@opensaas/keystone-nextjs-auth 20.5.0 → 21.0.0

package/src/pages/NextAuthPage.tsx

@@ -1,43 +1,74 @@
-import NextAuth from 'next-auth';
+import NextAuth, {
+  CookiesOptions,
+  EventCallbacks,
+  PagesOptions,
+} from 'next-auth';
 import type { KeystoneListsAPI } from '@keystone-6/core/types';
 import { Provider } from 'next-auth/providers';
+import { JWTOptions } from 'next-auth/jwt';
 import { validateNextAuth } from '../lib/validateNextAuth';
 
-// Need to bring in correct props
-type NextAuthPageProps = {
+// TODO: See if possible to merge with `type AuthConfig`
+type CoreNextAuthPageProps = {
+  autoCreate: boolean;
+  cookies?: Partial<CookiesOptions>;
+  events?: Partial<EventCallbacks>;
   identityField: string;
-  mutationName: string;
-  providers: Provider[];
-  query: KeystoneListsAPI<any>;
-  sessionData: string;
+  jwt?: Partial<JWTOptions>;
   listKey: string;
-  autoCreate: boolean;
-  userMap: any;
-  accountMap: any;
-  profileMap: any;
+  pages?: Partial<PagesOptions>;
+  providers?: Provider[];
+  resolver?: Function | undefined;
+  sessionData: string | undefined;
   sessionSecret: string;
 };
 
+type NextAuthGglProps = {
+  mutationName?: string;
+  query?: KeystoneListsAPI<any>;
+};
+
+export type NextAuthPageProps = CoreNextAuthPageProps & NextAuthGglProps;
+
 export default function NextAuthPage(props: NextAuthPageProps) {
   const {
+    autoCreate,
+    cookies,
+    events,
+    identityField,
+    jwt,
+    listKey,
+    pages,
     providers,
     query,
-    identityField,
+    resolver,
     sessionData,
-    listKey,
-    autoCreate,
-    userMap,
-    accountMap,
-    profileMap,
     sessionSecret,
   } = props;
+  // TODO: (v1.1). https://github.com/ijsto/keystone-6-oauth/projects/1#card-78602004
+  console.log('NextAuthPages... ', pages);
+
+  if (!query) {
+    console.error('NextAuthPage got no query.');
+    return null;
+  }
+
+  if (!providers || !providers.length) {
+    console.error('You need to provide at least one provider.');
+    return null;
+  }
+
   const list = query[listKey];
   const queryAPI = query[listKey];
   const protectIdentities = true;
 
   return NextAuth({
-    secret: sessionSecret,
+    cookies,
     providers,
+    pages: pages || {},
+    events: events || {},
+    jwt: jwt || {},
+    secret: sessionSecret,
     callbacks: {
       async signIn({ user, account, profile }) {
         let identity;
@@ -48,31 +79,21 @@ export default function NextAuthPage(props: NextAuthPageProps) {
         } else {
           identity = 0;
         }
+        const userInput = resolver
+          ? await resolver({ user, account, profile })
+          : {};
+
         const result = await validateNextAuth(
           identityField,
           identity,
           protectIdentities,
           queryAPI
         );
-        const data: any = {};
-        // eslint-disable-next-line no-restricted-syntax
-        for (const key in userMap) {
-          if (Object.prototype.hasOwnProperty.call(userMap, key)) {
-            data[key] = user[userMap[key]];
-          }
-        }
-        // eslint-disable-next-line no-restricted-syntax
-        for (const key in accountMap) {
-          if (Object.prototype.hasOwnProperty.call(accountMap, key)) {
-            data[key] = account[accountMap[key]];
-          }
-        }
-        // eslint-disable-next-line no-restricted-syntax
-        for (const key in profileMap) {
-          if (Object.prototype.hasOwnProperty.call(profileMap, key)) {
-            data[key] = profile[profileMap[key]];
-          }
-        }
+        // ID
+        const data: any = {
+          [identityField]: identity,
+          ...userInput,
+        };
 
         if (!result.success) {
           if (!autoCreate) {
@@ -125,7 +146,7 @@ export default function NextAuthPage(props: NextAuthPageProps) {
           );
 
           if (!result.success) {
-            return { result: false };
+            return token;
           }
           token.itemId = result.item.id;
         }

package/src/schema.ts

@@ -1,39 +1,17 @@
 import { ExtendGraphqlSchema } from '@keystone-6/core/types';
 
-import { assertInputObjectType, GraphQLString, GraphQLID } from 'graphql';
 import { graphql } from '@keystone-6/core';
-import { AuthGqlNames } from './types';
 import { getBaseAuthSchema } from './gql/getBaseAuthSchema';
 
 export const getSchemaExtension = ({
-  identityField,
   listKey,
-  gqlNames,
 }: {
   identityField: string;
   listKey: string;
-  gqlNames: AuthGqlNames;
 }): ExtendGraphqlSchema =>
   graphql.extend((base) => {
-    const uniqueWhereInputType = assertInputObjectType(
-      base.schema.getType(`${listKey}WhereUniqueInput`)
-    );
-    const identityFieldOnUniqueWhere =
-      uniqueWhereInputType.getFields()[identityField];
-    if (
-      identityFieldOnUniqueWhere?.type !== GraphQLString &&
-      identityFieldOnUniqueWhere?.type !== GraphQLID
-    ) {
-      throw new Error(
-        `createAuth was called with an identityField of ${identityField} on the list ${listKey} ` +
-          `but that field doesn't allow being searched uniquely with a String or ID. ` +
-          `You should likely add \`isIndexed: 'unique'\` ` +
-          `to the field at ${listKey}.${identityField}`
-      );
-    }
     const baseSchema = getBaseAuthSchema({
       listKey,
-      gqlNames,
       base,
     });
 

package/src/templates/auth.ts

@@ -1,5 +1,5 @@
 import ejs from 'ejs';
-import { AuthGqlNames } from '../types';
+import { NextAuthPageProps } from '../pages/NextAuthPage';
 
 const template = `
 import getNextAuthPage from '@opensaas/keystone-nextjs-auth/pages/NextAuthPage';
@@ -7,49 +7,32 @@ import { query } from '.keystone/api';
 import keystoneConfig from '../../../../../keystone';
 
 export default getNextAuthPage({
+        autoCreate: <%= autoCreate %>,
         identityField: '<%= identityField %>',
-        sessionData: '<%= sessionData %>',
         listKey: '<%= listKey %>',
-        userMap: <%- JSON.stringify(userMap) %>,
-        accountMap: <%- JSON.stringify(accountMap) %>,
-        profileMap: <%- JSON.stringify(profileMap) %>,
-        autoCreate: <%= autoCreate %>,
-        sessionSecret: '<%= sessionSecret %>',
+        pages: keystoneConfig.pages,
         providers: keystoneConfig.providers,
         query,
+        resolver: keystoneConfig.resolver,
+        sessionData: '<%= sessionData %>',
+        sessionSecret: '<%= sessionSecret %>',
     });
   `;
 
+type AuthTemplateOptions = NextAuthPageProps;
+
 export const authTemplate = ({
-  gqlNames,
+  autoCreate,
   identityField,
-  sessionData,
   listKey,
-  autoCreate,
-  userMap,
-  accountMap,
-  profileMap,
+  sessionData,
   sessionSecret,
-}: {
-  gqlNames: AuthGqlNames;
-  identityField: string;
-  sessionData: any;
-  listKey: string;
-  autoCreate: boolean;
-  userMap: any;
-  accountMap: any;
-  profileMap: any;
-  sessionSecret: string;
-}) => {
+}: AuthTemplateOptions) => {
   const authOut = ejs.render(template, {
-    gqlNames,
     identityField,
     sessionData,
     listKey,
     autoCreate,
-    userMap,
-    accountMap,
-    profileMap,
     sessionSecret,
   });
   return authOut;

package/src/templates/next-config.ts

@@ -9,6 +9,9 @@ module.exports = withPreconstruct({
   typescript: {
     ignoreBuildErrors: true,
   },
+  env: {
+    NEXTAUTH_URL: process.env.NEXTAUTH_URL || 'http://localhost:<%= process.env.PORT || 3000 %><%= keystonePath || '' %>/api/auth',
+  },
   eslint: {
     ignoreDuringBuilds: true,
   },

package/src/types.ts

@@ -1,44 +1,43 @@
 import { BaseListTypeInfo, KeystoneConfig } from '@keystone-6/core/types';
+import { CookiesOptions, PagesOptions } from 'next-auth';
 import { Provider } from 'next-auth/providers';
 
-export type AuthGqlNames = {
-  CreateInitialInput: string;
-  createInitialItem: string;
-  authenticateItemWithPassword: string;
-  ItemAuthenticationWithPasswordResult: string;
-  ItemAuthenticationWithPasswordSuccess: string;
-  ItemAuthenticationWithPasswordFailure: string;
-};
-
 export type NextAuthSession = { listKey: string; itemId: string; data: any };
 
 export type NextAuthProviders = Provider[];
 
-type KeytoneAuthProviders = {
+type KeytoneOAuthOptions = {
   providers: NextAuthProviders;
+  pages?: Partial<PagesOptions>;
+};
+type NextAuthOptions = {
+  cookies?: Partial<CookiesOptions>;
+  resolver: any;
 };
 
-export type KeystoneAuthConfig = KeystoneConfig & KeytoneAuthProviders;
+export type KeystoneOAuthConfig = KeystoneConfig &
+  KeytoneOAuthOptions &
+  NextAuthOptions;
 
 export type AuthConfig<GeneratedListTypes extends BaseListTypeInfo> = {
+  /** Auth Create users in Keystone DB from Auth Provider */
+  autoCreate: boolean;
+  /** Adds ability to customize cookie options, for example, to facilitate cross-subdomain functionality */
+  cookies?: Partial<CookiesOptions>;
   /** The key of the list to authenticate users with */
   listKey: GeneratedListTypes['key'];
   /** The path of the field the identity is stored in; must be text-ish */
   identityField: GeneratedListTypes['fields'];
-  /** Session data population */
-  sessionData?: string;
-  /** Auth Create users in Keystone DB from Auth Provider */
-  autoCreate: boolean;
-  /** Map User in next-auth to item */
-  userMap: any;
-  /** Map Account in next-auth to item */
-  accountMap: any;
-  /** Map Profile in next-auth to item */
-  profileMap: any;
   /** Path for Keystone interface */
   keystonePath?: string;
+  // Custom pages for different NextAuth events
+  pages?: any; // TODO: Fix types
   /** Providers for Next Auth */
   providers: NextAuthProviders;
+  /** Resolver for user to define their profile */
+  resolver?: Function | undefined;
+  /** Session data population */
+  sessionData?: string | undefined;
   /** Next-Auth Session Secret */
   sessionSecret: string;
 };

package/src/gql/getInitFirstItemSchema.ts

@@ -1,81 +0,0 @@
-import type {
-  GraphQLSchemaExtension,
-  KeystoneContext,
-} from '@keystone-6/core/types';
-import {
-  assertInputObjectType,
-  GraphQLInputObjectType,
-  GraphQLSchema,
-  printType,
-} from 'graphql';
-
-import { AuthGqlNames, InitFirstItemConfig } from '../types';
-
-export function getInitFirstItemSchema({
-  listKey,
-  fields,
-  itemData,
-  gqlNames,
-  graphQLSchema,
-}: {
-  listKey: string;
-  fields: InitFirstItemConfig<any>['fields'];
-  itemData: InitFirstItemConfig<any>['itemData'];
-  gqlNames: AuthGqlNames;
-  graphQLSchema: GraphQLSchema;
-}): GraphQLSchemaExtension {
-  const createInputConfig = assertInputObjectType(
-    graphQLSchema.getType(`${listKey}CreateInput`)
-  ).toConfig();
-  const fieldsSet = new Set<any>(fields);
-  const initialCreateInput = printType(
-    new GraphQLInputObjectType({
-      ...createInputConfig,
-      fields: Object.fromEntries(
-        Object.entries(createInputConfig.fields).filter(([fieldKey]) =>
-          fieldsSet.has(fieldKey)
-        )
-      ),
-      name: gqlNames.CreateInitialInput,
-    })
-  );
-  return {
-    typeDefs: `
-        ${initialCreateInput}
-        type Mutation {
-          ${gqlNames.createInitialItem}(data: ${gqlNames.CreateInitialInput}!): ${gqlNames.ItemAuthenticationWithPasswordSuccess}!
-        }
-      `,
-    resolvers: {
-      Mutation: {
-        async [gqlNames.createInitialItem](
-          root: any,
-          { data }: { data: Record<string, any> },
-          context: KeystoneContext
-        ) {
-          if (!context.startSession) {
-            throw new Error('No session implementation available on context');
-          }
-
-          const dbItemAPI = context.sudo().db[listKey];
-          const count = await dbItemAPI.count({});
-          if (count !== 0) {
-            throw new Error(
-              'Initial items can only be created when no items exist in that list'
-            );
-          }
-
-          // Update system state
-          const item = await dbItemAPI.createOne({
-            data: { ...data, ...itemData },
-          });
-          const sessionToken = await context.startSession({
-            listKey,
-            itemId: item.id,
-          });
-          return { item, sessionToken };
-        },
-      },
-    },
-  };
-}