npm - @opensaas/keystone-nextjs-auth - Versions diffs - 26.0.0 → 27.1.0 - Mend

@opensaas/keystone-nextjs-auth 26.0.0 → 27.1.0

Files changed (13) hide show

package/dist/opensaas-keystone-nextjs-auth.cjs.prod.js CHANGED Viewed

@@ -9,6 +9,7 @@ var _mapInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instan
 var _JSON$stringify = require('@babel/runtime-corejs3/core-js-stable/json/stringify');
 var _startsWithInstanceProperty = require('@babel/runtime-corejs3/core-js-stable/instance/starts-with');
 var url = require('url');
+var path = require('path');
 var react = require('next-auth/react');
 var jwt = require('next-auth/jwt');
 var cookie = require('cookie');
@@ -41,6 +42,7 @@ var _mapInstanceProperty__default = /*#__PURE__*/_interopDefault(_mapInstancePro
 var _JSON$stringify__default = /*#__PURE__*/_interopDefault(_JSON$stringify);
 var _startsWithInstanceProperty__default = /*#__PURE__*/_interopDefault(_startsWithInstanceProperty);
 var url__default = /*#__PURE__*/_interopDefault(url);
+var path__default = /*#__PURE__*/_interopDefault(path);
 var cookie__namespace = /*#__PURE__*/_interopNamespace(cookie);
 var ejs__default = /*#__PURE__*/_interopDefault(ejs);
 var _filterInstanceProperty__default = /*#__PURE__*/_interopDefault(_filterInstanceProperty);
@@ -75,17 +77,14 @@ function getBaseAuthSchema(_ref) {
           types: [base.object(listKey)],
           resolveType: (root, context) => {
             var _context$session;
             return (_context$session = context.session) === null || _context$session === void 0 ? void 0 : _context$session.listKey;
           }
         }),
         resolve(root, args, _ref2) {
           let {
             session,
             db
           } = _ref2;
           if (typeof (session === null || session === void 0 ? void 0 : session.itemId) === 'string' && typeof session.listKey === 'string') {
             return db[session.listKey].findOne({
               where: {
@@ -93,10 +92,8 @@ function getBaseAuthSchema(_ref) {
               }
             });
           }
           return null;
         }
       })
     }
   };
@@ -111,7 +108,6 @@ const getSchemaExtension = _ref => {
   } = _ref;
   return core.graphql.extend(base => {
     var _context;
     const baseSchema = getBaseAuthSchema({
       listKey,
       base
@@ -124,7 +120,7 @@ const template = `
 import { getContext } from '@keystone-6/core/context';
 import getNextAuthPage from '@opensaas/keystone-nextjs-auth/pages/NextAuthPage';
 import keystoneConfig from '../../../../../keystone';
-import * as PrismaModule from '.prisma/client';
+import * as PrismaModule from '<%= prismaClientPath %>';
 const keystoneQueryAPI = global.keystoneQueryAPI || getContext(keystoneConfig, PrismaModule).sudo().query;
@@ -148,19 +144,22 @@ const authTemplate = _ref => {
     identityField,
     listKey,
     sessionData,
-    sessionSecret
+    sessionSecret,
+    prismaClientPath
   } = _ref;
   const authOut = ejs__default["default"].render(template, {
     identityField,
     sessionData,
     listKey,
     autoCreate,
-    sessionSecret
+    sessionSecret,
+    prismaClientPath
   });
   return authOut;
 };
 const _excluded = ["get", "end"];
 /**
  * createAuth function
  *
@@ -184,6 +183,7 @@ function createAuth(_ref) {
   // part of the createAuth API (in which case its use cases need to be documented and tested)
   // or whether always being true is what we want, in which case we can refactor our code
   // to match this. -TL
   const customPath = !keystonePath || keystonePath === '/' ? '' : keystonePath;
   /**
    * pageMiddleware
@@ -195,36 +195,32 @@ function createAuth(_ref) {
    *  - to the init page when initFirstItem is configured, and there are no user in the database
    *  - to the signin page when no valid session is present
    */
   const authMiddleware = async _ref2 => {
     let {
       context,
-      isValidSession
+      wasAccessAllowed
     } = _ref2;
     const {
-      req,
-      session
+      req
     } = context;
     const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
-    if (isValidSession) {
+    if (wasAccessAllowed) {
       if (customPath !== '' && pathname === '/') {
         return {
           kind: 'redirect',
           to: `${customPath}`
         };
       }
       return;
     }
-    if (!session && !_includesInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`)) {
+    if (!wasAccessAllowed && !_includesInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`)) {
       return {
         kind: 'redirect',
         to: (pages === null || pages === void 0 ? void 0 : pages.signIn) || `${customPath}/api/auth/signin`
       };
     }
   };
   /**
    * authGetAdditionalFiles
    *
@@ -233,9 +229,8 @@ function createAuth(_ref) {
    *
    * The signin page is always included, and the init page is included when initFirstItem is set
    */
-  const authGetAdditionalFiles = () => {
+  const authGetAdditionalFiles = config => {
+    const prismaClientPath = config.db.prismaClientPath ? path__default["default"].join('../../../../../', config.db.prismaClientPath) : '@prisma/client';
     const filesToWrite = [{
       mode: 'write',
       outputPath: 'pages/api/auth/[...nextauth].js',
@@ -244,7 +239,8 @@ function createAuth(_ref) {
         identityField,
         listKey,
         sessionData,
-        sessionSecret
+        sessionSecret,
+        prismaClientPath
       })
     }, {
       mode: 'write',
@@ -255,84 +251,75 @@ function createAuth(_ref) {
     }];
     return filesToWrite;
   };
   /**
    * publicAuthPages
    *
    * Must be added to the ui.publicPages config
    */
-  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`]; // TODO: Add Provider Types
+  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`];
+  // TODO: Add Provider Types
   // @ts-ignore
   function addPages(provider) {
     const name = provider.id;
     authPublicPages.push(`${customPath}/api/auth/signin/${name}`);
     authPublicPages.push(`${customPath}/api/auth/callback/${name}`);
   }
   _mapInstanceProperty__default["default"](providers).call(providers, addPages);
   /**
    * extendGraphqlSchema
    *
    * Must be added to the extendGraphqlSchema config. Can be composed.
    */
   const extendGraphqlSchema = getSchemaExtension({
     identityField,
     listKey
   });
   /**
    * validateConfig
    *
    * Validates the provided auth config; optional step when integrating auth
    */
   const validateConfig = keystoneConfig => {
     const listConfig = keystoneConfig.lists[listKey];
     if (listConfig === undefined) {
       const msg = `A createAuth() invocation specifies the list "${listKey}" but no list with that key has been defined.`;
       throw new Error(msg);
-    } // TODO: Check if providers
+    }
+    // TODO: Check if providers
     // TODO: Check other required commands/data
     // TODO: Check for String-like typing for identityField? How?
     // TODO: Validate that the identifyField is unique.
     // TODO: If this field isn't required, what happens if I try to log in as `null`?
     const identityFieldConfig = listConfig.fields[identityField];
     if (identityFieldConfig === undefined) {
       const identityFieldName = _JSON$stringify__default["default"](identityField);
       const msg = `A createAuth() invocation for the "${listKey}" list specifies ${identityFieldName} as its identityField but no field with that key exists on the list.`;
       throw new Error(msg);
     }
   };
   /**
    * withItemData
    *
    * Automatically injects a session.data value with the authenticated item
    */
   /* TODO:
   - [ ] We could support additional where input to validate item sessions (e.g an isEnabled boolean)
   */
   const withItemData = _sessionStrategy => {
     const {
-      get,
-      end
-    } = _sessionStrategy,
-          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+        get,
+        end
+      } = _sessionStrategy,
+      sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
       get: async _ref3 => {
         var _req$headers, _req$headers$authoriz;
         let {
           context
         } = _ref3;
@@ -342,13 +329,10 @@ function createAuth(_ref) {
         const pathname = url__default["default"].parse(req === null || req === void 0 ? void 0 : req.url).pathname;
         let nextSession;
         if (!req) return;
         if (_includesInstanceProperty__default["default"](pathname).call(pathname, '/api/auth')) {
           return;
         }
         const sudoContext = context.sudo();
         if (((_req$headers = req.headers) === null || _req$headers === void 0 ? void 0 : (_req$headers$authoriz = _req$headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
           nextSession = await jwt.getToken({
             req: req,
@@ -359,11 +343,9 @@ function createAuth(_ref) {
             req
           });
         }
         if (!nextSession || !nextSession.listKey || nextSession.listKey !== listKey || !nextSession.itemId || !sudoContext.query[listKey] || !nextSession.itemId) {
           return;
         }
         const reqWithUser = req;
         reqWithUser.user = {
           istKey: nextSession.listKey,
@@ -405,7 +387,6 @@ function createAuth(_ref) {
       }
     });
   };
   function defaultIsAccessAllowed(_ref5) {
     let {
       session
@@ -422,16 +403,12 @@ function createAuth(_ref) {
    * It validates the auth config against the provided keystone config, and preserves existing
    * config by composing existing extendGraphqlSchema functions and ui config.
    */
   const withAuth = keystoneConfig => {
     var _ui;
     validateConfig(keystoneConfig);
     let {
       ui
     } = keystoneConfig;
     if (!((_ui = ui) !== null && _ui !== void 0 && _ui.isDisabled)) {
       const {
         getAdditionalFiles = [],
@@ -443,13 +420,10 @@ function createAuth(_ref) {
         publicPages: [...publicPages, ...authPublicPages],
         isAccessAllowed: async context => {
           var _context$req;
           const pathname = url__default["default"].parse((_context$req = context.req) === null || _context$req === void 0 ? void 0 : _context$req.url).pathname;
           if (_startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/_next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/__next`) || _startsWithInstanceProperty__default["default"](pathname).call(pathname, `${customPath}/api/auth/`) || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn) || pages !== null && pages !== void 0 && pages.error && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.error) || pages !== null && pages !== void 0 && pages.signOut && _includesInstanceProperty__default["default"](pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signOut)) {
             return true;
           }
           return await isAccessAllowed(context);
         },
         getAdditionalFiles: [...getAdditionalFiles, authGetAdditionalFiles],
@@ -460,7 +434,6 @@ function createAuth(_ref) {
         }
       });
     }
     if (!keystoneConfig.session) throw new TypeError('Missing .session configuration');
     const session = withItemData(keystoneConfig.session);
     const existingExtendGraphQLSchema = keystoneConfig.extendGraphqlSchema;
@@ -475,16 +448,15 @@ function createAuth(_ref) {
       extendGraphqlSchema: existingExtendGraphQLSchema ? schema => existingExtendGraphQLSchema(extendGraphqlSchema(schema)) : extendGraphqlSchema
     });
   };
   return {
-    withAuth // In the future we may want to return the following so that developers can
+    withAuth
+    // In the future we may want to return the following so that developers can
     // roll their own. This is pending a review of the use cases this might be
     // appropriate for, along with documentation and testing.
     // ui: { enableSessionItem: true, pageMiddleware, getAdditionalFiles, publicPages },
     // fields,
     // extendGraphqlSchema,
     // validateConfig,
   };
 }

package/dist/opensaas-keystone-nextjs-auth.esm.js CHANGED Viewed

@@ -5,6 +5,7 @@ import _mapInstanceProperty from '@babel/runtime-corejs3/core-js-stable/instance
 import _JSON$stringify from '@babel/runtime-corejs3/core-js-stable/json/stringify';
 import _startsWithInstanceProperty from '@babel/runtime-corejs3/core-js-stable/instance/starts-with';
 import url from 'url';
+import path from 'path';
 import { getSession } from 'next-auth/react';
 import { getToken } from 'next-auth/jwt';
 import * as cookie from 'cookie';
@@ -42,17 +43,14 @@ function getBaseAuthSchema(_ref) {
           types: [base.object(listKey)],
           resolveType: (root, context) => {
             var _context$session;
             return (_context$session = context.session) === null || _context$session === void 0 ? void 0 : _context$session.listKey;
           }
         }),
         resolve(root, args, _ref2) {
           let {
             session,
             db
           } = _ref2;
           if (typeof (session === null || session === void 0 ? void 0 : session.itemId) === 'string' && typeof session.listKey === 'string') {
             return db[session.listKey].findOne({
               where: {
@@ -60,10 +58,8 @@ function getBaseAuthSchema(_ref) {
               }
             });
           }
           return null;
         }
       })
     }
   };
@@ -78,7 +74,6 @@ const getSchemaExtension = _ref => {
   } = _ref;
   return graphql.extend(base => {
     var _context;
     const baseSchema = getBaseAuthSchema({
       listKey,
       base
@@ -91,7 +86,7 @@ const template = `
 import { getContext } from '@keystone-6/core/context';
 import getNextAuthPage from '@opensaas/keystone-nextjs-auth/pages/NextAuthPage';
 import keystoneConfig from '../../../../../keystone';
-import * as PrismaModule from '.prisma/client';
+import * as PrismaModule from '<%= prismaClientPath %>';
 const keystoneQueryAPI = global.keystoneQueryAPI || getContext(keystoneConfig, PrismaModule).sudo().query;
@@ -115,19 +110,22 @@ const authTemplate = _ref => {
     identityField,
     listKey,
     sessionData,
-    sessionSecret
+    sessionSecret,
+    prismaClientPath
   } = _ref;
   const authOut = ejs.render(template, {
     identityField,
     sessionData,
     listKey,
     autoCreate,
-    sessionSecret
+    sessionSecret,
+    prismaClientPath
   });
   return authOut;
 };
 const _excluded = ["get", "end"];
 /**
  * createAuth function
  *
@@ -151,6 +149,7 @@ function createAuth(_ref) {
   // part of the createAuth API (in which case its use cases need to be documented and tested)
   // or whether always being true is what we want, in which case we can refactor our code
   // to match this. -TL
   const customPath = !keystonePath || keystonePath === '/' ? '' : keystonePath;
   /**
    * pageMiddleware
@@ -162,36 +161,32 @@ function createAuth(_ref) {
    *  - to the init page when initFirstItem is configured, and there are no user in the database
    *  - to the signin page when no valid session is present
    */
   const authMiddleware = async _ref2 => {
     let {
       context,
-      isValidSession
+      wasAccessAllowed
     } = _ref2;
     const {
-      req,
-      session
+      req
     } = context;
     const pathname = url.parse(req === null || req === void 0 ? void 0 : req.url).pathname;
-    if (isValidSession) {
+    if (wasAccessAllowed) {
       if (customPath !== '' && pathname === '/') {
         return {
           kind: 'redirect',
           to: `${customPath}`
         };
       }
       return;
     }
-    if (!session && !_includesInstanceProperty(pathname).call(pathname, `${customPath}/api/auth/`)) {
+    if (!wasAccessAllowed && !_includesInstanceProperty(pathname).call(pathname, `${customPath}/api/auth/`)) {
       return {
         kind: 'redirect',
         to: (pages === null || pages === void 0 ? void 0 : pages.signIn) || `${customPath}/api/auth/signin`
       };
     }
   };
   /**
    * authGetAdditionalFiles
    *
@@ -200,9 +195,8 @@ function createAuth(_ref) {
    *
    * The signin page is always included, and the init page is included when initFirstItem is set
    */
-  const authGetAdditionalFiles = () => {
+  const authGetAdditionalFiles = config => {
+    const prismaClientPath = config.db.prismaClientPath ? path.join('../../../../../', config.db.prismaClientPath) : '@prisma/client';
     const filesToWrite = [{
       mode: 'write',
       outputPath: 'pages/api/auth/[...nextauth].js',
@@ -211,7 +205,8 @@ function createAuth(_ref) {
         identityField,
         listKey,
         sessionData,
-        sessionSecret
+        sessionSecret,
+        prismaClientPath
       })
     }, {
       mode: 'write',
@@ -222,84 +217,75 @@ function createAuth(_ref) {
     }];
     return filesToWrite;
   };
   /**
    * publicAuthPages
    *
    * Must be added to the ui.publicPages config
    */
-  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`]; // TODO: Add Provider Types
+  const authPublicPages = [`${customPath}/api/auth/csrf`, `${customPath}/api/auth/signin`, `${customPath}/api/auth/callback`, `${customPath}/api/auth/session`, `${customPath}/api/auth/providers`, `${customPath}/api/auth/signout`, `${customPath}/api/auth/error`];
+  // TODO: Add Provider Types
   // @ts-ignore
   function addPages(provider) {
     const name = provider.id;
     authPublicPages.push(`${customPath}/api/auth/signin/${name}`);
     authPublicPages.push(`${customPath}/api/auth/callback/${name}`);
   }
   _mapInstanceProperty(providers).call(providers, addPages);
   /**
    * extendGraphqlSchema
    *
    * Must be added to the extendGraphqlSchema config. Can be composed.
    */
   const extendGraphqlSchema = getSchemaExtension({
     identityField,
     listKey
   });
   /**
    * validateConfig
    *
    * Validates the provided auth config; optional step when integrating auth
    */
   const validateConfig = keystoneConfig => {
     const listConfig = keystoneConfig.lists[listKey];
     if (listConfig === undefined) {
       const msg = `A createAuth() invocation specifies the list "${listKey}" but no list with that key has been defined.`;
       throw new Error(msg);
-    } // TODO: Check if providers
+    }
+    // TODO: Check if providers
     // TODO: Check other required commands/data
     // TODO: Check for String-like typing for identityField? How?
     // TODO: Validate that the identifyField is unique.
     // TODO: If this field isn't required, what happens if I try to log in as `null`?
     const identityFieldConfig = listConfig.fields[identityField];
     if (identityFieldConfig === undefined) {
       const identityFieldName = _JSON$stringify(identityField);
       const msg = `A createAuth() invocation for the "${listKey}" list specifies ${identityFieldName} as its identityField but no field with that key exists on the list.`;
       throw new Error(msg);
     }
   };
   /**
    * withItemData
    *
    * Automatically injects a session.data value with the authenticated item
    */
   /* TODO:
   - [ ] We could support additional where input to validate item sessions (e.g an isEnabled boolean)
   */
   const withItemData = _sessionStrategy => {
     const {
-      get,
-      end
-    } = _sessionStrategy,
-          sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
+        get,
+        end
+      } = _sessionStrategy,
+      sessionStrategy = _objectWithoutProperties(_sessionStrategy, _excluded);
     return _objectSpread(_objectSpread({}, sessionStrategy), {}, {
       get: async _ref3 => {
         var _req$headers, _req$headers$authoriz;
         let {
           context
         } = _ref3;
@@ -309,13 +295,10 @@ function createAuth(_ref) {
         const pathname = url.parse(req === null || req === void 0 ? void 0 : req.url).pathname;
         let nextSession;
         if (!req) return;
         if (_includesInstanceProperty(pathname).call(pathname, '/api/auth')) {
           return;
         }
         const sudoContext = context.sudo();
         if (((_req$headers = req.headers) === null || _req$headers === void 0 ? void 0 : (_req$headers$authoriz = _req$headers.authorization) === null || _req$headers$authoriz === void 0 ? void 0 : _req$headers$authoriz.split(' ')[0]) === 'Bearer') {
           nextSession = await getToken({
             req: req,
@@ -326,11 +309,9 @@ function createAuth(_ref) {
             req
           });
         }
         if (!nextSession || !nextSession.listKey || nextSession.listKey !== listKey || !nextSession.itemId || !sudoContext.query[listKey] || !nextSession.itemId) {
           return;
         }
         const reqWithUser = req;
         reqWithUser.user = {
           istKey: nextSession.listKey,
@@ -372,7 +353,6 @@ function createAuth(_ref) {
       }
     });
   };
   function defaultIsAccessAllowed(_ref5) {
     let {
       session
@@ -389,16 +369,12 @@ function createAuth(_ref) {
    * It validates the auth config against the provided keystone config, and preserves existing
    * config by composing existing extendGraphqlSchema functions and ui config.
    */
   const withAuth = keystoneConfig => {
     var _ui;
     validateConfig(keystoneConfig);
     let {
       ui
     } = keystoneConfig;
     if (!((_ui = ui) !== null && _ui !== void 0 && _ui.isDisabled)) {
       const {
         getAdditionalFiles = [],
@@ -410,13 +386,10 @@ function createAuth(_ref) {
         publicPages: [...publicPages, ...authPublicPages],
         isAccessAllowed: async context => {
           var _context$req;
           const pathname = url.parse((_context$req = context.req) === null || _context$req === void 0 ? void 0 : _context$req.url).pathname;
           if (_startsWithInstanceProperty(pathname).call(pathname, `${customPath}/_next`) || _startsWithInstanceProperty(pathname).call(pathname, `${customPath}/__next`) || _startsWithInstanceProperty(pathname).call(pathname, `${customPath}/api/auth/`) || pages !== null && pages !== void 0 && pages.signIn && _includesInstanceProperty(pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signIn) || pages !== null && pages !== void 0 && pages.error && _includesInstanceProperty(pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.error) || pages !== null && pages !== void 0 && pages.signOut && _includesInstanceProperty(pathname).call(pathname, pages === null || pages === void 0 ? void 0 : pages.signOut)) {
             return true;
           }
           return await isAccessAllowed(context);
         },
         getAdditionalFiles: [...getAdditionalFiles, authGetAdditionalFiles],
@@ -427,7 +400,6 @@ function createAuth(_ref) {
         }
       });
     }
     if (!keystoneConfig.session) throw new TypeError('Missing .session configuration');
     const session = withItemData(keystoneConfig.session);
     const existingExtendGraphQLSchema = keystoneConfig.extendGraphqlSchema;
@@ -442,16 +414,15 @@ function createAuth(_ref) {
       extendGraphqlSchema: existingExtendGraphQLSchema ? schema => existingExtendGraphQLSchema(extendGraphqlSchema(schema)) : extendGraphqlSchema
     });
   };
   return {
-    withAuth // In the future we may want to return the following so that developers can
+    withAuth
+    // In the future we may want to return the following so that developers can
     // roll their own. This is pending a review of the use cases this might be
     // appropriate for, along with documentation and testing.
     // ui: { enableSessionItem: true, pageMiddleware, getAdditionalFiles, publicPages },
     // fields,
     // extendGraphqlSchema,
     // validateConfig,
   };
 }