npm - @opensaas/keystone-nextjs-auth - Versions diffs - 26.0.0 → 27.0.0 - Mend

@opensaas/keystone-nextjs-auth 26.0.0 → 27.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,15 @@
 # @opensaas-keystone/nextjs-auth
+## 27.0.0
+### Major Changes
+- ec29144: Update dependency @keystone-6/core to v5
+### Patch Changes
+- 0a8ea8e: Update patch dependencies (patch)
 ## 26.0.0
 ### Major Changes

package/dist/opensaas-keystone-nextjs-auth.cjs.dev.js CHANGED Viewed

@@ -75,17 +75,14 @@ function getBaseAuthSchema(_ref) {
           types: [base.object(listKey)],
           resolveType: (root, context) => {
             var _context$session;
             return (_context$session = context.session) === null || _context$session === void 0 ? void 0 : _context$session.listKey;
           }
         }),
         resolve(root, args, _ref2) {
           let {
             session,
             db
           } = _ref2;
           if (typeof (session === null || session === void 0 ? void 0 : session.itemId) === 'string' && typeof session.listKey === 'string') {
             return db[session.listKey].findOne({
               where: {
@@ -93,10 +90,8 @@ function getBaseAuthSchema(_ref) {
               }
             });
           }
           return null;
         }
       })
     }
   };
@@ -111,7 +106,6 @@ const getSchemaExtension = _ref => {
   } = _ref;
   return core.graphql.extend(base => {
     var _context;
     const baseSchema = getBaseAuthSchema({
       listKey,
       base
@@ -161,6 +155,7 @@ const authTemplate = _ref => {
 };
 const _excluded = ["get", "end"];
 /**
  * createAuth function
  *
@@ -184,6 +179,7 @@ function createAuth(_ref) {
   // part of the createAuth API (in which case its use cases need to be documented and tested)
   // or whether always being true is what we want, in which case we can refactor our code
   // to match this. -TL
   const customPath = !keystonePath || keystonePath === '/' ? '' : keystonePath;
   /**
    * pageMiddleware
@@ -195,29 +191,25 @@ function createAuth(_ref) {
    *  - to the init page when initFirstItem is configured, and there are no user in the database
    *  - to the signin page when no valid session is present
    */
   const authMiddleware = async _ref2 => {
     let {
       context,
-      isValidSession
+      wasAccessAllowed
     } = _ref2;
     const {
       req,
       session
     } = context;
     const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
-    if (isValidSession) {
+    if (wasAccessAllowed) {
       if (customPath !== '' && pathname === '/') {
         return {
           kind: 'redirect',
           to: `${customPath}`
         };
       }
       return;
     }
     if (!session && !_includesInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`)) {
       return {
         kind: 'redirect',
@@ -225,6 +217,7 @@ function createAuth(_ref) {
       };
     }
   };
   /**
    * authGetAdditionalFiles
    *
@@ -233,8 +226,6 @@ function createAuth(_ref) {
    *
    * The signin page is always included, and the init page is included when initFirstItem is set
    */
   const authGetAdditionalFiles = () => {
     const filesToWrite = [{
       mode: 'write',
@@ -255,84 +246,75 @@ function createAuth(_ref) {
     }];
     return filesToWrite;
   };
   /**
    * publicAuthPages
    *
    * Must be added to the ui.publicPages config
    */
-  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`]; // TODO: Add Provider Types
+  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`];
+  // TODO: Add Provider Types
   // @ts-ignore
   function addPages(provider) {
     const name = provider.id;
     authPublicPages.push(`${customPath}/api/auth/signin/${name}`);
     authPublicPages.push(`${customPath}/api/auth/callback/${name}`);
   }
   _mapInstanceProperty__default["default"](providers).call(providers, addPages);
   /**
    * extendGraphqlSchema
    *
    * Must be added to the extendGraphqlSchema config. Can be composed.
    */
   const extendGraphqlSchema = getSchemaExtension({
     identityField,
     listKey
   });
   /**
    * validateConfig
    *
    * Validates the provided auth config; optional step when integrating auth
    */
   const validateConfig = keystoneConfig => {
     const listConfig = keystoneConfig.lists[listKey];
     if (listConfig === undefined) {
       const msg = `A createAuth() invocation specifies the list "${listKey}" but no list with that key has been defined.`;
       throw new Error(msg);
-    } // TODO: Check if providers
+    }
+    // TODO: Check if providers
     // TODO: Check other required commands/data
     // TODO: Check for String-like typing for identityField? How?
     // TODO: Validate that the identifyField is unique.
     // TODO: If this field isn't required, what happens if I try to log in as `null`?
     const identityFieldConfig = listConfig.fields[identityField];
     if (identityFieldConfig === undefined) {
       const identityFieldName = _JSON$stringify__default["default"](identityField);
       const msg = `A createAuth() invocation for the "${listKey}" list specifies ${identityFieldName} as its identityField but no field with that key exists on the list.`;
       throw new Error(msg);
     }
   };
   /**
    * withItemData
    *
    * Automatically injects a session.data value with the authenticated item
    */
   /* TODO:
   - [ ] We could support additional where input to validate item sessions (e.g an isEnabled boolean)
   */
   const withItemData = _sessionStrategy => {
     const {
-      get,
-      end
-    } = _sessionStrategy,
-          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+        get,
+        end
+      } = _sessionStrategy,
+      sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
       get: async _ref3 => {
         var _req$headers, _req$headers$authoriz;
         let {
           context
         } = _ref3;
@@ -342,13 +324,10 @@ function createAuth(_ref) {
         const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
         let nextSession;
         if (!req) return;
         if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth')) {
           return;
         }
         const sudoContext = context.sudo();
         if (((_req$headers = req.headers) === null || _req$headers === void 0 ? void 0 : (_req$headers$authoriz = _req$headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
           nextSession = await jwt.getToken({
             req: req,
@@ -359,11 +338,9 @@ function createAuth(_ref) {
             req
           });
         }
         if (!nextSession || !nextSession.listKey || nextSession.listKey !== listKey || !nextSession.itemId || !sudoContext.query[listKey] || !nextSession.itemId) {
           return;
         }
         const reqWithUser = req;
         reqWithUser.user = {
           istKey: nextSession.listKey,
@@ -405,7 +382,6 @@ function createAuth(_ref) {
       }
     });
   };
   function defaultIsAccessAllowed(_ref5) {
     let {
       session
@@ -422,16 +398,12 @@ function createAuth(_ref) {
    * It validates the auth config against the provided keystone config, and preserves existing
    * config by composing existing extendGraphqlSchema functions and ui config.
    */
   const withAuth = keystoneConfig => {
     var _ui;
     validateConfig(keystoneConfig);
     let {
       ui
     } = keystoneConfig;
     if (!((_ui = ui) !== null && _ui !== void 0 && _ui.isDisabled)) {
       const {
         getAdditionalFiles = [],
@@ -443,13 +415,10 @@ function createAuth(_ref) {
         publicPages: [...publicPages, ...authPublicPages],
         isAccessAllowed: async context => {
           var _context$req;
           const pathname = url__default["default"].parse((_context$req = context.req) === null || _context$req === void 0 ? void 0 : _context$req.url).pathname;
           if (_startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/_next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/__next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`) || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn) || pages !== null && pages !== void 0 && pages.error && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.error) || pages !== null && pages !== void 0 && pages.signOut && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signOut)) {
             return true;
           }
           return await isAccessAllowed(context);
         },
         getAdditionalFiles: [...getAdditionalFiles, authGetAdditionalFiles],
@@ -460,7 +429,6 @@ function createAuth(_ref) {
         }
       });
     }
     if (!keystoneConfig.session) throw new TypeError('Missing .session configuration');
     const session = withItemData(keystoneConfig.session);
     const existingExtendGraphQLSchema = keystoneConfig.extendGraphqlSchema;
@@ -475,16 +443,15 @@ function createAuth(_ref) {
       extendGraphqlSchema: existingExtendGraphQLSchema ? schema => existingExtendGraphQLSchema(extendGraphqlSchema(schema)) : extendGraphqlSchema
     });
   };
   return {
-    withAuth // In the future we may want to return the following so that developers can
+    withAuth
+    // In the future we may want to return the following so that developers can
     // roll their own. This is pending a review of the use cases this might be
     // appropriate for, along with documentation and testing.
     // ui: { enableSessionItem: true, pageMiddleware, getAdditionalFiles, publicPages },
     // fields,
     // extendGraphqlSchema,
     // validateConfig,
   };
 }

package/dist/opensaas-keystone-nextjs-auth.cjs.prod.js CHANGED Viewed

@@ -75,17 +75,14 @@ function getBaseAuthSchema(_ref) {
           types: [base.object(listKey)],
           resolveType: (root, context) => {
             var _context$session;
             return (_context$session = context.session) === null || _context$session === void 0 ? void 0 : _context$session.listKey;
           }
         }),
         resolve(root, args, _ref2) {
           let {
             session,
             db
           } = _ref2;
           if (typeof (session === null || session === void 0 ? void 0 : session.itemId) === 'string' && typeof session.listKey === 'string') {
             return db[session.listKey].findOne({
               where: {
@@ -93,10 +90,8 @@ function getBaseAuthSchema(_ref) {
               }
             });
           }
           return null;
         }
       })
     }
   };
@@ -111,7 +106,6 @@ const getSchemaExtension = _ref => {
   } = _ref;
   return core.graphql.extend(base => {
     var _context;
     const baseSchema = getBaseAuthSchema({
       listKey,
       base
@@ -161,6 +155,7 @@ const authTemplate = _ref => {
 };
 const _excluded = ["get", "end"];
 /**
  * createAuth function
  *
@@ -184,6 +179,7 @@ function createAuth(_ref) {
   // part of the createAuth API (in which case its use cases need to be documented and tested)
   // or whether always being true is what we want, in which case we can refactor our code
   // to match this. -TL
   const customPath = !keystonePath || keystonePath === '/' ? '' : keystonePath;
   /**
    * pageMiddleware
@@ -195,29 +191,25 @@ function createAuth(_ref) {
    *  - to the init page when initFirstItem is configured, and there are no user in the database
    *  - to the signin page when no valid session is present
    */
   const authMiddleware = async _ref2 => {
     let {
       context,
-      isValidSession
+      wasAccessAllowed
     } = _ref2;
     const {
       req,
       session
     } = context;
     const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
-    if (isValidSession) {
+    if (wasAccessAllowed) {
       if (customPath !== '' && pathname === '/') {
         return {
           kind: 'redirect',
           to: `${customPath}`
         };
       }
       return;
     }
     if (!session && !_includesInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`)) {
       return {
         kind: 'redirect',
@@ -225,6 +217,7 @@ function createAuth(_ref) {
       };
     }
   };
   /**
    * authGetAdditionalFiles
    *
@@ -233,8 +226,6 @@ function createAuth(_ref) {
    *
    * The signin page is always included, and the init page is included when initFirstItem is set
    */
   const authGetAdditionalFiles = () => {
     const filesToWrite = [{
       mode: 'write',
@@ -255,84 +246,75 @@ function createAuth(_ref) {
     }];
     return filesToWrite;
   };
   /**
    * publicAuthPages
    *
    * Must be added to the ui.publicPages config
    */
-  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`]; // TODO: Add Provider Types
+  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`];
+  // TODO: Add Provider Types
   // @ts-ignore
   function addPages(provider) {
     const name = provider.id;
     authPublicPages.push(`${customPath}/api/auth/signin/${name}`);
     authPublicPages.push(`${customPath}/api/auth/callback/${name}`);
   }
   _mapInstanceProperty__default["default"](providers).call(providers, addPages);
   /**
    * extendGraphqlSchema
    *
    * Must be added to the extendGraphqlSchema config. Can be composed.
    */
   const extendGraphqlSchema = getSchemaExtension({
     identityField,
     listKey
   });
   /**
    * validateConfig
    *
    * Validates the provided auth config; optional step when integrating auth
    */
   const validateConfig = keystoneConfig => {
     const listConfig = keystoneConfig.lists[listKey];
     if (listConfig === undefined) {
       const msg = `A createAuth() invocation specifies the list "${listKey}" but no list with that key has been defined.`;
       throw new Error(msg);
-    } // TODO: Check if providers
+    }
+    // TODO: Check if providers
     // TODO: Check other required commands/data
     // TODO: Check for String-like typing for identityField? How?
     // TODO: Validate that the identifyField is unique.
     // TODO: If this field isn't required, what happens if I try to log in as `null`?
     const identityFieldConfig = listConfig.fields[identityField];
     if (identityFieldConfig === undefined) {
       const identityFieldName = _JSON$stringify__default["default"](identityField);
       const msg = `A createAuth() invocation for the "${listKey}" list specifies ${identityFieldName} as its identityField but no field with that key exists on the list.`;
       throw new Error(msg);
     }
   };
   /**
    * withItemData
    *
    * Automatically injects a session.data value with the authenticated item
    */
   /* TODO:
   - [ ] We could support additional where input to validate item sessions (e.g an isEnabled boolean)
   */
   const withItemData = _sessionStrategy => {
     const {
-      get,
-      end
-    } = _sessionStrategy,
-          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+        get,
+        end
+      } = _sessionStrategy,
+      sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
       get: async _ref3 => {
         var _req$headers, _req$headers$authoriz;
         let {
           context
         } = _ref3;
@@ -342,13 +324,10 @@ function createAuth(_ref) {
         const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
         let nextSession;
         if (!req) return;
         if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth')) {
           return;
         }
         const sudoContext = context.sudo();
         if (((_req$headers = req.headers) === null || _req$headers === void 0 ? void 0 : (_req$headers$authoriz = _req$headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
           nextSession = await jwt.getToken({
             req: req,
@@ -359,11 +338,9 @@ function createAuth(_ref) {
             req
           });
         }
         if (!nextSession || !nextSession.listKey || nextSession.listKey !== listKey || !nextSession.itemId || !sudoContext.query[listKey] || !nextSession.itemId) {
           return;
         }
         const reqWithUser = req;
         reqWithUser.user = {
           istKey: nextSession.listKey,
@@ -405,7 +382,6 @@ function createAuth(_ref) {
       }
     });
   };
   function defaultIsAccessAllowed(_ref5) {
     let {
       session
@@ -422,16 +398,12 @@ function createAuth(_ref) {
    * It validates the auth config against the provided keystone config, and preserves existing
    * config by composing existing extendGraphqlSchema functions and ui config.
    */
   const withAuth = keystoneConfig => {
     var _ui;
     validateConfig(keystoneConfig);
     let {
       ui
     } = keystoneConfig;
     if (!((_ui = ui) !== null && _ui !== void 0 && _ui.isDisabled)) {
       const {
         getAdditionalFiles = [],
@@ -443,13 +415,10 @@ function createAuth(_ref) {
         publicPages: [...publicPages, ...authPublicPages],
         isAccessAllowed: async context => {
           var _context$req;
           const pathname = url__default["default"].parse((_context$req = context.req) === null || _context$req === void 0 ? void 0 : _context$req.url).pathname;
           if (_startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/_next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/__next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`) || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn) || pages !== null && pages !== void 0 && pages.error && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.error) || pages !== null && pages !== void 0 && pages.signOut && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signOut)) {
             return true;
           }
           return await isAccessAllowed(context);
         },
         getAdditionalFiles: [...getAdditionalFiles, authGetAdditionalFiles],
@@ -460,7 +429,6 @@ function createAuth(_ref) {
         }
       });
     }
     if (!keystoneConfig.session) throw new TypeError('Missing .session configuration');
     const session = withItemData(keystoneConfig.session);
     const existingExtendGraphQLSchema = keystoneConfig.extendGraphqlSchema;
@@ -475,16 +443,15 @@ function createAuth(_ref) {
       extendGraphqlSchema: existingExtendGraphQLSchema ? schema => existingExtendGraphQLSchema(extendGraphqlSchema(schema)) : extendGraphqlSchema
     });
   };
   return {
-    withAuth // In the future we may want to return the following so that developers can
+    withAuth
+    // In the future we may want to return the following so that developers can
     // roll their own. This is pending a review of the use cases this might be
     // appropriate for, along with documentation and testing.
     // ui: { enableSessionItem: true, pageMiddleware, getAdditionalFiles, publicPages },
     // fields,
     // extendGraphqlSchema,
     // validateConfig,
   };
 }