@opensaas/keystone-nextjs-auth 25.0.0 → 26.0.0
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGELOG.md +17 -0
- package/README.md +15 -13
- package/dist/declarations/src/pages/NextAuthPage.d.ts +3 -3
- package/dist/declarations/src/types/index.d.ts +15 -23
- package/dist/opensaas-keystone-nextjs-auth.cjs.dev.js +57 -111
- package/dist/opensaas-keystone-nextjs-auth.cjs.prod.js +58 -106
- package/dist/opensaas-keystone-nextjs-auth.esm.js +56 -110
- package/package.json +4 -4
- package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.cjs.dev.js +7 -4
- package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.cjs.prod.js +7 -4
- package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.esm.js +7 -4
- package/src/index.ts +47 -54
- package/src/pages/NextAuthPage.tsx +8 -5
- package/src/templates/next-config.ts +5 -54
- package/src/types/index.ts +4 -19
- package/src/types/next-auth.d.ts +13 -6
@@ -7,7 +7,7 @@ var _objectWithoutProperties = require('@babel/runtime/helpers/objectWithoutProp
|
|
7
7
|
var _includesInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/includes');
|
8
8
|
var _mapInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/map');
|
9
9
|
var _JSON$stringify = require('@babel/runtime-corejs3/core-js-stable/json/stringify');
|
10
|
-
require('@babel/runtime-corejs3/core-js-stable/
|
10
|
+
var _startsWithInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/starts-with');
|
11
11
|
var url = require('url');
|
12
12
|
var react = require('next-auth/react');
|
13
13
|
var jwt = require('next-auth/jwt');
|
@@ -39,67 +39,19 @@ function _interopNamespace(e) {
|
|
39
39
|
var _includesInstanceProperty__default = /*#__PURE__*/_interopDefault(_includesInstanceProperty);
|
40
40
|
var _mapInstanceProperty__default = /*#__PURE__*/_interopDefault(_mapInstanceProperty);
|
41
41
|
var _JSON$stringify__default = /*#__PURE__*/_interopDefault(_JSON$stringify);
|
42
|
+
var _startsWithInstanceProperty__default = /*#__PURE__*/_interopDefault(_startsWithInstanceProperty);
|
42
43
|
var url__default = /*#__PURE__*/_interopDefault(url);
|
43
44
|
var cookie__namespace = /*#__PURE__*/_interopNamespace(cookie);
|
44
45
|
var ejs__default = /*#__PURE__*/_interopDefault(ejs);
|
45
46
|
var _filterInstanceProperty__default = /*#__PURE__*/_interopDefault(_filterInstanceProperty);
|
46
47
|
|
47
48
|
const template$1 = `
|
48
|
-
const
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
ignoreBuildErrors: true,
|
55
|
-
},
|
56
|
-
env: {
|
57
|
-
NEXTAUTH_URL: process.env.NEXTAUTH_URL || 'http://localhost:<%= process.env.PORT || 3000 %><%= keystonePath || '' %>/api/auth',
|
58
|
-
},
|
59
|
-
eslint: {
|
60
|
-
ignoreDuringBuilds: true,
|
61
|
-
},
|
62
|
-
webpack(config, { isServer }) {
|
63
|
-
config.resolve.alias = {
|
64
|
-
...config.resolve.alias,
|
65
|
-
react: Path.dirname(require.resolve('react/package.json')),
|
66
|
-
'react-dom': Path.dirname(require.resolve('react-dom/package.json')),
|
67
|
-
'@keystone-6/core': Path.dirname(
|
68
|
-
require.resolve('@keystone-6/core/package.json')
|
69
|
-
),
|
70
|
-
};
|
71
|
-
if (isServer) {
|
72
|
-
config.externals = [
|
73
|
-
...config.externals,
|
74
|
-
/@keystone-6\\/core(?!\\/___internal-do-not-use-will-break-in-patch\\/admin-ui\\/id-field-view|\\/fields\\/types\\/[^\\/]+\\/views)/,
|
75
|
-
/.prisma\\/client/
|
76
|
-
];
|
77
|
-
// we need to set these to true so that when __dirname/__filename is used
|
78
|
-
// to resolve the location of field views, we will get a path that we can use
|
79
|
-
// rather than just the __dirname/__filename of the generated file.
|
80
|
-
// https://webpack.js.org/configuration/node/#node__filename
|
81
|
-
(_config$node = config.node) !== null && _config$node !== void 0 ? _config$node : config.node = {};
|
82
|
-
config.node.__dirname = true;
|
83
|
-
config.node.__filename = true;
|
84
|
-
}
|
85
|
-
return config;
|
86
|
-
},
|
87
|
-
<% if (keystonePath) { %>
|
88
|
-
<% if (process.env.NODE_ENV != 'production') { %>
|
89
|
-
async rewrites() {
|
90
|
-
return [
|
91
|
-
{
|
92
|
-
source: '/api/__keystone_api_build',
|
93
|
-
destination: 'http://localhost:<%= process.env.PORT || 3000 %><%= keystonePath || '' %>/api/__keystone_api_build',
|
94
|
-
basePath: false
|
95
|
-
}
|
96
|
-
];
|
97
|
-
},
|
98
|
-
<% }%>
|
99
|
-
basePath: '<%= keystonePath || '' %>'
|
100
|
-
<% } %>
|
101
|
-
});
|
102
|
-
`;
|
49
|
+
const keystoneConfig = require('@keystone-6/core/___internal-do-not-use-will-break-in-patch/admin-ui/next-config').config;
|
50
|
+
|
51
|
+
module.exports = {
|
52
|
+
...keystoneConfig,
|
53
|
+
basePath: '<%= keystonePath || '' %>'
|
54
|
+
};`;
|
103
55
|
const nextConfigTemplate = _ref => {
|
104
56
|
let {
|
105
57
|
keystonePath
|
@@ -244,7 +196,7 @@ function createAuth(_ref) {
|
|
244
196
|
* - to the signin page when no valid session is present
|
245
197
|
*/
|
246
198
|
|
247
|
-
const
|
199
|
+
const authMiddleware = async _ref2 => {
|
248
200
|
let {
|
249
201
|
context,
|
250
202
|
isValidSession
|
@@ -256,13 +208,6 @@ function createAuth(_ref) {
|
|
256
208
|
const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
|
257
209
|
|
258
210
|
if (isValidSession) {
|
259
|
-
if (pathname === `${customPath}/api/auth/signin` || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn)) {
|
260
|
-
return {
|
261
|
-
kind: 'redirect',
|
262
|
-
to: `${customPath}`
|
263
|
-
};
|
264
|
-
}
|
265
|
-
|
266
211
|
if (customPath !== '' && pathname === '/') {
|
267
212
|
return {
|
268
213
|
kind: 'redirect',
|
@@ -273,10 +218,6 @@ function createAuth(_ref) {
|
|
273
218
|
return;
|
274
219
|
}
|
275
220
|
|
276
|
-
if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/_next/') || _includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth/') || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn) || pages !== null && pages !== void 0 && pages.error && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.error) || pages !== null && pages !== void 0 && pages.signOut && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signOut)) {
|
277
|
-
return;
|
278
|
-
}
|
279
|
-
|
280
221
|
if (!session && !_includesInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`)) {
|
281
222
|
return {
|
282
223
|
kind: 'redirect',
|
@@ -285,7 +226,7 @@ function createAuth(_ref) {
|
|
285
226
|
}
|
286
227
|
};
|
287
228
|
/**
|
288
|
-
*
|
229
|
+
* authGetAdditionalFiles
|
289
230
|
*
|
290
231
|
* This function adds files to be generated into the Admin UI build. Must be added to the
|
291
232
|
* ui.getAdditionalFiles config.
|
@@ -294,7 +235,7 @@ function createAuth(_ref) {
|
|
294
235
|
*/
|
295
236
|
|
296
237
|
|
297
|
-
const
|
238
|
+
const authGetAdditionalFiles = () => {
|
298
239
|
const filesToWrite = [{
|
299
240
|
mode: 'write',
|
300
241
|
outputPath: 'pages/api/auth/[...nextauth].js',
|
@@ -321,13 +262,13 @@ function createAuth(_ref) {
|
|
321
262
|
*/
|
322
263
|
|
323
264
|
|
324
|
-
const
|
265
|
+
const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`]; // TODO: Add Provider Types
|
325
266
|
// @ts-ignore
|
326
267
|
|
327
268
|
function addPages(provider) {
|
328
269
|
const name = provider.id;
|
329
|
-
|
330
|
-
|
270
|
+
authPublicPages.push(`${customPath}/api/auth/signin/${name}`);
|
271
|
+
authPublicPages.push(`${customPath}/api/auth/callback/${name}`);
|
331
272
|
}
|
332
273
|
|
333
274
|
_mapInstanceProperty__default["default"](providers).call(providers, addPages);
|
@@ -393,23 +334,24 @@ function createAuth(_ref) {
|
|
393
334
|
var _req$headers, _req$headers$authoriz;
|
394
335
|
|
395
336
|
let {
|
396
|
-
|
397
|
-
createContext
|
337
|
+
context
|
398
338
|
} = _ref3;
|
339
|
+
const {
|
340
|
+
req
|
341
|
+
} = context;
|
399
342
|
const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
|
400
343
|
let nextSession;
|
344
|
+
if (!req) return;
|
401
345
|
|
402
346
|
if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth')) {
|
403
347
|
return;
|
404
348
|
}
|
405
349
|
|
406
|
-
const sudoContext =
|
407
|
-
sudo: true
|
408
|
-
});
|
350
|
+
const sudoContext = context.sudo();
|
409
351
|
|
410
352
|
if (((_req$headers = req.headers) === null || _req$headers === void 0 ? void 0 : (_req$headers$authoriz = _req$headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
|
411
353
|
nextSession = await jwt.getToken({
|
412
|
-
req,
|
354
|
+
req: req,
|
413
355
|
secret: sessionSecret
|
414
356
|
});
|
415
357
|
} else {
|
@@ -429,8 +371,7 @@ function createAuth(_ref) {
|
|
429
371
|
data: nextSession.data
|
430
372
|
};
|
431
373
|
const userSession = await get({
|
432
|
-
|
433
|
-
createContext
|
374
|
+
context
|
434
375
|
});
|
435
376
|
return _objectSpread(_objectSpread(_objectSpread({}, userSession), nextSession), {}, {
|
436
377
|
data: nextSession.data,
|
@@ -440,16 +381,17 @@ function createAuth(_ref) {
|
|
440
381
|
},
|
441
382
|
end: async _ref4 => {
|
442
383
|
let {
|
443
|
-
|
444
|
-
req,
|
445
|
-
createContext
|
384
|
+
context
|
446
385
|
} = _ref4;
|
447
386
|
await end({
|
448
|
-
|
449
|
-
req,
|
450
|
-
createContext
|
387
|
+
context
|
451
388
|
});
|
452
389
|
const TOKEN_NAME = '__Secure-next-auth.session-token' ;
|
390
|
+
const {
|
391
|
+
req,
|
392
|
+
res
|
393
|
+
} = context;
|
394
|
+
if (!req || !res) return;
|
453
395
|
res.setHeader('Set-Cookie', cookie__namespace.serialize(TOKEN_NAME, '', {
|
454
396
|
maxAge: 0,
|
455
397
|
expires: new Date(),
|
@@ -463,6 +405,13 @@ function createAuth(_ref) {
|
|
463
405
|
}
|
464
406
|
});
|
465
407
|
};
|
408
|
+
|
409
|
+
function defaultIsAccessAllowed(_ref5) {
|
410
|
+
let {
|
411
|
+
session
|
412
|
+
} = _ref5;
|
413
|
+
return session !== undefined;
|
414
|
+
}
|
466
415
|
/**
|
467
416
|
* withAuth
|
468
417
|
*
|
@@ -476,35 +425,38 @@ function createAuth(_ref) {
|
|
476
425
|
|
477
426
|
|
478
427
|
const withAuth = keystoneConfig => {
|
428
|
+
var _ui;
|
429
|
+
|
479
430
|
validateConfig(keystoneConfig);
|
480
431
|
let {
|
481
432
|
ui
|
482
433
|
} = keystoneConfig;
|
483
434
|
|
484
|
-
if (
|
485
|
-
|
486
|
-
|
487
|
-
|
488
|
-
|
489
|
-
|
490
|
-
|
491
|
-
|
492
|
-
|
493
|
-
return (await pageMiddleware(args)) ?? (keystoneConfig === null || keystoneConfig === void 0 ? void 0 : (_keystoneConfig$ui2 = keystoneConfig.ui) === null || _keystoneConfig$ui2 === void 0 ? void 0 : (_keystoneConfig$ui2$p = _keystoneConfig$ui2.pageMiddleware) === null || _keystoneConfig$ui2$p === void 0 ? void 0 : _keystoneConfig$ui2$p.call(_keystoneConfig$ui2, args));
|
494
|
-
},
|
435
|
+
if (!((_ui = ui) !== null && _ui !== void 0 && _ui.isDisabled)) {
|
436
|
+
const {
|
437
|
+
getAdditionalFiles = [],
|
438
|
+
isAccessAllowed = defaultIsAccessAllowed,
|
439
|
+
pageMiddleware,
|
440
|
+
publicPages = []
|
441
|
+
} = ui || {};
|
442
|
+
ui = _objectSpread(_objectSpread({}, ui), {}, {
|
443
|
+
publicPages: [...publicPages, ...authPublicPages],
|
495
444
|
isAccessAllowed: async context => {
|
496
|
-
var
|
445
|
+
var _context$req;
|
497
446
|
|
498
|
-
const
|
499
|
-
req
|
500
|
-
} = context;
|
501
|
-
const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname; // Allow nextjs scripts and static files to be accessed without auth
|
447
|
+
const pathname = url__default["default"].parse((_context$req = context.req) === null || _context$req === void 0 ? void 0 : _context$req.url).pathname;
|
502
448
|
|
503
|
-
if (
|
449
|
+
if (_startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/_next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/__next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`) || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn) || pages !== null && pages !== void 0 && pages.error && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.error) || pages !== null && pages !== void 0 && pages.signOut && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signOut)) {
|
504
450
|
return true;
|
505
|
-
}
|
451
|
+
}
|
506
452
|
|
507
|
-
return
|
453
|
+
return await isAccessAllowed(context);
|
454
|
+
},
|
455
|
+
getAdditionalFiles: [...getAdditionalFiles, authGetAdditionalFiles],
|
456
|
+
pageMiddleware: async args => {
|
457
|
+
const shouldRedirect = await authMiddleware(args);
|
458
|
+
if (shouldRedirect) return shouldRedirect;
|
459
|
+
return pageMiddleware === null || pageMiddleware === void 0 ? void 0 : pageMiddleware(args);
|
508
460
|
}
|
509
461
|
});
|
510
462
|
}
|
@@ -3,7 +3,7 @@ import _objectWithoutProperties from '@babel/runtime/helpers/esm/objectWithoutPr
|
|
3
3
|
import _includesInstanceProperty from '@babel/runtime-corejs3/core-js-stable/instance/includes';
|
4
4
|
import _mapInstanceProperty from '@babel/runtime-corejs3/core-js-stable/instance/map';
|
5
5
|
import _JSON$stringify from '@babel/runtime-corejs3/core-js-stable/json/stringify';
|
6
|
-
import
|
6
|
+
import _startsWithInstanceProperty from '@babel/runtime-corejs3/core-js-stable/instance/starts-with';
|
7
7
|
import url from 'url';
|
8
8
|
import { getSession } from 'next-auth/react';
|
9
9
|
import { getToken } from 'next-auth/jwt';
|
@@ -13,61 +13,12 @@ import _filterInstanceProperty from '@babel/runtime-corejs3/core-js-stable/insta
|
|
13
13
|
import { graphql } from '@keystone-6/core';
|
14
14
|
|
15
15
|
const template$1 = `
|
16
|
-
const
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
ignoreBuildErrors: true,
|
23
|
-
},
|
24
|
-
env: {
|
25
|
-
NEXTAUTH_URL: process.env.NEXTAUTH_URL || 'http://localhost:<%= process.env.PORT || 3000 %><%= keystonePath || '' %>/api/auth',
|
26
|
-
},
|
27
|
-
eslint: {
|
28
|
-
ignoreDuringBuilds: true,
|
29
|
-
},
|
30
|
-
webpack(config, { isServer }) {
|
31
|
-
config.resolve.alias = {
|
32
|
-
...config.resolve.alias,
|
33
|
-
react: Path.dirname(require.resolve('react/package.json')),
|
34
|
-
'react-dom': Path.dirname(require.resolve('react-dom/package.json')),
|
35
|
-
'@keystone-6/core': Path.dirname(
|
36
|
-
require.resolve('@keystone-6/core/package.json')
|
37
|
-
),
|
38
|
-
};
|
39
|
-
if (isServer) {
|
40
|
-
config.externals = [
|
41
|
-
...config.externals,
|
42
|
-
/@keystone-6\\/core(?!\\/___internal-do-not-use-will-break-in-patch\\/admin-ui\\/id-field-view|\\/fields\\/types\\/[^\\/]+\\/views)/,
|
43
|
-
/.prisma\\/client/
|
44
|
-
];
|
45
|
-
// we need to set these to true so that when __dirname/__filename is used
|
46
|
-
// to resolve the location of field views, we will get a path that we can use
|
47
|
-
// rather than just the __dirname/__filename of the generated file.
|
48
|
-
// https://webpack.js.org/configuration/node/#node__filename
|
49
|
-
(_config$node = config.node) !== null && _config$node !== void 0 ? _config$node : config.node = {};
|
50
|
-
config.node.__dirname = true;
|
51
|
-
config.node.__filename = true;
|
52
|
-
}
|
53
|
-
return config;
|
54
|
-
},
|
55
|
-
<% if (keystonePath) { %>
|
56
|
-
<% if (process.env.NODE_ENV != 'production') { %>
|
57
|
-
async rewrites() {
|
58
|
-
return [
|
59
|
-
{
|
60
|
-
source: '/api/__keystone_api_build',
|
61
|
-
destination: 'http://localhost:<%= process.env.PORT || 3000 %><%= keystonePath || '' %>/api/__keystone_api_build',
|
62
|
-
basePath: false
|
63
|
-
}
|
64
|
-
];
|
65
|
-
},
|
66
|
-
<% }%>
|
67
|
-
basePath: '<%= keystonePath || '' %>'
|
68
|
-
<% } %>
|
69
|
-
});
|
70
|
-
`;
|
16
|
+
const keystoneConfig = require('@keystone-6/core/___internal-do-not-use-will-break-in-patch/admin-ui/next-config').config;
|
17
|
+
|
18
|
+
module.exports = {
|
19
|
+
...keystoneConfig,
|
20
|
+
basePath: '<%= keystonePath || '' %>'
|
21
|
+
};`;
|
71
22
|
const nextConfigTemplate = _ref => {
|
72
23
|
let {
|
73
24
|
keystonePath
|
@@ -212,7 +163,7 @@ function createAuth(_ref) {
|
|
212
163
|
* - to the signin page when no valid session is present
|
213
164
|
*/
|
214
165
|
|
215
|
-
const
|
166
|
+
const authMiddleware = async _ref2 => {
|
216
167
|
let {
|
217
168
|
context,
|
218
169
|
isValidSession
|
@@ -224,13 +175,6 @@ function createAuth(_ref) {
|
|
224
175
|
const pathname = url.parse(req === null || req === void 0 ? void 0 : req.url).pathname;
|
225
176
|
|
226
177
|
if (isValidSession) {
|
227
|
-
if (pathname === `${customPath}/api/auth/signin` || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty(pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn)) {
|
228
|
-
return {
|
229
|
-
kind: 'redirect',
|
230
|
-
to: `${customPath}`
|
231
|
-
};
|
232
|
-
}
|
233
|
-
|
234
178
|
if (customPath !== '' && pathname === '/') {
|
235
179
|
return {
|
236
180
|
kind: 'redirect',
|
@@ -241,10 +185,6 @@ function createAuth(_ref) {
|
|
241
185
|
return;
|
242
186
|
}
|
243
187
|
|
244
|
-
if (_includesInstanceProperty(pathname).call(pathname, '/_next/') || _includesInstanceProperty(pathname).call(pathname, '/api/auth/') || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty(pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn) || pages !== null && pages !== void 0 && pages.error && _includesInstanceProperty(pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.error) || pages !== null && pages !== void 0 && pages.signOut && _includesInstanceProperty(pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signOut)) {
|
245
|
-
return;
|
246
|
-
}
|
247
|
-
|
248
188
|
if (!session && !_includesInstanceProperty(pathname).call(pathname, `${customPath}/api/auth/`)) {
|
249
189
|
return {
|
250
190
|
kind: 'redirect',
|
@@ -253,7 +193,7 @@ function createAuth(_ref) {
|
|
253
193
|
}
|
254
194
|
};
|
255
195
|
/**
|
256
|
-
*
|
196
|
+
* authGetAdditionalFiles
|
257
197
|
*
|
258
198
|
* This function adds files to be generated into the Admin UI build. Must be added to the
|
259
199
|
* ui.getAdditionalFiles config.
|
@@ -262,7 +202,7 @@ function createAuth(_ref) {
|
|
262
202
|
*/
|
263
203
|
|
264
204
|
|
265
|
-
const
|
205
|
+
const authGetAdditionalFiles = () => {
|
266
206
|
const filesToWrite = [{
|
267
207
|
mode: 'write',
|
268
208
|
outputPath: 'pages/api/auth/[...nextauth].js',
|
@@ -289,13 +229,13 @@ function createAuth(_ref) {
|
|
289
229
|
*/
|
290
230
|
|
291
231
|
|
292
|
-
const
|
232
|
+
const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`]; // TODO: Add Provider Types
|
293
233
|
// @ts-ignore
|
294
234
|
|
295
235
|
function addPages(provider) {
|
296
236
|
const name = provider.id;
|
297
|
-
|
298
|
-
|
237
|
+
authPublicPages.push(`${customPath}/api/auth/signin/${name}`);
|
238
|
+
authPublicPages.push(`${customPath}/api/auth/callback/${name}`);
|
299
239
|
}
|
300
240
|
|
301
241
|
_mapInstanceProperty(providers).call(providers, addPages);
|
@@ -361,23 +301,24 @@ function createAuth(_ref) {
|
|
361
301
|
var _req$headers, _req$headers$authoriz;
|
362
302
|
|
363
303
|
let {
|
364
|
-
|
365
|
-
createContext
|
304
|
+
context
|
366
305
|
} = _ref3;
|
306
|
+
const {
|
307
|
+
req
|
308
|
+
} = context;
|
367
309
|
const pathname = url.parse(req === null || req === void 0 ? void 0 : req.url).pathname;
|
368
310
|
let nextSession;
|
311
|
+
if (!req) return;
|
369
312
|
|
370
313
|
if (_includesInstanceProperty(pathname).call(pathname, '/api/auth')) {
|
371
314
|
return;
|
372
315
|
}
|
373
316
|
|
374
|
-
const sudoContext =
|
375
|
-
sudo: true
|
376
|
-
});
|
317
|
+
const sudoContext = context.sudo();
|
377
318
|
|
378
319
|
if (((_req$headers = req.headers) === null || _req$headers === void 0 ? void 0 : (_req$headers$authoriz = _req$headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
|
379
320
|
nextSession = await getToken({
|
380
|
-
req,
|
321
|
+
req: req,
|
381
322
|
secret: sessionSecret
|
382
323
|
});
|
383
324
|
} else {
|
@@ -397,8 +338,7 @@ function createAuth(_ref) {
|
|
397
338
|
data: nextSession.data
|
398
339
|
};
|
399
340
|
const userSession = await get({
|
400
|
-
|
401
|
-
createContext
|
341
|
+
context
|
402
342
|
});
|
403
343
|
return _objectSpread(_objectSpread(_objectSpread({}, userSession), nextSession), {}, {
|
404
344
|
data: nextSession.data,
|
@@ -408,16 +348,17 @@ function createAuth(_ref) {
|
|
408
348
|
},
|
409
349
|
end: async _ref4 => {
|
410
350
|
let {
|
411
|
-
|
412
|
-
req,
|
413
|
-
createContext
|
351
|
+
context
|
414
352
|
} = _ref4;
|
415
353
|
await end({
|
416
|
-
|
417
|
-
req,
|
418
|
-
createContext
|
354
|
+
context
|
419
355
|
});
|
420
356
|
const TOKEN_NAME = process.env.NODE_ENV === 'production' ? '__Secure-next-auth.session-token' : 'next-auth.session-token';
|
357
|
+
const {
|
358
|
+
req,
|
359
|
+
res
|
360
|
+
} = context;
|
361
|
+
if (!req || !res) return;
|
421
362
|
res.setHeader('Set-Cookie', cookie.serialize(TOKEN_NAME, '', {
|
422
363
|
maxAge: 0,
|
423
364
|
expires: new Date(),
|
@@ -431,6 +372,13 @@ function createAuth(_ref) {
|
|
431
372
|
}
|
432
373
|
});
|
433
374
|
};
|
375
|
+
|
376
|
+
function defaultIsAccessAllowed(_ref5) {
|
377
|
+
let {
|
378
|
+
session
|
379
|
+
} = _ref5;
|
380
|
+
return session !== undefined;
|
381
|
+
}
|
434
382
|
/**
|
435
383
|
* withAuth
|
436
384
|
*
|
@@ -444,40 +392,38 @@ function createAuth(_ref) {
|
|
444
392
|
|
445
393
|
|
446
394
|
const withAuth = keystoneConfig => {
|
395
|
+
var _ui;
|
396
|
+
|
447
397
|
validateConfig(keystoneConfig);
|
448
398
|
let {
|
449
399
|
ui
|
450
400
|
} = keystoneConfig;
|
451
401
|
|
452
|
-
if (
|
453
|
-
|
454
|
-
|
455
|
-
|
456
|
-
|
457
|
-
|
458
|
-
|
459
|
-
|
460
|
-
|
461
|
-
return (await pageMiddleware(args)) ?? (keystoneConfig === null || keystoneConfig === void 0 ? void 0 : (_keystoneConfig$ui2 = keystoneConfig.ui) === null || _keystoneConfig$ui2 === void 0 ? void 0 : (_keystoneConfig$ui2$p = _keystoneConfig$ui2.pageMiddleware) === null || _keystoneConfig$ui2$p === void 0 ? void 0 : _keystoneConfig$ui2$p.call(_keystoneConfig$ui2, args));
|
462
|
-
},
|
402
|
+
if (!((_ui = ui) !== null && _ui !== void 0 && _ui.isDisabled)) {
|
403
|
+
const {
|
404
|
+
getAdditionalFiles = [],
|
405
|
+
isAccessAllowed = defaultIsAccessAllowed,
|
406
|
+
pageMiddleware,
|
407
|
+
publicPages = []
|
408
|
+
} = ui || {};
|
409
|
+
ui = _objectSpread(_objectSpread({}, ui), {}, {
|
410
|
+
publicPages: [...publicPages, ...authPublicPages],
|
463
411
|
isAccessAllowed: async context => {
|
464
|
-
var _context$req
|
465
|
-
|
466
|
-
const {
|
467
|
-
req
|
468
|
-
} = context;
|
469
|
-
const pathname = url.parse(req === null || req === void 0 ? void 0 : req.url).pathname; // Allow nextjs scripts and static files to be accessed without auth
|
470
|
-
|
471
|
-
if (_includesInstanceProperty(pathname).call(pathname, '/_next/')) {
|
472
|
-
return true;
|
473
|
-
} // Allow keystone to access /api/__keystone_api_build for hot reloading
|
412
|
+
var _context$req;
|
474
413
|
|
414
|
+
const pathname = url.parse((_context$req = context.req) === null || _context$req === void 0 ? void 0 : _context$req.url).pathname;
|
475
415
|
|
476
|
-
if (
|
416
|
+
if (_startsWithInstanceProperty(pathname).call(pathname, `${customPath}/_next`) || _startsWithInstanceProperty(pathname).call(pathname, `${customPath}/__next`) || _startsWithInstanceProperty(pathname).call(pathname, `${customPath}/api/auth/`) || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty(pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn) || pages !== null && pages !== void 0 && pages.error && _includesInstanceProperty(pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.error) || pages !== null && pages !== void 0 && pages.signOut && _includesInstanceProperty(pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signOut)) {
|
477
417
|
return true;
|
478
418
|
}
|
479
419
|
|
480
|
-
return
|
420
|
+
return await isAccessAllowed(context);
|
421
|
+
},
|
422
|
+
getAdditionalFiles: [...getAdditionalFiles, authGetAdditionalFiles],
|
423
|
+
pageMiddleware: async args => {
|
424
|
+
const shouldRedirect = await authMiddleware(args);
|
425
|
+
if (shouldRedirect) return shouldRedirect;
|
426
|
+
return pageMiddleware === null || pageMiddleware === void 0 ? void 0 : pageMiddleware(args);
|
481
427
|
}
|
482
428
|
});
|
483
429
|
}
|
package/package.json
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
{
|
2
2
|
"name": "@opensaas/keystone-nextjs-auth",
|
3
|
-
"version": "
|
3
|
+
"version": "26.0.0",
|
4
4
|
"repository": "https://github.com/opensaasau/keystone-nextjs-auth",
|
5
5
|
"license": "MIT",
|
6
6
|
"main": "dist/opensaas-keystone-nextjs-auth.cjs.js",
|
@@ -13,14 +13,14 @@
|
|
13
13
|
"cross-fetch": "^3.1.5",
|
14
14
|
"ejs": "^3.1.8",
|
15
15
|
"fast-deep-equal": "^3.1.3",
|
16
|
-
"next-auth": "^4.
|
16
|
+
"next-auth": "^4.18.0"
|
17
17
|
},
|
18
18
|
"devDependencies": {
|
19
|
-
"@keystone-6/core": "
|
19
|
+
"@keystone-6/core": "4.0.1",
|
20
20
|
"react": "^18.2.0"
|
21
21
|
},
|
22
22
|
"peerDependencies": {
|
23
|
-
"@keystone-6/core": "
|
23
|
+
"@keystone-6/core": "4.0.1",
|
24
24
|
"react": "^18.2.0"
|
25
25
|
},
|
26
26
|
"publishConfig": {
|
@@ -168,9 +168,7 @@ function NextAuthPage(props) {
|
|
168
168
|
let returnSession = session;
|
169
169
|
|
170
170
|
if (!token.itemId) {
|
171
|
-
return
|
172
|
-
expires: '0'
|
173
|
-
};
|
171
|
+
return session;
|
174
172
|
} else {
|
175
173
|
returnSession = _objectSpread(_objectSpread({}, session), {}, {
|
176
174
|
data: token.data,
|
@@ -188,10 +186,15 @@ function NextAuthPage(props) {
|
|
188
186
|
token
|
189
187
|
} = _ref4;
|
190
188
|
const identity = token.sub;
|
189
|
+
|
190
|
+
if (!identity) {
|
191
|
+
return token;
|
192
|
+
}
|
193
|
+
|
191
194
|
const result = await validateNextAuth(identityField, identity, protectIdentities, list);
|
192
195
|
|
193
196
|
if (!result.success) {
|
194
|
-
token.itemId =
|
197
|
+
token.itemId = undefined;
|
195
198
|
} else {
|
196
199
|
token.itemId = result.item.id;
|
197
200
|
const data = await query[listKey].findOne({
|
package/pages/NextAuthPage/dist/opensaas-keystone-nextjs-auth-pages-NextAuthPage.cjs.prod.js
CHANGED
@@ -168,9 +168,7 @@ function NextAuthPage(props) {
|
|
168
168
|
let returnSession = session;
|
169
169
|
|
170
170
|
if (!token.itemId) {
|
171
|
-
return
|
172
|
-
expires: '0'
|
173
|
-
};
|
171
|
+
return session;
|
174
172
|
} else {
|
175
173
|
returnSession = _objectSpread(_objectSpread({}, session), {}, {
|
176
174
|
data: token.data,
|
@@ -188,10 +186,15 @@ function NextAuthPage(props) {
|
|
188
186
|
token
|
189
187
|
} = _ref4;
|
190
188
|
const identity = token.sub;
|
189
|
+
|
190
|
+
if (!identity) {
|
191
|
+
return token;
|
192
|
+
}
|
193
|
+
|
191
194
|
const result = await validateNextAuth(identityField, identity, protectIdentities, list);
|
192
195
|
|
193
196
|
if (!result.success) {
|
194
|
-
token.itemId =
|
197
|
+
token.itemId = undefined;
|
195
198
|
} else {
|
196
199
|
token.itemId = result.item.id;
|
197
200
|
const data = await query[listKey].findOne({
|