Rules enforcing best practices when using Auth0's NextJS SDK.
TODO
You'll first need to install ESLint:
npm i eslint --save-devNext, install eslint-plugin-next-auth0:
npm install eslint-plugin-next-auth0 --save-devAdd next-auth0 to the plugins section of your .eslintrc configuration file. You can omit the eslint-plugin- prefix:
{
"plugins": ["next-auth0"]
}Then configure the rules you want to use under the rules section.
{
"rules": {
"next-auth0/rule-name": 2
}
}TODO: Run eslint-doc-generator to generate the rules list.
Right now, we can only catch usages of string literals. However, the auth routes will usually be template strings due to query params and that kind of stuff (e.g.: router.push(`/api/auth/login?${someQueryParams}`))
We should also catch that kind of navigation π§
If one were to use a CST with the route in a variable, there would be 2 cases for us:
const getAuthRoute: () => string = () => { /* ... */ };
const route = getAuthRoute();
// ^ type: string
router.push(route);const route = isSignUpNeeded ? '/api/auth/login' : '/api/auth/signup';
// ^ type: '/api/auth/login' || '/api/auth/signup'
router.push(route);For case 1, we can't do anything about it. The string value is a runtime-only information and we can't get that π€·π½ However, for case 2, by using eslint's typescript parser, we'll have a finite set of values for the navigation call argument and we can enforce no-auth-route-cst.
We need to create a README that contains at least:
Right now, we're only checking for next navigation methods called in a variable named router. However, that may not always be the case. Someone could do
const routyMcRouterFace = useRouter();
routyMcRouterFace.push('/api/auth/login');and no-auth-route-cst wouldn't catch it. We need to support any variable name that is a next router to enforce the rule.
If the world was a nice place, i would like to use the GPLv3 πΆβπ«οΈ However, as that is usually a hindrance for open source tools, maybe we could use the MIT one, as eslint itself uses? π€
Right now, we only have a placeholder message when we the rule fails. We should add a proper message explaining why we can't use CST for auth routes, if possible.
Right now, we're only checking for next navigation methods called as a member of a variable. However, that may not always be the case. Someone could do
const { push } = useRouter();
push('/api/auth/login');and no-auth-route-cst wouldn't catch it. We need to check that some function variable is a next router navigation method to enforce the rule on it.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google β€οΈ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.