mirror of
https://github.com/SrIzan10/next-auth.git
synced 2026-05-01 10:55:20 +00:00
b5e1b19771
* WIP use `Request` and `Response` for core * bump Next.js * rename ts types * refactor * simplify * upgrade Next.js * implement body reader * use `Request`/`Response` in `next-auth/next` * make linter happy * revert * fix tests * remove workaround for middleware return type * return session in protected api route example * don't export internal handler * fall back host to localhost * refactor `getBody` * refactor `next-auth/next` * chore: add `@edge-runtime/jest-environment` * fix tests, using Node 18 as runtime * fix test * remove patch * upgrade/add dependencies * type and default import on one line * don't import all adapters by default in dev * simplify internal endpoint config Instead of passing url and params around as a string and an object, we parse them into a `URL` instance. * assert if both endpoint and issuer config is missing * allow internal redirect to be `URL` * mark clientId as always internally, fix comments * add web-compatible authorization URL handling * fix type * fix neo4j build * remove new-line * reduce file changes in the PR * simplify types * refactor `crypto` usage In Node.js, inject `globalThis.crypto` instead of import * add `next-auth/web` * refactor * send header instead of body to indicate redirect response * fix eslint * fix tests * chore: upgrade dep * fix import * refactor: more renames * wip core * support OIDC * remove `openid-client` * temprarily remove duplicate logos * revert * move redirect logic to core * feat: add sveltekit auth * wip fix css * revert Logo component * output ESM * fix logout * deprecate OAuth 1, simplify internals, improve defaults * refactor providers, test facebook * fix providers * target es2020 * fix CSS * fix AuthHandler, add getServerSession * update lock file * make logos optional * sync with `next-auth` * clean up `next-auth/edge` * sync * Sync (#2) * fix(core): properly construct url (#5984) * chore(release): bump package version(s) [skip ci] * fix(core): add protocol if missing * fix(core): throw error if no action can be determined * test(core): fix test * chore(release): bump package version(s) [skip ci] * chore(docs): add new tutorial (#5604) Co-authored-by: Nico Domino <yo@ndo.dev> * fix(core): handle `Request` -> `Response` regressions (#5991) * fix(next): don't override `Content-Type` by `unstable_getServerSession` * fix(core): handle `,` while setting `set-cookie` * chore(release): bump package version(s) [skip ci] * fix(sequelize): increase sequelize `id_token` column length (#5929) Co-authored-by: Nico Domino <yo@ndo.dev> * fix(core): correct status code when returning redirects (#6004) * fix(core): correctly set status when returning redirect * update tests * forward other headers * update test * remove default 200 status * fix(core): host detection/NEXTAUTH_URL (#6007) * rename `host` to `origin` internally * rename `userOptions` to `authOptions` internally * use object for `headers` internally * default `method` to GET * simplify `unstable_getServerSession` * allow optional headers * revert middleware * wip getURL * revert host detection * use old `detectHost` * fix/add some tests wip * move more to core, refactor getURL * better type auth actions * fix custom path support (w/ api/auth) * add `getURL` tests * fix email tests * fix assert tests * custom base without api/auth, with trailing slash * remove parseUrl from assert.ts * return 400 when wrong url * fix tests * refactor * fix protocol in dev * fix tests * fix custom url handling * add todo comments * chore(release): bump package version(s) [skip ci] * update lock file * fix(next): correctly bundle next-auth/middleware fixes #6025 * fix(core): preserve incoming set cookies (#6029) * fix(core): preserve `set-cookie` by the user * add test * improve req/res mocking * refactor * fix comment typo * chore(release): bump package version(s) [skip ci] * make logos optional * sync with `next-auth` * clean up `next-auth/edge` * sync Co-authored-by: Balázs Orbán <balazsorban44@users.noreply.github.com> Co-authored-by: Thomas Desmond <24610108+thomas-desmond@users.noreply.github.com> Co-authored-by: Nico Domino <yo@ndo.dev> Co-authored-by: Cyril Perraud <perraud.cyril@gmail.com> * merge * clean up sveltekit auth handler * upgrade playground to latest * upgrade sveltekit auth to latest * Some more refactoring * feat: extract type to core and reuse in sveltekit * remove uuid * make secret required in dev * remove todo comments * pass through OAuth client options * generate declaration map * default env secret to AUTH_SECRET * temporary Headers fix * move pages to lib * move errors to lib * move pages/index to lib * move routes to lib * move init to lib * move styles to lib * move types to lib * move utils to lib * fix imports * update ignore/clean patterns * fix imports * update styles ts * update gitignore * update exports field * revert `next-auth` * remove extra tsconfig files * remove `private` from package.json * revert * feat sveltekit * commit * remove unused file, expose type * remove nextauth_url, memoize locals.getSession * move to dependency * fix * format * fix post build * simplify * fix lock file * add packages/frameworks * update package.json * update gitignore * Delete .gitignore * Update types.ts * Update tsconfig.dev.json * skip test * format * skip format/lint Co-authored-by: Balázs Orbán <info@balazsorban.com> Co-authored-by: Balázs Orbán <balazsorban44@users.noreply.github.com> Co-authored-by: Thomas Desmond <24610108+thomas-desmond@users.noreply.github.com> Co-authored-by: Nico Domino <yo@ndo.dev> Co-authored-by: Cyril Perraud <perraud.cyril@gmail.com>
SvelteKit + NextAuth.js Playground
NextAuth.js is committed to bringing easy authentication to other frameworks. https://github.com/nextauthjs/next-auth/issues/2294
SvelteKit support with NextAuth.js is currently experimental. This directory contains a minimal, proof-of-concept application. Parts of this is expected to be abstracted away into a package like @next-auth/sveltekit
Running this Demo
- Copy
.env.exampleto.env - In
.env, setGITHUB_CLIENT_IDandGITHUB_CLIENT_SECRET- See https://docs.github.com/en/developers/apps/building-oauth-apps/creating-an-oauth-app)
- When creating the OAuth app, set "Homepage URL" to
http://localhost:5173and Authorization callack URL tohttp://localhost:5173/api/auth/callback/github
- In
.env, setNEXTAUTH_SECRETto any random string - Build and run the application:
yarn build && yarn start
Existing Project
Add API Route
To add NextAuth.js to a project create a file called [...nextauth]/+server.js in routes/api/auth. This contains the dynamic route handler for NextAuth.js which will also contain all of your global NextAuth.js configurations.
import { NextAuth, options } from "$lib/next-auth"
export const { GET, POST } = NextAuth(options)
Add hook
import type { Handle } from "@sveltejs/kit"
import { getServerSession, options as nextAuthOptions } from "$lib/next-auth"
export const handle: Handle = async function handle({
event,
resolve,
}): Promise<Response> {
const session = await getServerSession(event.request, nextAuthOptions)
event.locals.session = session
return resolve(event)
}
Load Session from Primary Layout
// src/lib/routes/+layout.server.ts
import type { LayoutServerLoad } from "./$types"
export const load: LayoutServerLoad = ({ locals }) => {
return {
session: locals.session,
}
}
Protecting a Route
// src/lib/routes/protected/+page.ts
import { redirect } from "@sveltejs/kit"
import type { PageLoad } from "./$types"
export const load: PageLoad = async ({ parent }) => {
const { session } = await parent()
if (!session?.user) {
throw redirect(302, "/")
}
return {}
}