feat!: Next breaking change (#266)

* Usercontext change (#246)

* Add logic to use Session recipe with JWTs

* Change recipeImplementation functions to normal javascript functions

* Change recipeImplementation function format

* Add config tests

* Add binds when calling originalImplementation functions

* Change recipeImplementation to be a function that returns recipe interface

* Refactor

* Add binds to recipe implementation, adds override tests

* Add some unit tests

* Update logic for Session with JWT implementation

* Add new session class for using Session recipe with JWT recipe, and update recipe implementation to use new session class where required

* Refactor based on PR review

* Make JWT recipe in Session recipe class def optional

* Refactor based on PR review

* Allow custom key for jwt in access token payload

* Update package version

* Update CHANGELOG

* Export JWT functions from SessionWrapper export

* Refactor to use jsonwebtoken

* Add iss claim to jwt payload when creating a session

* Refactor config

* Update package version

* Update session class to use arrow functions

* Refactor based on PR comments

* Add tests for sub and iss claims

* Add tests

* Add getPropertyNameFromAccessTokenPayload to config to allow users to handle changing jwt property name overtime

* Add tests

* Update session class

* Update session class

* Refactor based on PR comments

* Refactor based on PR comments

* Add code comments

* Add tests

* Refactor update access token payload logic for session class

* Add tests for _jwtPName

* Add tests for session class

* Refactor code

* Update tests

* Add querier check to session override tests

* Update session class and recipe implementation logic to use a common function

* Fix sessionClass code

* Refactor function name for adding JWT to access token payload

* adds check for negative jwt expiry when updating it

* Fix logic for update access token payload when the new payload is undefined, and add tests

* Fix logic for update access token payload when the new payload is undefined, and add tests

* Add null check for access token payload when creating a session

* Add playground sample for Session init with jwt

* adds skeleton and types for passwordless

* adds passwordless to with-typescript

* adds API paths in passwordless constants fil

* finishes normalising app

* small change

* makes text message sending function compulsory

* implements validate email ID default function

* implements recipe interface

* implements API interface implementation

* implements API input parsing

* adds logic for sending of email / sms

* adds validation of email and phoneNumber in createCode API

* removes a done todo

* adds helper function to manually create magic links

* exposes manually usable functions from passwordless recipe

* adds preAuthSessionId to magic link as well

* fixes a bug with user type

* removes USER_INPUT_CODE_ALREADY_USED_ERROR as a possible output from createCode recipe function

* uncomments code that are due to bugs in the core

* removes console log

* small change to recipe interface

* resets passwordless recipe between each test

* adds resendCode recipe function test

* removes .only and adds another small test

* more tests

* adds test todos

* adds phone number validation logic based on regex

* Refactor integration test server to allow for configuring session recipe to use JWT conditionally

* Fixes for frontend integration server

* adds more test todos

* small change with recipe interface type

* small types change

* fixes issue with consumeCodePOST API output

* fixes a bug

* adds missing API check

* renames resendCode to createNewCodeForDevice

* changes checking of device info in resend code APi

* adds phone number validation and normilising

* Adds passwordless tests (#225)

* starts consumeCodeAPI tests

* fixs

* fixs

* adds tests

* adds expired userInputCode test

* adds create codeAPI test

* adds createCodeAPI tests with phone

* adds magicURL test

* email existsAPI test

* adds phoneNumberAPI tests

* adds resendCodeAPI test

* adds remaining resendCodeAPI test

* adds missing fields consumeCode API test

* adds check to not run passwordless tests if less than required CDI version

* fixs test

* adds phone contact method config tests

* adds contactMethod email tests

* adds more tests

* adds remaining config tests

* adds basic overriding test

* adds udpateUser test

* adds revokeCode test

* adds remaining recipeFunction tests

* implements feedback

* adds passwordless tests

* fixs test

* fixs function

* removes unnecessary variable

* updates fdi version

* Add open id recipe and change session recipe to use open id instead of jwt directly (#226)

* Add open id recipe

* Refactor existing tests

* Refactor openid recipe config and add tests

* Add api and override tests

* Make cors origin header * for getJWKS and open id discovery endpoints

* Refactor based on PR comments

* Move logic of adding iss claim to open id recipe

* Update tests

* Update logic for default issuer and add test for init with gateway path

* Refactor based on PR comments

* Add null check for payload in open id createJWT

* adds 1.11 as FDI

Co-authored-by: Rishabh <[email protected]>

* adds preAuthSessionId as an input to consumeCode and removes it from the output

* Passwordless test changes (#228)

* fixs some tests

* fixs

* updates CHANGELOG.md

* adds integration tests changes (#229)

Co-authored-by: Rishabh <[email protected]>

* makes userContext part of the input object

* makes changes to all types and to emailpassword recipe

* makes changes to emailverification recipe

* removes unnecessary type param

* removes unnecessary type param

* adds context for jwt and openid recipe as well

* adds userContext everywhere

* fixes a bug

* fixes a bug

* adds basic userContext test

* adds missing context passing

* adds missing userContext

* adds missing userContext

* adds missing userContext

* removes userContext from session container interface

Co-authored-by: Nemi Shah <[email protected]>
Co-authored-by: Rishabh <[email protected]>
Co-authored-by: Joel Coutinho <[email protected]>

* Bump follow-redirects from 1.14.6 to 1.14.7 in /test/auth-react-server (#245)

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.14.6...v1.14.7)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump follow-redirects from 1.14.4 to 1.14.7 (#243)

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.4 to 1.14.7.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.14.4...v1.14.7)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump next from 11.0.0 to 11.1.3 (#227)

Bumps [next](https://github.com/vercel/next.js) from 11.0.0 to 11.1.3.
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v11.0.0...v11.1.3)

---
updated-dependencies:
- dependency-name: next
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump validator from 13.6.0 to 13.7.0 (#206)

Bumps [validator](https://github.com/validatorjs/validator.js) from 13.6.0 to 13.7.0.
- [Release notes](https://github.com/validatorjs/validator.js/releases)
- [Changelog](https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md)
- [Commits](validatorjs/validator.js@13.6.0...13.7.0)

---
updated-dependencies:
- dependency-name: validator
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* adds user context to session class functions (#255)

* feat: adds user context to session class functions and adds a new recipe interface function to session recipe

Co-authored-by: Rishabh <[email protected]>

* adds missing userContext passing

* exposes regenerateAccessToken to the user via session/index.ts file

* adds user context to social provider definitions too

Co-authored-by: Nemi Shah <[email protected]>
Co-authored-by: Rishabh <[email protected]>
Co-authored-by: Joel Coutinho <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: 5 people

CHANGELOG.md

@@ -6,8 +6,21 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html)
 .
 
+## [9.0.0] - 2022-02-20
+
+### Breaking Change
+
+-   Adds user context to all functions exposed to the user, and to API and Recipe interface functions.
+-   Returns session from API interface functions that create a session
+
+### Change:
+
+-   Uses recipe interface inside session class so that any modification to those get reflected in the session class functions too.
+
 ## [8.6.1] - 2022-02-09
 
+### Refactor
+
 -   Removes unused property from session recipe
 
 ## [8.6.0] - 2022-01-31
@@ -21,6 +34,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 -   Adds ability to give a path for each of the hostnames in the connectionURI: https://github.com/supertokens/supertokens-node/issues/252
 -   add workflow to verify if pr title follows conventional commits
+-   Added `regenerateAccessToken` as a new recipe function for the session recipe.
+
+### Breaking changes:
+
+-   Allows passing of custom user context everywhere: https://github.com/supertokens/supertokens-node/issues/215
+-   Returns session object from API interface functions which create a new session: https://github.com/supertokens/supertokens-node/issues/215
 
 ## [8.5.0] - 2022-01-14
 

lib/build/recipe/emailpassword/api/emailExists.js

@@ -60,7 +60,7 @@ function emailExists(apiImplementation, options) {
                 message: "Please provide the email as a GET param",
             });
         }
-        let result = yield apiImplementation.emailExistsGET({ email, options });
+        let result = yield apiImplementation.emailExistsGET({ email, options, userContext: {} });
         utils_1.send200Response(options.res, result);
         return true;
     });

lib/build/recipe/emailpassword/api/generatePasswordResetToken.js

@@ -58,7 +58,7 @@ function generatePasswordResetToken(apiImplementation, options) {
             options.config.resetPasswordUsingTokenFeature.formFieldsForGenerateTokenForm,
             (yield options.req.getJSONBody()).formFields
         );
-        let result = yield apiImplementation.generatePasswordResetTokenPOST({ formFields, options });
+        let result = yield apiImplementation.generatePasswordResetTokenPOST({ formFields, options, userContext: {} });
         utils_1.send200Response(options.res, result);
         return true;
     });

lib/build/recipe/emailpassword/api/implementation.js

@@ -34,46 +34,50 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const session_1 = require("../../session");
 function getAPIImplementation() {
     return {
-        emailExistsGET: function ({ email, options }) {
+        emailExistsGET: function ({ email, options, userContext }) {
             return __awaiter(this, void 0, void 0, function* () {
-                let user = yield options.recipeImplementation.getUserByEmail({ email });
+                let user = yield options.recipeImplementation.getUserByEmail({ email, userContext });
                 return {
                     status: "OK",
                     exists: user !== undefined,
                 };
             });
         },
-        generatePasswordResetTokenPOST: function ({ formFields, options }) {
+        generatePasswordResetTokenPOST: function ({ formFields, options, userContext }) {
             return __awaiter(this, void 0, void 0, function* () {
                 let email = formFields.filter((f) => f.id === "email")[0].value;
-                let user = yield options.recipeImplementation.getUserByEmail({ email });
+                let user = yield options.recipeImplementation.getUserByEmail({ email, userContext });
                 if (user === undefined) {
                     return {
                         status: "OK",
                     };
                 }
-                let response = yield options.recipeImplementation.createResetPasswordToken({ userId: user.id });
+                let response = yield options.recipeImplementation.createResetPasswordToken({
+                    userId: user.id,
+                    userContext,
+                });
                 if (response.status === "UNKNOWN_USER_ID_ERROR") {
                     return {
                         status: "OK",
                     };
                 }
                 let passwordResetLink =
-                    (yield options.config.resetPasswordUsingTokenFeature.getResetPasswordURL(user)) +
+                    (yield options.config.resetPasswordUsingTokenFeature.getResetPasswordURL(user, userContext)) +
                     "?token=" +
                     response.token +
                     "&rid=" +
                     options.recipeId;
                 try {
                     if (!options.isInServerlessEnv) {
                         options.config.resetPasswordUsingTokenFeature
-                            .createAndSendCustomEmail(user, passwordResetLink)
+                            .createAndSendCustomEmail(user, passwordResetLink, userContext)
                             .catch((_) => {});
                     } else {
                         // see https://github.com/supertokens/supertokens-node/pull/135
                         yield options.config.resetPasswordUsingTokenFeature.createAndSendCustomEmail(
                             user,
-                            passwordResetLink
+                            passwordResetLink,
+                            userContext
                         );
                     }
                 } catch (_) {}
@@ -82,41 +86,47 @@ function getAPIImplementation() {
                 };
             });
         },
-        passwordResetPOST: function ({ formFields, token, options }) {
+        passwordResetPOST: function ({ formFields, token, options, userContext }) {
             return __awaiter(this, void 0, void 0, function* () {
                 let newPassword = formFields.filter((f) => f.id === "password")[0].value;
-                let response = yield options.recipeImplementation.resetPasswordUsingToken({ token, newPassword });
+                let response = yield options.recipeImplementation.resetPasswordUsingToken({
+                    token,
+                    newPassword,
+                    userContext,
+                });
                 return response;
             });
         },
-        signInPOST: function ({ formFields, options }) {
+        signInPOST: function ({ formFields, options, userContext }) {
             return __awaiter(this, void 0, void 0, function* () {
                 let email = formFields.filter((f) => f.id === "email")[0].value;
                 let password = formFields.filter((f) => f.id === "password")[0].value;
-                let response = yield options.recipeImplementation.signIn({ email, password });
+                let response = yield options.recipeImplementation.signIn({ email, password, userContext });
                 if (response.status === "WRONG_CREDENTIALS_ERROR") {
                     return response;
                 }
                 let user = response.user;
-                yield session_1.default.createNewSession(options.res, user.id, {}, {});
+                let session = yield session_1.default.createNewSession(options.res, user.id, {}, {}, userContext);
                 return {
                     status: "OK",
+                    session,
                     user,
                 };
             });
         },
-        signUpPOST: function ({ formFields, options }) {
+        signUpPOST: function ({ formFields, options, userContext }) {
             return __awaiter(this, void 0, void 0, function* () {
                 let email = formFields.filter((f) => f.id === "email")[0].value;
                 let password = formFields.filter((f) => f.id === "password")[0].value;
-                let response = yield options.recipeImplementation.signUp({ email, password });
+                let response = yield options.recipeImplementation.signUp({ email, password, userContext });
                 if (response.status === "EMAIL_ALREADY_EXISTS_ERROR") {
                     return response;
                 }
                 let user = response.user;
-                yield session_1.default.createNewSession(options.res, user.id, {}, {});
+                let session = yield session_1.default.createNewSession(options.res, user.id, {}, {}, userContext);
                 return {
                     status: "OK",
+                    session,
                     user,
                 };
             });

lib/build/recipe/emailpassword/api/passwordReset.js

@@ -72,7 +72,7 @@ function passwordReset(apiImplementation, options) {
                 message: "The password reset token must be a string",
             });
         }
-        let result = yield apiImplementation.passwordResetPOST({ formFields, token, options });
+        let result = yield apiImplementation.passwordResetPOST({ formFields, token, options, userContext: {} });
         utils_1.send200Response(
             options.res,
             result.status === "OK"

lib/build/recipe/emailpassword/api/signin.js

@@ -58,8 +58,15 @@ function signInAPI(apiImplementation, options) {
             options.config.signInFeature.formFields,
             (yield options.req.getJSONBody()).formFields
         );
-        let result = yield apiImplementation.signInPOST({ formFields, options });
-        utils_1.send200Response(options.res, result);
+        let result = yield apiImplementation.signInPOST({ formFields, options, userContext: {} });
+        if (result.status === "OK") {
+            utils_1.send200Response(options.res, {
+                status: "OK",
+                user: result.user,
+            });
+        } else {
+            utils_1.send200Response(options.res, result);
+        }
         return true;
     });
 }

lib/build/recipe/emailpassword/api/signup.js

@@ -59,9 +59,12 @@ function signUpAPI(apiImplementation, options) {
             options.config.signUpFeature.formFields,
             (yield options.req.getJSONBody()).formFields
         );
-        let result = yield apiImplementation.signUpPOST({ formFields, options });
+        let result = yield apiImplementation.signUpPOST({ formFields, options, userContext: {} });
         if (result.status === "OK") {
-            utils_1.send200Response(options.res, result);
+            utils_1.send200Response(options.res, {
+                status: "OK",
+                user: result.user,
+            });
         } else {
             throw new error_1.default({
                 type: error_1.default.FIELD_ERROR,

lib/build/recipe/emailpassword/index.d.ts

@@ -7,7 +7,8 @@ export default class Wrapper {
     static Error: typeof SuperTokensError;
     static signUp(
         email: string,
-        password: string
+        password: string,
+        userContext?: any
     ): Promise<
         | {
               status: "OK";
@@ -19,7 +20,8 @@ export default class Wrapper {
     >;
     static signIn(
         email: string,
-        password: string
+        password: string,
+        userContext?: any
     ): Promise<
         | {
               status: "OK";
@@ -29,10 +31,11 @@ export default class Wrapper {
               status: "WRONG_CREDENTIALS_ERROR";
           }
     >;
-    static getUserById(userId: string): Promise<User | undefined>;
-    static getUserByEmail(email: string): Promise<User | undefined>;
+    static getUserById(userId: string, userContext?: any): Promise<User | undefined>;
+    static getUserByEmail(email: string, userContext?: any): Promise<User | undefined>;
     static createResetPasswordToken(
-        userId: string
+        userId: string,
+        userContext?: any
     ): Promise<
         | {
               status: "OK";
@@ -44,7 +47,8 @@ export default class Wrapper {
     >;
     static resetPasswordUsingToken(
         token: string,
-        newPassword: string
+        newPassword: string,
+        userContext?: any
     ): Promise<
         | {
               status: "OK";
@@ -58,11 +62,13 @@ export default class Wrapper {
         userId: string;
         email?: string;
         password?: string;
+        userContext?: any;
     }): Promise<{
         status: "OK" | "EMAIL_ALREADY_EXISTS_ERROR" | "UNKNOWN_USER_ID_ERROR";
     }>;
     static createEmailVerificationToken(
-        userId: string
+        userId: string,
+        userContext?: any
     ): Promise<
         | {
               status: "OK";
@@ -73,22 +79,25 @@ export default class Wrapper {
           }
     >;
     static verifyEmailUsingToken(
-        token: string
+        token: string,
+        userContext?: any
     ): Promise<
         | {
               status: "EMAIL_VERIFICATION_INVALID_TOKEN_ERROR";
           }
         | User
         | undefined
     >;
-    static isEmailVerified(userId: string): Promise<boolean>;
+    static isEmailVerified(userId: string, userContext?: any): Promise<boolean>;
     static revokeEmailVerificationTokens(
-        userId: string
+        userId: string,
+        userContext?: any
     ): Promise<{
         status: "OK";
     }>;
     static unverifyEmail(
-        userId: string
+        userId: string,
+        userContext?: any
     ): Promise<{
         status: "OK";
     }>;