@opensaas/keystone-nextjs-auth 22.0.0 → 22.2.1

package/CHANGELOG.md

@@ -1,5 +1,31 @@
 # @opensaas-keystone/nextjs-auth
 
+## 22.2.1
+
+### Patch Changes
+
+- 8599b89: remove global prisma client as it is not required
+
+## 22.2.0
+
+### Minor Changes
+
+- 4a2f20a: Allow custom session `get`, `start` and `end`
+
+### Patch Changes
+
+- 4a2f20a: Set prisma and query on global in dev to prevent instantiating extra `PrismaClient` instances
+
+## 22.1.0
+
+### Minor Changes
+
+- b89f4e7: Invalidate user when deleted from database
+
+### Patch Changes
+
+- b89f4e7: signin pages error fix
+
 ## 22.0.0
 
 ### Major Changes

package/dist/declarations/src/pages/NextAuthPage.d.ts

@@ -2,30 +2,29 @@ import { CookiesOptions, EventCallbacks, PagesOptions } from 'next-auth';
 import type { KeystoneListsAPI } from '@keystone-6/core/types';
 import { Provider } from 'next-auth/providers';
 import { JWTOptions } from 'next-auth/jwt';
-declare type CoreNextAuthPageProps = {
+export declare type NextAuthTemplateProps = {
     autoCreate: boolean;
+    identityField: string;
+    listKey: string;
+    sessionData: string | undefined;
+    sessionSecret: string;
+};
+export declare type CoreNextAuthPageProps = {
     cookies?: Partial<CookiesOptions>;
     events?: Partial<EventCallbacks>;
-    identityField: string;
     jwt?: Partial<JWTOptions>;
-    listKey: string;
     pages?: Partial<PagesOptions>;
-    providers?: Provider[];
+    providers: Provider[];
     resolver?: (args: {
         user: any;
         profile: any;
         account: any;
-    }) => {
+    }) => Promise<{
         [key: string]: boolean | string | number;
-    };
-    sessionData: string | undefined;
-    sessionSecret: string;
-};
-declare type NextAuthGglProps = {
-    mutationName?: string;
-    query?: KeystoneListsAPI<any>;
+    }>;
+} & NextAuthTemplateProps;
+export declare type NextAuthPageProps = CoreNextAuthPageProps & {
+    query: KeystoneListsAPI<any>;
 };
-export declare type NextAuthPageProps = CoreNextAuthPageProps & NextAuthGglProps;
 export default function NextAuthPage(props: NextAuthPageProps): any;
 export declare const getNextAuthPage: (props: NextAuthPageProps) => () => any;
-export {};

package/dist/declarations/src/templates/auth.d.ts

@@ -1,4 +1,2 @@
-import { NextAuthPageProps } from '../pages/NextAuthPage';
-declare type AuthTemplateOptions = NextAuthPageProps;
-export declare const authTemplate: ({ autoCreate, identityField, listKey, sessionData, sessionSecret, }: AuthTemplateOptions) => string;
-export {};
+import { NextAuthTemplateProps } from '../pages/NextAuthPage';
+export declare const authTemplate: ({ autoCreate, identityField, listKey, sessionData, sessionSecret, }: NextAuthTemplateProps) => string;

package/dist/declarations/src/{types.d.ts → types/index.d.ts}

@@ -21,11 +21,6 @@ export declare type AuthSessionStrategy<StoredSessionData> = {
         createContext: CreateContext;
     }) => Promise<StoredSessionData | undefined>;
 };
-export declare type NextAuthSession = {
-    listKey: string;
-    itemId: string;
-    data: any;
-};
 export declare type NextAuthProviders = Provider[];
 declare type KeytoneOAuthOptions = {
     providers: NextAuthProviders;

package/dist/opensaas-keystone-nextjs-auth.cjs.dev.js

@@ -164,8 +164,13 @@ const getSchemaExtension = ({
 
 const template = `
 import getNextAuthPage from '@opensaas/keystone-nextjs-auth/pages/NextAuthPage';
-import { query } from '.keystone/api';
 import keystoneConfig from '../../../../../keystone';
+import { PrismaClient } from '.prisma/client';
+import { createQueryAPI } from '@keystone-6/core/___internal-do-not-use-will-break-in-patch/node-api';
+
+const keystoneQueryAPI = global.keystoneQueryAPI || createQueryAPI(keystoneConfig, PrismaClient);
+
+if (process.env.NODE_ENV !== 'production') globalThis.keystoneQueryAPI = keystoneQueryAPI
 
 export default getNextAuthPage({
         autoCreate: <%= autoCreate %>,
@@ -173,7 +178,7 @@ export default getNextAuthPage({
         listKey: '<%= listKey %>',
         pages: keystoneConfig.pages,
         providers: keystoneConfig.providers,
-        query,
+        query: keystoneQueryAPI,
         resolver: keystoneConfig.resolver,
         sessionData: '<%= sessionData %>',
         sessionSecret: '<%= sessionSecret %>',
@@ -196,7 +201,7 @@ const authTemplate = ({
   return authOut;
 };
 
-const _excluded = ["get"];
+const _excluded = ["get", "end"];
 /**
  * createAuth function
  *
@@ -242,7 +247,7 @@ function createAuth({
     const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
 
     if (isValidSession) {
-      if (pathname === `${customPath}/api/auth/signin`) {
+      if (pathname === `${customPath}/api/auth/signin` || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn)) {
         return {
           kind: 'redirect',
           to: `${customPath}`
@@ -368,48 +373,64 @@ function createAuth({
 
 
   const withItemData = _sessionStrategy => {
-    const sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+    const {
+      get,
+      end
+    } = _sessionStrategy,
+          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
 
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
-      start: async () => {
-        return 'false';
-      },
       get: async ({
-        req
+        req,
+        createContext
       }) => {
         var _req$headers, _req$headers$authoriz;
 
+        const session = await get({
+          req,
+          createContext
+        });
+        const sudoContext = createContext({
+          sudo: true
+        });
         const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
+        let nextSession;
 
         if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth')) {
           return;
         }
 
         if (((_req$headers = req.headers) === null || _req$headers === void 0 ? void 0 : (_req$headers$authoriz = _req$headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
-          var _token$data;
-
-          const token = await jwt.getToken({
+          nextSession = await jwt.getToken({
             req,
             secret: sessionSecret
           });
-
-          if (token !== null && token !== void 0 && (_token$data = token.data) !== null && _token$data !== void 0 && _token$data.id) {
-            return token;
-          }
+        } else {
+          nextSession = await react.getSession({
+            req
+          });
         }
 
-        const nextSession = await react.getSession({
-          req
-        });
-
-        if (nextSession) {
-          return nextSession;
+        if (!nextSession || !nextSession.listKey || nextSession.listKey !== listKey || !nextSession.itemId || !sudoContext.query[listKey] || !nextSession.itemId) {
+          return;
         }
+
+        return _objectSpread(_objectSpread({}, nextSession), {}, {
+          data: nextSession.data,
+          listKey: nextSession.listKey,
+          itemId: nextSession.itemId
+        }, session);
       },
       end: async ({
         res,
-        req
+        req,
+        createContext
       }) => {
+        await end({
+          res,
+          req,
+          createContext
+        });
         const TOKEN_NAME = process.env.NODE_ENV === 'production' ? '__Secure-next-auth.session-token' : 'next-auth.session-token';
         res.setHeader('Set-Cookie', cookie__namespace.serialize(TOKEN_NAME, '', {
           maxAge: 0,

package/dist/opensaas-keystone-nextjs-auth.cjs.prod.js

@@ -163,8 +163,13 @@ const getSchemaExtension = ({
 
 const template = `
 import getNextAuthPage from '@opensaas/keystone-nextjs-auth/pages/NextAuthPage';
-import { query } from '.keystone/api';
 import keystoneConfig from '../../../../../keystone';
+import { PrismaClient } from '.prisma/client';
+import { createQueryAPI } from '@keystone-6/core/___internal-do-not-use-will-break-in-patch/node-api';
+
+const keystoneQueryAPI = global.keystoneQueryAPI || createQueryAPI(keystoneConfig, PrismaClient);
+
+if (process.env.NODE_ENV !== 'production') globalThis.keystoneQueryAPI = keystoneQueryAPI
 
 export default getNextAuthPage({
         autoCreate: <%= autoCreate %>,
@@ -172,7 +177,7 @@ export default getNextAuthPage({
         listKey: '<%= listKey %>',
         pages: keystoneConfig.pages,
         providers: keystoneConfig.providers,
-        query,
+        query: keystoneQueryAPI,
         resolver: keystoneConfig.resolver,
         sessionData: '<%= sessionData %>',
         sessionSecret: '<%= sessionSecret %>',
@@ -195,7 +200,7 @@ const authTemplate = ({
   return authOut;
 };
 
-const _excluded = ["get"];
+const _excluded = ["get", "end"];
 /**
  * createAuth function
  *
@@ -241,7 +246,7 @@ function createAuth({
     const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
 
     if (isValidSession) {
-      if (pathname === `${customPath}/api/auth/signin`) {
+      if (pathname === `${customPath}/api/auth/signin` || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn)) {
         return {
           kind: 'redirect',
           to: `${customPath}`
@@ -367,48 +372,64 @@ function createAuth({
 
 
   const withItemData = _sessionStrategy => {
-    const sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+    const {
+      get,
+      end
+    } = _sessionStrategy,
+          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
 
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
-      start: async () => {
-        return 'false';
-      },
       get: async ({
-        req
+        req,
+        createContext
       }) => {
         var _req$headers, _req$headers$authoriz;
 
+        const session = await get({
+          req,
+          createContext
+        });
+        const sudoContext = createContext({
+          sudo: true
+        });
         const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
+        let nextSession;
 
         if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth')) {
           return;
         }
 
         if (((_req$headers = req.headers) === null || _req$headers === void 0 ? void 0 : (_req$headers$authoriz = _req$headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
-          var _token$data;
-
-          const token = await jwt.getToken({
+          nextSession = await jwt.getToken({
             req,
             secret: sessionSecret
           });
-
-          if (token !== null && token !== void 0 && (_token$data = token.data) !== null && _token$data !== void 0 && _token$data.id) {
-            return token;
-          }
+        } else {
+          nextSession = await react.getSession({
+            req
+          });
         }
 
-        const nextSession = await react.getSession({
-          req
-        });
-
-        if (nextSession) {
-          return nextSession;
+        if (!nextSession || !nextSession.listKey || nextSession.listKey !== listKey || !nextSession.itemId || !sudoContext.query[listKey] || !nextSession.itemId) {
+          return;
         }
+
+        return _objectSpread(_objectSpread({}, nextSession), {}, {
+          data: nextSession.data,
+          listKey: nextSession.listKey,
+          itemId: nextSession.itemId
+        }, session);
       },
       end: async ({
         res,
-        req
+        req,
+        createContext
       }) => {
+        await end({
+          res,
+          req,
+          createContext
+        });
         const TOKEN_NAME = '__Secure-next-auth.session-token' ;
         res.setHeader('Set-Cookie', cookie__namespace.serialize(TOKEN_NAME, '', {
           maxAge: 0,

package/dist/opensaas-keystone-nextjs-auth.esm.js

@@ -131,8 +131,13 @@ const getSchemaExtension = ({
 
 const template = `
 import getNextAuthPage from '@opensaas/keystone-nextjs-auth/pages/NextAuthPage';
-import { query } from '.keystone/api';
 import keystoneConfig from '../../../../../keystone';
+import { PrismaClient } from '.prisma/client';
+import { createQueryAPI } from '@keystone-6/core/___internal-do-not-use-will-break-in-patch/node-api';
+
+const keystoneQueryAPI = global.keystoneQueryAPI || createQueryAPI(keystoneConfig, PrismaClient);
+
+if (process.env.NODE_ENV !== 'production') globalThis.keystoneQueryAPI = keystoneQueryAPI
 
 export default getNextAuthPage({
         autoCreate: <%= autoCreate %>,
@@ -140,7 +145,7 @@ export default getNextAuthPage({
         listKey: '<%= listKey %>',
         pages: keystoneConfig.pages,
         providers: keystoneConfig.providers,
-        query,
+        query: keystoneQueryAPI,
         resolver: keystoneConfig.resolver,
         sessionData: '<%= sessionData %>',
         sessionSecret: '<%= sessionSecret %>',
@@ -163,7 +168,7 @@ const authTemplate = ({
   return authOut;
 };
 
-const _excluded = ["get"];
+const _excluded = ["get", "end"];
 /**
  * createAuth function
  *
@@ -209,7 +214,7 @@ function createAuth({
     const pathname = url.parse(req === null || req === void 0 ? void 0 : req.url).pathname;
 
     if (isValidSession) {
-      if (pathname === `${customPath}/api/auth/signin`) {
+      if (pathname === `${customPath}/api/auth/signin` || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty(pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn)) {
         return {
           kind: 'redirect',
           to: `${customPath}`
@@ -335,48 +340,64 @@ function createAuth({
 
 
   const withItemData = _sessionStrategy => {
-    const sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+    const {
+      get,
+      end
+    } = _sessionStrategy,
+          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
 
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
-      start: async () => {
-        return 'false';
-      },
       get: async ({
-        req
+        req,
+        createContext
       }) => {
         var _req$headers, _req$headers$authoriz;
 
+        const session = await get({
+          req,
+          createContext
+        });
+        const sudoContext = createContext({
+          sudo: true
+        });
         const pathname = url.parse(req === null || req === void 0 ? void 0 : req.url).pathname;
+        let nextSession;
 
         if (_includesInstanceProperty(pathname).call(pathname, '/api/auth')) {
           return;
         }
 
         if (((_req$headers = req.headers) === null || _req$headers === void 0 ? void 0 : (_req$headers$authoriz = _req$headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
-          var _token$data;
-
-          const token = await getToken({
+          nextSession = await getToken({
             req,
             secret: sessionSecret
           });
-
-          if (token !== null && token !== void 0 && (_token$data = token.data) !== null && _token$data !== void 0 && _token$data.id) {
-            return token;
-          }
+        } else {
+          nextSession = await getSession({
+            req
+          });
         }
 
-        const nextSession = await getSession({
-          req
-        });
-
-        if (nextSession) {
-          return nextSession;
+        if (!nextSession || !nextSession.listKey || nextSession.listKey !== listKey || !nextSession.itemId || !sudoContext.query[listKey] || !nextSession.itemId) {
+          return;
         }
+
+        return _objectSpread(_objectSpread({}, nextSession), {}, {
+          data: nextSession.data,
+          listKey: nextSession.listKey,
+          itemId: nextSession.itemId
+        }, session);
       },
       end: async ({
         res,
-        req
+        req,
+        createContext
       }) => {
+        await end({
+          res,
+          req,
+          createContext
+        });
         const TOKEN_NAME = process.env.NODE_ENV === 'production' ? '__Secure-next-auth.session-token' : 'next-auth.session-token';
         res.setHeader('Set-Cookie', cookie.serialize(TOKEN_NAME, '', {
           maxAge: 0,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@opensaas/keystone-nextjs-auth",
-  "version": "22.0.0",
+  "version": "22.2.1",
   "repository": "https://github.com/opensaasau/keystone-nextjs-auth",
   "license": "MIT",
   "main": "dist/opensaas-keystone-nextjs-auth.cjs.js",
@@ -17,16 +17,14 @@
   },
   "devDependencies": {
     "@keystone-6/core": "^1.1.0",
-    "next": "12.1.0",
     "react": "^17.0.2"
   },
   "peerDependencies": {
     "@keystone-6/core": "^1.1.0",
-    "next": "12.1.0",
     "react": "^17.0.2"
   },
   "engines": {
-    "node": "^12.20 || >= 14.13"
+    "node": "^14.13 || >= 16.13"
   },
   "publishConfig": {
     "access": "public"

package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.cjs.dev.js

@@ -81,7 +81,6 @@ function NextAuthPage(props) {
   }
 
   const list = query[listKey];
-  const queryAPI = query[listKey];
   const protectIdentities = true;
   return NextAuth__default["default"]({
     cookies,
@@ -111,7 +110,7 @@ function NextAuthPage(props) {
           account,
           profile
         }) : {};
-        const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI); // ID
+        const result = await validateNextAuth(identityField, identity, protectIdentities, list); // ID
 
         const data = _objectSpread({
           [identityField]: identity
@@ -119,11 +118,9 @@ function NextAuthPage(props) {
 
         if (!result.success) {
           if (!autoCreate) {
-            console.log('`autoCreate` is set to `false`, skipping user auto-creation');
             return false;
           }
 
-          console.log('`autoCreate` is set to `true`, auto-creating a new user');
           const createUser = await list.createOne({
             data
           }).then(returned => {
@@ -132,14 +129,12 @@ function NextAuthPage(props) {
               user: returned
             };
           }).catch(error => {
-            console.log(error);
+            console.error(error);
             throw new Error(error);
           });
-          console.log('Created User', createUser);
           return createUser.success;
         }
 
-        console.log('Data', data);
         const updateUser = await list.updateOne({
           where: {
             id: result.item.id
@@ -151,7 +146,7 @@ function NextAuthPage(props) {
             user: returned
           };
         }).catch(error => {
-          console.log(error);
+          console.error(error);
           throw new Error(error);
         });
         return updateUser.success;
@@ -167,12 +162,20 @@ function NextAuthPage(props) {
         session,
         token
       }) {
-        const returnSession = _objectSpread(_objectSpread({}, session), {}, {
-          data: token.data,
-          subject: token.sub,
-          listKey: token.listKey,
-          itemId: token.itemId
-        });
+        let returnSession = session;
+
+        if (!token.itemId) {
+          return {
+            expires: '0'
+          };
+        } else {
+          returnSession = _objectSpread(_objectSpread({}, session), {}, {
+            data: token.data,
+            subject: token.sub,
+            listKey: token.listKey,
+            itemId: token.itemId
+          });
+        }
 
         return returnSession;
       },
@@ -181,26 +184,22 @@ function NextAuthPage(props) {
         token
       }) {
         const identity = token.sub;
+        const result = await validateNextAuth(identityField, identity, protectIdentities, list);
 
-        if (!token.itemId) {
-          const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI);
-
-          if (!result.success) {
-            return token;
-          }
-
+        if (!result.success) {
+          token.itemId = null;
+        } else {
           token.itemId = result.item.id;
+          const data = await query[listKey].findOne({
+            where: {
+              id: token.itemId
+            },
+            query: sessionData || 'id'
+          });
+          token.data = data;
         }
 
-        const data = await query[listKey].findOne({
-          where: {
-            id: token.itemId
-          },
-          query: sessionData || 'id'
-        });
-
         const returnToken = _objectSpread(_objectSpread({}, token), {}, {
-          data,
           subject: token.sub,
           listKey
         });

package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.cjs.prod.js

@@ -81,7 +81,6 @@ function NextAuthPage(props) {
   }
 
   const list = query[listKey];
-  const queryAPI = query[listKey];
   const protectIdentities = true;
   return NextAuth__default["default"]({
     cookies,
@@ -111,7 +110,7 @@ function NextAuthPage(props) {
           account,
           profile
         }) : {};
-        const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI); // ID
+        const result = await validateNextAuth(identityField, identity, protectIdentities, list); // ID
 
         const data = _objectSpread({
           [identityField]: identity
@@ -119,11 +118,9 @@ function NextAuthPage(props) {
 
         if (!result.success) {
           if (!autoCreate) {
-            console.log('`autoCreate` is set to `false`, skipping user auto-creation');
             return false;
           }
 
-          console.log('`autoCreate` is set to `true`, auto-creating a new user');
           const createUser = await list.createOne({
             data
           }).then(returned => {
@@ -132,14 +129,12 @@ function NextAuthPage(props) {
               user: returned
             };
           }).catch(error => {
-            console.log(error);
+            console.error(error);
             throw new Error(error);
           });
-          console.log('Created User', createUser);
           return createUser.success;
         }
 
-        console.log('Data', data);
         const updateUser = await list.updateOne({
           where: {
             id: result.item.id
@@ -151,7 +146,7 @@ function NextAuthPage(props) {
             user: returned
           };
         }).catch(error => {
-          console.log(error);
+          console.error(error);
           throw new Error(error);
         });
         return updateUser.success;
@@ -167,12 +162,20 @@ function NextAuthPage(props) {
         session,
         token
       }) {
-        const returnSession = _objectSpread(_objectSpread({}, session), {}, {
-          data: token.data,
-          subject: token.sub,
-          listKey: token.listKey,
-          itemId: token.itemId
-        });
+        let returnSession = session;
+
+        if (!token.itemId) {
+          return {
+            expires: '0'
+          };
+        } else {
+          returnSession = _objectSpread(_objectSpread({}, session), {}, {
+            data: token.data,
+            subject: token.sub,
+            listKey: token.listKey,
+            itemId: token.itemId
+          });
+        }
 
         return returnSession;
       },
@@ -181,26 +184,22 @@ function NextAuthPage(props) {
         token
       }) {
         const identity = token.sub;
+        const result = await validateNextAuth(identityField, identity, protectIdentities, list);
 
-        if (!token.itemId) {
-          const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI);
-
-          if (!result.success) {
-            return token;
-          }
-
+        if (!result.success) {
+          token.itemId = null;
+        } else {
           token.itemId = result.item.id;
+          const data = await query[listKey].findOne({
+            where: {
+              id: token.itemId
+            },
+            query: sessionData || 'id'
+          });
+          token.data = data;
         }
 
-        const data = await query[listKey].findOne({
-          where: {
-            id: token.itemId
-          },
-          query: sessionData || 'id'
-        });
-
         const returnToken = _objectSpread(_objectSpread({}, token), {}, {
-          data,
           subject: token.sub,
           listKey
         });

package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.esm.js

@@ -73,7 +73,6 @@ function NextAuthPage(props) {
   }
 
   const list = query[listKey];
-  const queryAPI = query[listKey];
   const protectIdentities = true;
   return NextAuth({
     cookies,
@@ -103,7 +102,7 @@ function NextAuthPage(props) {
           account,
           profile
         }) : {};
-        const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI); // ID
+        const result = await validateNextAuth(identityField, identity, protectIdentities, list); // ID
 
         const data = _objectSpread({
           [identityField]: identity
@@ -111,11 +110,9 @@ function NextAuthPage(props) {
 
         if (!result.success) {
           if (!autoCreate) {
-            console.log('`autoCreate` is set to `false`, skipping user auto-creation');
             return false;
           }
 
-          console.log('`autoCreate` is set to `true`, auto-creating a new user');
           const createUser = await list.createOne({
             data
           }).then(returned => {
@@ -124,14 +121,12 @@ function NextAuthPage(props) {
               user: returned
             };
           }).catch(error => {
-            console.log(error);
+            console.error(error);
             throw new Error(error);
           });
-          console.log('Created User', createUser);
           return createUser.success;
         }
 
-        console.log('Data', data);
         const updateUser = await list.updateOne({
           where: {
             id: result.item.id
@@ -143,7 +138,7 @@ function NextAuthPage(props) {
             user: returned
           };
         }).catch(error => {
-          console.log(error);
+          console.error(error);
           throw new Error(error);
         });
         return updateUser.success;
@@ -159,12 +154,20 @@ function NextAuthPage(props) {
         session,
         token
       }) {
-        const returnSession = _objectSpread(_objectSpread({}, session), {}, {
-          data: token.data,
-          subject: token.sub,
-          listKey: token.listKey,
-          itemId: token.itemId
-        });
+        let returnSession = session;
+
+        if (!token.itemId) {
+          return {
+            expires: '0'
+          };
+        } else {
+          returnSession = _objectSpread(_objectSpread({}, session), {}, {
+            data: token.data,
+            subject: token.sub,
+            listKey: token.listKey,
+            itemId: token.itemId
+          });
+        }
 
         return returnSession;
       },
@@ -173,26 +176,22 @@ function NextAuthPage(props) {
         token
       }) {
         const identity = token.sub;
+        const result = await validateNextAuth(identityField, identity, protectIdentities, list);
 
-        if (!token.itemId) {
-          const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI);
-
-          if (!result.success) {
-            return token;
-          }
-
+        if (!result.success) {
+          token.itemId = null;
+        } else {
           token.itemId = result.item.id;
+          const data = await query[listKey].findOne({
+            where: {
+              id: token.itemId
+            },
+            query: sessionData || 'id'
+          });
+          token.data = data;
         }
 
-        const data = await query[listKey].findOne({
-          where: {
-            id: token.itemId
-          },
-          query: sessionData || 'id'
-        });
-
         const returnToken = _objectSpread(_objectSpread({}, token), {}, {
-          data,
           subject: token.sub,
           listKey
         });

package/src/index.ts

@@ -14,10 +14,11 @@ import { Provider } from 'next-auth/providers';
 
 import * as cookie from 'cookie';
 
+import { Session } from 'next-auth';
 import { nextConfigTemplate } from './templates/next-config';
 // import * as Path from 'path';
 
-import { AuthConfig, KeystoneOAuthConfig, NextAuthSession, AuthSessionStrategy } from './types';
+import { AuthConfig, KeystoneOAuthConfig, AuthSessionStrategy } from './types';
 import { getSchemaExtension } from './schema';
 import { authTemplate } from './templates/auth';
 
@@ -64,7 +65,10 @@ export function createAuth<GeneratedListTypes extends BaseListTypeInfo>({
     const pathname = url.parse(req?.url!).pathname!;
 
     if (isValidSession) {
-      if (pathname === `${customPath}/api/auth/signin`) {
+      if (
+        pathname === `${customPath}/api/auth/signin` ||
+        (pages?.signIn && pathname.includes(pages?.signIn))
+      ) {
         return { kind: 'redirect', to: `${customPath}` };
       }
       if (customPath !== '' && pathname === '/') {
@@ -189,35 +193,47 @@ export function createAuth<GeneratedListTypes extends BaseListTypeInfo>({
 */
   const withItemData = (
     _sessionStrategy: AuthSessionStrategy<Record<string, any>>
-  ): AuthSessionStrategy<NextAuthSession | never> => {
-    const { get, ...sessionStrategy } = _sessionStrategy;
+  ): AuthSessionStrategy<{ listKey: string; itemId: string; data: any }> => {
+    const { get, end, ...sessionStrategy } = _sessionStrategy;
     return {
       ...sessionStrategy,
-      start: async () => {
-        return 'false';
-      },
-      get: async ({ req }) => {
+      get: async ({ req, createContext }) => {
+        const session = await get({ req, createContext });
+        const sudoContext = createContext({ sudo: true });
         const pathname = url.parse(req?.url!).pathname!;
+        let nextSession: Session;
         if (pathname.includes('/api/auth')) {
           return;
         }
         if (req.headers?.authorization?.split(' ')[0] === 'Bearer') {
-          const token = (await getToken({
+          nextSession = (await getToken({
             req,
             secret: sessionSecret,
-          })) as NextAuthSession;
-
-          if (token?.data?.id) {
-            return token;
-          }
+          })) as Session;
+        } else {
+          nextSession = (await getSession({ req })) as Session;
         }
-        const nextSession: unknown = await getSession({ req });
 
-        if (nextSession) {
-          return nextSession as NextAuthSession;
+        if (
+          !nextSession ||
+          !nextSession.listKey ||
+          nextSession.listKey !== listKey ||
+          !nextSession.itemId ||
+          !sudoContext.query[listKey] ||
+          !nextSession.itemId
+        ) {
+          return;
         }
+        return {
+          ...nextSession,
+          data: nextSession.data,
+          listKey: nextSession.listKey,
+          itemId: nextSession.itemId,
+          ...session,
+        };
       },
-      end: async ({ res, req }) => {
+      end: async ({ res, req, createContext }) => {
+        await end({ res, req, createContext });
         const TOKEN_NAME =
           process.env.NODE_ENV === 'production'
             ? '__Secure-next-auth.session-token'

package/src/pages/NextAuthPage.tsx

@@ -4,28 +4,28 @@ import { Provider } from 'next-auth/providers';
 import { JWTOptions } from 'next-auth/jwt';
 import { validateNextAuth } from '../lib/validateNextAuth';
 
-type CoreNextAuthPageProps = {
+export type NextAuthTemplateProps = {
   autoCreate: boolean;
-  cookies?: Partial<CookiesOptions>;
-  events?: Partial<EventCallbacks>;
   identityField: string;
-  jwt?: Partial<JWTOptions>;
   listKey: string;
-  pages?: Partial<PagesOptions>;
-  providers?: Provider[];
-  resolver?: (args: { user: any; profile: any; account: any }) => {
-    [key: string]: boolean | string | number;
-  };
   sessionData: string | undefined;
   sessionSecret: string;
 };
 
-type NextAuthGglProps = {
-  mutationName?: string;
-  query?: KeystoneListsAPI<any>;
-};
+export type CoreNextAuthPageProps = {
+  cookies?: Partial<CookiesOptions>;
+  events?: Partial<EventCallbacks>;
+  jwt?: Partial<JWTOptions>;
+  pages?: Partial<PagesOptions>;
+  providers: Provider[];
+  resolver?: (args: { user: any; profile: any; account: any }) => Promise<{
+    [key: string]: boolean | string | number;
+  }>;
+} & NextAuthTemplateProps;
 
-export type NextAuthPageProps = CoreNextAuthPageProps & NextAuthGglProps;
+export type NextAuthPageProps = CoreNextAuthPageProps & {
+  query: KeystoneListsAPI<any>;
+};
 
 export default function NextAuthPage(props: NextAuthPageProps) {
   const {
@@ -54,7 +54,6 @@ export default function NextAuthPage(props: NextAuthPageProps) {
   }
 
   const list = query[listKey];
-  const queryAPI = query[listKey];
   const protectIdentities = true;
 
   return NextAuth({
@@ -76,7 +75,7 @@ export default function NextAuthPage(props: NextAuthPageProps) {
         }
         const userInput = resolver ? await resolver({ user, account, profile }) : {};
 
-        const result = await validateNextAuth(identityField, identity, protectIdentities, queryAPI);
+        const result = await validateNextAuth(identityField, identity, protectIdentities, list);
         // ID
         const data: any = {
           [identityField]: identity,
@@ -85,10 +84,8 @@ export default function NextAuthPage(props: NextAuthPageProps) {
 
         if (!result.success) {
           if (!autoCreate) {
-            console.log('`autoCreate` is set to `false`, skipping user auto-creation');
             return false;
           }
-          console.log('`autoCreate` is set to `true`, auto-creating a new user');
 
           const createUser = await list
             .createOne({ data })
@@ -96,13 +93,11 @@ export default function NextAuthPage(props: NextAuthPageProps) {
               return { success: true, user: returned };
             })
             .catch(error => {
-              console.log(error);
+              console.error(error);
               throw new Error(error);
             });
-          console.log('Created User', createUser);
           return createUser.success;
         }
-        console.log('Data', data);
 
         const updateUser = await list
           .updateOne({ where: { id: result.item.id }, data })
@@ -110,7 +105,7 @@ export default function NextAuthPage(props: NextAuthPageProps) {
             return { success: true, user: returned };
           })
           .catch(error => {
-            console.log(error);
+            console.error(error);
             throw new Error(error);
           });
         return updateUser.success;
@@ -119,37 +114,37 @@ export default function NextAuthPage(props: NextAuthPageProps) {
         return url;
       },
       async session({ session, token }) {
-        const returnSession = {
-          ...session,
-          data: token.data,
-          subject: token.sub,
-          listKey: token.listKey,
-          itemId: token.itemId,
-        };
+        let returnSession = session;
+        if (!token.itemId) {
+          return { expires: '0' };
+        } else {
+          returnSession = {
+            ...session,
+            data: token.data,
+            subject: token.sub,
+            listKey: token.listKey as string,
+            itemId: token.itemId as string,
+          };
+        }
+
         return returnSession;
       },
       async jwt({ token }) {
         const identity = token.sub as number | string;
-        if (!token.itemId) {
-          const result = await validateNextAuth(
-            identityField,
-            identity,
-            protectIdentities,
-            queryAPI
-          );
-
-          if (!result.success) {
-            return token;
-          }
+        const result = await validateNextAuth(identityField, identity, protectIdentities, list);
+
+        if (!result.success) {
+          token.itemId = null;
+        } else {
           token.itemId = result.item.id;
+          const data = await query[listKey].findOne({
+            where: { id: token.itemId },
+            query: sessionData || 'id',
+          });
+          token.data = data;
         }
-        const data = await query[listKey].findOne({
-          where: { id: token.itemId },
-          query: sessionData || 'id',
-        });
         const returnToken = {
           ...token,
-          data,
           subject: token.sub,
           listKey,
         };

package/src/templates/auth.ts

@@ -1,10 +1,15 @@
 import ejs from 'ejs';
-import { NextAuthPageProps } from '../pages/NextAuthPage';
+import { NextAuthTemplateProps } from '../pages/NextAuthPage';
 
 const template = `
 import getNextAuthPage from '@opensaas/keystone-nextjs-auth/pages/NextAuthPage';
-import { query } from '.keystone/api';
 import keystoneConfig from '../../../../../keystone';
+import { PrismaClient } from '.prisma/client';
+import { createQueryAPI } from '@keystone-6/core/___internal-do-not-use-will-break-in-patch/node-api';
+
+const keystoneQueryAPI = global.keystoneQueryAPI || createQueryAPI(keystoneConfig, PrismaClient);
+
+if (process.env.NODE_ENV !== 'production') globalThis.keystoneQueryAPI = keystoneQueryAPI
 
 export default getNextAuthPage({
         autoCreate: <%= autoCreate %>,
@@ -12,22 +17,20 @@ export default getNextAuthPage({
         listKey: '<%= listKey %>',
         pages: keystoneConfig.pages,
         providers: keystoneConfig.providers,
-        query,
+        query: keystoneQueryAPI,
         resolver: keystoneConfig.resolver,
         sessionData: '<%= sessionData %>',
         sessionSecret: '<%= sessionSecret %>',
     });
   `;
 
-type AuthTemplateOptions = NextAuthPageProps;
-
 export const authTemplate = ({
   autoCreate,
   identityField,
   listKey,
   sessionData,
   sessionSecret,
-}: AuthTemplateOptions) => {
+}: NextAuthTemplateProps) => {
   const authOut = ejs.render(template, {
     identityField,
     sessionData,

package/src/{types.ts → types/index.ts}

@@ -23,8 +23,6 @@ export declare type AuthSessionStrategy<StoredSessionData> = {
   }) => Promise<StoredSessionData | undefined>;
 };
 
-export type NextAuthSession = { listKey: string; itemId: string; data: any };
-
 export type NextAuthProviders = Provider[];
 
 type KeytoneOAuthOptions = {

package/src/types/next-auth.d.ts

@@ -0,0 +1,19 @@
+import NextAuth from 'next-auth';
+import { JWT } from 'next-auth/jwt';
+
+declare module 'next-auth' {
+  interface JWT {
+    data?: any | undefined;
+    subject?: string | undefined;
+    listKey?: string;
+    itemId?: string | undefined;
+    name?: string | null | undefined;
+    email?: string | null | undefined;
+    picture?: string | null | undefined;
+    sub?: string | null | undefined;
+    expires?: string | null | undefined;
+  }
+  interface Session extends JWT {
+    user?: any;
+  }
+}