Merge branch 'main' into patch-3

.github/PULL_REQUEST_TEMPLATE.md

@@ -3,12 +3,13 @@ Thanks for your interest in the project. Bugs filed and PRs submitted are apprec
 
 Please fill out the information below to expedite the review and (hopefully)
 merge of your pull request!
--->
 
-> _NOTE_:
->
-> - It's a good idea to open an issue first to discuss potential changes.
-> - Please make sure that you are _NOT_ opening a PR to fix a potential security vulnerability. Instead, please follow the [Security guidelines](https://github.com/nextauthjs/.github/blob/main/SECURITY.md) to disclose the issue to us confidentially.
+**NOTE**:
+
+- It's a good idea to open an issue first to discuss potential changes.
+- Please make sure that you are _NOT_ opening a PR to fix a potential security vulnerability. Instead, please follow the [Security guidelines](https://github.com/nextauthjs/.github/blob/main/SECURITY.md) to disclose the issue to us confidentially.
+
+-->
 
 ## ☕️ Reasoning
 
@@ -22,9 +23,11 @@ merge of your pull request!
 
 ## 🎫 Affected issues
 
-Please [scout and link issues](https://github.com/nextauthjs/next-auth/issues) that might be solved by this PR.
+<-- 
+Please [scout and link issues](https://github.com/nextauthjs/next-auth/issues) that might be solved by this PR. And include text like the following to close them automatically when this is merged:
 
 Fixes: INSERT_ISSUE_LINK_HERE
+--> 
 
 ## 📌 Resources
 

docs/docs/getting-started/typescript.md

@@ -15,7 +15,7 @@ Check out the [Database Adapters: TypeScript](/getting-started/adapters#typescri
 
 ## Module Augmentation
 
-Auth.js libraries come with certain interfaces that are shared across submodules and different Auth.js libraries (For example: `next-auth` and `@auth/prisma-adapter` will rely on types from `@auth/core`).
+Auth.js libraries come with certain interfaces that are shared across submodules and different Auth.js libraries (For example: `next-auth` and `@auth/prisma-adapter` will rely on types from `@auth/core/types`).
 
 Good examples of such interfaces are `Session` or `User`. You can use TypeScript's [Module Augmentation](https://www.typescriptlang.org/docs/handbook/declaration-merging.html#module-augmentation) to extend these types to add your own properties.
 
@@ -40,7 +40,7 @@ Let's look at `Session` for example:
 // auth.ts
 import NextAuth, { type DefaultSession } from "next-auth"
 
-declare module "@auth/core" {
+declare module "@auth/core/types" {
   /**
    * Returned by `useSession`, `getSession` and received as a prop on the `SessionProvider` React Context
    */
@@ -66,7 +66,30 @@ export const { auth } = NextAuth({
 
   </TabItem>
   <TabItem value="sveltekit" label="SvelteKit">
-    TODO SvelteKit
+
+```ts
+// app.d.ts
+import type { DefaultSession } from '@auth/core/types';
+
+declare module '@auth/core/types' {
+	/**
+	 * Returned by `useSession`, `getSession`, and the callbacks session function.
+	 */
+	interface Session extends DefaultSession {
+		user: {
+			/** The user's postal address. */
+			adddress: string;
+
+			/**
+			 * By default, TypeScript merges new interface properties and overwrite existing ones.
+			 * In this case, the default session user properties will be overwritten, with the new one defined above.
+			 * To keep the default session user properties, you need to add them back into the newly declared interface.
+			 */
+		} & DefaultSession['user'];
+	}
+}
+```
+
   </TabItem>
   <TabItem value="solidstart" label="SolidStart">
     TODO SolidStart
@@ -81,7 +104,7 @@ export const { auth } = NextAuth({
 Module augmentation is not limited to specific interfaces. You can augment almost anything, but here are some of the more common interfaces that you might need to override in based on your use-case:
 
 ```ts
-declare module "@auth/core" {
+declare module "@auth/core/types" {
   /**
    * The shape of the user object returned in the OAuth providers' `profile` callback,
    * or the second parameter of the `session` callback, when using a database.

docs/docs/guides/resources.md

@@ -47,33 +47,6 @@ title: Community resources
 
 ## Fullstack
 
-#### [Build a FullStack App with Next.js, Auth.js, Supabase & Prisma](https://themodern.dev/courses/build-a-fullstack-app-with-nextjs-supabase-and-prisma-322389284337222224) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-In this [free course](https://themodern.dev/courses/build-a-fullstack-app-with-nextjs-supabase-and-prisma-322389284337222224), you'll learn how to build a full-stack app using the following technologies:
-
-- **Next.js** - The React framework for building the UI of the app and the REST API
-- **Auth.js** - For implementing passwordless and OAuth authentication
-- **Supabase** - For persisting the app data into a PostgreSQL database and storing media files
-- **Prisma** - For making it easy to read and write data from our app from and to the database
-
-The app that we'll work on in this course is called **_SupaVacation_**. It is an online marketplace for vacation rentals where users can browse through all the properties for rent, bookmark their favorite ones, and even rent their own properties.
-
-> Here's [a live demo](https://supa-vacation.vercel.app/) of the app's final version. It is what your app should look likes after completing this course. Feel free to play with it to get an overview of all the features you'll be working on.
-
-#### [Magic Link Authentication in Next.js with NextAuth and Fauna](https://alterclass.io/tutorials/magic-link-authentication-in-nextjs-with-nextauth-and-fauna) <svg xmlns="http://www.w3.org/2000/svg" style={{ marginLeft: '5px', marginBottom:'-6px'}} height="20" width="20" fill="none" viewBox="0 0 24 24" stroke="currentColor"><title>External</title> <path strokeLinecap="round" strokeLinejoin="round" strokeWidth="2" d="M10 6H6a2 2 0 00-2 2v10a2 2 0 002 2h10a2 2 0 002-2v-4M14 4h6m0 0v6m0-6L10 14" /> </svg>
-
-Learn how to implement passwordless/magic link authentication with database storage in your Next.js projects using NextAuth and Fauna DB.
-
-> The final version of the project's code can be found on [Github](https://github.com/AlterClassIO/magic-next-auth). You can use it as a starting point for any Next.js app that requires passwordless authentication.
-
-This tutorial covers:
-
-- Configuring Next.js, Auth.js, and Fauna to work together seamlessly
-- Using Next.js dynamic API routes to handle authentication requests
-- Using Fauna and the Fauna Adapter for `next-auth` to persist users, email sign in tokens, and sessions
-- Creating custom login and confirmation pages with React + Tailwind CSS
-- Customizing the sign-in email and sending a welcome email to new users
-
 #### [Passwordless Authentication with Next.js, Prisma, and next-auth](https://dev.to/prisma/passwordless-authentication-with-next-js-prisma-and-next-auth-5g8g) <svg style={{ marginLeft: '5px', marginBottom:'-6px'}} width="30" height="25" viewBox="0 0 50 40" fill="none" xmlns="http://www.w3.org/2000/svg"><rect width="50" height="40" rx="3" style={{ fill: '#000' }}></rect><path d="M19.099 23.508c0 1.31-.423 2.388-1.27 3.234-.838.839-1.942 1.258-3.312 1.258h-4.403V12.277h4.492c1.31 0 2.385.423 3.224 1.27.846.838 1.269 1.912 1.269 3.223v6.738zm-2.808 0V16.77c0-.562-.187-.981-.562-1.258-.374-.285-.748-.427-1.122-.427h-1.685v10.107h1.684c.375 0 .75-.138 1.123-.415.375-.285.562-.708.562-1.27zM28.185 28h-5.896c-.562 0-1.03-.187-1.404-.561-.375-.375-.562-.843-.562-1.404V14.243c0-.562.187-1.03.562-1.404.374-.375.842-.562 1.404-.562h5.896v2.808H23.13v3.65h3.088v2.808h-3.088v3.65h5.054V28zm7.12 0c-.936 0-1.684-.655-2.246-1.965l-3.65-13.758h3.089l2.807 10.804 2.808-10.804H41.2l-3.65 13.758C36.99 27.345 36.241 28 35.305 28z" style={{ fill: '#fff' }}></path></svg>
 
 - In this post, you'll learn how to add passwordless authentication to your Next.js app using Prisma and next-auth. By the end of this tutorial, your users will be able to log in to your app with either their GitHub account or a Slack-styled magic link sent right to their Email inbox. By Xiaoru Li.

packages/adapter-drizzle/src/index.ts

@@ -98,7 +98,7 @@ import type { Adapter } from "@auth/core/adapters"
  *   session_state: text("session_state"),
  * },
  * (account) => ({
- *   compoundKey: primaryKey(account.provider, account.providerAccountId),
+ *   compoundKey: primaryKey({ columns: [account.provider, account.providerAccountId] }),
  * })
  * )
  *
@@ -118,7 +118,7 @@ import type { Adapter } from "@auth/core/adapters"
  *    expires: timestamp("expires", { mode: "date" }).notNull(),
  *  },
  *  (vt) => ({
- *    compoundKey: primaryKey(vt.identifier, vt.token),
+ *    compoundKey: primaryKey({ columns: [vt.identifier, vt.token] }),
  *  })
  * )
  * ```

packages/adapter-drizzle/src/lib/sqlite.ts

@@ -164,7 +164,12 @@ export function SQLiteDrizzleAdapter(
           )
         )
         .get()
-      return result?.user ?? null
+
+      if (!results) {
+        return null;
+      }
+      return Promise.resolve(results).then((results) => results.user)
+
     },
     async deleteSession(sessionToken) {
       const result = await client

packages/adapter-supabase/src/index.ts

@@ -350,6 +350,7 @@ export function SupabaseAdapter(options: SupabaseAdapterOptions): Adapter {
   const supabase = createClient<Database, "next_auth">(url, secret, {
     db: { schema: "next_auth" },
     global: { headers: { "X-Client-Info": "@auth/supabase-adapter" } },
+    auth: { persistSession: false },
   })
   return {
     async createUser(user) {

packages/core/src/providers/kakao.ts

@@ -111,11 +111,39 @@ export interface KakaoProfile extends Record<string, any> {
  * By default, Auth.js assumes that the Kakao provider is
  * based on the [OAuth 2](https://www.rfc-editor.org/rfc/rfc6749.html) specification.
  *
+ * 
+ * The "Authorized redirect URIs" used when creating the credentials must include your full domain and end in the callback path. For example;
+ *
+ * ![스크린샷 2023-11-28 오후 9 27 41](https://github.com/nextauthjs/next-auth/assets/66895208/7d4c2df6-45a6-4937-bb10-4b47c987bff4)
+ * 
+ * - For production: `https://{YOUR_DOMAIN}/api/auth/callback/kakao`
+ * - For development: `http://localhost:3000/api/auth/callback/kakao`
+ * 
  * :::tip
  *
  * The Kakao provider comes with a [default configuration](https://github.com/nextauthjs/next-auth/blob/main/packages/core/src/providers/kakao.ts).
  * To override the defaults for your use case, check out [customizing a built-in OAuth provider](https://authjs.dev/guides/providers/custom-provider#override-default-options).
- *
+ * 
+ * :::
+ * 
+ * :::tip
+ * 
+ * Kakao's client key is in **Summary(It is written as 요약정보 in Korean.) tab's App Keys Field**  
+ * (My Application > App Settings > Summary)  
+ * 
+ * ![스크린샷 2023-11-28 오후 9 47 17](https://github.com/nextauthjs/next-auth/assets/66895208/a87e5705-26b9-4f83-99d7-6df097a3632c)
+ * 
+ * Kakao's clientSecret key is in **Security(It is written as 보안 in Korean.) tab's App Keys Field**  
+ * (My Application > Product Settings > Kakao Login > Security)  
+ * 
+ * ![스크린샷 2023-11-28 오후 9 38 25](https://github.com/nextauthjs/next-auth/assets/66895208/6a763921-4f70-40f4-a3e1-9abc78276d45)
+ * 
+ * :::
+ * 
+ * :::tip
+ * 
+ * Kakao dev console has a button at the top right to change from KR to ENG
+ * 
  * :::
  *
  * :::info **Disclaimer**

packages/core/test/constants.ts

@@ -5,5 +5,8 @@ export const AUTH_SECRET = "secret"
 const makeAuthAction = (action: string) => `${AUTH_URL}/${action}`
 
 export const SESSION_ACTION = makeAuthAction("session")
+export const CALLBACK_ACTION = makeAuthAction("callback")
+export const ERROR_ACTION = makeAuthAction("error")
+
 export const SESSION_COOKIE_NAME = "__Secure-authjs.session-token"
 export const CSRF_COOKIE_NAME = "__Host-authjs.csrf-token"