Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add option for custom generateSessionToken #5328

Merged
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 6 additions & 0 deletions docs/docs/configuration/options.md
Expand Up @@ -114,6 +114,12 @@ session: {
// Use it to limit write operations. Set to 0 to always update the database.
// Note: This option is ignored if using JSON Web Tokens
updateAge: 24 * 60 * 60, // 24 hours

// The session token is usually either a random UUID or string, however if you
// need a more customized session token string, you can define your own generate function.
generateSessionToken: () => {
return randomUUID?.() ?? randomBytes(32).toString("hex")
}
}
```

Expand Down
5 changes: 5 additions & 0 deletions packages/next-auth/src/core/init.ts
@@ -1,3 +1,4 @@
import { randomBytes, randomUUID } from "crypto"
import { NextAuthOptions } from ".."
import logger from "../utils/logger"
import parseUrl from "../utils/parse-url"
Expand Down Expand Up @@ -86,6 +87,10 @@ export async function init({
strategy: userOptions.adapter ? "database" : "jwt",
maxAge,
updateAge: 24 * 60 * 60,
generateSessionToken: () => {
// Use `randomUUID` if available. (Node 15.6++)
balazsorban44 marked this conversation as resolved.
Show resolved Hide resolved
return randomUUID?.() ?? randomBytes(32).toString("hex")
},
...userOptions.session,
},
// JWT options
Expand Down
8 changes: 1 addition & 7 deletions packages/next-auth/src/core/lib/callback-handler.ts
@@ -1,4 +1,3 @@
import { randomBytes, randomUUID } from "crypto"
import { AccountNotLinkedError } from "../errors"
import { fromDate } from "./utils"

Expand Down Expand Up @@ -37,7 +36,7 @@ export default async function callbackHandler(params: {
adapter,
jwt,
events,
session: { strategy: sessionStrategy },
session: { strategy: sessionStrategy, generateSessionToken },
} = options

// If no adapter is configured then we don't have a database and cannot
Expand Down Expand Up @@ -219,8 +218,3 @@ export default async function callbackHandler(params: {
}
}
}

function generateSessionToken() {
// Use `randomUUID` if available. (Node 15.6++)
return randomUUID?.() ?? randomBytes(32).toString("hex")
}
7 changes: 7 additions & 0 deletions packages/next-auth/src/core/types.ts
Expand Up @@ -468,6 +468,13 @@ export interface SessionOptions {
* @default 86400 // 1 day
*/
updateAge: number
/**
* Generate a custom session token for database-based sessions.
* By default, a random UUID or string is generated depending on Node version
* however, you can specific your own custom string (such as cuids) to be used.
* @default randomUUID or randomBytes.toHex depending on Node version
balazsorban44 marked this conversation as resolved.
Show resolved Hide resolved
*/
generateSessionToken: () => string
}

export interface DefaultUser {
Expand Down