@opensaas/keystone-nextjs-auth 15.0.0 → 18.0.0

package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.cjs.prod.js

@@ -13,10 +13,8 @@ async function findMatchingIdentity(identityField, identity, queryAPI) {
   const item = await queryAPI.findOne({
     where: {
       [identityField]: identity
-    },
-    resolveFields: false
-  });
-  console.log(item); // Identity failures with helpful errors
+    }
+  }); // Identity failures with helpful errors
 
   let code;
 
@@ -71,7 +69,7 @@ function NextAuthPage(props) {
   const list = query[listKey];
   const queryAPI = query[listKey];
   const protectIdentities = true;
-  return NextAuth__default['default']({
+  return NextAuth__default["default"]({
     providers,
     callbacks: {
       async signIn(user, account, profile) {
@@ -128,13 +126,11 @@ function NextAuthPage(props) {
         }
       },
 
-      async redirect(url, baseUrl) {
+      async redirect(url) {
         return url;
       },
 
       async session(session, token) {
-        console.log('session:', session);
-
         const returnSession = _objectSpread(_objectSpread({}, session), {}, {
           data: token.data,
           subject: token.sub,
@@ -145,8 +141,7 @@ function NextAuthPage(props) {
         return returnSession;
       },
 
-      async jwt(token, user, account, profile, isNewUser) {
-        console.log('account:', account);
+      async jwt(token) {
         const identity = token.sub;
 
         if (!token.itemId) {
@@ -181,5 +176,5 @@ function NextAuthPage(props) {
 }
 const getNextAuthPage = props => () => NextAuthPage(_objectSpread({}, props));
 
-exports['default'] = NextAuthPage;
+exports["default"] = NextAuthPage;
 exports.getNextAuthPage = getNextAuthPage;

package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.esm.js

@@ -5,10 +5,8 @@ async function findMatchingIdentity(identityField, identity, queryAPI) {
   const item = await queryAPI.findOne({
     where: {
       [identityField]: identity
-    },
-    resolveFields: false
-  });
-  console.log(item); // Identity failures with helpful errors
+    }
+  }); // Identity failures with helpful errors
 
   let code;
 
@@ -120,13 +118,11 @@ function NextAuthPage(props) {
         }
       },
 
-      async redirect(url, baseUrl) {
+      async redirect(url) {
         return url;
       },
 
       async session(session, token) {
-        console.log('session:', session);
-
         const returnSession = _objectSpread(_objectSpread({}, session), {}, {
           data: token.data,
           subject: token.sub,
@@ -137,8 +133,7 @@ function NextAuthPage(props) {
         return returnSession;
       },
 
-      async jwt(token, user, account, profile, isNewUser) {
-        console.log('account:', account);
+      async jwt(token) {
         const identity = token.sub;
 
         if (!token.itemId) {

package/src/gql/getBaseAuthSchema.ts

@@ -1,57 +1,38 @@
-import type {
-  GraphQLSchemaExtension,
-  KeystoneContext,
-} from '@keystone-next/keystone/types';
+import type { ItemRootValue } from '@keystone-next/keystone/types';
+import { graphql } from '@keystone-next/keystone';
 
 import { AuthGqlNames } from '../types';
 
-export function getBaseAuthSchema<I extends string, S extends string>({
+export function getBaseAuthSchema({
   listKey,
   gqlNames,
+  base,
 }: {
   listKey: string;
   gqlNames: AuthGqlNames;
-}): GraphQLSchemaExtension {
-  return {
-    typeDefs: `
-      # Auth
-      union AuthenticatedItem = ${listKey}
-      type Query {
-        authenticatedItem: AuthenticatedItem
-      }
-    `,
-    resolvers: {
-      Query: {
-        async authenticatedItem(root, args, { session, query }: KeystoneContext) {
+  base: graphql.BaseSchemaMeta;
+}) {
+  const extension = {
+    query: {
+      authenticatedItem: graphql.field({
+        type: graphql.union({
+          name: 'AuthenticatedItem',
+          types: [base.object(listKey) as graphql.ObjectType<ItemRootValue>],
+          resolveType: (root, context) => context.session?.listKey,
+        }),
+        resolve(root, args, { session, db }) {
           if (
             typeof session?.itemId === 'string' &&
             typeof session.listKey === 'string'
           ) {
-            try {
-              return query[session.listKey].findOne({
-                where: { id: session.itemId },
-                resolveFields: false,
-              });
-            } catch (e) {
-              return null;
-            }
+            return db[session.listKey].findOne({
+              where: { id: session.itemId },
+            });
           }
           return null;
         },
-      },
-      AuthenticatedItem: {
-        __resolveType(rootVal: any, { session }: KeystoneContext) {
-          return session?.listKey;
-        },
-      },
-      // TODO: Is this the preferred approach for this?
-      [gqlNames.ItemAuthenticationWithPasswordResult]: {
-        __resolveType(rootVal: any) {
-          return rootVal.sessionToken
-            ? gqlNames.ItemAuthenticationWithPasswordSuccess
-            : gqlNames.ItemAuthenticationWithPasswordFailure;
-        },
-      },
+      }),
     },
   };
+  return { extension };
 }

package/src/index.ts

@@ -236,7 +236,7 @@ export function createAuth<GeneratedListTypes extends BaseGeneratedListTypes>({
         ...keystoneConfig.ui,
         publicPages: [...(keystoneConfig.ui.publicPages || []), ...publicPages],
         getAdditionalFiles: [
-          ...(keystoneConfig.ui.getAdditionalFiles || []),
+          ...(keystoneConfig.ui?.getAdditionalFiles || []),
           getAdditionalFiles,
         ],
         pageMiddleware: async (args) =>
@@ -266,10 +266,11 @@ export function createAuth<GeneratedListTypes extends BaseGeneratedListTypes>({
         },
       };
     }
-    let { session } = keystoneConfig;
-    if (session && sessionData) {
-      session = withItemData(session);
-    }
+
+    if (!keystoneConfig.session)
+      throw new TypeError('Missing .session configuration');
+    const session = withItemData(keystoneConfig.session);
+
     const existingExtendGraphQLSchema = keystoneConfig.extendGraphqlSchema;
     return {
       ...keystoneConfig,

package/src/lib/findMatchingIdentity.ts

@@ -10,10 +10,7 @@ export async function findMatchingIdentity(
 > {
   const item = await queryAPI.findOne({
     where: { [identityField]: identity },
-    resolveFields: false,
   });
-  console.log(item);
-
   // Identity failures with helpful errors
   let code: AuthTokenRequestErrorCode | undefined;
   if (!item) {

package/src/pages/NextAuthPage.tsx

@@ -94,11 +94,10 @@ export default function NextAuthPage(props: NextAuthPageProps) {
           return result.success;
         }
       },
-      async redirect(url, baseUrl) {
+      async redirect(url) {
         return url;
       },
       async session(session: any, token: any) {
-        console.log('session:', session);
         const returnSession = {
           ...session,
           data: token.data,
@@ -108,9 +107,7 @@ export default function NextAuthPage(props: NextAuthPageProps) {
         };
         return returnSession;
       },
-      async jwt(token, user, account, profile, isNewUser) {
-        console.log('account:', account);
-
+      async jwt(token) {
         const identity = token.sub;
         if (!token.itemId) {
           const result = await validateNextAuth(

package/src/schema.ts

@@ -1,28 +1,43 @@
-import { mergeSchemas } from '@graphql-tools/merge';
 import { ExtendGraphqlSchema } from '@keystone-next/keystone/types';
 
+import { assertInputObjectType, GraphQLString, GraphQLID } from 'graphql';
+import { graphql } from '@keystone-next/keystone';
 import { AuthGqlNames } from './types';
 import { getBaseAuthSchema } from './gql/getBaseAuthSchema';
 
-export const getSchemaExtension =
-  ({
-    identityField,
-    listKey,
-    gqlNames,
-  }: {
-    identityField: string;
-    listKey: string;
-    gqlNames: AuthGqlNames;
-  }): ExtendGraphqlSchema =>
-  (schema) =>
-    [
-      getBaseAuthSchema({
-        listKey,
-        gqlNames,
-      }),
-    ]
-      .filter((x) => x)
-      .reduce(
-        (s, extension) => mergeSchemas({ schemas: [s], ...extension }),
-        schema
+export const getSchemaExtension = ({
+  identityField,
+  listKey,
+  gqlNames,
+}: {
+  identityField: string;
+  listKey: string;
+  gqlNames: AuthGqlNames;
+}): ExtendGraphqlSchema =>
+  graphql.extend((base) => {
+    const uniqueWhereInputType = assertInputObjectType(
+      base.schema.getType(`${listKey}WhereUniqueInput`)
+    );
+    const identityFieldOnUniqueWhere =
+      uniqueWhereInputType.getFields()[identityField];
+    if (
+      identityFieldOnUniqueWhere?.type !== GraphQLString &&
+      identityFieldOnUniqueWhere?.type !== GraphQLID
+    ) {
+      throw new Error(
+        `createAuth was called with an identityField of ${identityField} on the list ${listKey} ` +
+        `but that field doesn't allow being searched uniquely with a String or ID. ` +
+        `You should likely add \`isIndexed: 'unique'\` ` +
+        `to the field at ${listKey}.${identityField}`
       );
+    }
+    const baseSchema = getBaseAuthSchema({
+      listKey,
+      gqlNames,
+      base,
+    });
+
+    return [baseSchema.extension].filter(
+      (x): x is Exclude<typeof x, undefined> => x !== undefined
+    );
+  });

package/src/templates/auth.ts

@@ -3,13 +3,11 @@ import { AuthGqlNames } from '../types';
 
 const template = `
 import getNextAuthPage from '@opensaas/keystone-nextjs-auth/pages/NextAuthPage';
-import { nextAuthProviders as Providers } from '@opensaas/keystone-nextjs-auth';
 import { query } from '.keystone/api';
 import keystoneConfig from '../../../../../keystone';
 
 export default getNextAuthPage({
         identityField: '<%= identityField %>',
-        mutationName: '<%= gqlNames.authenticateItemWithPassword %>',
         sessionData: '<%= sessionData %>',
         listKey: '<%= listKey %>',
         userMap: <%- JSON.stringify(userMap) %>,

package/src/templates/next-config.ts

@@ -27,10 +27,30 @@ module.exports = withPreconstruct({
         /@keystone-next\\/keystone(?!\\/___internal-do-not-use-will-break-in-patch\\/admin-ui\\/id-field-view|\\/fields\\/types\\/[^\\/]+\\/views)/,
         /.prisma\\/client/
       ];
+    // we need to set these to true so that when __dirname/__filename is used
+    // to resolve the location of field views, we will get a path that we can use
+    // rather than just the __dirname/__filename of the generated file.
+    // https://webpack.js.org/configuration/node/#node__filename
+    (_config$node = config.node) !== null && _config$node !== void 0 ? _config$node : config.node = {};
+    config.node.__dirname = true;
+    config.node.__filename = true;
     }
     return config;
   },
+  <% if (keystonePath) { %>
+    <% if (process.env.NODE_ENV != 'production') { %> 
+  async rewrites() {
+    return [
+      {
+        source: '/api/__keystone_api_build',
+        destination: 'http://localhost:3000<%= keystonePath || '' %>/api/__keystone_api_build',
+        basePath: false
+      }
+    ];
+  },
+  <% }%>
   basePath: '<%= keystonePath || '' %>'
+  <% } %>
 });
 `;
 export const nextConfigTemplate = ({

package/src/types.ts

@@ -44,17 +44,6 @@ export type AuthConfig<GeneratedListTypes extends BaseGeneratedListTypes> = {
   providers: NextAuthProviders;
 };
 
-export type InitFirstItemConfig<
-  GeneratedListTypes extends BaseGeneratedListTypes
-  > = {
-    /** Array of fields to collect, e.g ['name', 'email', 'password'] */
-    fields: GeneratedListTypes['fields'][];
-    /** Suppresses the second screen where we ask people to subscribe and follow Keystone */
-    skipKeystoneWelcome?: boolean;
-    /** Extra input to add for the create mutation */
-    itemData?: Partial<GeneratedListTypes['inputs']['create']>;
-  };
-
 export type AuthTokenRequestErrorCode =
   | 'IDENTITY_NOT_FOUND'
   | 'MULTIPLE_IDENTITY_MATCHES';