mirror of
https://github.com/SrIzan10/next-auth.git
synced 2026-05-01 10:55:20 +00:00
a2e5afa162
A living session could be a requirement for specific pages (like dashboards). If it doesn’t exist, the user should be redirected to a page asking them to sign in again.
Sometimes, a user might log out by accident, or by deleting cookies on purpose. If that happens (e.g. on a separate tab), then `useSession({ required: true })` should detect the absence of a session cookie and always return a non-nullable Session object type.
When `required: true` is set, the default behavior will be to redirect the user to the sign-in page. This can be overridden by an `action()` callback:
```js
const session = useSession({
required: true,
action() {
// ....
}
})
if (session.status === "Loading") return "Loading or not authenticated..."
// session.data is always defined here.
```
Co-authored-by: Kristóf Poduszló <kripod@protonmail.com>
Co-authored-by: Lluis Agusti <hi@llu.lu>
BREAKING CHANGE:
The `useSession` hook now returns an object. Here is how to accommodate for this change:
```diff
- const [ session, loading ] = useSession()
+ const { data: session, status } = useSession()
+ const loading = status === "loading"
```
With the new `status` option, you can test states much more clearly.
179 lines
4.9 KiB
TypeScript
179 lines
4.9 KiB
TypeScript
import * as React from "react"
|
|
import { IncomingMessage } from "http"
|
|
import { Session } from "."
|
|
import { ProviderType } from "./providers"
|
|
import { SessionContextValue } from "internals/react"
|
|
|
|
export interface CtxOrReq {
|
|
req?: IncomingMessage
|
|
ctx?: { req: IncomingMessage }
|
|
}
|
|
|
|
/***************
|
|
* Session types
|
|
**************/
|
|
|
|
export type GetSessionOptions = CtxOrReq & {
|
|
event?: "storage" | "timer" | "hidden" | string
|
|
triggerEvent?: boolean
|
|
}
|
|
|
|
export interface UseSessionOptions<R extends boolean> {
|
|
required: R
|
|
/** Defaults to `signIn` */
|
|
action?(): void
|
|
}
|
|
|
|
/**
|
|
* React Hook that gives you access
|
|
* to the logged in user's session data.
|
|
*
|
|
* [Documentation](https://next-auth.js.org/getting-started/client#usesession)
|
|
*/
|
|
export function useSession<R extends boolean>(
|
|
options?: UseSessionOptions<R>
|
|
): SessionContextValue<R>
|
|
|
|
export function getSession(options?: GetSessionOptions): Promise<Session | null>
|
|
|
|
/*******************
|
|
* CSRF Token types
|
|
******************/
|
|
|
|
/**
|
|
* Returns the current Cross Site Request Forgery Token (CSRF Token)
|
|
* required to make POST requests (e.g. for signing in and signing out).
|
|
* You likely only need to use this if you are not using the built-in
|
|
* `signIn()` and `signOut()` methods.
|
|
*
|
|
* [Documentation](https://next-auth.js.org/getting-started/client#getcsrftoken)
|
|
*/
|
|
export function getCsrfToken(ctxOrReq?: CtxOrReq): Promise<string | null>
|
|
|
|
/******************
|
|
* Providers types
|
|
*****************/
|
|
|
|
export interface ClientSafeProvider {
|
|
id: string
|
|
name: string
|
|
type: ProviderType
|
|
signinUrl: string
|
|
callbackUrl: string
|
|
}
|
|
|
|
/**
|
|
* It calls `/api/auth/providers` and returns
|
|
* a list of the currently configured authentication providers.
|
|
* It can be useful if you are creating a dynamic custom sign in page.
|
|
*
|
|
* [Documentation](https://next-auth.js.org/getting-started/client#getproviders)
|
|
*/
|
|
export function getProviders(): Promise<Record<
|
|
string,
|
|
ClientSafeProvider
|
|
> | null>
|
|
|
|
/****************
|
|
* Sign in types
|
|
***************/
|
|
|
|
export type RedirectableProvider = "email" | "credentials"
|
|
|
|
export type SignInProvider = RedirectableProvider | string | undefined
|
|
|
|
export interface SignInOptions extends Record<string, unknown> {
|
|
/**
|
|
* Defaults to the current URL.
|
|
* @docs https://next-auth.js.org/getting-started/client#specifying-a-callbackurl
|
|
*/
|
|
callbackUrl?: string
|
|
/** @docs https://next-auth.js.org/getting-started/client#using-the-redirect-false-option */
|
|
redirect?: boolean
|
|
}
|
|
|
|
export interface SignInResponse {
|
|
error: string | undefined
|
|
status: number
|
|
ok: boolean
|
|
url: string | null
|
|
}
|
|
|
|
/** Match `inputType` of `new URLSearchParams(inputType)` */
|
|
export type SignInAuthorisationParams =
|
|
| string
|
|
| string[][]
|
|
| Record<string, string>
|
|
| URLSearchParams
|
|
|
|
/**
|
|
* Client-side method to initiate a signin flow
|
|
* or send the user to the signin page listing all possible providers.
|
|
* Automatically adds the CSRF token to the request.
|
|
*
|
|
* [Documentation](https://next-auth.js.org/getting-started/client#signin)
|
|
*/
|
|
export function signIn<P extends SignInProvider = undefined>(
|
|
provider?: P,
|
|
options?: SignInOptions,
|
|
authorizationParams?: SignInAuthorisationParams
|
|
): Promise<
|
|
P extends RedirectableProvider ? SignInResponse | undefined : undefined
|
|
>
|
|
|
|
/****************
|
|
* Sign out types
|
|
****************/
|
|
|
|
/** @docs https://next-auth.js.org/getting-started/client#using-the-redirect-false-option-1 */
|
|
export interface SignOutResponse {
|
|
url: string
|
|
}
|
|
|
|
export interface SignOutParams<R extends boolean = true> {
|
|
/** @docs https://next-auth.js.org/getting-started/client#specifying-a-callbackurl-1 */
|
|
callbackUrl?: string
|
|
/** @docs https://next-auth.js.org/getting-started/client#using-the-redirect-false-option-1 */
|
|
redirect?: R
|
|
}
|
|
|
|
/**
|
|
* Signs the user out, by removing the session cookie.
|
|
* Automatically adds the CSRF token to the request.
|
|
*
|
|
* [Documentation](https://next-auth.js.org/getting-started/client#signout)
|
|
*/
|
|
export function signOut<R extends boolean = true>(
|
|
params?: SignOutParams<R>
|
|
): Promise<R extends true ? undefined : SignOutResponse>
|
|
|
|
/************************
|
|
* SessionProvider types
|
|
***********************/
|
|
|
|
/** @docs: https://next-auth.js.org/getting-started/client#options */
|
|
export interface SessionProviderProps {
|
|
session?: Session
|
|
baseUrl?: string
|
|
basePath?: string
|
|
/**
|
|
* The amount of time (in seconds) after a session should be considered stale.
|
|
* If set to `0` (default), the session will never be re-fetched.
|
|
*/
|
|
staleTime?: number
|
|
/**
|
|
* A time interval (in seconds) after which the session will be re-fetched.
|
|
* If set to `0` (default), the session is not polled.
|
|
*/
|
|
refetchInterval?: number
|
|
}
|
|
|
|
/**
|
|
* Provider to wrap the app in to make session data available globally.
|
|
* Can also be used to throttle the number of requests to the endpoint
|
|
* `/api/auth/session`.
|
|
*
|
|
* [Documentation](https://next-auth.js.org/getting-started/client#sessionprovider)
|
|
*/
|
|
export const SessionProvider: React.FC<SessionProviderProps>
|