@dainprotocol/oauth2-storage-drizzle
Advanced tools
Database-agnostic Drizzle ORM storage adapter for OAuth2 Token Manager
Drizzle ORM storage adapter for @dainprotocol/oauth2-token-manager.
npm install @dainprotocol/oauth2-storage-drizzle drizzle-orm
The adapter provides multiple ways to set up your database tables:
Use the runMigrations option to automatically create tables when initializing the adapter:
import { OAuth2Client } from '@dainprotocol/oauth2-token-manager';
import { DrizzleStorageAdapter } from '@dainprotocol/oauth2-storage-drizzle';
import { drizzle } from 'drizzle-orm/postgres-js';
import postgres from 'postgres';
const client = postgres(connectionString);
const db = drizzle(client);
// Using the static create method with automatic migrations
const storage = await DrizzleStorageAdapter.create(db, {
dialect: 'postgres',
runMigrations: true, // Automatically creates tables if they don't exist
});
const oauth = new OAuth2Client({ storage });
Or use the constructor with manual migration:
// Manual migration approach
import { migrate } from '@dainprotocol/oauth2-storage-drizzle';
await migrate(db, { dialect: 'postgres' });
const storage = new DrizzleStorageAdapter(db, { dialect: 'postgres' });
The Drizzle adapter supports registering custom profile fetchers to override default behavior or add support for new providers:
import { BaseProfileFetcher, UserProfile } from '@dainprotocol/oauth2-token-manager';
// Create a custom profile fetcher
class CustomProviderFetcher extends BaseProfileFetcher {
constructor() {
super('https://api.provider.com/user/profile');
}
protected mapToUserProfile(rawData: any): UserProfile {
return {
email: rawData.contact.email,
name: rawData.display_name,
id: rawData.user_id,
avatar: rawData.avatar_url,
raw: rawData,
};
}
}
// Register during adapter creation
const storage = await DrizzleStorageAdapter.create(db, {
dialect: 'postgres',
profileFetchers: {
'custom-provider': new CustomProviderFetcher(),
github: new CustomGitHubFetcher(), // Override default GitHub fetcher
},
});
// Or register after creation
storage.registerProfileFetcher('another-provider', new AnotherFetcher());
// The OAuth2Client will automatically use these custom fetchers
const oauth = new OAuth2Client({
storage,
providers: {
'custom-provider': {
clientId: 'xxx',
clientSecret: 'xxx',
// ... other config
},
},
});
For production environments, use Drizzle Kit for migration management:
import { defineConfig } from 'drizzle-kit';
export default defineConfig({
schema: './node_modules/@dainprotocol/oauth2-storage-drizzle/dist/schema',
out: './drizzle',
dialect: 'postgresql', // or 'mysql', 'sqlite'
dbCredentials: {
connectionString: process.env.DATABASE_URL!,
},
});
Generate and run migrations:
npx drizzle-kit generate:pg
npx drizzle-kit migrate:pg
import { OAuth2Client } from '@dainprotocol/oauth2-token-manager';
import { DrizzleStorageAdapter } from '@dainprotocol/oauth2-storage-drizzle';
import { drizzle } from 'drizzle-orm/postgres-js';
import postgres from 'postgres';
const client = postgres(connectionString);
const db = drizzle(client);
// Automatic migrations in development
const storage = await DrizzleStorageAdapter.create(db, {
dialect: 'postgres',
runMigrations: process.env.NODE_ENV === 'development',
});
const oauth = new OAuth2Client({ storage });
import { DrizzleStorageAdapter } from '@dainprotocol/oauth2-storage-drizzle';
import { drizzle } from 'drizzle-orm/mysql2';
import mysql from 'mysql2/promise';
const connection = await mysql.createConnection({
host: 'localhost',
user: 'root',
database: 'oauth_tokens',
});
const db = drizzle(connection);
// Automatic migrations in development
const storage = await DrizzleStorageAdapter.create(db, {
dialect: 'mysql',
runMigrations: process.env.NODE_ENV === 'development',
});
import { DrizzleStorageAdapter } from '@dainprotocol/oauth2-storage-drizzle';
import { drizzle } from 'drizzle-orm/better-sqlite3';
import Database from 'better-sqlite3';
const sqlite = new Database('oauth_tokens.db');
const db = drizzle(sqlite);
// Automatic migrations in development
const storage = await DrizzleStorageAdapter.create(db, {
dialect: 'sqlite',
runMigrations: process.env.NODE_ENV === 'development',
});
The DrizzleStorageAdapter implements all methods from the StorageAdapter interface:
saveToken(input) - Save or update a token (unique by provider + email)getToken(provider, email) - Get a specific tokengetTokenById(id) - Get a token by its IDgetTokensByUserId(userId) - Get all tokens for a usergetTokensByEmail(email) - Get all tokens for an emailgetTokensByProvider(provider) - Get all tokens for a providergetAccounts(userId, provider) - Get all tokens for a specific user in a specific providergetTokensForEmail(userId, provider, email) - Get a single token for a specific user, provider, and email (returns null if not found)getTokens(userId, provider) - Get all tokens for a specific user in a specific provider (alias for getAccounts)updateToken(id, update) - Update a tokendeleteToken(id) - Delete a token by IDdeleteTokenByProviderEmail(provider, email) - Delete a token by provider and emaildeleteExpiredTokens() - Clean up expired tokenssaveAuthorizationState(state) - Save an authorization stategetAuthorizationState(state) - Get an authorization statedeleteAuthorizationState(state) - Delete an authorization statecleanupExpiredStates() - Clean up expired states (older than 10 minutes)The adapter automatically creates the following tables:
id - Unique identifierprovider - OAuth provider nameuserId - User identifieremail - User emailaccessToken - Encrypted access tokenrefreshToken - Encrypted refresh token (optional)expiresAt - Token expiration timestamptokenType - Token type (e.g., "Bearer")scope - OAuth scopesmetadata - Additional metadata (JSON)createdAt - Creation timestampupdatedAt - Last update timestampUnique constraint: provider + email
state - Authorization state (primary key)codeVerifier - PKCE code verifierconfig - OAuth configuration (JSON)metadata - Additional metadata (JSON)createdAt - Creation timestampMIT
FAQs
Database-agnostic Drizzle ORM storage adapter for OAuth2 Token Manager
We found that @dainprotocol/oauth2-storage-drizzle demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 12 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
Research
/Security News
Malicious update to @ctrl/tinycolor on npm is part of a supply-chain attack hitting 40+ packages across maintainers