chore(docs): cleanup refresh-token-rotation

ndom91 · ndom91 · commit 4da36a1573a6 · 2024-04-17T21:19:09.000+02:00
diff --git a/docs/pages/guides/refresh-token-rotation.mdx b/docs/pages/guides/refresh-token-rotation.mdx
@@ -31,16 +31,16 @@ Below is a sample implementation using Google's Identity Provider. Please note t
 <Code>
   <Code.Next>
 
-```ts
-import { Auth } from "@auth/core"
-import { type TokenSet } from "@auth/core/types"
-import Google from "@auth/core/providers/google"
+```ts filename="./auth.ts"
+import NextAuth from "next-auth"
+import { type TokenSet } from "next-auth/types"
+import Google from "next-auth/providers/google"
 
-export default Auth(new Request("https://example.com"), {
+export const { handlers, auth } = NextAuth({
   providers: [
     Google({
-      clientId: process.env.GOOGLE_ID,
-      clientSecret: process.env.GOOGLE_SECRET,
+      clientId: process.env.AUTH_GOOGLE_ID,
+      clientSecret: process.env.AUTH_GOOGLE_SECRET,
       authorization: { params: { access_type: "offline", prompt: "consent" } },
     }),
   ],
@@ -64,8 +64,8 @@ export default Auth(new Request("https://example.com"), {
           const response = await fetch("https://oauth2.googleapis.com/token", {
             headers: { "Content-Type": "application/x-www-form-urlencoded" },
             body: new URLSearchParams({
-              client_id: process.env.GOOGLE_ID,
-              client_secret: process.env.GOOGLE_SECRET,
+              client_id: process.env.AUTH_GOOGLE_ID,
+              client_secret: process.env.AUTH_GOOGLE_SECRET,
               grant_type: "refresh_token",
               refresh_token: token.refresh_token,
             }),
@@ -98,13 +98,13 @@ export default Auth(new Request("https://example.com"), {
   },
 })
 
-declare module "@auth/core/types" {
+declare module "next-auth" {
   interface Session {
     error?: "RefreshAccessTokenError"
   }
 }
 
-declare module "@auth/core/jwt" {
+declare module "next-auth/jwt" {
   interface JWT {
     access_token: string
     expires_at: number
@@ -124,21 +124,21 @@ Using the database strategy is very similar, but instead of preserving the `acce
 <Code>
   <Code.Next>
 
-```ts
-import { Auth } from "@auth/core"
-import { type TokenSet } from "@auth/core/types"
-import Google from "@auth/core/providers/google"
+```ts filename="./auth.ts"
+import NextAuth from "next-auth"
+import { type TokenSet } from "next-auth/types"
+import Google from "next-auth/providers/google"
 import { PrismaAdapter } from "@auth/prisma-adapter"
 import { PrismaClient } from "@prisma/client"
 
 const prisma = new PrismaClient()
 
-export default Auth(new Request("https://example.com"), {
+export const { handlers, auth } = NextAuth({
   adapter: PrismaAdapter(prisma),
   providers: [
     Google({
-      clientId: process.env.GOOGLE_ID,
-      clientSecret: process.env.GOOGLE_SECRET,
+      clientId: process.env.AUTH_GOOGLE_ID,
+      clientSecret: process.env.AUTH_GOOGLE_SECRET,
       authorization: { params: { access_type: "offline", prompt: "consent" } },
     }),
   ],
@@ -155,8 +155,8 @@ export default Auth(new Request("https://example.com"), {
           const response = await fetch("https://oauth2.googleapis.com/token", {
             headers: { "Content-Type": "application/x-www-form-urlencoded" },
             body: new URLSearchParams({
-              client_id: process.env.GOOGLE_ID,
-              client_secret: process.env.GOOGLE_SECRET,
+              client_id: process.env.AUTH_GOOGLE_ID,
+              client_secret: process.env.AUTH_GOOGLE_SECRET,
               grant_type: "refresh_token",
               refresh_token: google.refresh_token,
             }),
@@ -191,13 +191,13 @@ export default Auth(new Request("https://example.com"), {
   },
 })
 
-declare module "@auth/core/types" {
+declare module "next-auth" {
   interface Session {
     error?: "RefreshAccessTokenError"
   }
 }
 
-declare module "@auth/core/jwt" {
+declare module "next-auth/jwt" {
   interface JWT {
     access_token: string
     expires_at: number
@@ -212,7 +212,7 @@ declare module "@auth/core/jwt" {
 
 ### Client Side
 
-The `RefreshAccessTokenError` error that is caught in the `refreshAccessToken()` method is passed to the client. This means that you can direct the user to the sign-in flow if we cannot refresh their token.
+The `RefreshAccessTokenError` error that is caught in the `refreshAccessToken()` method is passed to the client. This means that you can direct the user to the sign-in flow if we cannot refresh their token. Don't forget, calling `useSession` client-side, for example, requires your component is wrapped with the `<SessionProvider />`.
 
 We can handle this functionality as a side effect:
 
