Contributions and feedback on your experience of using this software are welcome.
This includes bug reports, feature requests, ideas, pull requests, and examples of how you have used this software.
Please see the Code of Conduct and follow any templates configured in GitHub when reporting bugs, requesting enhancements, or contributing code.
Please raise any significant new functionality or breaking change an issue for discussion before raising a Pull Request for it.
Anyone can be a contributor. Either you found a typo, or you have an awesome feature request you could implement, we encourage you to create a Pull Request.
- The latest changes are always in
main
, so please make your Pull Request against that branch. - Pull Requests should be raised for any change
- Pull Requests need approval of a core contributor before merging
- We use ESLint/Prettier for linting/formatting, so please run
npm run lint:fix
before committing to make resolving conflicts easier (VSCode users, check out this ESLint extension and this Prettier extension to fix lint and formatting issues in development) - We encourage you to test your changes, and if you have the opportunity, please make those tests part of the Pull Request
- If you add new functionality, please provide the corresponding documentation as well and make it part of the Pull Request
A quick guide on how to setup next-auth locally to work on it and test out any changes:
The dev application requires you to use npm@7
.
- Clone the repo:
git clone [email protected]:nextauthjs/next-auth.git
cd next-auth
- Install packages, set up the dev application:
npm run dev:setup
-
Populate
.env.local
:Copy
app/.env.local.example
toapp/.env.local
, and add your env variables for each provider you want to test.
NOTE: You can add any environment variables to .env.local that you would like to use in your dev app. You can find the next-auth config under
app/pages/api/auth/[...nextauth].js
.
- Start the dev application/server:
npm run dev
Your dev application will be available on http://localhost:3000
That's it! 🎉
If you need an example project to link to, you can use next-auth-example.
When running npm run dev
, you start a Next.js dev server on http://localhost:3000
, which includes hot reloading out of the box. Make changes on any of the files in src
and see the changes immediately.
NOTE: When working on CSS, you will have to manually refresh the page after changes. The reason for this is our pages using CSS are server-side rendered. (Improving this through a PR is very welcome!)
NOTE: The setup is as follows: The development application lives inside the
app
folder, and whenever you make a change to thesrc
folder in the root (where next-auth is), it gets copied intoapp
every time (gitignored), so Next.js can pick them up and apply hot reloading. This is to avoid some annoying issues with how symlinks are working with different React builds, and also to provide a super-fast feedback loop while developing core features.
If you think your custom provider might be useful to others, we encourage you to open a PR and add it to the built-in list so others can discover it much more easily! You only need to add two changes:
- Add your config:
src/providers/{provider}.js
(Make sure you use a named default export, likeexport default function YourProvider
!) - Add provider documentation:
www/docs/providers/{provider}.md
That's it! 🎉 Others will be able to discover this provider much more easily now!
You can look at the existing built-in providers for inspiration.
If you would like to contribute to an existing database adapter or help create a new one, head over to the nextauthjs/adapters repository and follow the instructions provided there.
Tests can be run with npm run test
.
Automated tests are currently crude and limited in functionality, but improvements are in development.
We use semantic-release together with Conventional Commits to automate releases. This makes the maintenance process easier and less error-prone to human error. Please study the "Conventional Commits" site to understand how to write a good commit message.
When accepting Pull Requests, make sure the following:
- Use "Squash and merge"
- Make sure you merge contributor PRs into
main
- Rewrite the commit message to conform to the
Conventional Commits
style. Check the "Recommended Scopes" section for further advice. - Optionally link issues the PR will resolve (You can add "close" in front of the issue numbers to close the issues automatically, when the PR is merged.
semantic-release
will also comment back to connected issues and PRs, notifying the users that a feature is added/bug fixed, etc.)
A typical conventional commit looks like this:
type(scope): title
body
Scope is the part that will help grouping the different commit types in the release notes.
Some recommended scopes are:
- provider - Provider related changes. (eg.: "feat(provider): add X provider", "docs(provider): fix typo in X documentation"
- adapter - Adapter related changes. (eg.: "feat(adapter): add X provider", "docs(provider): fix typo in X documentation"
- db - Database related changes. (eg.: "feat(db): add X database", "docs(db): fix typo in X documentation"
- deps - Adding/removing/updating a dependency (eg.: "chore(deps): add X")
NOTE: If you are not sure which scope to use, you can simply ignore it. (eg.: "feat: add something"). Adding the correct type already helps a lot when analyzing the commit messages.
Every commit that contains [skip release] or [release skip] in their message will be excluded from the commit analysis and won't participate in the release type determination. This is useful, if the PR being merged should not trigger a new npm
release.