@opensaas/keystone-nextjs-auth 20.1.1 → 20.4.0

package/CHANGELOG.md

@@ -1,5 +1,27 @@
 # @opensaas-keystone/nextjs-auth
 
+## 20.4.0
+
+### Minor Changes
+
+- 80ba444: Add `getToken` to keystone `get session` to enable JWT in Authorization header
+
+## 20.3.0
+
+### Minor Changes
+
+- 34e9932: Fix up stale next session - session is now refreshed on change of data
+
+## 20.2.0
+
+### Minor Changes
+
+- 844f069: Generate NodeAPI by def, minor cleanups
+
+### Patch Changes
+
+- 6d63b1f: Minor Patch upgrades
+
 ## 20.1.1
 
 ### Patch Changes

package/dist/declarations/src/lib/validateNextAuth.d.ts

@@ -1,6 +1,6 @@
 import type { KeystoneListsAPI } from '@keystone-6/core/types';
 import { NextAuthErrorCode } from '../types';
-export declare function validateNextAuth(list: any, identityField: string, identity: string | number, protectIdentities: boolean, itemAPI: KeystoneListsAPI<any>[string]): Promise<{
+export declare function validateNextAuth(identityField: string, identity: string | number, protectIdentities: boolean, itemAPI: KeystoneListsAPI<any>[string]): Promise<{
     success: false;
     code: NextAuthErrorCode;
 } | {

package/dist/declarations/src/types.d.ts

@@ -13,7 +13,7 @@ export declare type NextAuthSession = {
     itemId: string;
     data: any;
 };
-export declare type NextAuthProviders = [Provider];
+export declare type NextAuthProviders = Provider[];
 declare type KeytoneAuthProviders = {
     providers: NextAuthProviders;
 };

package/dist/opensaas-keystone-nextjs-auth.cjs.dev.js

@@ -10,6 +10,7 @@ var _JSON$stringify = require('@babel/runtime-corejs3/core-js-stable/json/string
 var _URL = require('@babel/runtime-corejs3/core-js-stable/url');
 var url = require('url');
 var react = require('next-auth/react');
+var jwt = require('next-auth/jwt');
 var cookie = require('cookie');
 var ejs = require('ejs');
 var _filterInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/filter');
@@ -213,7 +214,7 @@ const authTemplate = ({
   return authOut;
 };
 
-const _excluded = ["get"];
+const _excluded = ["get", "start"];
 /**
  * createAuth function
  *
@@ -397,18 +398,39 @@ function createAuth({
 
 
   const withItemData = _sessionStrategy => {
-    const sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+    const {
+      get,
+      start
+    } = _sessionStrategy,
+          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
 
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
+      start,
       get: async ({
         req
       }) => {
+        var _req$headers$authoriz;
+
         const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
 
         if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth')) {
           return;
         }
 
+        if (((_req$headers$authoriz = req.headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
+          var _token$data;
+
+          const request = req;
+          const token = await jwt.getToken({
+            req: request,
+            secret: sessionSecret
+          });
+
+          if (token !== null && token !== void 0 && (_token$data = token.data) !== null && _token$data !== void 0 && _token$data.id) {
+            return token;
+          }
+        }
+
         const nextSession = await react.getSession({
           req
         });
@@ -490,6 +512,9 @@ function createAuth({
       session,
       providers,
       lists: _objectSpread({}, keystoneConfig.lists),
+      experimental: _objectSpread(_objectSpread({}, keystoneConfig.experimental), {}, {
+        generateNodeAPI: true
+      }),
       extendGraphqlSchema: existingExtendGraphQLSchema ? schema => existingExtendGraphQLSchema(extendGraphqlSchema(schema)) : extendGraphqlSchema
     });
   };

package/dist/opensaas-keystone-nextjs-auth.cjs.prod.js

@@ -10,6 +10,7 @@ var _JSON$stringify = require('@babel/runtime-corejs3/core-js-stable/json/string
 var _URL = require('@babel/runtime-corejs3/core-js-stable/url');
 var url = require('url');
 var react = require('next-auth/react');
+var jwt = require('next-auth/jwt');
 var cookie = require('cookie');
 var ejs = require('ejs');
 var _filterInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/filter');
@@ -213,7 +214,7 @@ const authTemplate = ({
   return authOut;
 };
 
-const _excluded = ["get"];
+const _excluded = ["get", "start"];
 /**
  * createAuth function
  *
@@ -397,18 +398,39 @@ function createAuth({
 
 
   const withItemData = _sessionStrategy => {
-    const sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+    const {
+      get,
+      start
+    } = _sessionStrategy,
+          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
 
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
+      start,
       get: async ({
         req
       }) => {
+        var _req$headers$authoriz;
+
         const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
 
         if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth')) {
           return;
         }
 
+        if (((_req$headers$authoriz = req.headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
+          var _token$data;
+
+          const request = req;
+          const token = await jwt.getToken({
+            req: request,
+            secret: sessionSecret
+          });
+
+          if (token !== null && token !== void 0 && (_token$data = token.data) !== null && _token$data !== void 0 && _token$data.id) {
+            return token;
+          }
+        }
+
         const nextSession = await react.getSession({
           req
         });
@@ -486,6 +508,9 @@ function createAuth({
       session,
       providers,
       lists: _objectSpread({}, keystoneConfig.lists),
+      experimental: _objectSpread(_objectSpread({}, keystoneConfig.experimental), {}, {
+        generateNodeAPI: true
+      }),
       extendGraphqlSchema: existingExtendGraphQLSchema ? schema => existingExtendGraphQLSchema(extendGraphqlSchema(schema)) : extendGraphqlSchema
     });
   };

package/dist/opensaas-keystone-nextjs-auth.esm.js

@@ -6,6 +6,7 @@ import _JSON$stringify from '@babel/runtime-corejs3/core-js-stable/json/stringif
 import _URL from '@babel/runtime-corejs3/core-js-stable/url';
 import url from 'url';
 import { getSession } from 'next-auth/react';
+import { getToken } from 'next-auth/jwt';
 import * as cookie from 'cookie';
 import ejs from 'ejs';
 import _filterInstanceProperty from '@babel/runtime-corejs3/core-js-stable/instance/filter';
@@ -180,7 +181,7 @@ const authTemplate = ({
   return authOut;
 };
 
-const _excluded = ["get"];
+const _excluded = ["get", "start"];
 /**
  * createAuth function
  *
@@ -364,18 +365,39 @@ function createAuth({
 
 
   const withItemData = _sessionStrategy => {
-    const sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+    const {
+      get,
+      start
+    } = _sessionStrategy,
+          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
 
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
+      start,
       get: async ({
         req
       }) => {
+        var _req$headers$authoriz;
+
         const pathname = url.parse(req === null || req === void 0 ? void 0 : req.url).pathname;
 
         if (_includesInstanceProperty(pathname).call(pathname, '/api/auth')) {
           return;
         }
 
+        if (((_req$headers$authoriz = req.headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
+          var _token$data;
+
+          const request = req;
+          const token = await getToken({
+            req: request,
+            secret: sessionSecret
+          });
+
+          if (token !== null && token !== void 0 && (_token$data = token.data) !== null && _token$data !== void 0 && _token$data.id) {
+            return token;
+          }
+        }
+
         const nextSession = await getSession({
           req
         });
@@ -457,6 +479,9 @@ function createAuth({
       session,
       providers,
       lists: _objectSpread({}, keystoneConfig.lists),
+      experimental: _objectSpread(_objectSpread({}, keystoneConfig.experimental), {}, {
+        generateNodeAPI: true
+      }),
       extendGraphqlSchema: existingExtendGraphQLSchema ? schema => existingExtendGraphQLSchema(extendGraphqlSchema(schema)) : extendGraphqlSchema
     });
   };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@opensaas/keystone-nextjs-auth",
-  "version": "20.1.1",
+  "version": "20.4.0",
   "repository": "https://github.com/opensaasau/keystone-nextjs-auth",
   "license": "MIT",
   "main": "dist/opensaas-keystone-nextjs-auth.cjs.js",
@@ -10,11 +10,11 @@
     "@babel/runtime-corejs3": "^7.16.8",
     "@types/ejs": "^3.1.0",
     "cookie": "^0.4.1",
-    "cross-fetch": "^3.1.4",
+    "cross-fetch": "^3.1.5",
     "ejs": "^3.1.6",
     "fast-deep-equal": "^3.1.3",
     "graphql": "^15.8.0",
-    "next-auth": "^4.1.0"
+    "next-auth": "^4.1.2"
   },
   "devDependencies": {
     "@keystone-6/core": "^1.0.1",

package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.cjs.dev.js

@@ -37,7 +37,7 @@ async function findMatchingIdentity(identityField, identity, queryAPI) {
   };
 }
 
-async function validateNextAuth(list, identityField, identity, protectIdentities, itemAPI) {
+async function validateNextAuth(identityField, identity, protectIdentities, itemAPI) {
   const match = await findMatchingIdentity(identityField, identity, itemAPI);
   const {
     item
@@ -87,9 +87,11 @@ function NextAuthPage(props) {
           identity = user.id;
         } else if (typeof user.id === 'number') {
           identity = user.id;
+        } else {
+          identity = 0;
         }
 
-        const result = await validateNextAuth(list, identityField, identity, protectIdentities, queryAPI);
+        const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI);
         const data = {}; // eslint-disable-next-line no-restricted-syntax
 
         for (const key in userMap) {
@@ -114,11 +116,11 @@ function NextAuthPage(props) {
 
         if (!result.success) {
           if (!autoCreate) {
-            console.log('False');
+            console.log('`autoCreate` if set to `false`, skipping user auto-creation');
             return false;
           }
 
-          console.log('Create User');
+          console.log('`autoCreate` if set to `true`, auto-creating a new user');
           const createUser = await list.createOne({
             data
           }).then(returned => {
@@ -130,10 +132,10 @@ function NextAuthPage(props) {
           });
           console.log('Created User', createUser);
           return createUser;
-        } else {
-          // await list.updateOne({where: {id: result.item.id}, data});
-          return result.success;
-        }
+        } // await list.updateOne({where: {id: result.item.id}, data});
+
+
+        return result.success;
       },
 
       async redirect({
@@ -162,30 +164,29 @@ function NextAuthPage(props) {
         const identity = token.sub;
 
         if (!token.itemId) {
-          const result = await validateNextAuth(list, identityField, identity, protectIdentities, queryAPI);
+          const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI);
 
           if (!result.success) {
-            return;
+            return token;
           }
 
-          const data = await query[listKey].findOne({
-            where: {
-              id: result.item.id
-            },
-            query: sessionData || 'id'
-          });
+          token.itemId = result.item.id;
+        }
 
-          const returnToken = _objectSpread(_objectSpread({}, token), {}, {
-            data,
-            subject: token.sub,
-            listKey,
-            itemId: result.item.id.toString()
-          });
+        const data = await query[listKey].findOne({
+          where: {
+            id: token.itemId
+          },
+          query: sessionData || 'id'
+        });
 
-          return returnToken;
-        }
+        const returnToken = _objectSpread(_objectSpread({}, token), {}, {
+          data,
+          subject: token.sub,
+          listKey
+        });
 
-        return token;
+        return returnToken;
       }
 
     }

package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.cjs.prod.js

@@ -37,7 +37,7 @@ async function findMatchingIdentity(identityField, identity, queryAPI) {
   };
 }
 
-async function validateNextAuth(list, identityField, identity, protectIdentities, itemAPI) {
+async function validateNextAuth(identityField, identity, protectIdentities, itemAPI) {
   const match = await findMatchingIdentity(identityField, identity, itemAPI);
   const {
     item
@@ -87,9 +87,11 @@ function NextAuthPage(props) {
           identity = user.id;
         } else if (typeof user.id === 'number') {
           identity = user.id;
+        } else {
+          identity = 0;
         }
 
-        const result = await validateNextAuth(list, identityField, identity, protectIdentities, queryAPI);
+        const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI);
         const data = {}; // eslint-disable-next-line no-restricted-syntax
 
         for (const key in userMap) {
@@ -114,11 +116,11 @@ function NextAuthPage(props) {
 
         if (!result.success) {
           if (!autoCreate) {
-            console.log('False');
+            console.log('`autoCreate` if set to `false`, skipping user auto-creation');
             return false;
           }
 
-          console.log('Create User');
+          console.log('`autoCreate` if set to `true`, auto-creating a new user');
           const createUser = await list.createOne({
             data
           }).then(returned => {
@@ -130,10 +132,10 @@ function NextAuthPage(props) {
           });
           console.log('Created User', createUser);
           return createUser;
-        } else {
-          // await list.updateOne({where: {id: result.item.id}, data});
-          return result.success;
-        }
+        } // await list.updateOne({where: {id: result.item.id}, data});
+
+
+        return result.success;
       },
 
       async redirect({
@@ -162,30 +164,29 @@ function NextAuthPage(props) {
         const identity = token.sub;
 
         if (!token.itemId) {
-          const result = await validateNextAuth(list, identityField, identity, protectIdentities, queryAPI);
+          const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI);
 
           if (!result.success) {
-            return;
+            return token;
           }
 
-          const data = await query[listKey].findOne({
-            where: {
-              id: result.item.id
-            },
-            query: sessionData || 'id'
-          });
+          token.itemId = result.item.id;
+        }
 
-          const returnToken = _objectSpread(_objectSpread({}, token), {}, {
-            data,
-            subject: token.sub,
-            listKey,
-            itemId: result.item.id.toString()
-          });
+        const data = await query[listKey].findOne({
+          where: {
+            id: token.itemId
+          },
+          query: sessionData || 'id'
+        });
 
-          return returnToken;
-        }
+        const returnToken = _objectSpread(_objectSpread({}, token), {}, {
+          data,
+          subject: token.sub,
+          listKey
+        });
 
-        return token;
+        return returnToken;
       }
 
     }

package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.esm.js

@@ -28,7 +28,7 @@ async function findMatchingIdentity(identityField, identity, queryAPI) {
   };
 }
 
-async function validateNextAuth(list, identityField, identity, protectIdentities, itemAPI) {
+async function validateNextAuth(identityField, identity, protectIdentities, itemAPI) {
   const match = await findMatchingIdentity(identityField, identity, itemAPI);
   const {
     item
@@ -78,9 +78,11 @@ function NextAuthPage(props) {
           identity = user.id;
         } else if (typeof user.id === 'number') {
           identity = user.id;
+        } else {
+          identity = 0;
         }
 
-        const result = await validateNextAuth(list, identityField, identity, protectIdentities, queryAPI);
+        const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI);
         const data = {}; // eslint-disable-next-line no-restricted-syntax
 
         for (const key in userMap) {
@@ -105,11 +107,11 @@ function NextAuthPage(props) {
 
         if (!result.success) {
           if (!autoCreate) {
-            console.log('False');
+            console.log('`autoCreate` if set to `false`, skipping user auto-creation');
             return false;
           }
 
-          console.log('Create User');
+          console.log('`autoCreate` if set to `true`, auto-creating a new user');
           const createUser = await list.createOne({
             data
           }).then(returned => {
@@ -121,10 +123,10 @@ function NextAuthPage(props) {
           });
           console.log('Created User', createUser);
           return createUser;
-        } else {
-          // await list.updateOne({where: {id: result.item.id}, data});
-          return result.success;
-        }
+        } // await list.updateOne({where: {id: result.item.id}, data});
+
+
+        return result.success;
       },
 
       async redirect({
@@ -153,30 +155,29 @@ function NextAuthPage(props) {
         const identity = token.sub;
 
         if (!token.itemId) {
-          const result = await validateNextAuth(list, identityField, identity, protectIdentities, queryAPI);
+          const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI);
 
           if (!result.success) {
-            return;
+            return token;
           }
 
-          const data = await query[listKey].findOne({
-            where: {
-              id: result.item.id
-            },
-            query: sessionData || 'id'
-          });
+          token.itemId = result.item.id;
+        }
 
-          const returnToken = _objectSpread(_objectSpread({}, token), {}, {
-            data,
-            subject: token.sub,
-            listKey,
-            itemId: result.item.id.toString()
-          });
+        const data = await query[listKey].findOne({
+          where: {
+            id: token.itemId
+          },
+          query: sessionData || 'id'
+        });
 
-          return returnToken;
-        }
+        const returnToken = _objectSpread(_objectSpread({}, token), {}, {
+          data,
+          subject: token.sub,
+          listKey
+        });
 
-        return token;
+        return returnToken;
       }
 
     }

package/src/index.ts

@@ -9,7 +9,10 @@ import {
   BaseKeystoneTypeInfo,
 } from '@keystone-6/core/types';
 import { getSession } from 'next-auth/react';
+import { getToken } from 'next-auth/jwt';
 import * as cookie from 'cookie';
+import { Provider } from 'next-auth/providers';
+import { NextApiRequest } from 'next';
 import { nextConfigTemplate } from './templates/next-config';
 // import * as Path from 'path';
 
@@ -136,7 +139,7 @@ export function createAuth<GeneratedListTypes extends BaseListTypeInfo>({
     `${customPath}/api/auth/providers`,
     `${customPath}/api/auth/signout`,
   ];
-  function addPages(provider) {
+  function addPages(provider: Provider) {
     const name = provider.id;
     publicPages.push(`${customPath}/api/auth/signin/${name}`);
     publicPages.push(`${customPath}/api/auth/callback/${name}`);
@@ -188,15 +191,25 @@ export function createAuth<GeneratedListTypes extends BaseListTypeInfo>({
   const withItemData = (
     _sessionStrategy: SessionStrategy<Record<string, any>>
   ): SessionStrategy<NextAuthSession | undefined> => {
-    const { get, ...sessionStrategy } = _sessionStrategy;
+    const { get, start, ...sessionStrategy } = _sessionStrategy;
     return {
       ...sessionStrategy,
+      start,
       get: async ({ req }) => {
         const pathname = url.parse(req?.url!).pathname!;
         if (pathname.includes('/api/auth')) {
           return;
         }
+        if (req.headers.authorization?.split(' ')[0] === 'Bearer') {
+          const request = req as NextApiRequest;
+          const token = await getToken({ req: request, secret: sessionSecret });
+
+          if (token?.data?.id) {
+            return token as NextAuthSession;
+          }
+        }
         const nextSession: unknown = await getSession({ req });
+
         if (nextSession) {
           return nextSession as NextAuthSession;
         }
@@ -215,7 +228,7 @@ export function createAuth<GeneratedListTypes extends BaseListTypeInfo>({
             secure: process.env.NODE_ENV === 'production',
             path: '/',
             sameSite: 'lax',
-            domain: url.parse(req.url).hostname,
+            domain: url.parse(req.url as string).hostname as string,
           })
         );
       },
@@ -292,6 +305,10 @@ export function createAuth<GeneratedListTypes extends BaseListTypeInfo>({
       lists: {
         ...keystoneConfig.lists,
       },
+      experimental: {
+        ...keystoneConfig.experimental,
+        generateNodeAPI: true,
+      },
       extendGraphqlSchema: existingExtendGraphQLSchema
         ? (schema) => existingExtendGraphQLSchema(extendGraphqlSchema(schema))
         : extendGraphqlSchema,

package/src/lib/validateNextAuth.ts

@@ -3,7 +3,6 @@ import { NextAuthErrorCode } from '../types';
 import { findMatchingIdentity } from './findMatchingIdentity';
 
 export async function validateNextAuth(
-  list: any,
   identityField: string,
   identity: string | number,
   protectIdentities: boolean,

package/src/pages/NextAuthPage.tsx

@@ -45,15 +45,16 @@ export default function NextAuthPage(props: NextAuthPageProps) {
           identity = user.id;
         } else if (typeof user.id === 'number') {
           identity = user.id;
+        } else {
+          identity = 0;
         }
         const result = await validateNextAuth(
-          list,
           identityField,
           identity,
           protectIdentities,
           queryAPI
         );
-        const data = {};
+        const data: any = {};
         // eslint-disable-next-line no-restricted-syntax
         for (const key in userMap) {
           if (Object.prototype.hasOwnProperty.call(userMap, key)) {
@@ -75,12 +76,16 @@ export default function NextAuthPage(props: NextAuthPageProps) {
 
         if (!result.success) {
           if (!autoCreate) {
-            console.log('False');
+            console.log(
+              '`autoCreate` if set to `false`, skipping user auto-creation'
+            );
             return false;
           }
-          console.log('Create User');
+          console.log(
+            '`autoCreate` if set to `true`, auto-creating a new user'
+          );
 
-          const createUser =await list
+          const createUser = await list
             .createOne({ data })
             .then((returned) => {
               console.log('User Created', JSON.stringify(returned));
@@ -90,13 +95,11 @@ export default function NextAuthPage(props: NextAuthPageProps) {
               console.log(error);
               throw new Error(error);
             });
-            console.log('Created User', createUser);
-            return createUser;
-        } else {
-          // await list.updateOne({where: {id: result.item.id}, data});
-          return result.success;
+          console.log('Created User', createUser);
+          return createUser;
         }
-        
+        // await list.updateOne({where: {id: result.item.id}, data});
+        return result.success;
       },
       async redirect({ url }) {
         return url;
@@ -112,10 +115,9 @@ export default function NextAuthPage(props: NextAuthPageProps) {
         return returnSession;
       },
       async jwt({ token }) {
-        const identity = token.sub;
+        const identity = token.sub as number | string;
         if (!token.itemId) {
           const result = await validateNextAuth(
-            list,
             identityField,
             identity,
             protectIdentities,
@@ -123,24 +125,22 @@ export default function NextAuthPage(props: NextAuthPageProps) {
           );
 
           if (!result.success) {
-            return;
+            return token;
           }
-
-          const data = await query[listKey].findOne({
-            where: { id: result.item.id },
-            query: sessionData || 'id',
-          });
-          const returnToken = {
-            ...token,
-            data,
-            subject: token.sub,
-            listKey,
-            itemId: result.item.id.toString(),
-          };
-
-          return returnToken;
+          token.itemId = result.item.id;
         }
-        return token;
+        const data = await query[listKey].findOne({
+          where: { id: token.itemId },
+          query: sessionData || 'id',
+        });
+        const returnToken = {
+          ...token,
+          data,
+          subject: token.sub,
+          listKey,
+        };
+
+        return returnToken;
       },
     },
   });

package/src/types.ts

@@ -12,7 +12,7 @@ export type AuthGqlNames = {
 
 export type NextAuthSession = { listKey: string; itemId: string; data: any };
 
-export type NextAuthProviders = [Provider];
+export type NextAuthProviders = Provider[];
 
 type KeytoneAuthProviders = {
   providers: NextAuthProviders;