lowfront / next-auth-firestore-adapter-example Goto Github PK

Hello again :-)
I found the removeExpriedSessions function in the firebase-server.ts file

removeExpriedSessions says " // Expired session deletion function, used for cron or api"

But i cant find the cron job or api call? I guess i'm supposed to develop that? is there a suggested implementation method?

Also i found the refreshAccessToken function in https://next-auth.js.org/tutorials/refresh-token-rotation

but it's also not referenced or called anywhere - the tutorial has it called in the JWT callback but we don't use that callback since we're persisting to firestore right? So is there a suggested implementation for either of these?

Thank you,
Alex

export async function removeExpiredSessions(
  limit: number = 100,
  asyncMax: number = 30
) {
  // Expired session deletion function, used for cron or api
  const adapter = FirebaseAdapter(db);

  const q = db
    .collection(`${ADAPTER_COLLECTION_NAME}/auth_store/session`)
    .where("expires", "<", new Date())
    .limit(limit);
  const expiredSessionDocs = await findMany(q);
  await asyncMap(
    expiredSessionDocs.map(
      (doc) => () =>
        adapter.deleteSession(doc.data().sessionToken) as Promise<void>
    ),
    asyncMax
  );
}

Hello, thank you for putting this important example together!

my app will use tokens from two different providers - google and github to make different calls.

With google I will initially log the user in with their Profile scope and later I will upgrade their scope to get the API we need access to.

Can you explain a little how this should work?

After running your example Im getting an error that the user cannot access the data - if i open up the access rules, then they can.

I've spent a couple of days on this already TBH and still cant figure out how to get the tokens to the user or how to auth the user to write to the database with the rules locked down properly.

thank you!!