fix(page): fall back to default error page (#1700 )

fix(oauth): support response_mode=form_post (#1669 )
* chore: alias dev script to next * feat(core): fallback to body when reading state * refactor: set csrfToken on req.options implicitly Ensures we do this similarly than in other handlers like pkce, state, extendRes, callbackUrlHandler etc. * chore: add code comment for debugging
2026-05-01 10:55:20 +00:00 · 2021-04-12 03:56:47 +02:00 · 2021-04-12 00:24:05 +02:00 · 2021-04-12 00:15:29 +02:00 · 2021-04-11 23:20:37 +02:00 · 2021-04-11 15:20:01 +02:00
10 changed files with 1515 additions and 1033 deletions
--- a/config/babel.config.json
+++ b/config/babel.config.json
@@ -1,19 +1,12 @@
 {
  "presets": [
-    ["@babel/preset-env", { "targets": { "node": "10" } }]
+    ["@babel/preset-env", { "targets": { "esmodules": true } }]
  ],
  "comments": false,
  "overrides": [
-    {
-      "test": ["../src/client/**"],
-      "comments": true,
-      "presets": [
-        ["@babel/preset-env", { "targets": { "ie": "11" } }]
-      ]
-    },
    {
      "test": ["../src/server/pages/**"],
      "presets": ["preact"]
    }
  ]
-}
+}
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -5,6 +5,7 @@
  "homepage": "https://next-auth.js.org",
  "repository": "https://github.com/nextauthjs/next-auth.git",
  "author": "Iain Collins <me@iaincollins.com>",
+  "main": "index.js",
  "scripts": {
    "build": "npm run build:js && npm run build:css",
    "build:js": "babel --config-file ./config/babel.config.json src --out-dir dist",
@@ -32,15 +33,6 @@
    "lint": "ts-standard",
    "lint:fix": "ts-standard --fix"
  },
-  "main": "index.js",
-  "exports": {
-    ".": "./dist/server/index.js",
-    "./jwt": "./dist/lib/jwt.js",
-    "./adapters": "./dist/adapters/index.js",
-    "./client": "./dist/client/index.js",
-    "./providers": "./dist/providers/index.js",
-    "./providers/*": "./dist/providers/*.js"
-  },
  "files": [
    "dist",
    "index.js",
@@ -51,47 +43,29 @@
  ],
  "license": "ISC",
  "dependencies": {
+    "crypto-js": "^4.0.0",
    "futoin-hkdf": "^1.3.2",
    "jose": "^1.27.2",
    "jsonwebtoken": "^8.5.1",
+    "nodemailer": "^6.4.16",
    "oauth": "^0.9.15",
    "pkce-challenge": "^2.1.0",
    "preact": "^10.4.1",
-    "preact-render-to-string": "^5.1.14"
+    "preact-render-to-string": "^5.1.14",
+    "querystring": "^0.2.0",
+    "require_optional": "^1.0.1",
+    "typeorm": "^0.2.30"
  },
  "peerDependencies": {
    "react": "^16.13.1 || ^17",
-    "react-dom": "^16.13.1 || ^17",
-    "mongodb": "^3.6.6",
+    "react-dom": "^16.13.1 || ^17"
+  },
+  "peerOptionalDependencies": {
+    "mongodb": "^3.5.9",
    "mysql": "^2.18.1",
    "mssql": "^6.2.1",
    "pg": "^8.2.1",
-    "@prisma/client": "^2.16.1",
-    "nodemailer": "^6.4.16",
-    "typeorm": "^0.2.30"
-  },
-  "peerDependenciesMeta": {
-    "mongodb": {
-      "optional": true
-    },
-    "mysql": {
-      "optional": true
-    },
-    "mssql": {
-      "optional": true
-    },
-    "pg": {
-      "optional": true
-    },
-    "@prisma/client": {
-      "optional": true
-    },
-    "nodemailer": {
-      "optional": true
-    },
-    "typeorm": {
-      "optional": true
-    }
+    "@prisma/client": "^2.16.1"
  },
  "devDependencies": {
    "@babel/cli": "^7.8.4",
@@ -110,7 +84,7 @@
    "dotenv": "^8.2.0",
    "eslint": "^7.19.0",
    "mocha": "^8.1.3",
-    "mongodb": "^3.6.6",
+    "mongodb": "^3.5.9",
    "mssql": "^6.2.1",
    "mysql": "^2.18.1",
    "next": "^10.0.5",
--- a/src/adapters/typeorm/index.js
+++ b/src/adapters/typeorm/index.js
@@ -1,5 +1,6 @@
 import { createConnection, getConnection } from 'typeorm'
 import { createHash } from 'crypto'
+import require_optional from 'require_optional' // eslint-disable-line camelcase

 import { CreateUserError } from '../../lib/errors'
 import adapterConfig from './lib/config'
@@ -93,8 +94,12 @@ const Adapter = (typeOrmConfig, options = {}) => {
    let ObjectId
    if (config.type === 'mongodb') {
      idKey = '_id'
-      const mongodb = (await import('mongodb')).default
-      ObjectId = mongodb.ObjectID
+      // Using a dynamic import causes problems for some compilers/bundlers
+      // that don't handle dynamic imports. To try and work around this we are
+      // using the same method mongodb uses to load Object ID type, which is to
+      // use the require_optional loader.
+      const mongodb = require_optional('mongodb')
+      ObjectId = mongodb.ObjectId
    }

    // These values are stored as seconds, but to use them with dates in
--- a/src/providers/email.js
+++ b/src/providers/email.js
@@ -1,3 +1,4 @@
+import nodemailer from 'nodemailer'
 import logger from '../lib/logger'

 export default (options) => {
@@ -21,13 +22,13 @@ export default (options) => {
  }
 }

-async function sendVerificationRequest ({ identifier: email, url, baseUrl, provider }) {
-  const { server, from } = provider
-  // Strip protocol from URL and use domain as site name
-  const site = baseUrl.replace(/^https?:\/\//, '')
-  try {
-    const nodemailer = (await import('nodemailer')).default
-    await nodemailer
+const sendVerificationRequest = ({ identifier: email, url, baseUrl, provider }) => {
+  return new Promise((resolve, reject) => {
+    const { server, from } = provider
+    // Strip protocol from URL and use domain as site name
+    const site = baseUrl.replace(/^https?:\/\//, '')
+
+    nodemailer
      .createTransport(server)
      .sendMail({
        to: email,
@@ -35,11 +36,14 @@ async function sendVerificationRequest ({ identifier: email, url, baseUrl, provi
        subject: `Sign in to ${site}`,
        text: text({ url, site, email }),
        html: html({ url, site, email })
+      }, (error) => {
+        if (error) {
+          logger.error('SEND_VERIFICATION_EMAIL_ERROR', email, error)
+          return reject(new Error('SEND_VERIFICATION_EMAIL_ERROR', error))
+        }
+        return resolve()
      })
-  } catch (error) {
-    logger.error('SEND_VERIFICATION_EMAIL_ERROR', email, error)
-    throw new Error('SEND_VERIFICATION_EMAIL_ERROR')
-  }
+  })
 }

 // Email HTML body
--- a/src/server/index.js
+++ b/src/server/index.js
@@ -1,3 +1,4 @@
+import adapters from '../adapters'
 import jwt from '../lib/jwt'
 import parseUrl from '../lib/parse-url'
 import logger, { setLogger } from '../lib/logger'
@@ -72,7 +73,7 @@ async function NextAuthHandler (req, res, userOptions) {
    // Protection only works on OAuth 2.x providers
    if (provider?.type === 'oauth' && provider.version?.startsWith('2')) {
      // When provider.state is undefined, we still want this to pass
-      if (!provider.protection) {
+      if (!provider.protection && provider.state !== false) {
        // Default to state, as we did in 3.1 REVIEW: should we use "pkce" or "none" as default?
        provider.protection = ['state']
      } else if (typeof provider.protection === 'string') {
@@ -85,11 +86,7 @@ async function NextAuthHandler (req, res, userOptions) {
    // Parse database / adapter
    // If adapter is provided, use it (advanced usage, overrides database)
    // If database URI or config object is provided, use it (simple usage)
-    let adapter = userOptions.adapter
-    if ((!adapter && !!userOptions.database)) {
-      const TypeOrm = (await import('../adapters/typeorm')).default
-      adapter = TypeOrm.Adapter(userOptions.database)
-    }
+    const adapter = userOptions.adapter ?? (userOptions.database && adapters.Default(userOptions.database))

    // User provided options are overriden by other options,
    // except for the options with special handling above
--- a/src/server/pages/error.js
+++ b/src/server/pages/error.js
@@ -52,7 +52,7 @@ export default function error ({ baseUrl, basePath, error = 'default', res }) {
    }
  }

-  const { statusCode, heading, message, signin } = errors[error.toLowerCase()]
+  const { statusCode, heading, message, signin } = errors[error.toLowerCase()] ?? errors.default

  res.status(statusCode)

--- a/src/server/routes/callback.js
+++ b/src/server/routes/callback.js
@@ -65,13 +65,18 @@ export default async function callback (req, res) {

        try {
          const signInCallbackResponse = await callbacks.signIn(userOrProfile, account, OAuthProfile)
-          if (!signInCallbackResponse) {
+          if (signInCallbackResponse === false) {
            return res.redirect(`${baseUrl}${basePath}/error?error=AccessDenied`)
          } else if (typeof signInCallbackResponse === 'string') {
            return res.redirect(signInCallbackResponse)
          }
        } catch (error) {
-          return res.redirect(`${baseUrl}${basePath}/error?error=${encodeURIComponent(error.message)}`)
+          if (error instanceof Error) {
+            return res.redirect(`${baseUrl}${basePath}/error?error=${encodeURIComponent(error.message)}`)
+          }
+          // TODO: Remove in a future major release
+          logger.warn('SIGNIN_CALLBACK_REJECT_REDIRECT')
+          return res.redirect(error)
        }

        // Sign user in
@@ -156,13 +161,18 @@ export default async function callback (req, res) {
      // Check if user is allowed to sign in
      try {
        const signInCallbackResponse = await callbacks.signIn(profile, account, { email })
-        if (!signInCallbackResponse) {
+        if (signInCallbackResponse === false) {
          return res.redirect(`${baseUrl}${basePath}/error?error=AccessDenied`)
        } else if (typeof signInCallbackResponse === 'string') {
          return res.redirect(signInCallbackResponse)
        }
      } catch (error) {
-        return res.redirect(`${baseUrl}${basePath}/error?error=${encodeURIComponent(error.message)}`)
+        if (error instanceof Error) {
+          return res.redirect(`${baseUrl}${basePath}/error?error=${encodeURIComponent(error.message)}`)
+        }
+        // TODO: Remove in a future major release
+        logger.warn('SIGNIN_CALLBACK_REJECT_REDIRECT')
+        return res.redirect(error)
      }

      // Sign user in
@@ -226,11 +236,12 @@ export default async function callback (req, res) {
      userObjectReturnedFromAuthorizeHandler = await provider.authorize(credentials)
      if (!userObjectReturnedFromAuthorizeHandler) {
        return res.status(401).redirect(`${baseUrl}${basePath}/error?error=CredentialsSignin&provider=${encodeURIComponent(provider.id)}`)
-      } else if (typeof userObjectReturnedFromAuthorizeHandler === 'string') {
-        return res.redirect(userObjectReturnedFromAuthorizeHandler)
      }
    } catch (error) {
-      return res.redirect(`${baseUrl}${basePath}/error?error=${encodeURIComponent(error.message)}`)
+      if (error instanceof Error) {
+        return res.redirect(`${baseUrl}${basePath}/error?error=${encodeURIComponent(error.message)}`)
+      }
+      return res.redirect(error)
    }

    const user = userObjectReturnedFromAuthorizeHandler
@@ -238,13 +249,14 @@ export default async function callback (req, res) {

    try {
      const signInCallbackResponse = await callbacks.signIn(user, account, credentials)
-      if (!signInCallbackResponse) {
+      if (signInCallbackResponse === false) {
        return res.status(403).redirect(`${baseUrl}${basePath}/error?error=AccessDenied`)
-      } else if (typeof signInCallbackResponse === 'string') {
-        return res.redirect(signInCallbackResponse)
      }
    } catch (error) {
-      return res.redirect(`${baseUrl}${basePath}/error?error=${encodeURIComponent(error.message)}`)
+      if (error instanceof Error) {
+        return res.redirect(`${baseUrl}${basePath}/error?error=${encodeURIComponent(error.message)}`)
+      }
+      return res.redirect(error)
    }

    const defaultJwtPayload = {
--- a/src/server/routes/signin.js
+++ b/src/server/routes/signin.js
@@ -45,13 +45,18 @@ export default async function signin (req, res) {
    // Check if user is allowed to sign in
    try {
      const signInCallbackResponse = await callbacks.signIn(profile, account, { email, verificationRequest: true })
-      if (!signInCallbackResponse) {
+      if (signInCallbackResponse === false) {
        return res.redirect(`${baseUrl}${basePath}/error?error=AccessDenied`)
      } else if (typeof signInCallbackResponse === 'string') {
        return res.redirect(signInCallbackResponse)
      }
    } catch (error) {
-      return res.redirect(`${baseUrl}${basePath}/error?error=${encodeURIComponent(error)}`)
+      if (error instanceof Error) {
+        return res.redirect(`${baseUrl}${basePath}/error?error=${encodeURIComponent(error)}`)
+      }
+      // TODO: Remove in a future major release
+      logger.warn('SIGNIN_CALLBACK_REJECT_REDIRECT')
+      return res.redirect(error)
    }

    try {
--- a/www/docs/warnings.md
+++ b/www/docs/warnings.md
@@ -46,4 +46,32 @@ You can use [node-jose-tools](https://www.npmjs.com/package/node-jose-tools) to

 **Option 2**: Specify custom encode/decode functions on the jwt object. This gives you complete control over signing / verification / etc.

-#### JWT_AUTO_GENERATED_ENCRYPTION_KEY
+#### JWT_AUTO_GENERATED_ENCRYPTION_KEY
+
+#### SIGNIN_CALLBACK_REJECT_REDIRECT
+
+You returned something in the `signIn` callback, that is being deprecated.
+
+You probably had something similar in the callback:
+```js
+  return Promise.reject("/some/url")
+```
+
+or
+
+```js
+  throw "/some/url"
+```
+
+To remedy this, simply return the url instead:
+
+```js
+  return "/some/url"
+```
+
+
+#### STATE_OPTION_DEPRECATION
+You provided `state: true` or `state: false` as a provider option. This is being deprecated in a later release in favour of `protection: "state"` and `protection: "none"` respectively. To remedy this warning:
+
+- If you use `state: true`, just simply remove it. The default is `protection: "state"` already..
+- If you use `state: false`, set `protection: "none"`.
Author	SHA1	Message	Date
Balázs Orbán	1c662e9ddc	fix(page): fall back to default error page (#1700 )	2021-04-12 03:56:47 +02:00
Balázs Orbán	968903d227	fix(oauth): support `response_mode=form_post` (#1669 ) * chore: alias dev script to next * feat(core): fallback to body when reading state * refactor: set csrfToken on req.options implicitly Ensures we do this similarly than in other handlers like pkce, state, extendRes, callbackUrlHandler etc. * chore: add code comment for debugging	2021-04-12 00:24:05 +02:00
Balázs Orbán	3dedf6c26c	fix(provider): proper check of protection property (#1694 ) * fix(provider): proper check of protection property * chore: add comment	2021-04-12 00:15:29 +02:00
Amauri Dias	d1dbfe1023	fix: truly replace .flat() to support Node <11 again (#1691 )	2021-04-11 23:20:37 +02:00
David Colón	63171a0271	fix: validate provider existence before looking for protection property (#1687 ) * Fix validation of provider existence before looking for protection property * Use optional chaining	2021-04-11 15:20:01 +02:00
Amauri Dias	872e180339	fix: replace .flat() to support Node <11 again (#1684 )	2021-04-11 10:57:25 +02:00
ifly7charlie	a7709df796	docs: Document the additional parameters in JWT (#1550 ) Co-authored-by: Balázs Orbán <info@balazsorban.com>	2021-04-08 14:00:19 +02:00
Balázs Orbán	dbe283f0fa	refactor: rename extend-res to extend-req	2021-04-07 22:26:54 +02:00
Balázs Orbán	727426bbec	chore(ts): auto-label TypeScript related changes	2021-04-07 20:16:10 +02:00
Vinicius CR	5a3ee47337	feat(provider): accept array for protection to support multiple mechanisms (#1565 ) * fix: add protection both option * feat: update docs with new protection value * fix: lint files * refactor: change protection from string to array * chore: reverting unespected change * chore: lint files Co-authored-by: Balázs Orbán <info@balazsorban.com>	2021-04-06 19:20:56 +02:00
bhaveshmishra-code	8dd8f7c48a	docs: fix typo in callbacks.md (#1657 ) Fixed the spelling mistake. existance -> existence	2021-04-05 19:35:26 +02:00
Jaime Martínez Rincón	072c59d85a	docs: fix typo `primsa` (#1652 )	2021-04-05 00:25:46 +02:00
dependabot[bot]	d0e8147a48	chore(deps): bump y18n from 4.0.0 to 4.0.1 (#1631 ) Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/y18n/commits) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-04-05 00:24:39 +02:00
Jasper Moelker	5bc8f8b986	docs(page): correct getCsrfToken and input types (#1651 ) This fixes the a mismatch between the import (`csrfToken`) and the method (`getCsrfToken`) used in `getInitialProps`/`getServerSideProps`. In addition the form input fields now have their correct type: `email` for email input (for better autocomplete, virtual keyboard support and native validation) and `password` for the password input (to hide password while typing).	2021-04-04 22:01:53 +02:00
hoangbits	136361e1f4	docs: rename command to vercel cli, now cli is deprecated (#1647 )	2021-04-04 11:02:38 +02:00
hoangbits	cc9869592c	docs: fix typo in providers.md (#1641 )	2021-04-02 17:18:40 +02:00
Jay Liew	073da60c3d	docs: Update pages.md (#1592 ) * Update pages.md Updated Credentials Sign-In code example to indicate how to use `getServerSideProps` but still also showing the older `getInitialProps` example * Update www/docs/configuration/pages.md Co-authored-by: Balázs Orbán <info@balazsorban.com> * update documentation to show example using getServerSideProps() Co-authored-by: Balázs Orbán <info@balazsorban.com> Co-authored-by: Jay Liew <jay@haute.tech>	2021-03-31 00:31:31 +02:00
ifly7charlie	aacc34bbfd	docs(error): Add missing error message and technique to resolve (#1549 ) * Add missing error message and technique to resolve * Update errors.md Correct with correct error message and more complete suggestions on resolving it	2021-03-26 23:09:21 +01:00
jgollhardt	074688d10e	docs(provider): fix wrong param name in sendVerificationRequest example (#1595 )	2021-03-26 23:01:25 +01:00
Macarse, Christian Ryan R	b3ffe50c03	docs(provider): removed misleading provider signin link (#1588 )	2021-03-25 22:30:46 +01:00
Shubham Shukla	e6d063825d	fix(provider): added options in instagram provider (#1570 )	2021-03-23 22:28:54 +01:00
Balázs Orbán	985f7b3431	fix(logger): properly end request every time (#1557 ) * fix(logger): properly end request every time * chore: fix linting	2021-03-20 10:08:12 +01:00
Max	237b016378	fix(provider): reject access token if slack login flow was canceled (#1544 ) * fix: reject access token if slack login flow was canceled * style: fix lint errors in oauth client	2021-03-18 14:59:24 +01:00
Joshua Williams	776b9480da	feat(provider): add Zoho provider (#1516 ) * feat(provider): add zoho * fix: use LF instead of CRLF * fix: crlf to lf line endings Co-authored-by: Balázs Orbán <info@balazsorban.com>	2021-03-16 19:27:11 +01:00
Honman Yau	07a3f76cb3	docs: fix typos in REST API guide (#1528 )	2021-03-16 19:25:24 +01:00
tclaude94	3726d68c49	feat(provider): add FACEIT provider (#1469 )	2021-03-16 00:00:35 +01:00
dependabot[bot]	e31db1726a	chore(deps): bump xmldom from 0.3.0 to 0.5.0 (#1510 ) Bumps [xmldom](https://github.com/xmldom/xmldom) from 0.3.0 to 0.5.0. - [Release notes](https://github.com/xmldom/xmldom/releases) - [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md) - [Commits](https://github.com/xmldom/xmldom/compare/0.3.0...0.5.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-03-13 14:19:22 +01:00
James Perkins	a241199c11	docs(tutorials): Adding two more tutorials to the list. [skip release]	2021-03-13 03:42:00 +00:00
dependabot[bot]	5385ec20a9	chore(deps): bump elliptic from 6.5.3 to 6.5.4 in /www (#1493 ) Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.3 to 6.5.4. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](https://github.com/indutny/elliptic/compare/v6.5.3...v6.5.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-03-10 22:59:10 +01:00
Balázs Orbán	810d02e671	fix(deps): upgrade to latest preact-render-to-string (#1475 )	2021-03-08 10:39:13 +01:00
Valentin Hervieu	e5535734f8	fix(client): set useSession loading state correctly (#1468 ) This is fixing #1467. The issue was due to doing the `setLoading(false)` in the finally: as we can do an early return [here](`a7e08e2a32/src/client/index.js (L100-L100)`), we would still go to the finally and mark the session as being loaded. I simply removed the `finally` block to only set the `loading` state to false when: - the data is ready - an error occures	2021-03-07 19:11:32 +01:00
Taehwan Noh	ba7aed1057	feat(provider): add Kakao provider (#1459 )	2021-03-06 21:52:39 +01:00
Balázs Orbán	a7e08e2a32	fix: make sure useSession populates session correctly (#1462 )	2021-03-06 20:02:43 +01:00
mcha	0d13040264	docs(client): fix client.md typos (#1453 )	2021-03-06 10:50:29 +01:00
Balázs Orbán	582520f8ef	chore: fix typo in feature request template	2021-03-06 00:35:09 +01:00
Sam Bauch	95942519a5	feat(provider): add Osso SAML provider (#1448 ) Co-authored-by: @sbauch	2021-03-06 00:21:38 +01:00
Balázs Orbán	f3e64f04cc	feat(client): introduce NEXTAUTH_URL_INTERNAL (#1449 ) Co-authored-by: @gergelyke	2021-03-06 00:10:36 +01:00
Balázs Orbán	ed5cc4aa65	feat(provider): add Instagram provider (#1447 ) Co-authored-by: @PolMrt pol@hey.com	2021-03-05 23:39:50 +01:00
Balázs Orbán	0e20b60229	docs(database): mention CockroachDB Co-authored-by: @jukbot <jukbot@yellotalk.co>	2021-03-05 22:52:48 +01:00
Balázs Orbán	3aee24b5dc	refactor: client improvements (#1428 ) * docs(client): add TS definitions to client * docs(client): add documentation links to public methods * refactor(client): simplify window sync, simplify logic * refactor(client): extract repeating logic to _fetchData * refactor(client): remove clientId * refactor(client): use session in Provider if passed	2021-03-05 22:47:32 +01:00
Baterka	960ca85907	fix: send only the error message in callback redirects (#1424 ) Changed `encodeURIComponent(error)` to `encodeURIComponent(error.message)` to remove prefix (such as `Error: ` and possible stack trace). Seems like better way of doing it and also safer if server throws some error with sensitive data.	2021-03-05 18:34:11 +01:00
Balázs Orbán	f960cc0f6f	chore(docs): upgrade docs dependencies	2021-03-03 20:13:46 +01:00
Balázs Orbán	0f64f3eea7	chore: don't mark bugs as stale Had a good laugh today 😄: "This is not stale. Bread goes stale. Bugs don't. They don't just magically go away because time has passed" - Unknown https://twitter.com/ericclemmons/status/1367000259046604803	2021-03-03 19:54:13 +01:00
yannicktian	71c78e8e24	feat(provider): allow disabling redirection on sign in with email (#1416 ) * feat: allow to disable client-side redirect for email provider * docs(client): mention that redirect can also be disabled for email provider * feat: only display one email input in email page	2021-03-02 22:38:02 +01:00
dependabot[bot]	d86609a2dc	chore(deps): bump prismjs from 1.22.0 to 1.23.0 in /www (#1409 ) Bumps [prismjs](https://github.com/PrismJS/prism) from 1.22.0 to 1.23.0. - [Release notes](https://github.com/PrismJS/prism/releases) - [Changelog](https://github.com/PrismJS/prism/blob/master/CHANGELOG.md) - [Commits](https://github.com/PrismJS/prism/compare/v1.22.0...v1.23.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-03-01 22:52:46 +01:00
Joost van Wollingen	d0c3400d30	docs(page): Remove unnecessary context param (#1406 ) ...when calling providers in the docs	2021-03-01 21:39:03 +01:00
Praneeth	172e79cb04	fix(page): add character encoding and page titles (#1380 ) * added character encoding fix * changed multi-line to inline and added title param to send fn in src/server/pages/index.js * modified the return object of renderPage in src/server/pages/index.js	2021-03-01 21:17:51 +01:00
Balázs Orbán	46d5c76605	docs: reword callbacks.md Explain the `jwt()` callback before the `session()` callback, as it comes first in the flow.	2021-02-28 18:05:10 +01:00
Zach White	438efd8a9b	docs: reword pages.md (#1386 ) language edits	2021-02-27 23:43:45 +01:00
Balázs Orbán	d8d497cc91	feat(provider): call generateVerificationToken async (#1378 )	2021-02-27 23:33:26 +01:00
Pop Stefan	6152c8afbb	docs: added refresh token tutorial link in faq page (#1385 )	2021-02-27 20:24:09 +01:00
Balázs Orbán	5ae6f6118c	docs: add missing comma Thx @followbl 😺	2021-02-25 23:29:33 +01:00
sid	96ff048b59	fix(provider): use correct file type for Discord profile img (#1365 )	2021-02-23 21:39:27 +01:00
Ariel Weingarten	e80f6e936d	docs(provider): Update twitch.md (#1353 ) State what redirect URL to add to the Twitch console.	2021-02-22 20:04:38 +01:00
Lawrence Chen	6b5a215fb2	docs(tutorials): refresh token rotation (#1310 ) * docs(tutorials): refresh token rotation * use simple initialization * be optimistic Co-authored-by: Balázs Orbán <info@balazsorban.com> * add yarn.lock to .gitignore Co-authored-by: Balázs Orbán <info@balazsorban.com>	2021-02-21 22:30:01 +01:00
Balázs Orbán	782482b9f4	feat: make tokens available in profile callback (#1329 ) * feat: make access_token available in profile callback * docs(provider): mention access_token param in profile callback * feat: send all available tokens to provider.profile	2021-02-20 22:58:48 +01:00
Balázs Orbán	2d364f246a	docs: tweak release badges	2021-02-17 19:14:45 +01:00
Balázs Orbán	564b342f69	fix(docs): generate providers on docosaurus start	2021-02-16 15:42:27 +01:00
Balázs Orbán	63638d81dc	docs: add sponsoring information	2021-02-16 15:42:27 +01:00
Balázs Orbán	28683015f1	docs: add links to README badges	2021-02-16 10:34:54 +01:00
Balázs Orbán	726c49603d	chore: make next a prerelease channel	2021-02-16 10:20:46 +01:00
Balázs Orbán	a7113c6d3e	chore: trigger release on main branch	2021-02-16 09:50:19 +01:00
Balázs Orbán	910514c6e2	chore: trigger release action on next branch	2021-02-15 21:51:17 +01:00