Drizzle ORM support

[jerriclynsjohn]

It would be amazing to support Drizzle, it's gaining good support and has a fantastic DX. https://github.com/drizzle-team/drizzle-orm

[infamous55]

Hello! I've seen a few public repositories have their custom adapter for working with the PlanetScale driver, but I think it is a great idea to add official Drizzle ORM support into NextAuth.js/Auth.js.

I am willing to look into this and try to write an adapter that works with the supported databases. What do you think? Should I open a new issue?

[dalkommatt]

+1 for Drizzle

[infamous55]

I've read the note saying that feature requests are converted to discussions, and I decided to send updates and respond to any questions here, such that we can keep everything related to this topic in one place.

I'll follow up with a pull request once I've made enough progress.

Let me know if you have any suggestions on how I should proceed!

[infamous55]

Oh, I almost finished my implementation last night!

I've looked at your pull request, and your code doesn't seem to consider the different types of databases that Drizzle can work with. For example, SQLite flavors support the .get() method, while the others don't. When working with MySQL databases, Drizzle doesn't allow you to return the result of an insertion or an update. And the schemas are different even for drivers of the same database, like PlanetScale vs. MySQL2.

Please let me know if I misunderstood the problem!

[FieryNinja10]

@infamous55 Are you finished with the Drizzle adapter for next-auth.js? If you are please give it.

[demarchenac]

Has this drizzle-orm adapter got any work into it? Or is there any PR that we can work on to move this forward? I'll more than happy to help.

[nihil2501]

@demarchenac #7165

[iukea1]

got a planet-scale working planet-scale driver and things are running with no errors for me

[statusunknown418]

I'm having errors while trying to sign in with google, it says

[next-auth][error][adapter_error_linkAccount] 
https://next-auth.js.org/errors#adapter_error_linkaccount target: based-ytv.-.primary: vttablet: rpc error: code = InvalidArgument desc = Data too long for column 'id_token' at row 1 (errno 1406) (sqlstate 22001) (CallerID: 2a7ivs1dzgkj9c6plto9): Sql: "insert into account(userId, type, provider, providerAccountId, refresh_token, access_token, expires_at, token_type, scope, id_token, session_state) values (:vtg1 /* VARCHAR */, :vtg2 /* VARCHAR */, :vtg3 /* VARCHAR */, :vtg4 /* VARCHAR */, default, :vtg5 /* VARCHAR */, :vtg6 /* INT64 */, :vtg7 /* VARCHAR */, :vtg8 /* VARCHAR */, :vtg9 /* VARCHAR */, default)", BindVars: {REDACTED} {
  message: `target: based-ytv.-.primary: vttablet: rpc error: code = InvalidArgument desc = Data too long for column 'id_token' at row 1 (errno 1406) (sqlstate 22001) (CallerID: 2a7ivs1dzgkj9c6plto9): Sql: "insert into account(userId, type, provider, providerAccountId, refresh_token, access_token, expires_at, token_type, scope, id_token, session_state) values (:vtg1 /* VARCHAR */, :vtg2 /* VARCHAR */, :vtg3 /* VARCHAR */, :vtg4 /* VARCHAR */, default, :vtg5 /* VARCHAR */, :vtg6 /* INT64 */, :vtg7 /* VARCHAR */, :vtg8 /* VARCHAR */, :vtg9 /* VARCHAR */, default)", BindVars: {REDACTED}`,
  stack: `DatabaseError: target: based-ytv.-.primary: vttablet: rpc error: code = InvalidArgument desc = Data too long for column 'id_token' at row 1 (errno 1406) (sqlstate 22001) (CallerID: 2a7ivs1dzgkj9c6plto9): Sql: "insert into account(userId, type, provider, providerAccountId, refresh_token, access_token, expires_at, token_type, scope, id_token, session_state) values (:vtg1 /* VARCHAR */, :vtg2 /* VARCHAR */, :vtg3 /* VARCHAR */, :vtg4 /* VARCHAR */, default, :vtg5 /* VARCHAR */, :vtg6 /* INT64 */, :vtg7 /* VARCHAR */, :vtg8 /* VARCHAR */, :vtg9 /* VARCHAR */, default)", BindVars: {REDACTED}\n` +
    '    at Connection.execute (webpack-internal:///(rsc)/./node_modules/.pnpm/@planetscale+database@1.11.0/node_modules/@planetscale/database/dist/index.js:108:19)\n' +
    '    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n' +
    '    at async linkAccount (webpack-internal:///(rsc)/./node_modules/.pnpm/@auth+drizzle-adapter@0.3.2/node_modules/@auth/drizzle-adapter/lib/mysql.js:142:13)',
  name: 'DatabaseError'
}
[next-auth][error][OAUTH_CALLBACK_HANDLER_ERROR] 
https://next-auth.js.org/errors#oauth_callback_handler_error target: based-ytv.-.primary: vttablet: rpc error: code = InvalidArgument desc = Data too long for column 'id_token' at row 1 (errno 1406) (sqlstate 22001) (CallerID: 2a7ivs1dzgkj9c6plto9): Sql: "insert into account(userId, type, provider, providerAccountId, refresh_token, access_token, expires_at, token_type, scope, id_token, session_state) values (:vtg1 /* VARCHAR */, :vtg2 /* VARCHAR */, :vtg3 /* VARCHAR */, :vtg4 /* VARCHAR */, default, :vtg5 /* VARCHAR */, :vtg6 /* INT64 */, :vtg7 /* VARCHAR */, :vtg8 /* VARCHAR */, :vtg9 /* VARCHAR */, default)", BindVars: {REDACTED} DatabaseError: target: based-ytv.-.primary: vttablet: rpc error: code = InvalidArgument desc = Data too long for column 'id_token' at row 1 (errno 1406) (sqlstate 22001) (CallerID: 2a7ivs1dzgkj9c6plto9): Sql: "insert into account(userId, type, provider, providerAccountId, refresh_token, access_token, expires_at, token_type, scope, id_token, session_state) values (:vtg1 /* VARCHAR */, :vtg2 /* VARCHAR */, :vtg3 /* VARCHAR */, :vtg4 /* VARCHAR */, default, :vtg5 /* VARCHAR */, :vtg6 /* INT64 */, :vtg7 /* VARCHAR */, :vtg8 /* VARCHAR */, :vtg9 /* VARCHAR */, default)", BindVars: {REDACTED}
    at Connection.execute (webpack-internal:///(rsc)/./node_modules/.pnpm/@planetscale+database@1.11.0/node_modules/@planetscale/database/dist/index.js:108:19)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async linkAccount (webpack-internal:///(rsc)/./node_modules/.pnpm/@auth+drizzle-adapter@0.3.2/node_modules/@auth/drizzle-adapter/lib/mysql.js:142:13) {
  name: 'LinkAccountError',
  code: undefined
}

I think someone else mentioned this on another issue but it hasn't been solved yet

[statusunknown418]

follow up, the user seems to be created in the DB after signing in, however the error log shows and there's no redirect to main page

[statusunknown418]

update 2:
Found a fix

// ... 
id_token: varchar('id_token', { length: 2555 })

the column is now 10x bigger so it should continue working

[iukea1]

Checking this out tonight

[ryanzoleta]

This also works:

id_token: text('id_token'),

In the Prisma Adapter (for MySQL), id_token is set to Text, so I'm guessing it should be the same for Drizzle

[ramoneres]

Anyone having issues with adding extra columns to the user model and then getting drizzle to save/retrieve that data?

According to the docs it should be as simple as adding a new column to the schema and return the data from the profile() option.

https://authjs.dev/guides/basics/role-based-access-control#with-database

It should then be available in the user object in the session callback.

Yet nothing happens when you return something from the profile function, nor is the property on the user in the session callback.

Works fine with prisma.

[skusez]

econorapters solution worked for me with mysql & planetscale
@fecony did you extend the type for DefaultUser?

typescript HATES this but it's working for me

import { DrizzleAdapter } from "@auth/drizzle-adapter";
import { type MySqlTableFn } from "drizzle-orm/mysql-core";
import {
  getServerSession,
  type DefaultSession,
  type NextAuthOptions,
  type DefaultUser,
} from "next-auth";
import DiscordProvider from "next-auth/providers/discord";

import { env } from "~/env";
import { db } from "~/server/db";
import {
  type UserRole,
  mysqlTable,
  users,
  accounts,
  sessions,
  verificationTokens,
} from "~/server/db/schema";

/**
 * Module augmentation for `next-auth` types. Allows us to add custom properties to the `session`
 * object and keep type safety.
 *
 * @see https://next-auth.js.org/getting-started/typescript#module-augmentation
 */

declare module "next-auth" {
  interface Session extends DefaultSession {
    user: {
      id: string;
      wallet?: `0x${string}`;
      role: UserRole;
    } & DefaultSession["user"];
  }

  interface User extends DefaultUser {
    // ...other properties
    role: UserRole;
    wallet?: `0x${string}`;
  }
}

/**
 * Options for NextAuth.js used to configure adapters, providers, callbacks, etc.
 *
 * @see https://next-auth.js.org/configuration/options
 */

// eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore
const dumbAdapter: MySqlTableFn = (name, columns, extraConfig) => {
  switch (name) {
    case "user":
      return users;
    case "account":
      return accounts;
    case "session":
      return sessions;
    case "verification_token":
      return verificationTokens;
    default:
      return mysqlTable(name, columns, extraConfig);
  }
};

export const authOptions: NextAuthOptions = {
  callbacks: {
    session: ({ session, user }) => {
      console.log({ session });
      return {
        ...session,
        user: {
          ...session.user,
          id: user.id,
          wallet: user.wallet,
          role: user.role,
        },
      };
    },
  },
  // eslint-disable-next-line @typescript-eslint/ban-ts-comment
  // @ts-ignore
  adapter: DrizzleAdapter(db, dumbAdapter),
  providers: [
    DiscordProvider({
      clientId: env.DISCORD_CLIENT_ID,
      clientSecret: env.DISCORD_CLIENT_SECRET,
    }),

    /**
     * ...add more providers here.
     *
     * Most other providers require a bit more work than the Discord provider. For example, the
     * GitHub provider requires you to add the `refresh_token_expires_in` field to the Account
     * model. Refer to the NextAuth.js docs for the provider you want to use. Example:
     *
     * @see https://next-auth.js.org/providers/github
     */
  ],
};

/**
 * Wrapper for `getServerSession` so that you don't need to import the `authOptions` in every file.
 *
 * @see https://next-auth.js.org/configuration/nextjs
 */
export const getServerAuthSession = () => getServerSession(authOptions);

[fecony]

@skusez yes I added new param in interface, my code also looked this way but didn't work
so fat it requires package to just work and not make those hacks... 😭

[KrisTemmerman]

Worked like a charm for me ! Thanks!

[mirus-ua]

Indeed, @skusez's method works, but do we have a chance to avoid violating types and not recreate the adapter locally?

[d1nocan]

Thank you @skusez . This is the solution I made for sqlite by adding types to skusez's solution.

...
type TableFnParams = Parameters<MySqlTableFn>;
function dumbAdapter (
  name: TableFnParams[0],
  columns: TableFnParams[1],
  extraConfig: TableFnParams[2],
) {
  switch (name) {
    case "user":
      return users;
    case "account":
      return accounts;
    case "session":
      return sessions;
    case "verification_token":
      return verificationTokens;
    default:
      return mysqlTable(name, columns, extraConfig);
  }
};
...

export const authOptions: NextAuthOptions = {
  callbacks: {
    session: ({ session, user }) => {
      return {
        ...session,
        user: {
          ...session.user,
          id: user.id,
          wallet: user.wallet,
          role: user.role,
        },
      };
    },
  },
  adapter: DrizzleAdapter(db, dumbAdapter as SQLiteTableFn<undefined>) as Adapter,
  providers: [
    DiscordProvider({
      clientId: env.DISCORD_CLIENT_ID,
      clientSecret: env.DISCORD_CLIENT_SECRET,
    }),
  ],
};

[adriangalilea]

Hello,

I've been trying to do some sane customisation to the defaults and it's proven very annoying to do.

Things I can't stand:

• forced tables and table names, I'm not using sessions nor verification tokens so why does my db has to have those.
• forced fields
  • I don't want to use auth providers as my primary key on the users table.
  • I don't want to use emailVerified field.

I'm thinking of:

• creating custom drizzle adapter
• alter github provider

I'd appreciate if someone explained to me the use of the Accounts table, conceptually it makes sense to me, but then when an user is created if I'm understanding correctly, it is the auth provider ID that is being used as the primary key for the users, so what do we have an accounts for?

I would like to create a solution that other people can use, but I feel as if NextAuth makes it impossible to provide a clean solution. In any case, if anyone managed to do it or have any thoughts, I'd appreciate your input.

[JohnAllenTech]

Just to point out you are not alone in your line of reasoning. I also can't understand why it's so rigid

[andrewdoro]

Also had the same problem, I chose to implement my custom adapter, the code is not so complex so it's just writing some drizzle queries and inserts:
https://github.com/nextauthjs/next-auth/blob/5ea8b7b0f4d285e48f141dd91e518c905c9fb34e/packages/adapter-drizzle/src/lib/mysql.ts

[adriangalilea]

Yes @andrewdoro I resorted to a custom adapter too which also was hard to do due the state of the documentation, but after trial and error I figured out.

[andrewdoro]

An example of a custom drizzle adapter using queries api and also having relations for the user object. (roles and permissions)
https://github.com/tabtick/tabtick/blob/dev/packages/auth/src/adapter.ts

import type { Adapter } from "@auth/core/adapters";
import { and, eq } from "drizzle-orm";

import type { db } from "@acme/db";
import { schema } from "@acme/db";

export function mySqlDrizzleAdapter(client: typeof db): Adapter {
  const { users, accounts, sessions, verificationTokens } = schema;

  return {
    async createUser(data) {
      const id = crypto.randomUUID();

      const name = data?.name ?? data.email?.split("@")[0];

      console.log(name, data);
      await client.insert(users).values({ ...data, name, id });
      const user = await client.query.users.findFirst({
        where: (user) => eq(user.id, id),
        with: {
          roles: true,
        },
      });

      return user!;
    },
    async getUser(data) {
      const thing =
        (await client.query.users.findFirst({
          where: (user) => eq(user.id, data),
          with: {
            roles: true,
          },
        })) ?? null;

      return thing;
    },
    async getUserByEmail(data) {
      const user =
        (await client.query.users.findFirst({
          where: (user) => eq(user.email, data),
          with: {
            roles: true,
          },
        })) ?? null;

      return user;
    },
    async createSession(data) {
      await client.insert(sessions).values(data);
      const session = await client.query.sessions.findFirst({
        where: (session) => eq(session.sessionToken, data.sessionToken),
      });
      return session!;
    },
    async getSessionAndUser(data) {
      let sessionAndUser = null;

      const res = await client.query.sessions.findFirst({
        where: (session) => eq(session.sessionToken, data),
        with: {
          user: {
            with: {
              roles: true,
            },
          },
        },
      });
      if (res) {
        const { user, ...rest } = res;
        sessionAndUser = { session: rest, user };
      }

      return sessionAndUser;
    },
    async updateUser(data) {
      if (!data.id) {
        throw new Error("No user id.");
      }

      await client.update(users).set(data).where(eq(users.id, data.id));

      const user = await client.query.users.findFirst({
        where: (user) => eq(user.id, data.id),
        with: {
          roles: true,
        },
      });
      return user!;
    },
    async updateSession(data) {
      await client
        .update(sessions)
        .set(data)
        .where(eq(sessions.sessionToken, data.sessionToken));

      return await client.query.sessions.findFirst({
        where: (session) => eq(session.sessionToken, data.sessionToken),
      });
    },
    async linkAccount(rawAccount) {
      await client.insert(accounts).values(rawAccount);
    },
    async getUserByAccount(account) {
      const dbAccount =
        (await client.query.accounts.findFirst({
          where: (acc) =>
            and(
              eq(acc.providerAccountId, account.providerAccountId),
              eq(acc.provider, account.provider),
            ),
          with: {
            user: {
              with: {
                roles: true,
              },
            },
          },
        })) ?? null;

      if (!dbAccount) {
        return null;
      }

      return dbAccount.user;
    },
    async deleteSession(sessionToken) {
      const session =
        client.query.sessions.findFirst({
          where: (session) => eq(session.sessionToken, sessionToken),
        }) ?? null;

      await client
        .delete(sessions)
        .where(eq(sessions.sessionToken, sessionToken));

      return session;
    },
    async createVerificationToken(token) {
      await client.insert(verificationTokens).values(token);

      return await client
        .select()
        .from(verificationTokens)
        .where(eq(verificationTokens.identifier, token.identifier))
        .then((res) => res[0]);
    },
    async useVerificationToken(token) {
      try {
        const deletedToken =
          (await client
            .select()
            .from(verificationTokens)
            .where(
              and(
                eq(verificationTokens.identifier, token.identifier),
                eq(verificationTokens.token, token.token),
              ),
            )
            .then((res) => res[0])) ?? null;

        await client
          .delete(verificationTokens)
          .where(
            and(
              eq(verificationTokens.identifier, token.identifier),
              eq(verificationTokens.token, token.token),
            ),
          );

        return deletedToken;
      } catch (err) {
        throw new Error("No verification token found.");
      }
    },
    async deleteUser(id) {
      const user = await client.query.users.findFirst({
        where: (user) => eq(user.id, id),
        with: {
          roles: true,
        },
      });

      await client.delete(users).where(eq(users.id, id));

      return user;
    },
    async unlinkAccount(account) {
      await client
        .delete(accounts)
        .where(
          and(
            eq(accounts.providerAccountId, account.providerAccountId),
            eq(accounts.provider, account.provider),
          ),
        );

      return undefined;
    },
  };
}