feat: token provider

[ThangHuuVu]

☕️ Reasoning

This PR introduces the following changes:

• add tokenId and tokenIdVerified to AdapterUser. We set them similar to how we set email and emailVerified. email and emailVerified are kept around to keep migration effort low.
• adapter.getUserByEmail is changed to adapter.getUserByTokenId. This requires a lot of changes to follow in the adapters package.
• add a Token provider. By default, it will throw an error for sendVerificationToken, signaling that if the developer use this provider, they should implement this method.
• Email provider is now SmtpEmail provider with specific settings for SMTP-based email servers. It works just like before, the name changing should not break anything, since this is a default export. This is to distinguish with the other HTTP-based email provider that we want to add in the future, like SendGrid.

🧢 Checklist

• Documentation
• Tests
• Ready to be merged

🎫 Affected issues

Please scout and link issues that might be solved by this PR.

Addressing #1465

📌 Resources

• Security guidelines
• Contributing guidelines
• Code of conduct
• Contributing to Open Source

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
auth-docs	❌ Failed (Inspect)			Aug 25, 2023 4:46am

2 Ignored Deployments

Name	Status	Preview	Comments	Updated (UTC)
auth-docs-nextra	⬜️ Ignored (Inspect)	Visit Preview		Aug 25, 2023 4:46am
next-auth-docs	⬜️ Ignored (Inspect)	Visit Preview		Aug 25, 2023 4:46am

[balazsorban44]

I was thinking that we could refactor things in a way that the email provider essentially just implements the token provider, so we don't need another provider type, just renaming "email" to "token" internally.

[ThangHuuVu]

@balazsorban44 do you think we should 🚢 this with v5? Let me know what you think of the current state of this PR. 👀

[philbaker4]

Cross posting my RFC #1465 comment for reference