From bd4fc24e6f5d043e5488f099e6114e8cd1f8c524 Mon Sep 17 00:00:00 2001 From: "swyx.io" Date: Wed, 5 Jul 2023 11:45:35 -0400 Subject: [PATCH 1/2] Update .env.example --- .env.example | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.env.example b/.env.example index b98ddb8d8..d7394514a 100644 --- a/.env.example +++ b/.env.example @@ -9,8 +9,8 @@ AUTH_SECRET=XXXXXXXX AUTH_GITHUB_ID=XXXXXXXX AUTH_GITHUB_SECRET=XXXXXXXX # Support OAuth login on preview deployments, see: https://authjs.dev/guides/basics/deployment#securing-a-preview-deployment -# Set the following only when deployed. We recommend using a different OAuth app for development/production. -# AUTH_REDIRECT_PROXY_URL=https://auth.example.com/api/auth +# Set the following only when deployed. In this example, we can reuse the same OAuth app, but if you are storing users, we recommend using a different OAuth app for development/production so that you don't mix your test and production user base. +# AUTH_REDIRECT_PROXY_URL=https://YOURAPP.vercel.app/api/auth # Instructions to create kv database here: https://vercel.com/docs/storage/vercel-kv/quickstart and KV_URL=XXXXXXXX From ced218b9dd71d04822dcc746cd6a5a187200e087 Mon Sep 17 00:00:00 2001 From: "swyx.io" Date: Wed, 5 Jul 2023 12:00:46 -0400 Subject: [PATCH 2/2] Comment suggestions for auth.ts --- auth.ts | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/auth.ts b/auth.ts index d272d78db..7a660f0fd 100644 --- a/auth.ts +++ b/auth.ts @@ -1,6 +1,5 @@ import NextAuth, { type DefaultSession } from 'next-auth' import GitHub from 'next-auth/providers/github' -import { NextResponse } from 'next/server' declare module 'next-auth' { interface Session { @@ -14,7 +13,7 @@ declare module 'next-auth' { export const { handlers: { GET, POST }, auth, - CSRF_experimental + CSRF_experimental // will be removed in future } = NextAuth({ providers: [GitHub], callbacks: { @@ -26,10 +25,10 @@ export const { return token }, authorized({ auth }) { - return !!auth?.user + return !!auth?.user // this ensures there is a logged in user for -every- request } }, pages: { - signIn: '/sign-in' + signIn: '/sign-in' // overrides the next-auth default signin page https://authjs.dev/guides/basics/pages } })