Skip to content

Commit

Permalink
feat: Store user ID in sub claim of default JWT (nextauthjs#784)
Browse files Browse the repository at this point in the history
This allows us to check if the user is signed in when using JWTs

Part of nextauthjs#625
  • Loading branch information
mnphpexpert committed Feb 1, 2021
1 parent c34fee5 commit 41b498b
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 4 deletions.
4 changes: 2 additions & 2 deletions src/server/lib/callback-handler.js
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,8 @@ export default async (sessionToken, profile, providerAccount, options) => {
if (useJwtSession) {
try {
session = await jwt.decode({ ...jwt, token: sessionToken })
if (session && session.user) {
user = await getUser(session.user.id)
if (session && session.sub) {
user = await getUser(session.sub)
isSignedIn = !!user
}
} catch (e) {
Expand Down
6 changes: 4 additions & 2 deletions src/server/routes/callback.js
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,8 @@ export default async (req, res, options, done) => {
const defaultJwtPayload = {
name: user.name,
email: user.email,
picture: user.image
picture: user.image,
sub: user.id.toString()
}
const jwtPayload = await callbacks.jwt(defaultJwtPayload, user, account, OAuthProfile, isNewUser)

Expand Down Expand Up @@ -177,7 +178,8 @@ export default async (req, res, options, done) => {
const defaultJwtPayload = {
name: user.name,
email: user.email,
picture: user.image
picture: user.image,
sub: user.id.toString()
}
const jwtPayload = await callbacks.jwt(defaultJwtPayload, user, account, profile, isNewUser)

Expand Down

0 comments on commit 41b498b

Please sign in to comment.