sourcebot/packages/web/src/auth.ts

import 'next-auth/jwt';
import NextAuth, { DefaultSession } from "next-auth"
import GitHub from "next-auth/providers/github"
import Google from "next-auth/providers/google"
import { PrismaAdapter } from "@auth/prisma-adapter"
import { prisma } from "@/prisma";
import { AUTH_GITHUB_CLIENT_ID, AUTH_GITHUB_CLIENT_SECRET, AUTH_GOOGLE_CLIENT_ID, AUTH_GOOGLE_CLIENT_SECRET, AUTH_SECRET, AUTH_URL } from "./lib/environment";
import { User } from '@sourcebot/db';
import 'next-auth/jwt';
import type { Provider } from "next-auth/providers";

declare module 'next-auth' {
    interface Session {
        user: {
            id: string;
        } & DefaultSession['user'];
    }
}

declare module 'next-auth/jwt' {
    interface JWT {
        userId: string
    }
}

const providers: Provider[] = [
    GitHub({
        clientId: AUTH_GITHUB_CLIENT_ID,
        clientSecret: AUTH_GITHUB_CLIENT_SECRET,
    }),
    Google({
        clientId: AUTH_GOOGLE_CLIENT_ID!,
        clientSecret: AUTH_GOOGLE_CLIENT_SECRET!,
    })
];

// @see: https://authjs.dev/guides/pages/signin
export const providerMap = providers
    .map((provider) => {
        if (typeof provider === "function") {
            const providerData = provider()
            return { id: providerData.id, name: providerData.name }
        } else {
            return { id: provider.id, name: provider.name }
        }
    })
    .filter((provider) => provider.id !== "credentials");


const useSecureCookies = AUTH_URL.startsWith("https://");
const hostName = new URL(AUTH_URL).hostname;

export const { handlers, signIn, signOut, auth } = NextAuth({
    secret: AUTH_SECRET,
    adapter: PrismaAdapter(prisma),
    session: {
        strategy: "jwt",
    },
    callbacks: {
        async jwt({ token, user: _user }) {
            const user = _user as User | undefined;
            // @note: `user` will be available on signUp or signIn triggers.
            // Cache the userId in the JWT for later use.
            if (user) {
                token.userId = user.id;
            }
            return token;
        },
        async session({ session, token }) {
            // @WARNING: Anything stored in the session will be sent over
            // to the client.
            session.user = {
                ...session.user,
                // Propogate the userId to the session.
                id: token.userId,
            }
            return session;
        },
    },
    cookies: {
        sessionToken: {
            name: `${useSecureCookies ? '__Secure-' : ''}authjs.session-token`,
            options: {
                httpOnly: true,
                sameSite: 'lax',
                path: '/',
                secure: useSecureCookies,
                domain: `.${hostName}`
            }
        },
        callbackUrl: {
            name: `${useSecureCookies ? '__Secure-' : ''}authjs.callback-url`,
            options: {
                sameSite: 'lax',
                path: '/',
                secure: useSecureCookies,
                domain: `.${hostName}`
            }
        },
        csrfToken: {
            name: `${useSecureCookies ? '__Host-' : ''}authjs.csrf-token`,
            options: {
                httpOnly: true,
                sameSite: 'lax',
                path: '/',
                secure: useSecureCookies,
                domain: `.${hostName}`
            }
        }
    },
    providers: providers,
    pages: {
        signIn: "/login"
    }
});
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`import 'next-auth/jwt';`
Domain support (#188) 2025-02-12 21:51:44 +00:00			`import NextAuth, { DefaultSession } from "next-auth"`
Authentication (#164) 2025-01-16 23:24:13 +00:00			`import GitHub from "next-auth/providers/github"`
add invite system and google oauth provider (#185) * add settings page with members list * add invite to schema and basic create form * add invite table * add basic invite link copy button * add auth invite accept case * add non auth logic * add google oauth provider 2025-02-10 22:31:38 +00:00			`import Google from "next-auth/providers/google"`
Authentication (#164) 2025-01-16 23:24:13 +00:00			`import { PrismaAdapter } from "@auth/prisma-adapter"`
			`import { prisma } from "@/prisma";`
Domain support (#188) 2025-02-12 21:51:44 +00:00			`import { AUTH_GITHUB_CLIENT_ID, AUTH_GITHUB_CLIENT_SECRET, AUTH_GOOGLE_CLIENT_ID, AUTH_GOOGLE_CLIENT_SECRET, AUTH_SECRET, AUTH_URL } from "./lib/environment";`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`import { User } from '@sourcebot/db';`
Domain support (#188) 2025-02-12 21:51:44 +00:00			`import 'next-auth/jwt';`
			`import type { Provider } from "next-auth/providers";`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00
			`declare module 'next-auth' {`
			`interface Session {`
			`user: {`
			`id: string;`
			`} & DefaultSession['user'];`
			`}`
			`}`

			`declare module 'next-auth/jwt' {`
			`interface JWT {`
Domain support (#188) 2025-02-12 21:51:44 +00:00			`userId: string`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`}`
Domain support (#188) 2025-02-12 21:51:44 +00:00			`}`
Authentication (#164) 2025-01-16 23:24:13 +00:00
			`const providers: Provider[] = [`
			`GitHub({`
			`clientId: AUTH_GITHUB_CLIENT_ID,`
			`clientSecret: AUTH_GITHUB_CLIENT_SECRET,`
			`}),`
add invite system and google oauth provider (#185) * add settings page with members list * add invite to schema and basic create form * add invite table * add basic invite link copy button * add auth invite accept case * add non auth logic * add google oauth provider 2025-02-10 22:31:38 +00:00			`Google({`
			`clientId: AUTH_GOOGLE_CLIENT_ID!,`
			`clientSecret: AUTH_GOOGLE_CLIENT_SECRET!,`
			`})`
Authentication (#164) 2025-01-16 23:24:13 +00:00			`];`

			`// @see: https://authjs.dev/guides/pages/signin`
			`export const providerMap = providers`
			`.map((provider) => {`
			`if (typeof provider === "function") {`
			`const providerData = provider()`
			`return { id: providerData.id, name: providerData.name }`
			`} else {`
			`return { id: provider.id, name: provider.name }`
			`}`
			`})`
			`.filter((provider) => provider.id !== "credentials");`

Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00
Domain support (#188) 2025-02-12 21:51:44 +00:00			`const useSecureCookies = AUTH_URL.startsWith("https://");`
			`const hostName = new URL(AUTH_URL).hostname;`
Authentication (#164) 2025-01-16 23:24:13 +00:00
			`export const { handlers, signIn, signOut, auth } = NextAuth({`
			`secret: AUTH_SECRET,`
			`adapter: PrismaAdapter(prisma),`
			`session: {`
			`strategy: "jwt",`
			`},`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`callbacks: {`
			`async jwt({ token, user: _user }) {`
			`const user = _user as User \| undefined;`
			// @note: `user` will be available on signUp or signIn triggers.
			`// Cache the userId in the JWT for later use.`
			`if (user) {`
			`token.userId = user.id;`
			`}`
			`return token;`
			`},`
			`async session({ session, token }) {`
			`// @WARNING: Anything stored in the session will be sent over`
			`// to the client.`
			`session.user = {`
			`...session.user,`
			`// Propogate the userId to the session.`
			`id: token.userId,`
			`}`
			`return session;`
Domain support (#188) 2025-02-12 21:51:44 +00:00			`},`
			`},`
			`cookies: {`
			`sessionToken: {`
			name: `${useSecureCookies ? '__Secure-' : ''}authjs.session-token`,
			`options: {`
			`httpOnly: true,`
			`sameSite: 'lax',`
			`path: '/',`
			`secure: useSecureCookies,`
			domain: `.${hostName}`
			`}`
			`},`
			`callbackUrl: {`
			name: `${useSecureCookies ? '__Secure-' : ''}authjs.callback-url`,
			`options: {`
			`sameSite: 'lax',`
			`path: '/',`
			`secure: useSecureCookies,`
			domain: `.${hostName}`
			`}`
			`},`
			`csrfToken: {`
			name: `${useSecureCookies ? '__Host-' : ''}authjs.csrf-token`,
			`options: {`
			`httpOnly: true,`
			`sameSite: 'lax',`
			`path: '/',`
			`secure: useSecureCookies,`
			domain: `.${hostName}`
			`}`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`}`
			`},`
Authentication (#164) 2025-01-16 23:24:13 +00:00			`providers: providers,`
			`pages: {`
			`signIn: "/login"`
			`}`
Organization switching & active org management (#173) 2025-01-21 22:50:16 +00:00			`});`