@opensaas/keystone-nextjs-auth 15.0.0 → 18.0.0

package/CHANGELOG.md

@@ -1,5 +1,29 @@
 # @opensaas-keystone/nextjs-auth
 
+## 18.0.0
+
+### Major Changes
+
+- cff5031: Upgrade to `"@keystone-next/keystone": "^29.0.0"` see https://keystonejs.com/releases/2021-11-24 for more information
+
+## 17.0.0
+
+### Major Changes
+
+- c619df8: Upgrade to `"@keystone-next/keystone": "28.0.0"`
+
+## 16.0.1
+
+### Patch Changes
+
+- 2e3ae54: Fix Nullish coalescing operator in next-config for older versions of node
+
+## 16.0.0
+
+### Major Changes
+
+- eaea6af: Upgrade to Keystone 27
+
 ## 15.0.0
 
 ### Major Changes

package/dist/declarations/src/gql/getBaseAuthSchema.d.ts

@@ -1,6 +1,14 @@
-import type { GraphQLSchemaExtension } from '@keystone-next/keystone/types';
-import { AuthGqlNames } from '../types';
-export declare function getBaseAuthSchema<I extends string, S extends string>({ listKey, gqlNames, }: {
-    listKey: string;
-    gqlNames: AuthGqlNames;
-}): GraphQLSchemaExtension;
+import type { ItemRootValue } from '@keystone-next/keystone/types';
+import { graphql } from '@keystone-next/keystone';
+import { AuthGqlNames } from '../types';
+export declare function getBaseAuthSchema({ listKey, gqlNames, base, }: {
+    listKey: string;
+    gqlNames: AuthGqlNames;
+    base: graphql.BaseSchemaMeta;
+}): {
+    extension: {
+        query: {
+            authenticatedItem: import("@graphql-ts/schema").Field<unknown, {}, import("@graphql-ts/schema").UnionType<ItemRootValue, import("@keystone-next/keystone/types").KeystoneContext>, string, import("@keystone-next/keystone/types").KeystoneContext>;
+        };
+    };
+};

package/dist/declarations/src/index.d.ts

@@ -1,12 +1,12 @@
-import { BaseGeneratedListTypes, KeystoneConfig } from '@keystone-next/keystone/types';
-import { AuthConfig, KeystoneAuthConfig } from './types';
-export declare const nextAuthProviders: import("next-auth/providers").BuiltInProviders;
-/**
- * createAuth function
- *
- * Generates config for Keystone to implement standard auth features.
- */
-export type { NextAuthProviders, KeystoneAuthConfig } from './types';
-export declare function createAuth<GeneratedListTypes extends BaseGeneratedListTypes>({ listKey, identityField, sessionData, autoCreate, userMap, accountMap, profileMap, keystonePath, providers, }: AuthConfig<GeneratedListTypes>): {
-    withAuth: (keystoneConfig: KeystoneConfig) => KeystoneAuthConfig;
-};
+import { BaseGeneratedListTypes, KeystoneConfig } from '@keystone-next/keystone/types';
+import { AuthConfig, KeystoneAuthConfig } from './types';
+export declare const nextAuthProviders: import("next-auth/providers").BuiltInProviders;
+/**
+ * createAuth function
+ *
+ * Generates config for Keystone to implement standard auth features.
+ */
+export type { NextAuthProviders, KeystoneAuthConfig } from './types';
+export declare function createAuth<GeneratedListTypes extends BaseGeneratedListTypes>({ listKey, identityField, sessionData, autoCreate, userMap, accountMap, profileMap, keystonePath, providers, }: AuthConfig<GeneratedListTypes>): {
+    withAuth: (keystoneConfig: KeystoneConfig) => KeystoneAuthConfig;
+};

package/dist/declarations/src/lib/findMatchingIdentity.d.ts

@@ -1,8 +1,8 @@
-import { AuthTokenRequestErrorCode } from '../types';
-export declare function findMatchingIdentity(identityField: string, identity: string | number, queryAPI: any): Promise<{
-    success: false;
-    code: AuthTokenRequestErrorCode;
-} | {
-    success: true;
-    item: any;
-}>;
+import { AuthTokenRequestErrorCode } from '../types';
+export declare function findMatchingIdentity(identityField: string, identity: string | number, queryAPI: any): Promise<{
+    success: false;
+    code: AuthTokenRequestErrorCode;
+} | {
+    success: true;
+    item: any;
+}>;

package/dist/declarations/src/lib/validateNextAuth.d.ts

@@ -1,12 +1,12 @@
-import type { KeystoneListsAPI } from '@keystone-next/keystone/types';
-import { NextAuthErrorCode } from '../types';
-export declare function validateNextAuth(list: any, identityField: string, identity: string | number, protectIdentities: boolean, itemAPI: KeystoneListsAPI<any>[string]): Promise<{
-    success: false;
-    code: NextAuthErrorCode;
-} | {
-    success: true;
-    item: {
-        id: any;
-        [prop: string]: any;
-    };
-}>;
+import type { KeystoneListsAPI } from '@keystone-next/keystone/types';
+import { NextAuthErrorCode } from '../types';
+export declare function validateNextAuth(list: any, identityField: string, identity: string | number, protectIdentities: boolean, itemAPI: KeystoneListsAPI<any>[string]): Promise<{
+    success: false;
+    code: NextAuthErrorCode;
+} | {
+    success: true;
+    item: {
+        id: any;
+        [prop: string]: any;
+    };
+}>;

package/dist/declarations/src/pages/NextAuthPage.d.ts

@@ -1,17 +1,17 @@
-import { Provider } from 'next-auth/providers';
-import type { KeystoneListsAPI } from '@keystone-next/keystone/types';
-declare type NextAuthPageProps = {
-    identityField: string;
-    mutationName: string;
-    providers: Provider[];
-    query: KeystoneListsAPI<any>;
-    sessionData: string;
-    listKey: string;
-    autoCreate: boolean;
-    userMap: any;
-    accountMap: any;
-    profileMap: any;
-};
-export default function NextAuthPage(props: NextAuthPageProps): void | Promise<void>;
-export declare const getNextAuthPage: (props: NextAuthPageProps) => () => void | Promise<void>;
-export {};
+import { Provider } from 'next-auth/providers';
+import type { KeystoneListsAPI } from '@keystone-next/keystone/types';
+declare type NextAuthPageProps = {
+    identityField: string;
+    mutationName: string;
+    providers: Provider[];
+    query: KeystoneListsAPI<any>;
+    sessionData: string;
+    listKey: string;
+    autoCreate: boolean;
+    userMap: any;
+    accountMap: any;
+    profileMap: any;
+};
+export default function NextAuthPage(props: NextAuthPageProps): void | Promise<void>;
+export declare const getNextAuthPage: (props: NextAuthPageProps) => () => void | Promise<void>;
+export {};

package/dist/declarations/src/schema.d.ts

@@ -1,7 +1,7 @@
-import { ExtendGraphqlSchema } from '@keystone-next/keystone/types';
-import { AuthGqlNames } from './types';
-export declare const getSchemaExtension: ({ identityField, listKey, gqlNames, }: {
-    identityField: string;
-    listKey: string;
-    gqlNames: AuthGqlNames;
-}) => ExtendGraphqlSchema;
+import { ExtendGraphqlSchema } from '@keystone-next/keystone/types';
+import { AuthGqlNames } from './types';
+export declare const getSchemaExtension: ({ identityField, listKey, gqlNames, }: {
+    identityField: string;
+    listKey: string;
+    gqlNames: AuthGqlNames;
+}) => ExtendGraphqlSchema;

package/dist/declarations/src/templates/auth.d.ts

@@ -1,11 +1,11 @@
-import { AuthGqlNames } from '../types';
-export declare const authTemplate: ({ gqlNames, identityField, sessionData, listKey, autoCreate, userMap, accountMap, profileMap, }: {
-    gqlNames: AuthGqlNames;
-    identityField: string;
-    sessionData: any;
-    listKey: string;
-    autoCreate: boolean;
-    userMap: any;
-    accountMap: any;
-    profileMap: any;
-}) => string;
+import { AuthGqlNames } from '../types';
+export declare const authTemplate: ({ gqlNames, identityField, sessionData, listKey, autoCreate, userMap, accountMap, profileMap, }: {
+    gqlNames: AuthGqlNames;
+    identityField: string;
+    sessionData: any;
+    listKey: string;
+    autoCreate: boolean;
+    userMap: any;
+    accountMap: any;
+    profileMap: any;
+}) => string;

package/dist/declarations/src/templates/next-config.d.ts

@@ -1,3 +1,3 @@
-export declare const nextConfigTemplate: ({ keystonePath, }: {
-    keystonePath: string;
-}) => string;
+export declare const nextConfigTemplate: ({ keystonePath, }: {
+    keystonePath: string;
+}) => string;

package/dist/declarations/src/types.d.ts

@@ -1,53 +1,45 @@
-import { BaseGeneratedListTypes, KeystoneConfig } from '@keystone-next/keystone/types';
-import { Provider } from 'next-auth/providers';
-export declare type AuthGqlNames = {
-    CreateInitialInput: string;
-    createInitialItem: string;
-    authenticateItemWithPassword: string;
-    ItemAuthenticationWithPasswordResult: string;
-    ItemAuthenticationWithPasswordSuccess: string;
-    ItemAuthenticationWithPasswordFailure: string;
-};
-export declare type NextAuthSession = {
-    listKey: string;
-    itemId: string;
-    data: any;
-};
-export declare type NextAuthProviders = [Provider];
-declare type KeytoneAuthProviders = {
-    providers: NextAuthProviders;
-};
-export declare type KeystoneAuthConfig = KeystoneConfig & KeytoneAuthProviders;
-export declare type AuthConfig<GeneratedListTypes extends BaseGeneratedListTypes> = {
-    /** The key of the list to authenticate users with */
-    listKey: GeneratedListTypes['key'];
-    /** The path of the field the identity is stored in; must be text-ish */
-    identityField: GeneratedListTypes['fields'];
-    /** Session data population */
-    sessionData?: string;
-    /** Auth Create users in Keystone DB from Auth Provider */
-    autoCreate: boolean;
-    /** Map User in next-auth to item */
-    userMap: any;
-    /** Map Account in next-auth to item */
-    accountMap: any;
-    /** Map Profile in next-auth to item */
-    profileMap: any;
-    /** Path for Keystone interface */
-    keystonePath?: string;
-    /** Providers for Next Auth */
-    providers: NextAuthProviders;
-};
-export declare type InitFirstItemConfig<GeneratedListTypes extends BaseGeneratedListTypes> = {
-    /** Array of fields to collect, e.g ['name', 'email', 'password'] */
-    fields: GeneratedListTypes['fields'][];
-    /** Suppresses the second screen where we ask people to subscribe and follow Keystone */
-    skipKeystoneWelcome?: boolean;
-    /** Extra input to add for the create mutation */
-    itemData?: Partial<GeneratedListTypes['inputs']['create']>;
-};
-export declare type AuthTokenRequestErrorCode = 'IDENTITY_NOT_FOUND' | 'MULTIPLE_IDENTITY_MATCHES';
-export declare type PasswordAuthErrorCode = AuthTokenRequestErrorCode | 'FAILURE' | 'SECRET_NOT_SET' | 'SECRET_MISMATCH';
-export declare type NextAuthErrorCode = AuthTokenRequestErrorCode | 'FAILURE' | 'SUBJECT_NOT_FOUND';
-export declare type AuthTokenRedemptionErrorCode = AuthTokenRequestErrorCode | 'FAILURE' | 'TOKEN_NOT_SET' | 'TOKEN_MISMATCH' | 'TOKEN_EXPIRED' | 'TOKEN_REDEEMED';
-export {};
+import { BaseGeneratedListTypes, KeystoneConfig } from '@keystone-next/keystone/types';
+import { Provider } from 'next-auth/providers';
+export declare type AuthGqlNames = {
+    CreateInitialInput: string;
+    createInitialItem: string;
+    authenticateItemWithPassword: string;
+    ItemAuthenticationWithPasswordResult: string;
+    ItemAuthenticationWithPasswordSuccess: string;
+    ItemAuthenticationWithPasswordFailure: string;
+};
+export declare type NextAuthSession = {
+    listKey: string;
+    itemId: string;
+    data: any;
+};
+export declare type NextAuthProviders = [Provider];
+declare type KeytoneAuthProviders = {
+    providers: NextAuthProviders;
+};
+export declare type KeystoneAuthConfig = KeystoneConfig & KeytoneAuthProviders;
+export declare type AuthConfig<GeneratedListTypes extends BaseGeneratedListTypes> = {
+    /** The key of the list to authenticate users with */
+    listKey: GeneratedListTypes['key'];
+    /** The path of the field the identity is stored in; must be text-ish */
+    identityField: GeneratedListTypes['fields'];
+    /** Session data population */
+    sessionData?: string;
+    /** Auth Create users in Keystone DB from Auth Provider */
+    autoCreate: boolean;
+    /** Map User in next-auth to item */
+    userMap: any;
+    /** Map Account in next-auth to item */
+    accountMap: any;
+    /** Map Profile in next-auth to item */
+    profileMap: any;
+    /** Path for Keystone interface */
+    keystonePath?: string;
+    /** Providers for Next Auth */
+    providers: NextAuthProviders;
+};
+export declare type AuthTokenRequestErrorCode = 'IDENTITY_NOT_FOUND' | 'MULTIPLE_IDENTITY_MATCHES';
+export declare type PasswordAuthErrorCode = AuthTokenRequestErrorCode | 'FAILURE' | 'SECRET_NOT_SET' | 'SECRET_MISMATCH';
+export declare type NextAuthErrorCode = AuthTokenRequestErrorCode | 'FAILURE' | 'SUBJECT_NOT_FOUND';
+export declare type AuthTokenRedemptionErrorCode = AuthTokenRequestErrorCode | 'FAILURE' | 'TOKEN_NOT_SET' | 'TOKEN_MISMATCH' | 'TOKEN_EXPIRED' | 'TOKEN_REDEEMED';
+export {};

package/dist/opensaas-keystone-nextjs-auth.cjs.dev.js

@@ -13,9 +13,9 @@ var client = require('next-auth/client');
 var Providers = require('next-auth/providers');
 var cookie = require('cookie');
 var ejs = require('ejs');
-var _reduceInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/reduce');
 var _filterInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/filter');
-var merge = require('@graphql-tools/merge');
+var graphql = require('graphql');
+var keystone = require('@keystone-next/keystone');
 
 function _interopDefault (e) { return e && e.__esModule ? e : { 'default': e }; }
 
@@ -28,14 +28,12 @@ function _interopNamespace(e) {
         var d = Object.getOwnPropertyDescriptor(e, k);
         Object.defineProperty(n, k, d.get ? d : {
           enumerable: true,
-          get: function () {
-            return e[k];
-          }
+          get: function () { return e[k]; }
         });
       }
     });
   }
-  n['default'] = e;
+  n["default"] = e;
   return Object.freeze(n);
 }
 
@@ -47,7 +45,6 @@ var url__default = /*#__PURE__*/_interopDefault(url);
 var Providers__default = /*#__PURE__*/_interopDefault(Providers);
 var cookie__namespace = /*#__PURE__*/_interopNamespace(cookie);
 var ejs__default = /*#__PURE__*/_interopDefault(ejs);
-var _reduceInstanceProperty__default = /*#__PURE__*/_interopDefault(_reduceInstanceProperty);
 var _filterInstanceProperty__default = /*#__PURE__*/_interopDefault(_filterInstanceProperty);
 
 const template$1 = `
@@ -77,16 +74,36 @@ module.exports = withPreconstruct({
         /@keystone-next\\/keystone(?!\\/___internal-do-not-use-will-break-in-patch\\/admin-ui\\/id-field-view|\\/fields\\/types\\/[^\\/]+\\/views)/,
         /.prisma\\/client/
       ];
+    // we need to set these to true so that when __dirname/__filename is used
+    // to resolve the location of field views, we will get a path that we can use
+    // rather than just the __dirname/__filename of the generated file.
+    // https://webpack.js.org/configuration/node/#node__filename
+    (_config$node = config.node) !== null && _config$node !== void 0 ? _config$node : config.node = {};
+    config.node.__dirname = true;
+    config.node.__filename = true;
     }
     return config;
   },
+  <% if (keystonePath) { %>
+    <% if (process.env.NODE_ENV != 'production') { %> 
+  async rewrites() {
+    return [
+      {
+        source: '/api/__keystone_api_build',
+        destination: 'http://localhost:3000<%= keystonePath || '' %>/api/__keystone_api_build',
+        basePath: false
+      }
+    ];
+  },
+  <% }%>
   basePath: '<%= keystonePath || '' %>'
+  <% } %>
 });
 `;
 const nextConfigTemplate = ({
   keystonePath
 }) => {
-  const nextConfigOut = ejs__default['default'].render(template$1, {
+  const nextConfigOut = ejs__default["default"].render(template$1, {
     keystonePath
   });
   return nextConfigOut;
@@ -94,82 +111,74 @@ const nextConfigTemplate = ({
 
 function getBaseAuthSchema({
   listKey,
-  gqlNames
+  gqlNames,
+  base
 }) {
-  return {
-    typeDefs: `
-      # Auth
-      union AuthenticatedItem = ${listKey}
-      type Query {
-        authenticatedItem: AuthenticatedItem
-      }
-    `,
-    resolvers: {
-      Query: {
-        async authenticatedItem(root, args, {
+  const extension = {
+    query: {
+      authenticatedItem: keystone.graphql.field({
+        type: keystone.graphql.union({
+          name: 'AuthenticatedItem',
+          types: [base.object(listKey)],
+          resolveType: (root, context) => {
+            var _context$session;
+
+            return (_context$session = context.session) === null || _context$session === void 0 ? void 0 : _context$session.listKey;
+          }
+        }),
+
+        resolve(root, args, {
           session,
-          query
+          db
         }) {
           if (typeof (session === null || session === void 0 ? void 0 : session.itemId) === 'string' && typeof session.listKey === 'string') {
-            try {
-              return query[session.listKey].findOne({
-                where: {
-                  id: session.itemId
-                },
-                resolveFields: false
-              });
-            } catch (e) {
-              return null;
-            }
+            return db[session.listKey].findOne({
+              where: {
+                id: session.itemId
+              }
+            });
           }
 
           return null;
         }
 
-      },
-      AuthenticatedItem: {
-        __resolveType(rootVal, {
-          session
-        }) {
-          return session === null || session === void 0 ? void 0 : session.listKey;
-        }
-
-      },
-      // TODO: Is this the preferred approach for this?
-      [gqlNames.ItemAuthenticationWithPasswordResult]: {
-        __resolveType(rootVal) {
-          return rootVal.sessionToken ? gqlNames.ItemAuthenticationWithPasswordSuccess : gqlNames.ItemAuthenticationWithPasswordFailure;
-        }
-
-      }
+      })
     }
   };
+  return {
+    extension
+  };
 }
 
 const getSchemaExtension = ({
   identityField,
   listKey,
   gqlNames
-}) => schema => {
-  var _context, _context2;
+}) => keystone.graphql.extend(base => {
+  var _context;
+
+  const uniqueWhereInputType = graphql.assertInputObjectType(base.schema.getType(`${listKey}WhereUniqueInput`));
+  const identityFieldOnUniqueWhere = uniqueWhereInputType.getFields()[identityField];
+
+  if ((identityFieldOnUniqueWhere === null || identityFieldOnUniqueWhere === void 0 ? void 0 : identityFieldOnUniqueWhere.type) !== graphql.GraphQLString && (identityFieldOnUniqueWhere === null || identityFieldOnUniqueWhere === void 0 ? void 0 : identityFieldOnUniqueWhere.type) !== graphql.GraphQLID) {
+    throw new Error(`createAuth was called with an identityField of ${identityField} on the list ${listKey} ` + `but that field doesn't allow being searched uniquely with a String or ID. ` + `You should likely add \`isIndexed: 'unique'\` ` + `to the field at ${listKey}.${identityField}`);
+  }
 
-  return _reduceInstanceProperty__default['default'](_context = _filterInstanceProperty__default['default'](_context2 = [getBaseAuthSchema({
+  const baseSchema = getBaseAuthSchema({
     listKey,
-    gqlNames
-  })]).call(_context2, x => x)).call(_context, (s, extension) => merge.mergeSchemas(_objectSpread({
-    schemas: [s]
-  }, extension)), schema);
-};
+    gqlNames,
+    base
+  });
+  return _filterInstanceProperty__default["default"](_context = [baseSchema.extension]).call(_context, x => x !== undefined);
+});
 
 const template = `
 import getNextAuthPage from '@opensaas/keystone-nextjs-auth/pages/NextAuthPage';
-import { nextAuthProviders as Providers } from '@opensaas/keystone-nextjs-auth';
 import { query } from '.keystone/api';
 import keystoneConfig from '../../../../../keystone';
 
 export default getNextAuthPage({
         identityField: '<%= identityField %>',
-        mutationName: '<%= gqlNames.authenticateItemWithPassword %>',
         sessionData: '<%= sessionData %>',
         listKey: '<%= listKey %>',
         userMap: <%- JSON.stringify(userMap) %>,
@@ -190,7 +199,7 @@ const authTemplate = ({
   accountMap,
   profileMap
 }) => {
-  const authOut = ejs__default['default'].render(template, {
+  const authOut = ejs__default["default"].render(template, {
     gqlNames,
     identityField,
     sessionData,
@@ -204,7 +213,7 @@ const authTemplate = ({
 };
 
 const _excluded = ["get"];
-const nextAuthProviders = Providers__default['default'];
+const nextAuthProviders = Providers__default["default"];
 /**
  * createAuth function
  *
@@ -256,7 +265,7 @@ function createAuth({
       req,
       session
     } = context;
-    const pathname = url__default['default'].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
+    const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
 
     if (isValidSession) {
       if (pathname === `${customPath}/api/auth/signin`) {
@@ -269,7 +278,7 @@ function createAuth({
       return;
     }
 
-    if (!session && !_includesInstanceProperty__default['default'](pathname).call(pathname, `${customPath}/api/auth/`)) {
+    if (!session && !_includesInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`)) {
       return {
         kind: 'redirect',
         to: `${customPath}/api/auth/signin`
@@ -324,7 +333,7 @@ function createAuth({
     publicPages.push(`${customPath}/api/auth/callback/${name}`);
   }
 
-  _mapInstanceProperty__default['default'](providers).call(providers, addPages);
+  _mapInstanceProperty__default["default"](providers).call(providers, addPages);
   /**
    * extendGraphqlSchema
    *
@@ -357,7 +366,7 @@ function createAuth({
     const identityFieldConfig = listConfig.fields[identityField];
 
     if (identityFieldConfig === undefined) {
-      const i = _JSON$stringify__default['default'](identityField);
+      const i = _JSON$stringify__default["default"](identityField);
 
       const msg = `A createAuth() invocation for the "${listKey}" list specifies ${i} as its identityField but no field with that key exists on the list.`;
       throw new Error(msg);
@@ -381,9 +390,9 @@ function createAuth({
       get: async ({
         req
       }) => {
-        const pathname = url__default['default'].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
+        const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
 
-        if (_includesInstanceProperty__default['default'](pathname).call(pathname, '/api/auth')) {
+        if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth')) {
           return;
         }
 
@@ -407,7 +416,7 @@ function createAuth({
           secure: process.env.NODE_ENV === 'production',
           path: '/',
           sameSite: 'lax',
-          domain: url__default['default'].parse(req.url).hostname
+          domain: url__default["default"].parse(req.url).hostname
         }));
       }
     });
@@ -431,37 +440,33 @@ function createAuth({
     } = keystoneConfig;
 
     if (keystoneConfig.ui) {
+      var _keystoneConfig$ui;
+
       ui = _objectSpread(_objectSpread({}, keystoneConfig.ui), {}, {
         publicPages: [...(keystoneConfig.ui.publicPages || []), ...publicPages],
-        getAdditionalFiles: [...(keystoneConfig.ui.getAdditionalFiles || []), getAdditionalFiles],
+        getAdditionalFiles: [...(((_keystoneConfig$ui = keystoneConfig.ui) === null || _keystoneConfig$ui === void 0 ? void 0 : _keystoneConfig$ui.getAdditionalFiles) || []), getAdditionalFiles],
         pageMiddleware: async args => {
-          var _await$pageMiddleware, _keystoneConfig$ui, _keystoneConfig$ui$pa;
+          var _await$pageMiddleware, _keystoneConfig$ui2, _keystoneConfig$ui2$p;
 
-          return (_await$pageMiddleware = await pageMiddleware(args)) !== null && _await$pageMiddleware !== void 0 ? _await$pageMiddleware : keystoneConfig === null || keystoneConfig === void 0 ? void 0 : (_keystoneConfig$ui = keystoneConfig.ui) === null || _keystoneConfig$ui === void 0 ? void 0 : (_keystoneConfig$ui$pa = _keystoneConfig$ui.pageMiddleware) === null || _keystoneConfig$ui$pa === void 0 ? void 0 : _keystoneConfig$ui$pa.call(_keystoneConfig$ui, args);
+          return (_await$pageMiddleware = await pageMiddleware(args)) !== null && _await$pageMiddleware !== void 0 ? _await$pageMiddleware : keystoneConfig === null || keystoneConfig === void 0 ? void 0 : (_keystoneConfig$ui2 = keystoneConfig.ui) === null || _keystoneConfig$ui2 === void 0 ? void 0 : (_keystoneConfig$ui2$p = _keystoneConfig$ui2.pageMiddleware) === null || _keystoneConfig$ui2$p === void 0 ? void 0 : _keystoneConfig$ui2$p.call(_keystoneConfig$ui2, args);
         },
         enableSessionItem: true,
         isAccessAllowed: async context => {
-          var _context$req, _keystoneConfig$ui2;
+          var _context$req, _keystoneConfig$ui3;
 
           // Allow access to the adminMeta data from the /init path to correctly render that page
           // even if the user isn't logged in (which should always be the case if they're seeing /init)
           const headers = (_context$req = context.req) === null || _context$req === void 0 ? void 0 : _context$req.headers;
           const host = headers ? headers['x-forwarded-host'] || headers.host : null;
-          const thisUrl = headers !== null && headers !== void 0 && headers.referer ? new _URL__default['default'](headers.referer) : undefined;
+          const thisUrl = headers !== null && headers !== void 0 && headers.referer ? new _URL__default["default"](headers.referer) : undefined;
           const accessingInitPage = (thisUrl === null || thisUrl === void 0 ? void 0 : thisUrl.pathname) === '/init' && (thisUrl === null || thisUrl === void 0 ? void 0 : thisUrl.host) === host && (await context.sudo().query[listKey].count({})) === 0;
-          return accessingInitPage || ((_keystoneConfig$ui2 = keystoneConfig.ui) !== null && _keystoneConfig$ui2 !== void 0 && _keystoneConfig$ui2.isAccessAllowed ? keystoneConfig.ui.isAccessAllowed(context) : context.session !== undefined);
+          return accessingInitPage || ((_keystoneConfig$ui3 = keystoneConfig.ui) !== null && _keystoneConfig$ui3 !== void 0 && _keystoneConfig$ui3.isAccessAllowed ? keystoneConfig.ui.isAccessAllowed(context) : context.session !== undefined);
         }
       });
     }
 
-    let {
-      session
-    } = keystoneConfig;
-
-    if (session && sessionData) {
-      session = withItemData(session);
-    }
-
+    if (!keystoneConfig.session) throw new TypeError('Missing .session configuration');
+    const session = withItemData(keystoneConfig.session);
     const existingExtendGraphQLSchema = keystoneConfig.extendGraphqlSchema;
     return _objectSpread(_objectSpread({}, keystoneConfig), {}, {
       ui,