feat(frameworks): add @auth/fastify

[hillac]

☕️ Reasoning

This PR is a port of @rexfordessilfie's @auth/express to Fastify. It uses similar translation layer with Web API Request and Response to fastify types. I opted to make it a plugin.

Implementation

• Introduce a toWebRequest helper that converts an FastifyRequest into a web
• Introduce a toFastifyReply helper that converts a web Request into an FastifyReply
• Introduce an FastifyAuth(authConfig) initializer which returns a fastify plugin function of type FastifyPluginAsync to fulfill authentication requests. Under the hood, it:
• It calls toWebRequest(request) to get a web Request
• Forwards the web request to Auth (from @auth/core) to get back a web Response
• Forwards the web response along with Fastify's reply to toFastifyReply(response, reply) to respond to fulfill the request

Tests

• Tests the toWebRequest and toFastifyReply helpers to ensure that they forward all headers, and body and in the right format (depending on content-type)
• Tests the full login flow of a credentials provider
• Tests the getSession by mocking the session

Documentation

I still haven't finished converting the express docs to fastify, just the main example is done so far.

Notes

• In the docs, I've added the trust proxy for the https issue. I've yet to test if this is actually required in fastify.

• For the async handlers, I've used return body instead of reply.send(body). I'm not sure whats preferred.

• The body is unknown type in FastifyRequest so I checked typeof req.body === 'object' && req.body !== null in encodeRequestBody. I'm not sure if this is ok. In order to test encodeUrlEncoded, I had to add checks for the body type.

• For the response tests, the fastify injector returned the body as a string, so I had to stringify the expected value in the test equality. It also added ; charset=utf-8 to the end of the content type header, so I stripped that off for the test equality. I'm not sure if this is an issue.

• @fastify/formbody might need to be a peer dependency, I'm not sure.

🧢 Checklist

• Documentation
• Tests
• Ready to be merged

🎫 Affected issues

📌 Resources

• Security guidelines
• Contributing guidelines
• Code of conduct
• Contributing to Open Source

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
auth-docs	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Oct 1, 2024 6:24am

1 Skipped Deployment

Name	Status	Preview	Comments	Updated (UTC)
next-auth-docs	⬜️ Ignored (Inspect)	Visit Preview		Oct 1, 2024 6:24am

[vercel]

@hillac is attempting to deploy a commit to the authjs Team on Vercel.

A member of the Team first needs to authorize it.

[hillac]

@ianschmitz How does this compare to the method you used?

[ianschmitz]

@ianschmitz How does this compare to the method you used?

I didn't get a chance to take it all the way to production, so I don't think I have a ton of feedback to give

[ndom91]

So first of all, thanks for contributing this! I'm working on a fastify application as we speak and had been putting off integrating Auth.js 😂

Anyway, I did some testing and it seems it's having an issue with esm/cjs and @auth/core. Error message printed when starting:

{"level":50,"time":1705315403580,"pid":1221767,"hostname":"ndo4","err":
{"type":"Error","message":"No \"exports\" main defined in /opt/ndomino/sveltekasten-
rss/node_modules/@auth/core/package.json","stack":"Error [ERR_PACKAGE_PATH_NOT_EXPORTED]: 
No \"exports\" main defined in /opt/ndomino/sveltekasten-
rss/node_modules/@auth/core/package.json\n    at __node_internal_captureLargerStackTrace 
(node:internal/errors:497:5)\n    at new NodeError (node:internal/errors:406:5)\n    at 
exportsNotFound (node:internal/modules/esm/resolve:268:10)\n    at packageExportsResolve 
(node:internal/modules/esm/resolve:542:13)\n    at resolveExports 
(node:internal/modules/cjs/loader:547:36)\n    at Module._findPath 
(node:internal/modules/cjs/loader:621:31)\n    at Module._resolveFilename 
(node:internal/modules/cjs/loader:1034:27)\n    at a._resolveFilename 
(/opt/ndomino/sveltekasten-
rss/node_modules/.pnpm/[email protected]/node_modules/tsx/dist/cjs/index.cjs:1:1729)\n    at 
Module._load (node:internal/modules/cjs/loader:901:27)\n    at Module.require 
(node:internal/modules/cjs/loader:1115:19)\n    at require 
(node:internal/modules/helpers:130:18)\n   

Looks like its trying to resolve an import via esm/resolve helper, then falling back to cjs loader and then failing.. ./node_modules/@auth/core does contain the full package and normal package.json with the export map as expected, of course theres no main export, but it should pick up the import key 🤔

My fastify application is rather simple/straightforward atm and all ESM as far as I can tell

• "type": "module" in root package.json
• using import everywhere
• Running it with tsx watch src/index.ts

Here's my entrypoint file, I've checked out your branch, built the fastify adapter and pnpm link-ed it into my project to get this:

import Fastify from "fastify"
import { dirname, join } from "path"
import { fileURLToPath } from "url"
import { updateJob } from "@jobs/cron-update"
import autoLoad from "@fastify/autoload"
import formbodyParser from "@fastify/formbody"

import GitHub from "@auth/fastify/providers/github"
import { FastifyAuth } from "@auth/fastify"

const fastify = Fastify({ logger: { level: "warn" } })
const _dirname = dirname(fileURLToPath(import.meta.url))

fastify.register(formbodyParser)

fastify.register(
  FastifyAuth({
    providers: [
      GitHub({
        clientId: process.env.GITHUB_ID,
        clientSecret: process.env.GITHUB_SECRET,
      }),
    ],
  }),
  { prefix: "/api/auth" },
)

fastify.register(autoLoad, {
  dir: join(_dirname, "routes"),
})

fastify.register(autoLoad, {
  dir: join(_dirname, "plugins"),
})
;(async function () {
  const port = process.env.PORT ? parseInt(process.env.PORT) : 8000
  try {
    await fastify.listen({ port, host: "0.0.0.0" })
    console.log(`
  🚀 Server ready at: http://0.0.0.0:${port}
  ⌛ Next cron run at: ${updateJob.nextRun()}
  `)
  } catch (err) {
    fastify.log.error(err)
    process.exit(1)
  }
})()

Am I missing anything? What did your example / development application look like and how did you run it? Maybe this is just a tsx issue 🤔

[hillac]

@ndom91 Here is a demo: https://github.com/hillac/authjs-fastify-demo
I'm not 100% if I've done the auth decorator in the idiomatic way, but it works for me. I'm on node 20.9.0.

Also, as was discussed with @auth/express, it might be nicer for users if the auth decorator is part of @auth/fastify in the plugin. I left it out for now to copy @auth/express.

[ndom91]

@hillac okay great, thanks for the repo example. Turns out I was just having some issues with the fastify autoload plugin. Seems to all work now!

[ndom91]

Regarding your question about the decorator - while I agree, we should try to get as much as possible in the plugin itself, this "authenticate" decorator seems like it would potentially be very different from user to user, no? 🤔

[ndom91]

Also looks like the toFastifyReply behaviour was correct when using an async cb - https://fastify.dev/docs/latest/Reference/Routes/#promise-resolution

[ndom91]

Checklist for us before merging:

• Create next-auth/fastify-auth-example repository
• Ensure @balazsorban44's PAT has write rights to the new repo for the sync GHA
  • Note to myself to not forget to push atleast 1 commit to the new blank repo so that the sync job works
• Add the fastify.authjs.dev subdomain to the docs Vercel project. Redirect is setup in this PR already in vercel.json
• Create Vercel project fastify-auth-example to be deployed from that separate example app repo

Did I miss anything?

CC: @ThangHuuVu

[hillac]

Is there any reason I cant do the dev app in a separate pr like was done for qwik?

[KMJ-007]

any update on this?

[songkeys]

Hi. I'd like to integrate auth.js in my fastify app and saw this PR has been frozen for months.

@hillac do you want to continue working on this? If not, I can fork this and continue the work (setting up examples etc.)

[hillac]

@songkeys feel free to make a pr to my repo and ill merge it into this pr. I have a half complete example app Ill push. I just cloned the express one and switched everything for fastify. I gave up on getting this pr through and have just been using @auth/core with the adapter from this PR directly in my project.

[songkeys]

See hillac#1

[songkeys]

@ndom91 Just added examples. Could you please take a look?

[pedroapfilho]

There are some conflicts on this PR, could you check them @hillac ?

[karltaylor]

This would be fantastic to get merged! 🙏

[hillac]

I don't know how to get the maintainer's attention. If you want to use this anytime soon you'll have to just publish your own package or copy paste it into your project as I'm doing.