UNPKG

@auth/sveltekit

Version:

Authentication for SvelteKit.

sveltekit.authjs.dev

nextauthjs/next-auth

149 lines (124 loc) 4.47 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
import { redirect } from "@sveltejs/kit" import type { RequestEvent } from "@sveltejs/kit" import { parse } from "set-cookie-parser" import { env } from "$env/dynamic/private" import { Auth, createActionURL, raw } from "@auth/core" import type { ProviderType } from "@auth/core/providers" import type { SvelteKitAuthConfig } from "./types" import { setEnvDefaults } from "./env" type SignInParams = Parameters<App.Locals["signIn"]> export async function signIn( provider: SignInParams[0], options: SignInParams[1] = {}, authorizationParams: SignInParams[2], config: SvelteKitAuthConfig, event: RequestEvent ) { const { request, url: { protocol }, } = event const headers = new Headers(request.headers) const { redirect: shouldRedirect = true, redirectTo, ...rest } = options instanceof FormData ? Object.fromEntries(options) : options const callbackUrl = redirectTo?.toString() ?? headers.get("Referer") ?? "/" const signInURL = createActionURL("signin", protocol, headers, env, config) if (!provider) { signInURL.searchParams.append("callbackUrl", callbackUrl) if (shouldRedirect) redirect(302, signInURL.toString()) return signInURL.toString() } let url = `${signInURL}/${provider}?${new URLSearchParams(authorizationParams)}` let foundProvider: { id?: SignInParams[0]; type?: ProviderType } = {} for (const providerConfig of config.providers) { const { options, ...defaults } = typeof providerConfig === "function" ? providerConfig() : providerConfig const id = (options?.id as string | undefined) ?? defaults.id if (id === provider) { foundProvider = { id, type: (options?.type as ProviderType | undefined) ?? defaults.type, } break } } if (!foundProvider.id) { const url = `${signInURL}?${new URLSearchParams({ callbackUrl })}` if (shouldRedirect) redirect(302, url) return url } if (foundProvider.type === "credentials") { url = url.replace("signin", "callback") } headers.set("Content-Type", "application/x-www-form-urlencoded") const body = new URLSearchParams({ ...rest, callbackUrl }) const req = new Request(url, { method: "POST", headers, body }) const res = await Auth(req, { ...config, raw }) for (const c of res?.cookies ?? []) { event.cookies.set(c.name, c.value, { path: "/", ...c.options }) } if (shouldRedirect) { return redirect(302, res.redirect!) } // eslint-disable-next-line @typescript-eslint/no-explicit-any return res.redirect as any } type SignOutParams = Parameters<App.Locals["signOut"]> export async function signOut( options: SignOutParams[0], config: SvelteKitAuthConfig, event: RequestEvent ) { const { request, url: { protocol }, } = event const headers = new Headers(request.headers) headers.set("Content-Type", "application/x-www-form-urlencoded") const url = createActionURL("signout", protocol, headers, env, config) const callbackUrl = options?.redirectTo ?? headers.get("Referer") ?? "/" const body = new URLSearchParams({ callbackUrl }) const req = new Request(url, { method: "POST", headers, body }) const res = await Auth(req, { ...config, raw }) for (const c of res?.cookies ?? []) event.cookies.set(c.name, c.value, { path: "/", ...c.options }) if (options?.redirect ?? true) return redirect(302, res.redirect!) // eslint-disable-next-line @typescript-eslint/no-explicit-any return res as any } export async function auth( event: RequestEvent, config: SvelteKitAuthConfig ): ReturnType<App.Locals["auth"]> { setEnvDefaults(env, config) config.trustHost ??= true const { request: req, url: { protocol }, } = event const sessionUrl = createActionURL( "session", protocol, req.headers, env, config ) const request = new Request(sessionUrl, { headers: { cookie: req.headers.get("cookie") ?? "" }, }) const response = await Auth(request, config) const authCookies = parse(response.headers.getSetCookie()) for (const cookie of authCookies) { const { name, value, ...options } = cookie // @ts-expect-error - Review: SvelteKit and set-cookie-parser are mismatching event.cookies.set(name, value, { path: "/", ...options }) } const { status = 200 } = response const data = await response.json() if (!data || !Object.keys(data).length) return null if (status === 200) return data throw new Error(data.message) }