@auth/sveltekit

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

@auth/sveltekit - npm Package Compare versions

Comparing version 0.11.1 to 0.12.0

dist/actions.d.ts

dist/actions.js

dist/adapter.d.ts

dist/adapter.js

dist/client.d.ts

dist/client.js

dist/components/index.d.ts

dist/components/index.js

dist/components/SignIn.svelte

dist/components/SignIn.svelte.d.ts

dist/components/SignOut.svelte

dist/components/SignOut.svelte.d.ts

dist/env.d.ts

dist/env.js

dist/index.d.ts

dist/index.js

dist/providers/42-school.d.ts

dist/providers/42-school.js

dist/providers/apple.d.ts

dist/providers/apple.js

dist/providers/asgardeo.d.ts

dist/providers/asgardeo.js

dist/providers/atlassian.d.ts

dist/providers/atlassian.js

dist/providers/auth0.d.ts

dist/providers/auth0.js

dist/providers/authentik.d.ts

dist/providers/authentik.js

dist/providers/azure-ad-b2c.d.ts

dist/providers/azure-ad-b2c.js

dist/providers/azure-ad.d.ts

dist/providers/azure-ad.js

dist/providers/azure-devops.d.ts

dist/providers/azure-devops.js

dist/providers/battlenet.d.ts

dist/providers/battlenet.js

dist/providers/beyondidentity.d.ts

dist/providers/beyondidentity.js

dist/providers/box.d.ts

dist/providers/box.js

dist/providers/boxyhq-saml.d.ts

dist/providers/boxyhq-saml.js

dist/providers/bungie.d.ts

dist/providers/bungie.js

dist/providers/click-up.d.ts

dist/providers/click-up.js

dist/providers/cognito.d.ts

dist/providers/cognito.js

dist/providers/coinbase.d.ts

dist/providers/coinbase.js

dist/providers/credentials.d.ts

dist/providers/credentials.js

dist/providers/descope.d.ts

dist/providers/descope.js

dist/providers/discord.d.ts

dist/providers/discord.js

dist/providers/dribbble.d.ts

dist/providers/dribbble.js

dist/providers/dropbox.d.ts

dist/providers/dropbox.js

dist/providers/duende-identity-server6.d.ts

dist/providers/duende-identity-server6.js

dist/providers/email.d.ts

dist/providers/email.js

dist/providers/eveonline.d.ts

dist/providers/eveonline.js

dist/providers/facebook.d.ts

dist/providers/facebook.js

dist/providers/faceit.d.ts

dist/providers/faceit.js

dist/providers/foursquare.d.ts

dist/providers/foursquare.js

dist/providers/freshbooks.d.ts

dist/providers/freshbooks.js

dist/providers/fusionauth.d.ts

dist/providers/fusionauth.js

dist/providers/github.d.ts

dist/providers/github.js

dist/providers/gitlab.d.ts

dist/providers/gitlab.js

dist/providers/google.d.ts

dist/providers/google.js

dist/providers/hubspot.d.ts

dist/providers/hubspot.js

dist/providers/identity-server4.d.ts

dist/providers/identity-server4.js

dist/providers/index.d.ts

dist/providers/index.js

dist/providers/instagram.d.ts

dist/providers/instagram.js

dist/providers/kakao.d.ts

dist/providers/kakao.js

dist/providers/keycloak.d.ts

dist/providers/keycloak.js

dist/providers/line.d.ts

dist/providers/line.js

dist/providers/linkedin.d.ts

dist/providers/linkedin.js

dist/providers/mailchimp.d.ts

dist/providers/mailchimp.js

dist/providers/mailru.d.ts

dist/providers/mailru.js

dist/providers/mastodon.d.ts

dist/providers/mastodon.js

dist/providers/mattermost.d.ts

dist/providers/mattermost.js

dist/providers/medium.d.ts

dist/providers/medium.js

dist/providers/naver.d.ts

dist/providers/naver.js

dist/providers/netlify.d.ts

dist/providers/netlify.js

dist/providers/nodemailer.d.ts

dist/providers/nodemailer.js

dist/providers/notion.d.ts

dist/providers/notion.js

dist/providers/okta.d.ts

dist/providers/okta.js

dist/providers/onelogin.d.ts

dist/providers/onelogin.js

dist/providers/ory-hydra.d.ts

dist/providers/ory-hydra.js

dist/providers/osso.d.ts

dist/providers/osso.js

dist/providers/osu.d.ts

dist/providers/osu.js

dist/providers/passage.d.ts

dist/providers/passage.js

dist/providers/passkey.d.ts

dist/providers/passkey.js

dist/providers/patreon.d.ts

dist/providers/patreon.js

dist/providers/pinterest.d.ts

dist/providers/pinterest.js

dist/providers/pipedrive.d.ts

dist/providers/pipedrive.js

dist/providers/reddit.d.ts

dist/providers/reddit.js

dist/providers/resend.d.ts

dist/providers/resend.js

dist/providers/salesforce.d.ts

dist/providers/salesforce.js

dist/providers/sendgrid.d.ts

dist/providers/sendgrid.js

dist/providers/slack.d.ts

dist/providers/slack.js

dist/providers/spotify.d.ts

dist/providers/spotify.js

dist/providers/strava.d.ts

dist/providers/strava.js

dist/providers/tiktok.d.ts

dist/providers/tiktok.js

dist/providers/todoist.d.ts

dist/providers/todoist.js

dist/providers/trakt.d.ts

dist/providers/trakt.js

dist/providers/twitch.d.ts

dist/providers/twitch.js

dist/providers/twitter.d.ts

dist/providers/twitter.js

dist/providers/united-effects.d.ts

dist/providers/united-effects.js

dist/providers/vk.d.ts

dist/providers/vk.js

dist/providers/webauthn.d.ts

dist/providers/webauthn.js

dist/providers/wikimedia.d.ts

dist/providers/wikimedia.js

dist/providers/wordpress.d.ts

dist/providers/wordpress.js

dist/providers/workos.d.ts

dist/providers/workos.js

dist/providers/yandex.d.ts

dist/providers/yandex.js

dist/providers/zitadel.d.ts

dist/providers/zitadel.js

dist/providers/zoho.d.ts

dist/providers/zoho.js

dist/providers/zoom.d.ts

dist/providers/zoom.js

dist/types.d.ts

dist/types.js

src/lib/actions.ts

src/lib/components/index.ts

src/lib/components/SignIn.svelte

src/lib/components/SignOut.svelte

src/lib/env.ts

src/lib/types.ts

package.json

		{
		"name": "@auth/sveltekit",
		"version": "0.11.1",
		"version": "0.12.0",
		"description": "Authentication for SvelteKit.",
		@@ -28,3 +28,3 @@ "keywords": [
		"@sveltejs/kit": "^2.4.3",
		"@sveltejs/package": "^1.0.0",
		"@sveltejs/package": "^2.0.0",
		"@sveltejs/vite-plugin-svelte": "^3.0.0",
		@@ -38,3 +38,3 @@ "@types/set-cookie-parser": "^2.4.7",
		"set-cookie-parser": "^2.6.0",
		"@auth/core": "0.25.1"
		"@auth/core": "0.26.0"
		},
		@@ -46,7 +46,5 @@ "peerDependencies": {
		"type": "module",
		"types": "./index.d.ts",
		"types": "./dist/index.d.ts",
		"files": [
		"client.*",
		"index.*",
		"providers",
		"dist",
		"src"
		@@ -56,18 +54,22 @@ ],
		".": {
		"types": "./index.d.ts",
		"import": "./index.js"
		"types": "./dist/index.d.ts",
		"import": "./dist/index.js"
		},
		"./client": {
		"types": "./client.d.ts",
		"import": "./client.js"
		"types": "./dist/client.d.ts",
		"import": "./dist/client.js"
		},
		"./components": {
		"types": "./dist/components/index.d.ts",
		"svelte": "./dist/components/index.js"
		},
		"./adapters": {
		"types": "./adapters.d.ts"
		"types": "./dist/adapters.d.ts"
		},
		"./providers": {
		"types": "./providers/index.d.ts"
		"types": "./dist/providers/index.d.ts"
		},
		"./providers/*": {
		"types": "./providers/*.d.ts",
		"import": "./providers/*.js"
		"types": "./dist/providers/*.d.ts",
		"import": "./dist/providers/*.js"
		},
		@@ -77,7 +79,7 @@ "./package.json": "./package.json"
		"scripts": {
		"build": "pnpm clean && pnpm providers && pnpm check && svelte-package && node ./scripts/postbuild.js && rm -rf package",
		"build": "pnpm clean && pnpm providers && pnpm check && svelte-package",
		"check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
		"check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
		"clean": "rm -rf client.* index.* package src/lib/providers",
		"dev": "svelte-package -w",
		"dev": "pnpm providers && svelte-package -w",
		"preview": "vite preview",
		@@ -84,0 +86,0 @@ "providers": "node ../utils/scripts/providers.js --out src/lib",

211

src/lib/index.ts

		@@ -16,4 +16,5 @@ /**
		* ## Usage
		*
		* ```ts title="src/hooks.server.ts"
		*
		* ```ts title="src/auth.ts"
		*
		* import { SvelteKitAuth } from "@auth/sveltekit"
		@@ -23,10 +24,10 @@ * import GitHub from "@auth/sveltekit/providers/github"
		*
		* export const handle = SvelteKitAuth({
		* export const { handle, signIn signOut } = SvelteKitAuth({
		* providers: [GitHub({ clientId: GITHUB_ID, clientSecret: GITHUB_SECRET })],
		* })
		* ```
		*
		*
		* or to use SvelteKit platform environment variables for platforms like Cloudflare
		*
		* ```ts title="src/hooks.server.ts"
		* ```ts title="src/auth.ts"
		* import { SvelteKitAuth } from "@auth/sveltekit"
		@@ -36,3 +37,3 @@ * import GitHub from "@auth/sveltekit/providers/github"
		*
		* export const handle = SvelteKitAuth(async (event) => {
		* export const { handle, signIn, signOut } = SvelteKitAuth(async (event) => {
		* const authOptions = {
		@@ -47,2 +48,7 @@ * providers: [GitHub({ clientId: event.platform.env.GITHUB_ID, clientSecret: event.platform.env.GITHUB_SECRET })]
		*
		* Re-export the handle in `src/hooks.server.ts`:
		* ```ts title="src/hooks.server.ts"
		* export { handle } from "./auth"
		* ```
		*
		* Remember to set the `AUTH_SECRET` [environment variable](https://kit.svelte.dev/docs/modules#$env-dynamic-private). This should be a minimum of 32 characters, random string. On UNIX systems you can use `openssl rand -hex 32` or check out `https://generate-secret.vercel.app/32`.
		@@ -64,3 +70,3 @@ *
		* <script>
		* import { signIn, signOut } from "@auth/sveltekit/client"
		* import { SignIn, SignOut } from "@auth/sveltekit/components"
		* import { page } from "$app/stores"
		@@ -82,9 +88,31 @@ * </script>
		* </span>
		* <button on:click={() => signOut()} class="button">Sign out</button>
		* <SignOut />
		* {:else}
		* <span class="notSignedInText">You are not signed in</span>
		* <button on:click={() => signIn("github")}>Sign In with GitHub</button>
		* <SignIn provider="github"/>
		* <SignIn provider="google"/>
		* <SignIn provider="facebook"/>
		* {/if}
		* </p>
		* ```
		*
		* `<SignIn />` and `<SignOut />` are components that `@auth/sveltekit` provides out of the box - they handle the sign-in/signout flow, and can be used as-is as a starting point or customized for your own components.
		* To set up the form actions, we need to define the files in `src/routes`:
		* ```ts title="src/routes/signin/+page.server.ts"
		* import { signIn } from "../../auth"
		* import type { Actions } from "./$types"
		* export const actions: Actions = { default: signIn }
		* ```
		* ```ts title="src/routes/signin/+page.svelte"
		* <!-- empty file -->
		* ```
		* ```ts title="src/routes/signout/+page.server.ts"
		* import { signOut } from "../../auth"
		* import type { Actions } from "./$types"
		* export const actions: Actions = { default: signOut }
		* ```
		* ```ts title="src/routes/signout/+page.svelte"
		* <!-- empty file -->
		* ```
		*
		*
		@@ -207,10 +235,9 @@ * ## Managing the session
		/// <reference types="@sveltejs/kit" />
		import type { Handle, RequestEvent } from "@sveltejs/kit"
		import { parse } from "set-cookie-parser"
		import { dev, building } from "$app/environment"
		import { base } from "$app/paths"
		import type { Action, Handle, RequestEvent } from "@sveltejs/kit"
		import { env } from "$env/dynamic/private"

		import { Auth, setEnvDefaults as coreSetEnvDefaults } from "@auth/core"
		import type { AuthAction, AuthConfig, Session } from "@auth/core/types"
		import type { SvelteKitAuthConfig } from "./types"
		import { setEnvDefaults } from "./env"
		import { auth, signIn, signOut } from "./actions"
		import { Auth, isAuthAction } from "@auth/core"

		@@ -225,47 +252,4 @@ export type {

		async function auth(
		event: RequestEvent,
		config: SvelteKitAuthConfig
		): ReturnType<App.Locals["auth"]> {
		setEnvDefaults(config)
		config.trustHost ??= true
		const authorizationParamsPrefix = "authorizationParams-"

		const { request: req } = event

		const basePath = config.basePath ?? `${base}/auth`
		const url = new URL(basePath + "/session", req.url)
		const request = new Request(url, {
		headers: { cookie: req.headers.get("cookie") ?? "" },
		})
		const response = await Auth(request, config)

		const authCookies = parse(response.headers.getSetCookie())
		for (const cookie of authCookies) {
		const { name, value, ...options } = cookie
		// @ts-expect-error - Review: SvelteKit and set-cookie-parser are mismatching
		event.cookies.set(name, value, { path: "/", ...options })
		}

		const { status = 200 } = response
		const data = await response.json()

		if (!data \|\| !Object.keys(data).length) return null
		if (status === 200) return data
		throw new Error(data.message)
		}

		/** Configure the {@link SvelteKitAuth} method. */
		export interface SvelteKitAuthConfig extends Omit<AuthConfig, "raw"> {}

		const actions: AuthAction[] = [
		"providers",
		"session",
		"csrf",
		"signin",
		"signout",
		"callback",
		"verify-request",
		"error",
		]

		/**
		@@ -279,59 +263,64 @@ * The main entry point to `@auth/sveltekit`
		\| ((event: RequestEvent) => PromiseLike<SvelteKitAuthConfig>)
		): Handle {
		return async function ({ event, resolve }) {
		const _config = typeof config === "object" ? config : await config(event)
		setEnvDefaults(_config)
		): {
		handle: Handle
		signIn: Action
		signOut: Action
		} {
		return {
		signIn: async (event) => {
		const { request } = event
		const _config = typeof config === "object" ? config : await config(event)
		setEnvDefaults(env, _config)
		const formData = await request.formData()
		const { providerId: provider, ...options } = Object.fromEntries(formData)
		// get the authorization params from the options prefixed with `authorizationParams-`
		let authorizationParams: Parameters<typeof signIn>[2] = {}
		let _options: Parameters<typeof signIn>[1] = {}
		for (const key in options) {
		if (key.startsWith(authorizationParamsPrefix)) {
		authorizationParams[key.slice(authorizationParamsPrefix.length)] =
		options[key] as string
		} else {
		_options[key] = options[key]
		}
		}
		await signIn(
		provider as string,
		_options,
		authorizationParams,
		_config,
		event
		)
		},
		signOut: async (event) => {
		const _config = typeof config === "object" ? config : await config(event)
		setEnvDefaults(env, _config)
		const options = Object.fromEntries(await event.request.formData())
		await signOut(options, _config, event)
		},
		async handle({ event, resolve }) {
		const _config = typeof config === "object" ? config : await config(event)
		setEnvDefaults(env, _config)

		const { url, request } = event
		const { url, request } = event

		event.locals.auth ??= () => auth(event, _config)
		event.locals.getSession ??= event.locals.auth
		event.locals.auth ??= () => auth(event, _config)
		event.locals.getSession ??= event.locals.auth

		const action = url.pathname
		.slice(
		// @ts-expect-error - basePath is defined in setEnvDefaults
		_config.basePath.length + 1
		)
		.split("/")[0]
		const action = url.pathname
		.slice(
		// @ts-expect-error - basePath is defined in setEnvDefaults
		_config.basePath.length + 1
		)
		.split("/")[0]

		if (isAction(action) && url.pathname.startsWith(_config.basePath + "/")) {
		return Auth(request, _config)
		}
		return resolve(event)
		if (
		isAuthAction(action) &&
		url.pathname.startsWith(_config.basePath + "/")
		) {
		return Auth(request, _config)
		}
		return resolve(event)
		},
		}
		}

		// TODO: Get this function from @auth/core/util
		function isAction(action: string): action is AuthAction {
		return actions.includes(action as AuthAction)
		}

		declare global {
		// eslint-disable-next-line @typescript-eslint/no-namespace
		namespace App {
		interface Locals {
		auth(): Promise<Session \| null>
		/** @deprecated Use `auth` instead. */
		getSession(): Promise<Session \| null>
		}
		interface PageData {
		session?: Session \| null
		}
		}
		}

		declare module "$env/dynamic/private" {
		export const AUTH_SECRET: string
		export const AUTH_SECRET_1: string
		export const AUTH_SECRET_2: string
		export const AUTH_SECRET_3: string
		export const AUTH_TRUST_HOST: string
		export const VERCEL: string
		}

		function setEnvDefaults(config: SvelteKitAuthConfig) {
		if (building) return
		coreSetEnvDefaults(env, config)
		config.trustHost ??= dev
		config.basePath = `${base}/auth`
		}

client.d.ts

client.js

index.d.ts

index.js

providers/42-school.d.ts

providers/42-school.js

providers/apple.d.ts

providers/apple.js

providers/asgardeo.d.ts

providers/asgardeo.js

providers/atlassian.d.ts

providers/atlassian.js

providers/auth0.d.ts

providers/auth0.js

providers/authentik.d.ts

providers/authentik.js

providers/azure-ad-b2c.d.ts

providers/azure-ad-b2c.js

providers/azure-ad.d.ts

providers/azure-ad.js

providers/azure-devops.d.ts

providers/azure-devops.js

providers/battlenet.d.ts

providers/battlenet.js

providers/beyondidentity.d.ts

providers/beyondidentity.js

providers/box.d.ts

providers/box.js

providers/boxyhq-saml.d.ts

providers/boxyhq-saml.js

providers/bungie.d.ts

providers/bungie.js

providers/click-up.d.ts

providers/click-up.js

providers/cognito.d.ts

providers/cognito.js

providers/coinbase.d.ts

providers/coinbase.js

providers/credentials.d.ts

providers/credentials.js

providers/descope.d.ts

providers/descope.js

providers/discord.d.ts

providers/discord.js

providers/dribbble.d.ts

providers/dribbble.js

providers/dropbox.d.ts

providers/dropbox.js

providers/duende-identity-server6.d.ts

providers/duende-identity-server6.js

providers/email.d.ts

providers/email.js

providers/eveonline.d.ts

providers/eveonline.js

providers/facebook.d.ts

providers/facebook.js

providers/faceit.d.ts

providers/faceit.js

providers/foursquare.d.ts

providers/foursquare.js

providers/freshbooks.d.ts

providers/freshbooks.js

providers/fusionauth.d.ts

providers/fusionauth.js

providers/github.d.ts

providers/github.js

providers/gitlab.d.ts

providers/gitlab.js

providers/google.d.ts

providers/google.js

providers/hubspot.d.ts

providers/hubspot.js

providers/identity-server4.d.ts

providers/identity-server4.js

providers/index.d.ts

providers/index.js

providers/instagram.d.ts

providers/instagram.js

providers/kakao.d.ts

providers/kakao.js

providers/keycloak.d.ts

providers/keycloak.js

providers/line.d.ts

providers/line.js

providers/linkedin.d.ts

providers/linkedin.js

providers/mailchimp.d.ts

providers/mailchimp.js

providers/mailru.d.ts

providers/mailru.js

providers/mastodon.d.ts

providers/mastodon.js

providers/mattermost.d.ts

providers/mattermost.js

providers/medium.d.ts

providers/medium.js

providers/naver.d.ts

providers/naver.js

providers/netlify.d.ts

providers/netlify.js

providers/nodemailer.d.ts

providers/nodemailer.js

providers/notion.d.ts

providers/notion.js

providers/okta.d.ts

providers/okta.js

providers/onelogin.d.ts

providers/onelogin.js

providers/ory-hydra.d.ts

providers/ory-hydra.js

providers/osso.d.ts

providers/osso.js

providers/osu.d.ts

providers/osu.js

providers/passage.d.ts

providers/passage.js

providers/patreon.d.ts

providers/patreon.js

providers/pinterest.d.ts

providers/pinterest.js

providers/pipedrive.d.ts

providers/pipedrive.js

providers/reddit.d.ts

providers/reddit.js

providers/resend.d.ts

providers/resend.js

providers/salesforce.d.ts

providers/salesforce.js

providers/sendgrid.d.ts

providers/sendgrid.js

providers/slack.d.ts

providers/slack.js

providers/spotify.d.ts

providers/spotify.js

providers/strava.d.ts

providers/strava.js

providers/tiktok.d.ts

providers/tiktok.js

providers/todoist.d.ts

providers/todoist.js

providers/trakt.d.ts

providers/trakt.js

providers/twitch.d.ts

providers/twitch.js

providers/twitter.d.ts

providers/twitter.js

providers/united-effects.d.ts

providers/united-effects.js

providers/vk.d.ts

providers/vk.js

providers/wikimedia.d.ts

providers/wikimedia.js

providers/wordpress.d.ts

providers/wordpress.js

providers/workos.d.ts

providers/workos.js

providers/yandex.d.ts

providers/yandex.js

providers/zitadel.d.ts

providers/zitadel.js

providers/zoho.d.ts

providers/zoho.js

providers/zoom.d.ts

providers/zoom.js

@auth/sveltekit - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics

Dependency changes