@auth/core
Advanced tools
Comparing version 0.21.0 to 0.22.0
@@ -273,3 +273,2 @@ /** | ||
/** | ||
* | ||
* Use this option to enable experimental features. | ||
@@ -281,3 +280,9 @@ * When enabled, it will print a warning message to the console. | ||
experimental?: Record<string, boolean>; | ||
/** | ||
* The base path of the Auth.js API endpoints. | ||
* | ||
* @default "/auth" | ||
*/ | ||
basePath?: string; | ||
} | ||
//# sourceMappingURL=index.d.ts.map |
@@ -65,3 +65,3 @@ /** | ||
setLogger(config.logger, config.debug); | ||
const internalRequest = await toInternalRequest(request); | ||
const internalRequest = await toInternalRequest(request, config); | ||
if (internalRequest instanceof Error) { | ||
@@ -123,4 +123,3 @@ logger.error(internalRequest); | ||
const params = new URLSearchParams({ error: type }); | ||
const path = config.pages?.[page] ?? | ||
`${internalRequest.url.pathname}/${page.toLowerCase()}`; | ||
const path = config.pages?.[page] ?? `${config.basePath}/${page.toLowerCase()}`; | ||
const url = `${internalRequest.url.origin}${path}?${params}`; | ||
@@ -127,0 +126,0 @@ if (isRedirect) |
@@ -37,3 +37,3 @@ import { UnknownAction } from "../errors.js"; | ||
case "signin": | ||
return render.signin(error); | ||
return render.signin(providerId, error); | ||
case "signout": | ||
@@ -40,0 +40,0 @@ return render.signout(); |
@@ -33,3 +33,3 @@ import type { InternalOptions, RequestInternal, ResponseInternal, InternalProvider, PublicProvider } from "../../types.js"; | ||
}; | ||
signin(error: any): ResponseInternal<any>; | ||
signin(providerId?: string, error?: any): ResponseInternal<any>; | ||
signout(): ResponseInternal<any>; | ||
@@ -36,0 +36,0 @@ verifyRequest(props?: any): ResponseInternal<any>; |
@@ -7,2 +7,3 @@ import { renderToString } from "preact-render-to-string"; | ||
import VerifyRequestPage from "./verify-request.js"; | ||
import { UnknownAction } from "../../errors.js"; | ||
function send({ html, title, status, cookies, theme }) { | ||
@@ -48,3 +49,5 @@ return { | ||
}, | ||
signin(error) { | ||
signin(providerId, error) { | ||
if (providerId) | ||
throw new UnknownAction("Unsupported action"); | ||
if (pages?.signIn) { | ||
@@ -51,0 +54,0 @@ let signinUrl = `${pages.signIn}${pages.signIn.includes("?") ? "&" : "?"}${new URLSearchParams({ callbackUrl: params.callbackUrl ?? "/" })}`; |
@@ -8,3 +8,4 @@ import { OAuthProfileParseError } from "../../errors.js"; | ||
export default function parseProviders(params) { | ||
const { url, providerId, options } = params; | ||
const { providerId, options } = params; | ||
const url = new URL(options.basePath ?? "/auth", params.url.origin); | ||
const providers = params.providers.map((p) => { | ||
@@ -11,0 +12,0 @@ const provider = typeof p === "function" ? p() : p; |
@@ -1,3 +0,3 @@ | ||
import type { RequestInternal, ResponseInternal } from "../../types.js"; | ||
export declare function toInternalRequest(req: Request): Promise<RequestInternal | Error>; | ||
import type { AuthConfig, RequestInternal, ResponseInternal } from "../../types.js"; | ||
export declare function toInternalRequest(req: Request, config: AuthConfig): Promise<RequestInternal | Error>; | ||
export declare function toRequest(request: RequestInternal): Request; | ||
@@ -4,0 +4,0 @@ export declare function toResponse(res: ResponseInternal): Response; |
@@ -25,24 +25,10 @@ import { parse as parseCookie, serialize } from "cookie"; | ||
]; | ||
export async function toInternalRequest(req) { | ||
export async function toInternalRequest(req, config) { | ||
try { | ||
let originalUrl = new URL(req.url.replace(/\/$/, "")); | ||
let url = new URL(originalUrl); | ||
const pathname = url.pathname.replace(/\/$/, ""); | ||
const action = actions.find((a) => pathname.includes(a)); | ||
if (!action) { | ||
throw new UnknownAction(`Cannot detect action in pathname (${pathname}).`); | ||
} | ||
// Remove anything after the basepath | ||
const re = new RegExp(`/${action}.*`); | ||
url = new URL(url.href.replace(re, "")); | ||
if (req.method !== "GET" && req.method !== "POST") { | ||
if (req.method !== "GET" && req.method !== "POST") | ||
throw new UnknownAction("Only GET and POST requests are supported."); | ||
} | ||
const providerIdOrAction = pathname.split("/").pop(); | ||
let providerId; | ||
if (providerIdOrAction && | ||
!action.includes(providerIdOrAction) && | ||
["signin", "callback"].includes(action)) { | ||
providerId = providerIdOrAction; | ||
} | ||
// Defaults are usually set in the `init` function, but this is needed below | ||
config.basePath ?? (config.basePath = "/auth"); | ||
const url = new URL(req.url); | ||
const { action, providerId } = parseActionAndProviderId(url.pathname, config.basePath); | ||
return { | ||
@@ -56,4 +42,4 @@ url, | ||
cookies: parseCookie(req.headers.get("cookie") ?? "") ?? {}, | ||
error: originalUrl.searchParams.get("error") ?? undefined, | ||
query: Object.fromEntries(originalUrl.searchParams), | ||
error: url.searchParams.get("error") ?? undefined, | ||
query: Object.fromEntries(url.searchParams), | ||
}; | ||
@@ -111,1 +97,20 @@ } | ||
} | ||
function isAction(action) { | ||
return actions.includes(action); | ||
} | ||
/** @internal Parse the action and provider id from a URL pathname. */ | ||
export function parseActionAndProviderId(pathname, base) { | ||
const a = pathname.split(base); | ||
if (a.length !== 2 || a[0] !== "") | ||
throw new UnknownAction(`Cannot parse action at ${pathname}`); | ||
const [_, actionAndProviderId] = a; | ||
const b = actionAndProviderId.replace(/^\//, "").split("/"); | ||
if (b.length !== 1 && b.length !== 2) | ||
throw new UnknownAction(`Cannot parse action at ${pathname}`); | ||
const [action, providerId] = b; | ||
if (!isAction(action)) | ||
throw new UnknownAction(`Cannot parse action at ${pathname}`); | ||
if (providerId && !["signin", "callback"].includes(action)) | ||
throw new UnknownAction(`Cannot parse action at ${pathname}`); | ||
return { action, providerId }; | ||
} |
{ | ||
"name": "@auth/core", | ||
"version": "0.21.0", | ||
"version": "0.22.0", | ||
"description": "Authentication for the Web.", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
@@ -94,3 +94,3 @@ /** | ||
const internalRequest = await toInternalRequest(request) | ||
const internalRequest = await toInternalRequest(request, config) | ||
@@ -174,4 +174,3 @@ if (internalRequest instanceof Error) { | ||
const path = | ||
config.pages?.[page] ?? | ||
`${internalRequest.url.pathname}/${page.toLowerCase()}` | ||
config.pages?.[page] ?? `${config.basePath}/${page.toLowerCase()}` | ||
@@ -417,3 +416,2 @@ const url = `${internalRequest.url.origin}${path}?${params}` | ||
/** | ||
* | ||
* Use this option to enable experimental features. | ||
@@ -425,2 +423,8 @@ * When enabled, it will print a warning message to the console. | ||
experimental?: Record<string, boolean> | ||
/** | ||
* The base path of the Auth.js API endpoints. | ||
* | ||
* @default "/auth" | ||
*/ | ||
basePath?: string | ||
} |
@@ -51,3 +51,3 @@ import { UnknownAction } from "../errors.js" | ||
case "signin": | ||
return render.signin(error) | ||
return render.signin(providerId, error) | ||
case "signout": | ||
@@ -54,0 +54,0 @@ return render.signout() |
@@ -9,3 +9,2 @@ import * as jwt from "../jwt.js" | ||
import { logger, type LoggerInstance } from "./utils/logger.js" | ||
import parseUrl from "./utils/parse-url.js" | ||
import { merge } from "./utils/merge.js" | ||
@@ -12,0 +11,0 @@ |
@@ -7,5 +7,5 @@ import { renderToString } from "preact-render-to-string" | ||
import VerifyRequestPage from "./verify-request.js" | ||
import { UnknownAction } from "../../errors.js" | ||
import type { | ||
ErrorPageParam, | ||
InternalOptions, | ||
@@ -76,3 +76,4 @@ RequestInternal, | ||
}, | ||
signin(error: any) { | ||
signin(providerId?: string, error?: any) { | ||
if (providerId) throw new UnknownAction("Unsupported action") | ||
if (pages?.signIn) { | ||
@@ -79,0 +80,0 @@ let signinUrl = `${pages.signIn}${ |
@@ -28,3 +28,4 @@ import { OAuthProfileParseError } from "../../errors.js" | ||
} { | ||
const { url, providerId, options } = params | ||
const { providerId, options } = params | ||
const url = new URL(options.basePath ?? "/auth", params.url.origin) | ||
@@ -31,0 +32,0 @@ const providers = params.providers.map((p) => { |
@@ -6,2 +6,3 @@ import { parse as parseCookie, serialize } from "cookie" | ||
AuthAction, | ||
AuthConfig, | ||
RequestInternal, | ||
@@ -35,32 +36,19 @@ ResponseInternal, | ||
export async function toInternalRequest( | ||
req: Request | ||
req: Request, | ||
config: AuthConfig | ||
): Promise<RequestInternal | Error> { | ||
try { | ||
let originalUrl = new URL(req.url.replace(/\/$/, "")) | ||
let url = new URL(originalUrl) | ||
const pathname = url.pathname.replace(/\/$/, "") | ||
if (req.method !== "GET" && req.method !== "POST") | ||
throw new UnknownAction("Only GET and POST requests are supported.") | ||
const action = actions.find((a) => pathname.includes(a)) | ||
if (!action) { | ||
throw new UnknownAction(`Cannot detect action in pathname (${pathname}).`) | ||
} | ||
// Defaults are usually set in the `init` function, but this is needed below | ||
config.basePath ??= "/auth" | ||
// Remove anything after the basepath | ||
const re = new RegExp(`/${action}.*`) | ||
url = new URL(url.href.replace(re, "")) | ||
const url = new URL(req.url) | ||
if (req.method !== "GET" && req.method !== "POST") { | ||
throw new UnknownAction("Only GET and POST requests are supported.") | ||
} | ||
const { action, providerId } = parseActionAndProviderId( | ||
url.pathname, | ||
config.basePath | ||
) | ||
const providerIdOrAction = pathname.split("/").pop() | ||
let providerId | ||
if ( | ||
providerIdOrAction && | ||
!action.includes(providerIdOrAction) && | ||
["signin", "callback"].includes(action) | ||
) { | ||
providerId = providerIdOrAction | ||
} | ||
return { | ||
@@ -74,4 +62,4 @@ url, | ||
cookies: parseCookie(req.headers.get("cookie") ?? "") ?? {}, | ||
error: originalUrl.searchParams.get("error") ?? undefined, | ||
query: Object.fromEntries(originalUrl.searchParams), | ||
error: url.searchParams.get("error") ?? undefined, | ||
query: Object.fromEntries(url.searchParams), | ||
} | ||
@@ -136,1 +124,36 @@ } catch (e) { | ||
} | ||
function isAction(action: string): action is AuthAction { | ||
return actions.includes(action as AuthAction) | ||
} | ||
/** @internal Parse the action and provider id from a URL pathname. */ | ||
export function parseActionAndProviderId( | ||
pathname: string, | ||
base: string | ||
): { | ||
action: AuthAction | ||
providerId?: string | ||
} { | ||
const a = pathname.split(base) | ||
if (a.length !== 2 || a[0] !== "") | ||
throw new UnknownAction(`Cannot parse action at ${pathname}`) | ||
const [_, actionAndProviderId] = a | ||
const b = actionAndProviderId.replace(/^\//, "").split("/") | ||
if (b.length !== 1 && b.length !== 2) | ||
throw new UnknownAction(`Cannot parse action at ${pathname}`) | ||
const [action, providerId] = b | ||
if (!isAction(action)) | ||
throw new UnknownAction(`Cannot parse action at ${pathname}`) | ||
if (providerId && !["signin", "callback"].includes(action)) | ||
throw new UnknownAction(`Cannot parse action at ${pathname}`) | ||
return { action, providerId } | ||
} |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
1385859
444
35130