refactor: replace signIn callback with signIn event, adjust getUserByEmail in adapter to check provider (#1223)

* refactor: replace signIn callback with signIn event, adjust getUserByEmail in adapter to check provider * test: adjusting tests for adapter and events * docs: add comments for unknown auth provider * fix: missing dayjs import
2024-10-07 21:13:15 +02:00
parent 4d51e3b344
commit eb21628ee4
19 changed files with 521 additions and 423 deletions
--- a/packages/auth/configuration.ts
+++ b/packages/auth/configuration.ts
@@ -4,18 +4,21 @@ import NextAuth from "next-auth";
 import Credentials from "next-auth/providers/credentials";

 import { db } from "@homarr/db";
+import type { SupportedAuthProvider } from "@homarr/definitions";

-import { adapter } from "./adapter";
-import { createSessionCallback, createSignInCallback } from "./callbacks";
+import { createAdapter } from "./adapter";
+import { createSessionCallback } from "./callbacks";
 import { env } from "./env.mjs";
-import { createCredentialsConfiguration } from "./providers/credentials/credentials-provider";
+import { createSignInEventHandler } from "./events";
+import { createCredentialsConfiguration, createLdapConfiguration } from "./providers/credentials/credentials-provider";
 import { EmptyNextAuthProvider } from "./providers/empty/empty-provider";
 import { filterProviders } from "./providers/filter-providers";
 import { OidcProvider } from "./providers/oidc/oidc-provider";
 import { createRedirectUri } from "./redirect";
-import { sessionTokenCookieName } from "./session";
+import { generateSessionToken, sessionTokenCookieName } from "./session";

-export const createConfiguration = (isCredentialsRequest: boolean, headers: ReadonlyHeaders | null) =>
+// See why it's unknown in the [...nextauth]/route.ts file
+export const createConfiguration = (provider: SupportedAuthProvider | "unknown", headers: ReadonlyHeaders | null) =>
  NextAuth({
    logger: {
      error: (code, ...message) => {
@@ -30,21 +33,25 @@ export const createConfiguration = (isCredentialsRequest: boolean, headers: Read
      },
    },
    trustHost: true,
-    adapter,
+    adapter: createAdapter(db, provider),
    providers: filterProviders([
      Credentials(createCredentialsConfiguration(db)),
+      Credentials(createLdapConfiguration(db)),
      EmptyNextAuthProvider(),
      OidcProvider(headers),
    ]),
    callbacks: {
      session: createSessionCallback(db),
-      signIn: createSignInCallback(adapter, db, isCredentialsRequest),
+    },
+    events: {
+      signIn: createSignInEventHandler(db),
    },
    redirectProxyUrl: createRedirectUri(headers, "/api/auth"),
    secret: "secret-is-not-defined-yet", // TODO: This should be added later
    session: {
      strategy: "database",
      maxAge: env.AUTH_SESSION_EXPIRY_TIME,
+      generateSessionToken,
    },
    pages: {
      signIn: "/auth/login",