tabshift/payload
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(next)!: allows auth strategies to return headers that need to be… (#6964)

Browse Source 
## Description

Some authentication strategies may need to set headers for responses,
such as updating cookies via a refresh token, and similar. This PR
extends Payload's auth strategy capabilities with a manner of
accomplishing this.

This is a breaking change if you have custom authentication strategies
in Payload's 3.0 beta. But it's a simple one to update.

Instead of your custom auth strategy returning the `user`, now you must
return an object with a `user` property.

This is because you can now also optionally return `responseHeaders`,
which will be returned by Payload API responses if you define them in
your auth strategies. This can be helpful for cases where you need to
set cookies and similar, directly within your auth strategies.

Before: 

```ts
return user
```

After:

```ts
return { user }
```
This commit is contained in:
James Mikrut
2024-06-27 17:33:25 -04:00
committed by GitHub
parent 07f3f273cd
commit 37e2da012b
14 changed files with 267 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
docs/authentication/custom-strategies.mdx
View File

@@ -33,10 +33,12 @@ The `authenticate` function is passed the following arguments:
### Example Strategy
At its core a strategy simply takes information from the incoming request and returns a user. This is exactly how Payloads built-in strategies function.
At its core a strategy simply takes information from the incoming request and returns a user. This is exactly how Payload's built-in strategies function.
Your `authenticate` method should return an object containing a Payload user document and any optional headers that you'd like Payload to set for you when we return a response.
```ts
import { CollectionConfig } from 'payload/types'
import { CollectionConfig } from 'payload'
export const Users: CollectionConfig = {
slug: 'users',
@@ -59,7 +61,18 @@ export const Users: CollectionConfig = {
},
})
return usersQuery.docs[0] || null
return {
// Send the user back to authenticate,
// or send null if no user should be authenticated
user: usersQuery.docs[0] || null,
// Optionally, you can return headers
// that you'd like Payload to set here when
// it returns the response
responseHeaders: new Headers({
'some-header': 'my header value'
})
}
}
}
]