Add a URL/Webhook Provider

[tmayr]

Summary of proposed feature
This would be a similar strategy Email, the main difference would be that it let's you pick an attribute to identify your users and returns an valid URL to be able to continue the flow, how you send that URL to the user is 100% up to you.

Purpose of proposed feature
Main motivation for this is that I need to send Authentication links through a Message Provider and not via email, this entails a few things:

• My method of delivery is 100% custom, more akin to a Webhook than anything
• My main identifier is not credentials, nor email, but the phoneNumber of the user, which in this case is a custom attribute, not handled by next-auth but extended via models by me, and could be any other attribute if intended
• the URL Provider could in the near future be used by the email provider, as the primitive is just generating a URL based on a attribute (email) and value (user email)

Detail about proposed feature
I have a very crude PoC running, but this follows 90% of the same flow as the email provider does, except it takes an attribute name and value instead of assuming email, you would use a attribute:value format to store it

Potential problems
I don't foresee any real issues other than quite a bit of code repetition as the flow is, as stated before, 90% like the email, this is definitely a solvable problem in the future as we could just migrate the email provider to use the more generic methods of the url provider in the future.

Describe any alternatives you've considered
I don't see any alternatives as having an arbitrary unique identifier is currently not supported, as for the approach, I thought of naming it webhook provider but since the implementation after getting the URL could be anything, I opted for URL provider, open to changing the name to whatever makes more sense.

Obviously, happy to contribute the PR to this if it's something that sounds interesting for the project itself.

[iaincollins]

Thanks for raising this! Things are a little busy getting v3 in shape for release, but I would love to pick this one up when that is done.

I had something like this in mind when working on the email verification so tried to keep the mechanism generic but I didn't give the actual flows much thought (beyond maybe assuming it might be useful to store different types of token).

I wonder if adding some sort of callback to providers - or supporting the verification callback used in the email provider - in any provider might be good direction.

I'd be interested in a PoC, but actually just a step by step walk through of what the functionality should be might be really helpful as might be able to take an approach that is as generic as possible so can work for other scenarios.

I think using custom credentials (with a custom model) to trigger some sort of verification flow via a phone number shouldn't actually be technically difficult to get to if we can map out the flow!

[tmayr]

Yeah actually the email is just the exact same flow but with the email attribute, basically the ´sendVerificationRequest´ is our callback/url that is supposed to be custom implemented.

Left a PR with tons of comments, excuse the messiness of prettier!, let's follow the discussion there

[ndom91]

Closing this issue as discussion has continued in #409.

Feel free to reopen if anything new arises.