Theo's Typesafe Cult•12mo ago

Extend next-auth session with drizzle adapter

I followed the steps to extend the next-auth session object with a custom userRole property. I extended the Session and User interface, I have the userRole property in my Users DB table and I include the role in the session callback in authOptions. The only type error that I am getting is from the adapter (DrizzleAdapter). But when I check the session object the role property is missing. I've searched everywhere but I cannot figure it out or find a solution. Does anyone have the same problem or know a fix?

51 Replies

IkBenJur•12mo ago

I have never done this myself but reading the docs. Did you add the profile callback in the providers array? This is what the docs says for adding roles to users: The profile() callback's return value is used to create users in the database. That's it! Your newly created users will now have an assigned role. If you also want to use the role on the client, you can expose it via the session callback.

IkBenJur•12mo ago

The link if you want to read the rest btw https://authjs.dev/guides/basics/role-based-access-control

Role-based access control | Auth.js

There are two ways to add role-based access control (RBAC) to your application, based on the session strategy you choose. Let's see an example for each of these.

IkBenJur•12mo ago

Actually now that I’m thinking. Did you set a default value for the role in your schema? Let’s say you create a new user in your db and you don’t set the role manually. Don’t have a default value set in the schema either and try to access the role through user.role in the session. The user.role will be empty and thus the role field will never be passed along right? Or am I thinking wrong

Steve Melons•12mo ago

Thanks for the feedback, and yes I have done all those things. I figured it out. It is actually a bug. The next-auth Drizzle Adapter only fetches the defaults from the db I created an issue but sadly it keeps getting closed because of the reproduction 😦

Steve Melons•12mo ago

https://github.com/nextauthjs/next-auth/issues/9296

GitHub

DrizzleAdapter overwrites custom tables with defaults · Issue #9296...

Adapter type @auth/drizzle-adapter Environment System: OS: Linux 5.15 Ubuntu 20.04.4 LTS (Focal Fossa) CPU: (32) x64 13th Gen Intel(R) Core(TM) i9-13900K Memory: 11.79 GB / 15.49 GB Container: Yes ...

AnonymousSmoothBrain•12mo ago

+1 to this bug

EnricoBaivo•11mo ago

Hello Steve Melons, did you find a solution to extend the User data that is inserted on create ?

stunaz•11mo ago

what i found is that, it just doesnt work using database as session strategy. its work when you are using jwt as the session strategie, then additionnal fiels are stored with in the jwt token, and you retrieve if from there to add to your session

Josh•11mo ago

this works fine in my repo

Josh•11mo ago

https://github.com/GentikSolm/t3-app-dir

GitHub

GitHub - GentikSolm/t3-app-dir: t3 app dir boilerplate

t3 app dir boilerplate. Contribute to GentikSolm/t3-app-dir development by creating an account on GitHub.

Josh•11mo ago

I'm about to massively overhaul that repo, bit it should show you how to extend it it not really a bug as much as it is an adapter issue. they can't do much from their end because they have drizzle orm files inhouse for the user table so their user data is actually different from yours in the drizzle adapter this works with extra columns, it just won't grab them unless you explicitly override them which is what I did, and honestly it's not much worth at all and even gives you a better idea of what's going on under the hood

EnricoBaivo•11mo ago

Thanks for you responses ! Yeah, due to research i also ended up making my own adapter, but i am struggling with the correct Typeing.

declare module "@auth/core/adapters" {
  interface AdapterUser {
    id: string;
    email: string;
    emailVerified: Date | null;
    image: string;
    osuUserId: number;
    isAdmin: boolean;
    isAlphaTester: boolean;
    isBetaTester: boolean;
    isNew: boolean;
    createdAt: Date | null;
    updatedAt: Date | null;
    lastLogin: Date | null;
  }
}
declare module "@auth/core/types" {
  interface AdapterUser {
    emailVerified: Date | null;
    osuUserId: number;
    username: string;
    isAdmin: boolean;
    image: string;
    isAlphaTester: boolean;
    isBetaTester: boolean;
    isNew: boolean;
    createdAt: Date | null;
    updatedAt: Date | null;
    lastLogin: Date | null;
  }
}

declare module "@auth/core/adapters" {
  interface AdapterUser {
    id: string;
    email: string;
    emailVerified: Date | null;
    image: string;
    osuUserId: number;
    isAdmin: boolean;
    isAlphaTester: boolean;
    isBetaTester: boolean;
    isNew: boolean;
    createdAt: Date | null;
    updatedAt: Date | null;
    lastLogin: Date | null;
  }
}
declare module "@auth/core/types" {
  interface AdapterUser {
    emailVerified: Date | null;
    osuUserId: number;
    username: string;
    isAdmin: boolean;
    image: string;
    isAlphaTester: boolean;
    isBetaTester: boolean;
    isNew: boolean;
    createdAt: Date | null;
    updatedAt: Date | null;
    lastLogin: Date | null;
  }
}

Type '(data: Omit<AdapterUser, "id">) => Promise<AdapterUser | { [x: string]: any; } | undefined>' is not assignable to type '(user: Omit<AdapterUser, "id">) => Awaitable<AdapterUser>'.
  Type 'Promise<AdapterUser | { [x: string]: any; } | undefined>' is not assignable to type 'Awaitable<AdapterUser>'.
    Type 'Promise<AdapterUser | { [x: string]: any; } | undefined>' is not assignable to type 'PromiseLike<AdapterUser>'.
      Types of property 'then' are incompatible.
        Type '<TResult1 = AdapterUser | { [x: string]: any; } | undefined, TResult2 = never>(onfulfilled?: ((value: AdapterUser | { [x: string]: any; } | undefined) => TResult1 | PromiseLike<TResult1>) | null | undefined, onrejected?: ((reason: any) => TResult2 | PromiseLike<...>) | ... 1 more ... | undefined) => Promise<...>' is not assignable to type '<TResult1 = AdapterUser, TResult2 = never>(onfulfilled?: ((value: AdapterUser) => TResult1 | PromiseLike<TResult1>) | null | undefined, onrejected?: ((reason: any) => TResult2 | PromiseLike<...>) | ... 1 more ... | undefined) => PromiseLike<...>'.
          Types of parameters 'onfulfilled' and 'onfulfilled' are incompatible.
            Types of parameters 'value' and 'value' are incompatible.
              Type 'AdapterUser | { [x: string]: any; } | undefined' is not assignable to type 'AdapterUser'.
                Type 'undefined' is not assignable to type 'AdapterUser'.ts(2322)
adapters.d.ts(257, 5): The expected type comes from property 'createUser' which is declared here on type 'Adapter'

Type '(data: Omit<AdapterUser, "id">) => Promise<AdapterUser | { [x: string]: any; } | undefined>' is not assignable to type '(user: Omit<AdapterUser, "id">) => Awaitable<AdapterUser>'.
  Type 'Promise<AdapterUser | { [x: string]: any; } | undefined>' is not assignable to type 'Awaitable<AdapterUser>'.
    Type 'Promise<AdapterUser | { [x: string]: any; } | undefined>' is not assignable to type 'PromiseLike<AdapterUser>'.
      Types of property 'then' are incompatible.
        Type '<TResult1 = AdapterUser | { [x: string]: any; } | undefined, TResult2 = never>(onfulfilled?: ((value: AdapterUser | { [x: string]: any; } | undefined) => TResult1 | PromiseLike<TResult1>) | null | undefined, onrejected?: ((reason: any) => TResult2 | PromiseLike<...>) | ... 1 more ... | undefined) => Promise<...>' is not assignable to type '<TResult1 = AdapterUser, TResult2 = never>(onfulfilled?: ((value: AdapterUser) => TResult1 | PromiseLike<TResult1>) | null | undefined, onrejected?: ((reason: any) => TResult2 | PromiseLike<...>) | ... 1 more ... | undefined) => PromiseLike<...>'.
          Types of parameters 'onfulfilled' and 'onfulfilled' are incompatible.
            Types of parameters 'value' and 'value' are incompatible.
              Type 'AdapterUser | { [x: string]: any; } | undefined' is not assignable to type 'AdapterUser'.
                Type 'undefined' is not assignable to type 'AdapterUser'.ts(2322)
adapters.d.ts(257, 5): The expected type comes from property 'createUser' which is declared here on type 'Adapter'

Josh•11mo ago

just look at the repo I linked and check out how I do it

Dor•11mo ago

why is this working out of the box with Prisma but not with drizzle? they need to fix this. I wasted 2 days finding solutions

Josh•11mo ago

this is not a paid product, it is open source. if it want something fixed that badly do it yourself. these people are working completely for free on these amazing projects. just because it doesn't exactly fit your needs gives you no right to be angry about it

EnricoBaivo•11mo ago

I mean i did it also like you did but im using MySQL and i cant return on insert. So i do a select return but this could be null and the create callback dosent allow that:

     async createUser(data) {
      const id = crypto.randomUUID();
      await client.insert(users).values({ ...data, id });
      return await client.query.users
        .findFirst({
          where: (fields, operations) => operations.eq(fields.id, id),
        })
        .then((res) => res ?? null);
    },

     async createUser(data) {
      const id = crypto.randomUUID();
      await client.insert(users).values({ ...data, id });
      return await client.query.users
        .findFirst({
          where: (fields, operations) => operations.eq(fields.id, id),
        })
        .then((res) => res ?? null);
    },

 .....updatedAt: string; } | null' is not assignable to type 'AdapterUser'.
                Type 'null' is not assignable to type 'AdapterUser'.ts(2322)

 .....updatedAt: string; } | null' is not assignable to type 'AdapterUser'.
                Type 'null' is not assignable to type 'AdapterUser'.ts(2322)

Josh•11mo ago

1. you shouldnt be mixing .then with await 2. since we just inserted the user, we can be very sure the user exists in the db, so you can safely tell typescript that it will for sure not be null

Dinocan•10mo ago

I found the solution for my project, I hope it will be a solution for you too.

import { env } from "@/env";
import { db } from "@/server/db";
import { accounts, sessions, sqliteTable, users, verificationTokens } from "@/server/db/schema";
import { DrizzleAdapter } from "@auth/drizzle-adapter";
import { type SQLiteTableFn } from "drizzle-orm/sqlite-core";
import {
  getServerSession,
  type DefaultSession,
  type NextAuthOptions,
} from "next-auth";
import type { Adapter } from 'next-auth/adapters';
import DiscordProvider from "next-auth/providers/discord";

declare module "next-auth" {
  interface Session extends DefaultSession {
    user: {
      id: string;
      role: "BANNED" | "USER" | "MODERATOR" | "ADMIN";
      points: number;
    } & DefaultSession["user"];
  }

  interface User {
    role: "BANNED" | "USER" | "MODERATOR" | "ADMIN";
    points: number;
  }
}

type TableFnParams = Parameters<SQLiteTableFn>;
function dumbAdapter (
  name: TableFnParams[0],
  columns: TableFnParams[1],
  extraConfig: TableFnParams[2],
) {
  switch (name) {
    case "user":
      return users;
    case "account":
      return accounts;
    case "session":
      return sessions;
    case "verification_token":
      return verificationTokens;
    default:
      return sqliteTable(name, columns, extraConfig);
  }
};

export const authOptions: NextAuthOptions = {
  callbacks: {
    session: ({ session, user }) => ({
      ...session,
      user: {
        ...session.user,
        id: user.id,
        role: user.role,
        points: user.points,
      },
    }),
  },
  adapter: DrizzleAdapter(db, dumbAdapter as SQLiteTableFn<undefined>) as Adapter,
  providers: [
    DiscordProvider({
      clientId: env.DISCORD_CLIENT_ID,
      clientSecret: env.DISCORD_CLIENT_SECRET,
    }),
  ],
};

export const getServerAuthSession = () => getServerSession(authOptions);

import { env } from "@/env";
import { db } from "@/server/db";
import { accounts, sessions, sqliteTable, users, verificationTokens } from "@/server/db/schema";
import { DrizzleAdapter } from "@auth/drizzle-adapter";
import { type SQLiteTableFn } from "drizzle-orm/sqlite-core";
import {
  getServerSession,
  type DefaultSession,
  type NextAuthOptions,
} from "next-auth";
import type { Adapter } from 'next-auth/adapters';
import DiscordProvider from "next-auth/providers/discord";

declare module "next-auth" {
  interface Session extends DefaultSession {
    user: {
      id: string;
      role: "BANNED" | "USER" | "MODERATOR" | "ADMIN";
      points: number;
    } & DefaultSession["user"];
  }

  interface User {
    role: "BANNED" | "USER" | "MODERATOR" | "ADMIN";
    points: number;
  }
}

type TableFnParams = Parameters<SQLiteTableFn>;
function dumbAdapter (
  name: TableFnParams[0],
  columns: TableFnParams[1],
  extraConfig: TableFnParams[2],
) {
  switch (name) {
    case "user":
      return users;
    case "account":
      return accounts;
    case "session":
      return sessions;
    case "verification_token":
      return verificationTokens;
    default:
      return sqliteTable(name, columns, extraConfig);
  }
};

export const authOptions: NextAuthOptions = {
  callbacks: {
    session: ({ session, user }) => ({
      ...session,
      user: {
        ...session.user,
        id: user.id,
        role: user.role,
        points: user.points,
      },
    }),
  },
  adapter: DrizzleAdapter(db, dumbAdapter as SQLiteTableFn<undefined>) as Adapter,
  providers: [
    DiscordProvider({
      clientId: env.DISCORD_CLIENT_ID,
      clientSecret: env.DISCORD_CLIENT_SECRET,
    }),
  ],
};

export const getServerAuthSession = () => getServerSession(authOptions);

Yiannis•10mo ago

I found a solution to this a while ago by julius: https://github.com/nextauthjs/next-auth/pull/8561

GitHub

feat(adapter-drizzle): add option to pass in schema by juliusmarmin...

☕️ Reasoning In other adapters, the adapter returns the entire table so if you have additional fields they will also be returned when the adapter queries the table. A good example here is if your ...

Yiannis•10mo ago

basically overrides a function of the drizzle adaptor. Still need to augment the interface and add the field to the db, but now the adaptor will actually fetch it

Yiannis•10mo ago

You need to also make sure you augment the right module https://github.com/nextauthjs/next-auth/pull/9462

GitHub

fix(docs): updated typescript module imports by Huijiro · Pull Requ...

☕️ Reasoning As discussed in #8948, #9253, and #9377, some augmentation of types in the documentation is wrong, this pull request aims to solve those issues by updating the documentation. I also ad...

Gaming

Programming

Extend next-auth session with drizzle adapter