next-auth
next-auth copied to clipboard
nextauthjs
feat(adapters): update fauna adapter for fql v10
This PR tries to do the same as https://github.com/nextauthjs/next-auth/pull/8403. Rather than make a PR to @linzjax's branch, i thought it would be easier to open a new PR.
โ๏ธ Reasoning
Fauna's new query language, FQL v10, has been out for a while. This PR updates adapter-fauna to use FQL v10 and the new conventions that have come from Fauna's side.
Breakdown of changes:
- Use singular, uppercase names for collections (this is the new naming schema Fauna uses in their examples)
- Stop using
fauna-schema-migrate, and instead use the Fauna CLI and FSL for defining the collections and indexes - Switch from the
faunadbto thefaunapackage and refactor all queries from FQL v4 to FQL v10 - Update the documentation and add a "Migrating from v1" section
๐งข Checklist
- [x] Documentation
- [x] Tests
- [x] Ready to be merged
๐ซ Affected issues
Fixes: https://github.com/nextauthjs/next-auth/issues/8394
๐ Resources
The latest updates on your projects. Learn more about Vercel for Git โ๏ธ
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| auth-docs | โ Ready (Inspect) | Visit Preview | ๐ฌ Add feedback | Mar 1, 2024 4:42pm |
1 Ignored Deployment
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| next-auth-docs | โฌ๏ธ Ignored (Inspect) | Visit Preview | Mar 1, 2024 4:42pm |
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hi @ndom91 & @balazsorban44. It would be amazing if we could get this merged. We are currently migrating our app to next-auth and we want to use the new naming conventions Fauna uses for collections. The tests are all passing๐
Thanks for your work on Auth.js!
@employee451 is attempting to deploy a commit to the authjs Team on Vercel.
A member of the Team first needs to authorize it.
๐จ Potential security issues detected. Learn more about Socket for GitHub โ๏ธ
To accept the risk, merge this PR and you will not be notified again.
| Alert | Package | Note | Source |
|---|---|---|---|
| Install scripts | npm/[email protected] |
| |
| Install scripts | npm/@sveltejs/[email protected] |
| |
| Telemetry | npm/[email protected] |
| |
| Telemetry | npm/[email protected] |
|
Next steps
What is an install script?
Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.
What is telemetry?
This package contains telemetry which tracks how it is used.
Most telemetry comes with settings to disable it. Consider disabling telemetry if you do not want to be tracked.
Take a deeper look at the dependency
Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.
Remove the package
If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.
Mark a package as acceptable risk
To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all
@SocketSecurity ignore npm/[email protected]@SocketSecurity ignore npm/@sveltejs/[email protected]@SocketSecurity ignore npm/[email protected]@SocketSecurity ignore npm/[email protected]
![socket-security[bot] avatar](https://avatars.githubusercontent.com/in/156372?v=4 "Published by a pub.dev verified publisher"){kind=small}
@balazsorban44 Thanks for your help with this PR. The tests should be passing now (can you confirm?). Except for the two unresolved conversations above, we should be ready to merge
Sorry if I'm being pushy. We really want to get this merged so we can switch from Auth0 to next-auth with an email provider. I've made the changes you requested and the tests are passing properly now โ ๐ @balazsorban44 @ndom91 @ThangHuuVu
Comments to look at:
- https://github.com/nextauthjs/next-auth/pull/9849#discussion_r1477870614
- https://github.com/nextauthjs/next-auth/pull/9849#discussion_r1479334645
Hey @employee451 first of all thanks for the contribution!
Can you give me a short run down of the implications of this for existing fauna adapter users?
Hey @employee451 first of all thanks for the contribution!
Can you give me a short run down of the implications of this for existing fauna adapter users?
Thanks for your reply @ndom91!
Existing Fauna adapter users will need to use a Fauna client from the new fauna library instead of the old faunadb. Additionally, they will have to rename the auth collections that the adapter uses. This is explained in the new "Migrating from v1" section I've added to the adapter docs:
In v2, we've renamed the collections to use uppercase naming, in accordance with Fauna best practices. If you're migrating from v1, you'll need to rename your collections to match the new naming scheme.
Additionally, we've renamed the indexes to match the new method-like index names. Please see above for the new index definitions.
LGTM ๐
Thanks! What needs to happen to get this merged? Do we need @balazsorban44 to approve the changes?
@employee451 what do you think about this migration script in FQL? Looks like it should do the trick to me:
Collection.byName("accounts")!.update({
name: "Account"
indexes: {
byUserId: {
terms: [{ field: "userId" }]
},
byProviderAndProviderAccountId: {
terms: [{ field: "provider" }, { field: "providerAccountId" }]
}
}
})
Collection.byName("sessions")!.update({
name: "Session",
indexes: {
bySessionToken: {
terms: [{ field: "sessionToken" }]
},
byUserId: {
terms: [{ field: "userId" }]
},
}
})
Collection.byName("users")!.update({
name: "User",
indexes: {
byEmail: {
terms: [{ field: "email" }]
},
}
})
Collection.byName("verification_tokens")!.update({
name: "VerificationToken",
indexes: {
byIdentifierAndToken: {
terms: [{ field: "identifier" }, { field: "token" }]
},
}
})
I can merge it, but we'll need someone else to cut a release. We plan on doign that this weekend anyway. No need to tag anyone else :wink: :+1:
@employee451 what do you think about this migration script in FQL? Looks like it should do the trick to me:
Collection.byName("accounts")!.update({ name: "Account" indexes: { byUserId: { terms: [{ field: "userId" }] }, byProviderAndProviderAccountId: { terms: [{ field: "provider" }, { field: "providerAccountId" }] } } }) Collection.byName("sessions")!.update({ name: "Session", indexes: { bySessionToken: { terms: [{ field: "sessionToken" }] }, byUserId: { terms: [{ field: "userId" }] }, } }) Collection.byName("users")!.update({ name: "User", indexes: { byEmail: { terms: [{ field: "email" }] }, } }) Collection.byName("verification_tokens")!.update({ name: "VerificationToken", indexes: { byIdentifierAndToken: { terms: [{ field: "identifier" }, { field: "token" }] }, } })I can merge it, but we'll need someone else to cut a release. We plan on doign that this weekend anyway. No need to tag anyone else ๐ ๐
The script looks good๐
Ah forgot to drop the existing indexes, here's a slightly updated one:
Collection.byName("accounts")!.update({
name: "Account"
indexes: {
byUserId: {
terms: [{ field: "userId" }]
},
byProviderAndProviderAccountId: {
terms: [{ field: "provider" }, { field: "providerAccountId" }]
},
account_by_provider_and_provider_account_id: null,
accounts_by_user_id: null
}
})
Collection.byName("sessions")!.update({
name: "Session",
indexes: {
bySessionToken: {
terms: [{ field: "sessionToken" }]
},
byUserId: {
terms: [{ field: "userId" }]
},
session_by_session_token: null,
sessions_by_user_id: null
}
})
Collection.byName("users")!.update({
name: "User",
indexes: {
byEmail: {
terms: [{ field: "email" }]
},
user_by_email: null
}
})
Collection.byName("verification_tokens")!.update({
name: "VerificationToken",
indexes: {
byIdentifierAndToken: {
terms: [{ field: "identifier" }, { field: "token" }]
},
verification_token_by_identifier_and_token: null
}
})
If you also think its good, lets include it in the docs. What do you think?
If you also think its good, lets include it in the docs. What do you think?
Oh right, good idea to drop the previous indexes. Approved by me. Let's include it in the docs๐
Awesome, if you cuold add that to this PR, i'll approve it again ๐
Done!
New and removed dependencies detected. Learn more about Socket for GitHub โ๏ธ
๐ฎ Removed packages: npm/@actions/[email protected], npm/@auth/[email protected], npm/@auth/[email protected], npm/@aws-sdk/[email protected], npm/@aws-sdk/[email protected]
Okay merged it, thanks again! Like I said, we plan on getting a release out this weekend, so I'll keep you posted :+1: