From fc4bbdc3c845aba2f2e339872917c6d7358c0b2d Mon Sep 17 00:00:00 2001 From: Patrick Sletvold <16patsle@users.noreply.github.com> Date: Sun, 22 Dec 2024 03:35:09 +0100 Subject: [PATCH 1/3] chore(docs): more explicit about redirect proxy setup in stable environment (#12312) Co-authored-by: Nico Domino --- docs/pages/getting-started/deployment.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/pages/getting-started/deployment.mdx b/docs/pages/getting-started/deployment.mdx index 13a4c7684e..ce58bb87fb 100644 --- a/docs/pages/getting-started/deployment.mdx +++ b/docs/pages/getting-started/deployment.mdx @@ -168,7 +168,7 @@ Most OAuth providers cannot be configured with multiple callback URLs or using a However, Auth.js **supports Preview deployments**, even **with OAuth providers**. The idea is to have one deployment which proxies authentication requests to the dynamic URLs of your main application. So you could have 1 stable deployment, like at `auth.company.com` where you would point all your OAuth provider's `callbackUrl`s, and this application would then, upon successful authentication, redirect the user back to the preview deploy URL, like `https://git-abc123-myapp.vercel.app`. Follow these steps to get started with securing preview deploys with Auth.js. 1. Determine a stable deployment URL. For example, a deployment whose URL does not change between builds, for example. `auth.yourdomain.com` (using a subdomain is not a requirement, this can be the main site's URL too, for example.) -2. In both the preview and stable environment, set `AUTH_REDIRECT_PROXY_URL` to that stable deployment URL, including the path from where Auth.js handles the routes. Eg.: (`https://auth.yourdomain.com/api/auth`) +2. In **both the preview and stable environment**, set `AUTH_REDIRECT_PROXY_URL` to that stable deployment URL, including the path from where Auth.js handles the routes. Eg.: (`https://auth.yourdomain.com/api/auth`). If the variable is not set in the stable environment, the proxy functionality will not be enabled! 3. Update the `callbackUrl` in your OAuth provider's configuration to use the stable deployment URL. For example, for GitHub it would be `https://auth.yourdomain.com/api/auth/callback/github`. Fun fact: all of our example apps are using the proxy functionality! From ab825bbe0dc3c08922ea40f23fb68649bf040446 Mon Sep 17 00:00:00 2001 From: Olivier DULCY <43931730+odulcy@users.noreply.github.com> Date: Sun, 22 Dec 2024 03:36:56 +0100 Subject: [PATCH 2/3] chore(docs): clarify parts of svelte documentation (#12251) Co-authored-by: Olivier Dulcy --- .../frameworks-sveltekit/src/lib/index.ts | 23 +++++++++++-------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/packages/frameworks-sveltekit/src/lib/index.ts b/packages/frameworks-sveltekit/src/lib/index.ts index e1007b4719..532ca2149d 100644 --- a/packages/frameworks-sveltekit/src/lib/index.ts +++ b/packages/frameworks-sveltekit/src/lib/index.ts @@ -65,12 +65,14 @@ * * ### Server-side * - * `` and `` are components that `@auth/sveltekit` provides out of the box - they handle the sign-in/signout flow, and can be used as-is as a starting point or customized for your own components. This is an example of how to use the `SignIn` and `SignOut` components to login and logout using SvelteKit's server-side form actions. You will need two things to make this work: + * `` and `` are components that `@auth/sveltekit` provides out of the box - they handle the sign-in/signout flow, and can be used as-is as a starting point or customized for your own components. This is an example of how to use the `SignIn` and `SignOut` components to login and logout using SvelteKit's server-side form actions. Another example is available on [our svelte-auth-example repo](https://github.com/nextauthjs/sveltekit-auth-example). * - * 1. Using the components in your SvelteKit app's frontend + * You will need two things to make this work: + * + * 1. Using the components in your SvelteKit app's frontend (for instance `src/routes/+page.svelte`) * 2. Add the required `page.server.ts` at `/signin` (for `SignIn`) and `/signout` (for `SignOut`) to handle the form actions * - * ```ts + * ```ts title="src/routes/+page.svelte" * * *