npm - @opensaas/keystone-nextjs-auth - Versions diffs - 26.0.0 → 27.0.0 - Mend

@opensaas/keystone-nextjs-auth 26.0.0 → 27.0.0

Files changed (9) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,15 @@
 # @opensaas-keystone/nextjs-auth
+## 27.0.0
+### Major Changes
+- ec29144: Update dependency @keystone-6/core to v5
+### Patch Changes
+- 0a8ea8e: Update patch dependencies (patch)
 ## 26.0.0
 ### Major Changes

package/dist/opensaas-keystone-nextjs-auth.cjs.dev.js CHANGED Viewed

@@ -75,17 +75,14 @@ function getBaseAuthSchema(_ref) {
           types: [base.object(listKey)],
           resolveType: (root, context) => {
             var _context$session;
             return (_context$session = context.session) === null || _context$session === void 0 ? void 0 : _context$session.listKey;
           }
         }),
         resolve(root, args, _ref2) {
           let {
             session,
             db
           } = _ref2;
           if (typeof (session === null || session === void 0 ? void 0 : session.itemId) === 'string' && typeof session.listKey === 'string') {
             return db[session.listKey].findOne({
               where: {
@@ -93,10 +90,8 @@ function getBaseAuthSchema(_ref) {
               }
             });
           }
           return null;
         }
       })
     }
   };
@@ -111,7 +106,6 @@ const getSchemaExtension = _ref => {
   } = _ref;
   return core.graphql.extend(base => {
     var _context;
     const baseSchema = getBaseAuthSchema({
       listKey,
       base
@@ -161,6 +155,7 @@ const authTemplate = _ref => {
 };
 const _excluded = ["get", "end"];
 /**
  * createAuth function
  *
@@ -184,6 +179,7 @@ function createAuth(_ref) {
   // part of the createAuth API (in which case its use cases need to be documented and tested)
   // or whether always being true is what we want, in which case we can refactor our code
   // to match this. -TL
   const customPath = !keystonePath || keystonePath === '/' ? '' : keystonePath;
   /**
    * pageMiddleware
@@ -195,29 +191,25 @@ function createAuth(_ref) {
    *  - to the init page when initFirstItem is configured, and there are no user in the database
    *  - to the signin page when no valid session is present
    */
   const authMiddleware = async _ref2 => {
     let {
       context,
-      isValidSession
+      wasAccessAllowed
     } = _ref2;
     const {
       req,
       session
     } = context;
     const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
-    if (isValidSession) {
+    if (wasAccessAllowed) {
       if (customPath !== '' && pathname === '/') {
         return {
           kind: 'redirect',
           to: `${customPath}`
         };
       }
       return;
     }
     if (!session && !_includesInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`)) {
       return {
         kind: 'redirect',
@@ -225,6 +217,7 @@ function createAuth(_ref) {
       };
     }
   };
   /**
    * authGetAdditionalFiles
    *
@@ -233,8 +226,6 @@ function createAuth(_ref) {
    *
    * The signin page is always included, and the init page is included when initFirstItem is set
    */
   const authGetAdditionalFiles = () => {
     const filesToWrite = [{
       mode: 'write',
@@ -255,84 +246,75 @@ function createAuth(_ref) {
     }];
     return filesToWrite;
   };
   /**
    * publicAuthPages
    *
    * Must be added to the ui.publicPages config
    */
-  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`]; // TODO: Add Provider Types
+  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`];
+  // TODO: Add Provider Types
   // @ts-ignore
   function addPages(provider) {
     const name = provider.id;
     authPublicPages.push(`${customPath}/api/auth/signin/${name}`);
     authPublicPages.push(`${customPath}/api/auth/callback/${name}`);
   }
   _mapInstanceProperty__default["default"](providers).call(providers, addPages);
   /**
    * extendGraphqlSchema
    *
    * Must be added to the extendGraphqlSchema config. Can be composed.
    */
   const extendGraphqlSchema = getSchemaExtension({
     identityField,
     listKey
   });
   /**
    * validateConfig
    *
    * Validates the provided auth config; optional step when integrating auth
    */
   const validateConfig = keystoneConfig => {
     const listConfig = keystoneConfig.lists[listKey];
     if (listConfig === undefined) {
       const msg = `A createAuth() invocation specifies the list "${listKey}" but no list with that key has been defined.`;
       throw new Error(msg);
-    } // TODO: Check if providers
+    }
+    // TODO: Check if providers
     // TODO: Check other required commands/data
     // TODO: Check for String-like typing for identityField? How?
     // TODO: Validate that the identifyField is unique.
     // TODO: If this field isn't required, what happens if I try to log in as `null`?
     const identityFieldConfig = listConfig.fields[identityField];
     if (identityFieldConfig === undefined) {
       const identityFieldName = _JSON$stringify__default["default"](identityField);
       const msg = `A createAuth() invocation for the "${listKey}" list specifies ${identityFieldName} as its identityField but no field with that key exists on the list.`;
       throw new Error(msg);
     }
   };
   /**
    * withItemData
    *
    * Automatically injects a session.data value with the authenticated item
    */
   /* TODO:
   - [ ] We could support additional where input to validate item sessions (e.g an isEnabled boolean)
   */
   const withItemData = _sessionStrategy => {
     const {
-      get,
-      end
-    } = _sessionStrategy,
-          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+        get,
+        end
+      } = _sessionStrategy,
+      sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
       get: async _ref3 => {
         var _req$headers, _req$headers$authoriz;
         let {
           context
         } = _ref3;
@@ -342,13 +324,10 @@ function createAuth(_ref) {
         const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
         let nextSession;
         if (!req) return;
         if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth')) {
           return;
         }
         const sudoContext = context.sudo();
         if (((_req$headers = req.headers) === null || _req$headers === void 0 ? void 0 : (_req$headers$authoriz = _req$headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
           nextSession = await jwt.getToken({
             req: req,
@@ -359,11 +338,9 @@ function createAuth(_ref) {
             req
           });
         }
         if (!nextSession || !nextSession.listKey || nextSession.listKey !== listKey || !nextSession.itemId || !sudoContext.query[listKey] || !nextSession.itemId) {
           return;
         }
         const reqWithUser = req;
         reqWithUser.user = {
           istKey: nextSession.listKey,
@@ -405,7 +382,6 @@ function createAuth(_ref) {
       }
     });
   };
   function defaultIsAccessAllowed(_ref5) {
     let {
       session
@@ -422,16 +398,12 @@ function createAuth(_ref) {
    * It validates the auth config against the provided keystone config, and preserves existing
    * config by composing existing extendGraphqlSchema functions and ui config.
    */
   const withAuth = keystoneConfig => {
     var _ui;
     validateConfig(keystoneConfig);
     let {
       ui
     } = keystoneConfig;
     if (!((_ui = ui) !== null && _ui !== void 0 && _ui.isDisabled)) {
       const {
         getAdditionalFiles = [],
@@ -443,13 +415,10 @@ function createAuth(_ref) {
         publicPages: [...publicPages, ...authPublicPages],
         isAccessAllowed: async context => {
           var _context$req;
           const pathname = url__default["default"].parse((_context$req = context.req) === null || _context$req === void 0 ? void 0 : _context$req.url).pathname;
           if (_startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/_next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/__next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`) || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn) || pages !== null && pages !== void 0 && pages.error && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.error) || pages !== null && pages !== void 0 && pages.signOut && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signOut)) {
             return true;
           }
           return await isAccessAllowed(context);
         },
         getAdditionalFiles: [...getAdditionalFiles, authGetAdditionalFiles],
@@ -460,7 +429,6 @@ function createAuth(_ref) {
         }
       });
     }
     if (!keystoneConfig.session) throw new TypeError('Missing .session configuration');
     const session = withItemData(keystoneConfig.session);
     const existingExtendGraphQLSchema = keystoneConfig.extendGraphqlSchema;
@@ -475,16 +443,15 @@ function createAuth(_ref) {
       extendGraphqlSchema: existingExtendGraphQLSchema ? schema => existingExtendGraphQLSchema(extendGraphqlSchema(schema)) : extendGraphqlSchema
     });
   };
   return {
-    withAuth // In the future we may want to return the following so that developers can
+    withAuth
+    // In the future we may want to return the following so that developers can
     // roll their own. This is pending a review of the use cases this might be
     // appropriate for, along with documentation and testing.
     // ui: { enableSessionItem: true, pageMiddleware, getAdditionalFiles, publicPages },
     // fields,
     // extendGraphqlSchema,
     // validateConfig,
   };
 }

package/dist/opensaas-keystone-nextjs-auth.cjs.prod.js CHANGED Viewed

@@ -75,17 +75,14 @@ function getBaseAuthSchema(_ref) {
           types: [base.object(listKey)],
           resolveType: (root, context) => {
             var _context$session;
             return (_context$session = context.session) === null || _context$session === void 0 ? void 0 : _context$session.listKey;
           }
         }),
         resolve(root, args, _ref2) {
           let {
             session,
             db
           } = _ref2;
           if (typeof (session === null || session === void 0 ? void 0 : session.itemId) === 'string' && typeof session.listKey === 'string') {
             return db[session.listKey].findOne({
               where: {
@@ -93,10 +90,8 @@ function getBaseAuthSchema(_ref) {
               }
             });
           }
           return null;
         }
       })
     }
   };
@@ -111,7 +106,6 @@ const getSchemaExtension = _ref => {
   } = _ref;
   return core.graphql.extend(base => {
     var _context;
     const baseSchema = getBaseAuthSchema({
       listKey,
       base
@@ -161,6 +155,7 @@ const authTemplate = _ref => {
 };
 const _excluded = ["get", "end"];
 /**
  * createAuth function
  *
@@ -184,6 +179,7 @@ function createAuth(_ref) {
   // part of the createAuth API (in which case its use cases need to be documented and tested)
   // or whether always being true is what we want, in which case we can refactor our code
   // to match this. -TL
   const customPath = !keystonePath || keystonePath === '/' ? '' : keystonePath;
   /**
    * pageMiddleware
@@ -195,29 +191,25 @@ function createAuth(_ref) {
    *  - to the init page when initFirstItem is configured, and there are no user in the database
    *  - to the signin page when no valid session is present
    */
   const authMiddleware = async _ref2 => {
     let {
       context,
-      isValidSession
+      wasAccessAllowed
     } = _ref2;
     const {
       req,
       session
     } = context;
     const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
-    if (isValidSession) {
+    if (wasAccessAllowed) {
       if (customPath !== '' && pathname === '/') {
         return {
           kind: 'redirect',
           to: `${customPath}`
         };
       }
       return;
     }
     if (!session && !_includesInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`)) {
       return {
         kind: 'redirect',
@@ -225,6 +217,7 @@ function createAuth(_ref) {
       };
     }
   };
   /**
    * authGetAdditionalFiles
    *
@@ -233,8 +226,6 @@ function createAuth(_ref) {
    *
    * The signin page is always included, and the init page is included when initFirstItem is set
    */
   const authGetAdditionalFiles = () => {
     const filesToWrite = [{
       mode: 'write',
@@ -255,84 +246,75 @@ function createAuth(_ref) {
     }];
     return filesToWrite;
   };
   /**
    * publicAuthPages
    *
    * Must be added to the ui.publicPages config
    */
-  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`]; // TODO: Add Provider Types
+  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`];
+  // TODO: Add Provider Types
   // @ts-ignore
   function addPages(provider) {
     const name = provider.id;
     authPublicPages.push(`${customPath}/api/auth/signin/${name}`);
     authPublicPages.push(`${customPath}/api/auth/callback/${name}`);
   }
   _mapInstanceProperty__default["default"](providers).call(providers, addPages);
   /**
    * extendGraphqlSchema
    *
    * Must be added to the extendGraphqlSchema config. Can be composed.
    */
   const extendGraphqlSchema = getSchemaExtension({
     identityField,
     listKey
   });
   /**
    * validateConfig
    *
    * Validates the provided auth config; optional step when integrating auth
    */
   const validateConfig = keystoneConfig => {
     const listConfig = keystoneConfig.lists[listKey];
     if (listConfig === undefined) {
       const msg = `A createAuth() invocation specifies the list "${listKey}" but no list with that key has been defined.`;
       throw new Error(msg);
-    } // TODO: Check if providers
+    }
+    // TODO: Check if providers
     // TODO: Check other required commands/data
     // TODO: Check for String-like typing for identityField? How?
     // TODO: Validate that the identifyField is unique.
     // TODO: If this field isn't required, what happens if I try to log in as `null`?
     const identityFieldConfig = listConfig.fields[identityField];
     if (identityFieldConfig === undefined) {
       const identityFieldName = _JSON$stringify__default["default"](identityField);
       const msg = `A createAuth() invocation for the "${listKey}" list specifies ${identityFieldName} as its identityField but no field with that key exists on the list.`;
       throw new Error(msg);
     }
   };
   /**
    * withItemData
    *
    * Automatically injects a session.data value with the authenticated item
    */
   /* TODO:
   - [ ] We could support additional where input to validate item sessions (e.g an isEnabled boolean)
   */
   const withItemData = _sessionStrategy => {
     const {
-      get,
-      end
-    } = _sessionStrategy,
-          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+        get,
+        end
+      } = _sessionStrategy,
+      sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
       get: async _ref3 => {
         var _req$headers, _req$headers$authoriz;
         let {
           context
         } = _ref3;
@@ -342,13 +324,10 @@ function createAuth(_ref) {
         const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
         let nextSession;
         if (!req) return;
         if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth')) {
           return;
         }
         const sudoContext = context.sudo();
         if (((_req$headers = req.headers) === null || _req$headers === void 0 ? void 0 : (_req$headers$authoriz = _req$headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
           nextSession = await jwt.getToken({
             req: req,
@@ -359,11 +338,9 @@ function createAuth(_ref) {
             req
           });
         }
         if (!nextSession || !nextSession.listKey || nextSession.listKey !== listKey || !nextSession.itemId || !sudoContext.query[listKey] || !nextSession.itemId) {
           return;
         }
         const reqWithUser = req;
         reqWithUser.user = {
           istKey: nextSession.listKey,
@@ -405,7 +382,6 @@ function createAuth(_ref) {
       }
     });
   };
   function defaultIsAccessAllowed(_ref5) {
     let {
       session
@@ -422,16 +398,12 @@ function createAuth(_ref) {
    * It validates the auth config against the provided keystone config, and preserves existing
    * config by composing existing extendGraphqlSchema functions and ui config.
    */
   const withAuth = keystoneConfig => {
     var _ui;
     validateConfig(keystoneConfig);
     let {
       ui
     } = keystoneConfig;
     if (!((_ui = ui) !== null && _ui !== void 0 && _ui.isDisabled)) {
       const {
         getAdditionalFiles = [],
@@ -443,13 +415,10 @@ function createAuth(_ref) {
         publicPages: [...publicPages, ...authPublicPages],
         isAccessAllowed: async context => {
           var _context$req;
           const pathname = url__default["default"].parse((_context$req = context.req) === null || _context$req === void 0 ? void 0 : _context$req.url).pathname;
           if (_startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/_next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/__next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`) || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn) || pages !== null && pages !== void 0 && pages.error && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.error) || pages !== null && pages !== void 0 && pages.signOut && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signOut)) {
             return true;
           }
           return await isAccessAllowed(context);
         },
         getAdditionalFiles: [...getAdditionalFiles, authGetAdditionalFiles],
@@ -460,7 +429,6 @@ function createAuth(_ref) {
         }
       });
     }
     if (!keystoneConfig.session) throw new TypeError('Missing .session configuration');
     const session = withItemData(keystoneConfig.session);
     const existingExtendGraphQLSchema = keystoneConfig.extendGraphqlSchema;
@@ -475,16 +443,15 @@ function createAuth(_ref) {
       extendGraphqlSchema: existingExtendGraphQLSchema ? schema => existingExtendGraphQLSchema(extendGraphqlSchema(schema)) : extendGraphqlSchema
     });
   };
   return {
-    withAuth // In the future we may want to return the following so that developers can
+    withAuth
+    // In the future we may want to return the following so that developers can
     // roll their own. This is pending a review of the use cases this might be
     // appropriate for, along with documentation and testing.
     // ui: { enableSessionItem: true, pageMiddleware, getAdditionalFiles, publicPages },
     // fields,
     // extendGraphqlSchema,
     // validateConfig,
   };
 }