.
+ * Automatically adds the CSRF token to the request.
+ *
+ * [Documentation](https://next-auth.js.org/getting-started/client#signin)
+ */
+export async function signIn<
+  P extends RedirectableProviderType | undefined = undefined
+>(
+  providerId?: LiteralUnion<
+    P extends RedirectableProviderType
+      ? P | BuiltInProviderType
+      : BuiltInProviderType
+  >,
+  options?: SignInOptions,
+  authorizationParams?: SignInAuthorizationParams
+) {
+  const { callbackUrl = window.location.href, redirect = true } = options ?? {}
+
+  // TODO: Support custom providers
+  const isCredentials = providerId === "credentials"
+  const isEmail = providerId === "email"
+  const isSupportingReturn = isCredentials || isEmail
+
+  // TODO: Handle custom base path
+  const signInUrl = `/api/auth/${
+    isCredentials ? "callback" : "signin"
+  }/${providerId}`
+
+  const _signInUrl = `${signInUrl}?${new URLSearchParams(authorizationParams)}`
+
+  // TODO: Handle custom base path
+  // TODO: Remove this since Sveltekit offers the CSRF protection via origin check
+  const { csrfToken } = await $fetch("/api/auth/csrf")
+
+  console.log(_signInUrl)
+
+  const res = await fetch(_signInUrl, {
+    method: "post",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      "X-Auth-Return-Redirect": "1",
+    },
+    // @ts-expect-error -- ignore
+    body: new URLSearchParams({
+      ...options,
+      csrfToken,
+      callbackUrl,
+    }),
+  })
+
+  const data = await res.clone().json()
+  const error = new URL(data.url).searchParams.get("error")
+
+  if (redirect || !isSupportingReturn || !error) {
+    // TODO: Do not redirect for Credentials and Email providers by default in next major
+    window.location.href = data.url ?? callbackUrl
+    // If url contains a hash, the browser does not reload the page. We reload manually
+    if (data.url.includes("#")) window.location.reload()
+    return
+  }
+
+  return res
+}
+
+/**
+ * Signs the user out, by removing the session cookie.
+ * Automatically adds the CSRF token to the request.
+ *
+ * [Documentation](https://next-auth.js.org/getting-started/client#signout)
+ */
+export async function signOut(options?: SignOutParams) {
+  const { callbackUrl = window.location.href } = options ?? {}
+  // TODO: Custom base path
+  // TODO: Remove this since Sveltekit offers the CSRF protection via origin check
+  const csrfTokenResponse = await fetch("/api/auth/csrf")
+  const { csrfToken } = await csrfTokenResponse.json()
+  const res = await fetch(`/api/auth/signout`, {
+    method: "post",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      "X-Auth-Return-Redirect": "1",
+    },
+    body: new URLSearchParams({
+      csrfToken,
+      callbackUrl,
+    }),
+  })
+  const data = await res.json()
+
+  const url = data.url ?? callbackUrl
+  window.location.href = url
+  // If url contains a hash, the browser does not reload the page. We reload manually
+  if (url.includes("#")) window.location.reload()
+}

apps/playground-nuxt/lib/auth/server.ts

@@ -0,0 +1,45 @@
+import { AuthHandler, AuthOptions, Session } from "@auth/core"
+import { fromNodeMiddleware, H3Event } from "h3"
+import getURL from "requrl"
+import { createMiddleware } from "@hattip/adapter-node"
+
+export function NuxtAuthHandler(options: AuthOptions) {
+  async function handler(ctx: { request: Request }) {
+    options.trustHost ??= true
+
+    return AuthHandler(ctx.request, options)
+  }
+
+  const middleware = createMiddleware(handler)
+
+  return fromNodeMiddleware(middleware)
+}
+
+export async function getSession(
+  event: H3Event,
+  options: AuthOptions
+): Promise<Session | null> {
+  options.trustHost ??= true
+
+  const headers = getRequestHeaders(event)
+  const nodeHeaders = new Headers()
+
+  const url = new URL("/api/auth/session", getURL(event.node.req))
+
+  Object.keys(headers).forEach((key) => {
+    nodeHeaders.append(key, headers[key] as any)
+  })
+
+  const response = await AuthHandler(
+    new Request(url, { headers: nodeHeaders }),
+    options
+  )
+
+  const { status = 200 } = response
+
+  const data = await response.json()
+
+  if (!data || !Object.keys(data).length) return null
+  if (status === 200) return data
+  throw new Error(data.message)
+}

apps/playground-nuxt/lib/auth/types.ts

@@ -0,0 +1,48 @@
+// Taken from next-auth/react
+import type { BuiltInProviderType, ProviderType } from "@auth/core/providers"
+/**
+ * Util type that matches some strings literally, but allows any other string as well.
+ * @source https://github.com/microsoft/TypeScript/issues/29729#issuecomment-832522611
+ */
+export declare type LiteralUnion<T extends U, U = string> =
+  | T
+  | (U & Record<never, never>)
+export interface ClientSafeProvider {
+  id: LiteralUnion<BuiltInProviderType>
+  name: string
+  type: ProviderType
+  signinUrl: string
+  callbackUrl: string
+}
+export interface SignInOptions extends Record<string, unknown> {
+  /**
+   * Specify to which URL the user will be redirected after signing in. Defaults to the page URL the sign-in is initiated from.
+   *
+   * [Documentation](https://next-auth.js.org/getting-started/client#specifying-a-callbackurl)
+   */
+  callbackUrl?: string
+  /** [Documentation](https://next-auth.js.org/getting-started/client#using-the-redirect-false-option) */
+  redirect?: boolean
+}
+export interface SignInResponse {
+  error: string | undefined
+  status: number
+  ok: boolean
+  url: string | null
+}
+/** Match `inputType` of `new URLSearchParams(inputType)` */
+export declare type SignInAuthorizationParams =
+  | string
+  | string[][]
+  | Record<string, string>
+  | URLSearchParams
+/** [Documentation](https://next-auth.js.org/getting-started/client#using-the-redirect-false-option-1) */
+export interface SignOutResponse {
+  url: string
+}
+export interface SignOutParams<R extends boolean = true> {
+  /** [Documentation](https://next-auth.js.org/getting-started/client#specifying-a-callbackurl-1) */
+  callbackUrl?: string
+  /** [Documentation](https://next-auth.js.org/getting-started/client#using-the-redirect-false-option-1 */
+  redirect?: R
+}

apps/playground-nuxt/nuxt.config.ts

@@ -0,0 +1,19 @@
+export default defineNuxtConfig({
+  // https://v3.nuxtjs.org/migration/runtime-config#runtime-config
+  runtimeConfig: {
+    secret: process.env.NEXTAUTH_SECRET,
+    github: {
+      clientId: process.env.GITHUB_CLIENT_ID,
+      clientSecret: process.env.GITHUB_CLIENT_SECRET,
+    },
+  },
+  vite: {
+    define: {
+      "process.env.NEXTAUTH_URL": JSON.stringify(process.env.NEXTAUTH_URL),
+      "process.env.AUTH_TRUST_HOST": JSON.stringify(
+        process.env.AUTH_TRUST_HOST
+      ),
+      "process.env.VERCEL_URL": JSON.stringify(process.env.VERCEL_URL),
+    },
+  },
+})

apps/playground-nuxt/package.json

@@ -1,49 +1,22 @@
 {
-  "name": "next-auth-nuxt",
-  "type": "module",
-  "version": "0.0.0",
-  "packageManager": "pnpm@7.1.1",
-  "license": "MIT",
-  "main": "./dist/module.cjs",
-  "types": "./dist/types.d.ts",
-  "exports": {
-    ".": {
-      "import": "./dist/module.mjs",
-      "require": "./dist/module.cjs"
-    },
-    "./handler": {
-      "import": "./dist/runtime/server/handler.mjs",
-      "types": "./dist/runtime/server/handler.d.ts"
-    },
-    "./client": {
-      "import": "./dist/runtime/client/index.mjs",
-      "types": "./dist/runtime/client/index.d.ts"
-    }
-  },
-  "files": [
-    "dist",
-    "handler.d.ts",
-    "client.d.ts"
-  ],
+  "name": "playground-nuxt",
+  "private": true,
   "scripts": {
-    "prepack": "nuxt-module-build",
-    "dev": "pnpm prepack && nuxi dev playground",
-    "dev:build": "nuxi build playground",
-    "dev:build:vercel": "NITRO_PRESET=vercel nuxi build playground",
-    "dev:prepare": "nuxt-module-build --stub && nuxi prepare playground"
-  },
-  "dependencies": {
-    "@nuxt/kit": "^3.0.0-rc.13",
-    "h3": "^0.8.6",
-    "next-auth": "^4.16.2",
-    "pathe": "^0.3.9"
+    "build": "nuxt build",
+    "dev": "export NODE_OPTIONS='--no-experimental-fetch' && nuxt dev",
+    "generate": "nuxt generate",
+    "preview": "nuxt preview",
+    "postinstall": "nuxt prepare"
   },
   "devDependencies": {
-    "@nuxt/module-builder": "^0.2.0",
-    "@nuxt/schema": "^3.0.0-rc.12",
-    "@nuxtjs/eslint-config-typescript": "^11.0.0",
-    "eslint": "^8.26.0",
-    "nuxt": "^3.0.0-rc.13",
-    "next-auth-nuxt": "workspace:*"
+    "@nuxt/eslint-config": "^0.1.1",
+    "eslint": "^8.29.0",
+    "h3": "1.0.2",
+    "nuxt": "3.0.0"
+  },
+  "dependencies": {
+    "@auth/core": "workspace:*",
+    "@hattip/adapter-node": "^0.0.22",
+    "requrl": "^3.0.2"
   }
 }

apps/playground-nuxt/pages/index.vue

@@ -0,0 +1,10 @@
+<template>
+  <div>
+    <h1>Nuxt Auth Example</h1>
+    <p>
+      This is an example site to demonstrate how to use
+      <a href="https://v3.nuxtjs.org/">Nuxt 3</a> with
+      <a href="https://authjs.dev/">Auth.js</a> for authentication.
+    </p>
+  </div>
+</template>

apps/playground-nuxt/pages/protected.vue

@@ -0,0 +1,18 @@
+<script setup lang="ts">
+const session = useSession()
+
+definePageMeta({
+  middleware: "auth",
+})
+</script>
+
+<template>
+  <div>
+    <h1>Protected Page</h1>
+    <p>
+      This is a protected content. You can access this content because you are
+      signed in.
+    </p>
+    <p>Session expiry: {{ session?.expires }}</p>
+  </div>
+</template>

apps/playground-nuxt/playground/app.vue

@@ -1,40 +0,0 @@
-<template>
-  <div>
-    <Header />
-    <NuxtPage />
-    <Footer />
-  </div>
-</template>
-
-<style>
-body {
-font-family: -apple-system, Segoe UI, Roboto, Ubuntu, Cantarell, Noto Sans, sans-serif, BlinkMacSystemFont, 'Segoe UI', Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol';
-padding: 0 1rem 1rem 1rem;
-max-width: 680px;
-margin: 0 auto;
-background: #fff;
-color: #333;
-}
-
-li,
-p {
-line-height: 1.5rem;
-}
-
-a {
-font-weight: 500;
-}
-
-hr {
-border: 1px solid #ddd;
-}
-
-iframe {
-background: #ccc;
-border: 1px solid #ccc;
-height: 10rem;
-width: 100%;
-border-radius: .5rem;
-filter: invert(1);
-}
-</style>

apps/playground-nuxt/playground/components/AccessDenied.vue

@@ -1,8 +0,0 @@
-<template>
-  <div>
-    <h1>Access Denied</h1>
-    <p>
-      <a href="/api/auth/signin">You must be signed in to view this page</a>
-    </p>
-  </div>
-</template>

apps/playground-nuxt/playground/components/Footer.vue

@@ -1,30 +0,0 @@
-<template>
-  <footer class="fotter">
-    <hr>
-    <ul class="navItems">
-      <li class="navItem">
-        <a href="https://github.com/nextauthjs/next-auth/tree/main/apps/playground-nuxt">Demo GitHub</a>
-      </li>
-      <li class="navItem">
-        <a href="https://next-auth.js.org">Next.js Documentation</a>
-      </li>
-    </ul>
-  </footer>
-</template>
-
-<style>
-.footer {
-margin-top: 2rem;
-}
-
-.navItems {
-margin-bottom: 1rem;
-padding: 0;
-list-style: none;
-}
-
-.navItem {
-display: inline-block;
-margin-right: 1rem;
-}
-</style>

apps/playground-nuxt/playground/components/Header.vue

@@ -1,155 +0,0 @@
-<script setup lang="ts">
-import { useSession, signIn, signOut, computed } from '#imports'
-
-const { data: session, status } = useSession()
-const loading = computed(() => status.value === 'loading')
-</script>
-
-<template>
-  <header>
-    <div class="signedInStatus">
-      <p :class="['nojs-show', !session && loading ? 'loading' : 'loaded']">
-        <template v-if="session">
-          <span v-if="session.user?.image" :style="{ backgroundImage: `url(${session.user.image})` }" class="avatar" />
-          <span class="signedInText">
-            <small>Signed in as</small><br>
-            <strong>{{ session.user?.email || session.user?.name }}</strong>
-          </span>
-          <a href="/api/auth/signout" class="button" @click.prevent="signOut">Sign out</a>
-        </template>
-        <template v-else>
-          <span class="notSignedInText">You are not signed in</span>
-          <a href="/api/auth/signin" class="buttonPrimary" @click.prevent="signIn">Sign in</a>
-        </template>
-      </p>
-    </div>
-    <nav>
-      <ul class="navItems">
-        <li class="navItem">
-          <NuxtLink to="/">
-            Home
-          </NuxtLink>
-        </li>
-        <li class="navItem">
-          <NuxtLink to="/client">
-            Client
-          </NuxtLink>
-        </li>
-        <li class="navItem">
-          <NuxtLink to="/server">
-            Server
-          </NuxtLink>
-        </li>
-        <li class="navItem">
-          <NuxtLink to="/protected">
-            Protected
-          </NuxtLink>
-        </li>
-        <li class="navItem">
-          <NuxtLink to="/api-example">
-            API
-          </NuxtLink>
-        </li>
-      </ul>
-    </nav>
-  </header>
-</template>
-
-<style>
-.nojs-show {
-  opacity: 1;
-  top: 0;
-}
-
-.signedInStatus {
-display: block;
-min-height: 4rem;
-width: 100%;
-}
-
-.loading,
-.loaded {
-position: relative;
-top: 0;
-opacity: 1;
-overflow: hidden;
-border-radius: 0 0 .6rem .6rem;
-padding: .6rem 1rem;
-margin: 0;
-background-color: rgba(0,0,0,.05);
-transition: all 0.2s ease-in;
-}
-
-.loading {
-top: -2rem;
-opacity: 0;
-}
-
-.signedInText,
-.notSignedInText {
-position: absolute;
-padding-top: .8rem;
-left: 1rem;
-right: 6.5rem;
-white-space: nowrap;
-text-overflow: ellipsis;
-overflow: hidden;
-display: inherit;
-z-index: 1;
-line-height: 1.3rem;
-}
-
-.signedInText {
-padding-top: 0rem;
-left: 4.6rem;
-}
-
-.avatar {
-border-radius: 2rem;
-float: left;
-height: 2.8rem;
-width: 2.8rem;
-background-color: white;
-background-size: cover;
-background-repeat: no-repeat;
-}
-
-.button,
-.buttonPrimary {
-float: right;
-margin-right: -.4rem;
-font-weight: 500;
-border-radius: .3rem;
-cursor: pointer;
-font-size: 1rem;
-line-height: 1.4rem;
-padding: .7rem .8rem;
-position: relative;
-z-index: 10;
-background-color: transparent;
-color: #555;
-}
-
-.buttonPrimary {
-background-color: #346df1;
-border-color: #346df1;
-color: #fff;
-text-decoration: none;
-padding: .7rem 1.4rem;
-}
-
-.buttonPrimary:hover {
-box-shadow: inset 0 0 5rem rgba(0,0,0,0.2)
-}
-
-.navItems {
-margin-bottom: 2rem;
-padding: 0;
-list-style: none;
-}
-
-.navItem {
-display: inline-block;
-margin-right: 1rem;
-}
-</style>

apps/playground-nuxt/playground/nuxt.config.ts

@@ -1,20 +0,0 @@
-import MyModule from '../src/module'
-
-export default defineNuxtConfig({
-  modules: [
-    MyModule
-  ],
-  // https://v3.nuxtjs.org/migration/runtime-config#runtime-config
-  runtimeConfig: {
-    secret: process.env.NEXTAUTH_SECRET,
-    github: {
-      clientId: process.env.GITHUB_CLIENT_ID,
-      clientSecret: process.env.GITHUB_CLIENT_SECRET
-    }
-  },
-  // https://v3.nuxtjs.org/guide/concepts/esm#aliasing-libraries
-  // Fix for GithubProvider is not a function error in Vite
-  alias: {
-    'next-auth/providers/github': 'node_modules/next-auth/providers/github.js'
-  }
-})