Adapters 在 NextAuth 中的用途是什么?

huangapple go评论69阅读模式
英文:

What is the use of Adapters in NextAuth?

问题

我正在尝试使用next-auth和prisma来实现注册/登录功能。

我的模型如下:

model User {
  id             String    @id @default(auto()) @map("_id") @db.ObjectId
  name           String?
  email          String?   @unique
  hashedPassword String?
  createdAt      DateTime  @default(now())
  updatedAt      DateTime  @updatedAt
}

NextAuth的选项如下:

import bcrypt from "bcrypt";
import NextAuth, { AuthOptions } from "next-auth";
import CredentialsProvider from "next-auth/providers/credentials";
import { PrismaAdapter } from "@auth/prisma-adapter";

import client from "@/app/lib/prisma";
import { Adapter } from "next-auth/adapters";

export const authOptions: AuthOptions = {
  adapter: PrismaAdapter(client) as Adapter,
  providers: [
    CredentialsProvider({
      name: "credentials",
      credentials: {
        email: { label: "email", type: "text" },
        password: { label: "password", type: "password" },
      },
      async authorize(credentials) {
        if (!credentials?.email || !credentials?.password) {
          throw new Error("Invalid credentials");
        }

        const user = await client.user.findUnique({
          where: {
            email: credentials.email,
          },
        });

        if (!user || !user?.hashedPassword) {
          throw a Error("Invalid credentials");
        }

        const isCorrectPassword = await bcrypt.compare(
          credentials.password,
          user.hashedPassword
        );

        if (!isCorrectPassword) {
          throw new Error("Invalid credentials");
        }

        return user;
      },
    }),
  ],
};

const handler = NextAuth(authOptions);

export { handler as GET, handler as POST };

即使删除适配器行,我仍然能够在数据库中创建新用户,因为我已经导入了prisma客户端。我的问题是为什么我们应该使用适配器?它如何帮助开发人员?

适配器在NextAuth中充当了一个桥梁的角色,它将NextAuth与不同的数据存储引擎(例如Prisma、MongoDB、MySQL等)连接起来。使用适配器的主要好处如下:

  1. 灵活性: 使用适配器,您可以轻松地更改或切换数据存储引擎,而无需更改应用程序的身份验证逻辑。这为开发人员提供了更大的灵活性,可以根据需要选择适当的数据库。

  2. 抽象数据存储细节: 适配器屏蔽了底层数据库的细节,使开发人员能够专注于编写身份验证逻辑,而不必担心与不同数据库系统的交互方式。这简化了开发过程。

  3. 社区支持: NextAuth社区通常会提供适配器,用于与常见的数据库系统进行集成。这意味着您可以利用已有的适配器,而不必从头开始编写与特定数据库的集成代码。

总之,使用适配器可以提高应用程序的可维护性、可扩展性和灵活性,使开发人员能够更轻松地管理身份验证和用户数据的存储。它有助于将身份验证逻辑与底层数据存储分离,使代码更清晰且易于维护。

英文:

I am playing around with next-auth and prisma trying to implement register/login functionality.
My schema is

model User {
id             String    @id @default(auto()) @map("_id") @db.ObjectId
name           String?
email          String?   @unique
hashedPassword String?
createdAt      DateTime  @default(now())
updatedAt      DateTime  @updatedAt
}

Nextauth options are:

import bcrypt from "bcrypt";
import NextAuth, { AuthOptions } from "next-auth";
import CredentialsProvider from "next-auth/providers/credentials";
;
import { PrismaAdapter } from "@auth/prisma-adapter";
import client from "@/app/lib/prisma";
import { Adapter } from "next-auth/adapters";
export const authOptions: AuthOptions = {
adapter: PrismaAdapter(client) as Adapter,
providers: [
CredentialsProvider({
name: "credentials",
credentials: {
email: { label: "email", type: "text" },
password: { label: "password", type: "password" },
},
async authorize(credentials) {
if (!credentials?.email || !credentials?.password) {
throw new Error("Invalid credentials");
}
const user = await client.user.findUnique({
where: {
email: credentials.email,
},
});
if (!user || !user?.hashedPassword) {
throw new Error("Invalid credentials");
}
const isCorrectPassword = await bcrypt.compare(
credentials.password,
user.hashedPassword
);
if (!isCorrectPassword) {
throw new Error("Invalid credentials");
}
return user;
},
}),
],
const handler = NextAuth(authOptions);
export { handler as GET, handler as POST };

I am able to create new user in my database even if remove the adapter line because I am already importing prisma client. My query is why should we use an adapter ? how does it help the developer ?

答案1

得分: 1

NextAuth.js 中,适配器扮演着重要的角色,它充当了 NextAuth.js 与你的数据库之间的桥梁,负责管理与身份验证相关的重要任务。

当你提到即使没有适配器,仍然可以在数据库中创建一个新用户时,这是因为你直接使用了 Prisma 客户端。虽然这让你可以与数据库交互,但它不会负责管理会话或 OAuth 帐户,并且不会像使用适配器那样与 NextAuth.js 整合。

适配器负责在用户首次登录时将新用户存储到数据库中。如果同一用户再次登录,适配器会从数据库中获取用户的信息。此外,如果用户通过 OAuth 提供程序(如GitHub、Google或Facebook)登录,适配器会将这些OAuth帐户链接到用户帐户。

英文:

In NextAuth.js, an adapter performs a key role as it serves as a bridge between NextAuth.js and your database, it manages important tasks related to authentication.

When you mention that you can still create a new user in the database even without the adapter, this is because you're directly using the Prisma client. While this lets you interact with your database, it won't take care of managing sessions or OAuth accounts, and it won't integrate with NextAuth.js in the way that using the adapter does.

The adapter takes care of storing a new user in the database when they log in for the first time. If the same user logs in again, the adapter fetches the user's information from the database. Also, if users are logging in through OAuth providers (like GitHub, Google, or Facebook), the adapter links these OAuth accounts to a user account.

huangapple
  • 本文由 发表于 2023年7月13日 19:33:16
  • 转载请务必保留本文链接:https://go.coder-hub.com/76678908.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定