What is the correct way to use next-auth with Google OAuth and users stored in the database? I'm new to this, confused, and need some help.

[lumenwrites]

Hi! I'm new to next-auth, and I'm looking for some help.

I have added the Google OAuth provider, and now when I run signIn("google") function on the frontend, it automatically takes me to the google's login page, and logs me in, somehow, without ever touching my database.

When the google authentication is complete, I need to be able to create a new user in my database, or retrieve the existing one if they have already signed up before (because I need to store all kinds of custom information about the user, not just their email).

And I want to make user's information available on the session object from useSession()hook. Right now I'm seeing some kind of default user info (with name, email, and image field which I didn't define).

When I was using a regular Express server and Passport, the code looked kinda like this:

const googleAuth = new GoogleStrategy(
  {
    clientID: process.env.GOOGLE_CLIENT_ID,
    clientSecret: process.env.GOOGLE_CLIENT_SECRET,
    callbackURL: "/api/v1/profiles/google/callback",
  },
  async (req, accessToken, refreshToken, profile, done) => {
    const existingProfile = await Profile.findOne({ email: profile.emails[0].value })
    /* Found user, return him and move along. */
    if (existingProfile) return done(null, existingProfile)

    /* Haven't found profile with this googleId, create a new one. */
    const newProfile = await new Profile({
      googleId: profile.id,
      email: profile.emails[0].value,
    })
    newProfile.save()

    done(null, newProfile)
  }
)

So I would still be creating the users in my database, and retrieving their information on log in, so that I could send it to the client.

Where does this kind of code supposed to go when I'm using the serverless next-auth?

And a second, but kind of related question - what's that default user object that gets provided to me in the session object? The one with the name, email, and image fields that next-auth seems to create for me? How can I make it use the user object I'm returning from my database instead?

(I've done my best to look through the tutorials and examples, but couldn't find one that explains this clearly.)

[balazsorban44]

Without defining an adapter, next-auth defaults to store user data in a JWT in a session cookie.

Check out one of our database adapters https://next-auth.js.org/adapters/overview or create your own!

To control what gets sent to the client, check the session callback: https://next-auth.js.org/configuration/callbacks#session-callback

[lumenwrites]

Thank you!

The session callback worked great, I'm just getting the user from the database and attaching it to the session object, that's exactly what I wanted!

callbacks: {
   async session(session, token) {
     await dbConnect()
     const user = await User.findOne({ email: token.email })
     session.user = user.publicFields()
     return session
   }
 }

But database adapters are still confusing to me, writing a custom adapter seems way too complicated for what I want.

Now that I can take the user from the database using the session callback, all I want is to be able to sign up a user - once the google auth goes through, I want to check whether the user with this email exists in the db, and if they don't, I want to create one (I'm using mongoose, if that matters).

Do you know if there are any examples of doing this kind of thing?

I think I'm mostly confused because this seems like a very straightforward and basic thing that anyone would want to be able to do, and yet I'm having so much trouble finding the tutorials and examples, so it feels like I'm misunderstanding something....

[balazsorban44]

I think most people would go with an adapter, it abstracts away the registration/login. We have some official ones.

https://github.com/nextauthjs/adapters

Granted, they might need tweaking. I'm getting them in much better shape for the v4 release which is coming 🔜.

But you could use the signIn event https://next-auth.js.org/configuration/events#signin

[lumenwrites]

Thanks! Do you know if there's one for mongoose?

[balazsorban44]

there's going to be one for mongoDB specifically. I'm guessing if you check out the source code, it wouldn't be too hard to port it for mongoose if you have to.

nextauthjs/adapters#193

[lumenwrites]

Thank you!