rename test-get-initial-props

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

.all-contributorsrc

@@ -3703,6 +3703,15 @@
         "maintenance",
         "doc"
       ]
+    },
+    {
+      "login": "corydeppen",
+      "name": "Cory Deppen",
+      "avatar_url": "https://avatars.githubusercontent.com/u/313264?v=4",
+      "profile": "https://github.com/corydeppen",
+      "contributions": [
+        "doc"
+      ]
     }
   ],
   "contributorsPerLine": 7,

.changeset/afraid-dancers-juggle.md

@@ -0,0 +1,13 @@
+---
+"blitz": patch
+"@blitzjs/auth": patch
+"@blitzjs/next": patch
+"@blitzjs/rpc": patch
+"@blitzjs/codemod": patch
+"@blitzjs/config": patch
+"@blitzjs/generator": patch
+---
+
+Bump react, react-dom, @types/react and next versions
+
+This fixes a console warning: `Warning: Received `true` for a non-boolean attribute `global`.` when using `styled-jsx`. Versions bump also fixes React Hydration error that happens on and off when using `redirectAuthenticatedTo`.

.changeset/config.json

@@ -2,10 +2,21 @@
   "$schema": "https://unpkg.com/@changesets/config@2.0.0/schema.json",
   "changelog": "@changesets/cli/changelog",
   "commit": false,
-  "fixed": [["blitz"], ["@blitzjs/*"]],
+  "fixed": [
+    [
+      "blitz"
+    ],
+    [
+      "@blitzjs/*"
+    ]
+  ],
   "linked": [],
   "access": "restricted",
   "baseBranch": "main",
   "updateInternalDependencies": "patch",
-  "ignore": ["web", "test-*", "toolkit-app"]
+  "ignore": [
+    "web",
+    "test-*",
+    "toolkit-*"
+  ]
 }

.changeset/cyan-bulldogs-heal.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/next": patch
+---
+
+Allow setting static page properties (e.g. `getInitialProps`) on the App component

.changeset/cyan-cars-greet.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Show file path on error when running the upgrade legacy codemod.

.changeset/early-lamps-itch.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Add `AuthenticatedSessionContext` to the `upgrade-legacy` codemod import map

.changeset/fair-kangaroos-clean.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Remove TypeScript type annotations from `next.config.js` (a JavaScript file) in the `upgrade-legacy` codemod.

.changeset/fast-clocks-push.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+Fix tsconfig.json referencing blitz-env.d.ts insetad of next-env.d.ts in new app templates

.changeset/fluffy-mangos-begin.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+Prevent `Minified react error #419` in production

.changeset/fluffy-mice-wash.md

@@ -0,0 +1,6 @@
+---
+"@blitzjs/rpc": patch
+"blitz": patch
+---
+
+Fix issue with the route name that's generated for nested routes in @blitzjs/rpc. This was causing issues for windows users.

.changeset/forty-timers-rhyme.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Change ES6 import for `withBlitz` during the codemod to the require syntax.

.changeset/gold-horses-punch.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+Add vscode debugging configuration to new app templates

.changeset/gorgeous-birds-warn.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+Add `BlitzPage` types to auth pages in new app template

.changeset/honest-candles-yawn.md

@@ -0,0 +1,7 @@
+---
+"blitz": patch
+"@blitzjs/next": patch
+"@blitzjs/rpc": patch
+---
+
+Upgrade superjson to the latest version

.changeset/lazy-maps-sort.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+Patch Next.js Suspense issue in all node environments. Previously we only patched it in the `development` environment, but now we make sure it gets patched in the `production` env (with the `blitz build` command) as well.

.changeset/long-dancers-jog.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Convert import statements to require when creating the next.config.js file in the codemod

.changeset/long-lobsters-drop.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+Include ResetPasswordPage in new app template

.changeset/lucky-months-guess.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/rpc": patch
+---
+
+Improve RPC logging: print `resolverName()` insetad of `/resolverName()`

.changeset/nasty-suns-wash.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+New apps generated by the cli was missing the getLayout function in \_app, so when you used the getLayout property on your page, it didn't render. **You'll need to manually update your \_app if you generated an app with blitz v2**.

.changeset/orange-zebras-reflect.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Fix upgrade-legacy codemod replacing identifiers with an invalid value. Previously new values were hardcoded to `NextApiRequest`. Now we're using correct values provided as `replaceIdentifiers` function argument.

.changeset/poor-walls-relax.md

@@ -0,0 +1,10 @@
+---
+"@blitzjs/codemod": patch
+"@blitzjs/generator": patch
+"@blitzjs/auth": patch
+"@blitzjs/next": patch
+"@blitzjs/rpc": patch
+"@blitzjs/config": patch
+---
+
+Set current Blitz tag to latest

.changeset/pre.json

@@ -15,6 +15,7 @@
     "@blitzjs/codemod": "2.0.0-beta.0",
     "template": "0.0.0",
     "toolkit-app": "1.0.0",
+    "toolkit-app-passportjs": "1.0.0",
     "test-qm": "0.0.0",
     "test-no-suspense": "0.0.0",
     "test-trailing-slash": "0.0.0",
@@ -22,6 +23,7 @@
     "test-react-query-utils": "0.0.0"
   },
   "changesets": [
+    "afraid-dancers-juggle",
     "big-phones-bow",
     "blue-pigs-tan",
     "breezy-cameras-double",
@@ -41,25 +43,35 @@
     "cuddly-pugs-crash",
     "curly-rules-speak",
     "curly-seas-serve",
+    "cyan-bulldogs-heal",
+    "cyan-cars-greet",
     "dirty-monkeys-greet",
     "dirty-planets-chew",
+    "early-lamps-itch",
     "eleven-humans-sort",
     "empty-berries-rule",
     "empty-turkeys-wave",
     "fair-carrots-guess",
+    "fair-kangaroos-clean",
     "fair-wombats-sneeze",
     "famous-kings-explain",
+    "fast-clocks-push",
     "fast-trainers-kneel",
     "few-dogs-fetch",
     "flat-bees-approve",
+    "fluffy-mangos-begin",
+    "fluffy-mice-wash",
+    "forty-timers-rhyme",
     "four-brooms-juggle",
     "four-meals-fry",
     "four-sheep-judge",
     "fuzzy-bees-warn",
     "fuzzy-jars-admire",
     "gentle-dogs-reply",
+    "gold-horses-punch",
     "good-apes-drum",
     "good-insects-wink",
+    "gorgeous-birds-warn",
     "gorgeous-buses-scream",
     "gorgeous-games-obey",
     "great-candles-stare",
@@ -70,23 +82,29 @@
     "happy-hotels-visit",
     "healthy-rice-shout",
     "heavy-apes-judge",
+    "honest-candles-yawn",
     "hot-cups-rhyme",
     "hot-drinks-approve",
     "hungry-baboons-swim",
     "kind-walls-suffer",
     "late-steaks-give",
+    "lazy-maps-sort",
     "lemon-games-press",
     "lemon-seas-push",
     "light-donkeys-double",
     "long-bees-hope",
+    "long-dancers-jog",
+    "long-lobsters-drop",
     "lovely-berries-sell",
     "lovely-colts-share",
     "lucky-cows-try",
+    "lucky-months-guess",
     "mean-gorillas-reply",
     "modern-cameras-pull",
     "modern-ligers-behave",
     "moody-bags-walk",
     "moody-squids-cheer",
+    "nasty-suns-wash",
     "nervous-beds-travel",
     "nervous-dolls-rule",
     "new-coats-turn",
@@ -100,6 +118,7 @@
     "olive-bees-buy",
     "olive-feet-rhyme",
     "olive-sheep-rhyme",
+    "orange-zebras-reflect",
     "perfect-eyes-repeat",
     "perfect-trains-double",
     "plenty-bottles-swim",
@@ -107,26 +126,32 @@
     "poor-peas-lick",
     "poor-penguins-look",
     "poor-shrimps-think",
+    "poor-walls-relax",
     "popular-teachers-pay",
     "pretty-games-march",
+    "purple-donkeys-smash",
     "purple-singers-greet",
     "quick-cycles-confess",
     "quiet-feet-travel",
     "quiet-pans-hunt",
     "quiet-sloths-rule",
+    "rare-crews-sleep",
     "red-badgers-retire",
     "rich-chairs-invent",
     "rich-queens-travel",
     "rotten-rocks-remember",
     "shaggy-carpets-brake",
     "sharp-falcons-begin",
+    "sharp-olives-sip",
     "shy-olives-hang",
     "shy-pumpkins-try",
     "silent-colts-reply",
     "silly-apricots-share",
+    "silly-shoes-agree",
     "six-apricots-kick",
     "slimy-humans-impress",
     "slimy-needles-taste",
+    "slow-walls-camp",
     "slow-walls-poke",
     "small-socks-confess",
     "smooth-planets-admire",
@@ -138,6 +163,7 @@
     "sour-mails-lick",
     "spicy-beds-float",
     "spotty-dingos-stare",
+    "spotty-peas-hope",
     "stale-jobs-drum",
     "strong-apes-reply",
     "stupid-walls-sell",
@@ -162,6 +188,7 @@
     "two-eyes-knock",
     "two-kiwis-help",
     "two-tigers-type",
+    "two-turtles-poke",
     "unlucky-avocados-fix",
     "unlucky-papayas-sleep",
     "violet-bags-leave",
@@ -171,6 +198,7 @@
     "wicked-rings-walk",
     "wise-eels-visit",
     "wise-frogs-give",
-    "wise-rabbits-complain"
+    "wise-rabbits-complain",
+    "young-birds-talk"
   ]
 }

.changeset/purple-donkeys-smash.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+Exit CLI process after `blitz new` command is finished

.changeset/rare-crews-sleep.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+Fix eslint and types setup in minimal app template

.changeset/sharp-olives-sip.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+Fix upgrade-legacy `Update imports` step — import `getAntiCSRFToken` and `AuthenticatedMiddlewareCtx` from correct locations

.changeset/silly-shoes-agree.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/generator": patch
+---
+
+Remove `-cookie-prefix` appended to the `cookiePrefix` config property in the new app template. It will also fix auth and CSRF issues for users upgrading from a legacy framework.

.changeset/slow-walls-camp.md

@@ -0,0 +1,5 @@
+---
+"blitz": patch
+---
+
+Only run the prisma generate command when the schema file changes.

.changeset/spotty-peas-hope.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Add a new codemod step to update the .eslintrc.js file

.changeset/two-turtles-poke.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/codemod": patch
+---
+
+Add `Script` as a default import from next.js during the codemod.

.changeset/young-birds-talk.md

@@ -0,0 +1,5 @@
+---
+"@blitzjs/auth": patch
+---
+
+Allow specifying custom strategy name in Blitz's passport adapter

.github/workflows/main.yml

@@ -1,5 +1,3 @@
-# https://github.com/vercel/next.js/commits/canary/.github/workflows/build_test_deploy.yml
-
 name: CI
 
 on:
@@ -10,16 +8,14 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
+env:
+  TURBO_TOKEN: 05de0230f01174d1f8cb4845a01dc6c895ce28f04ebef2318ab11615791b871c35eabbf8
+  TURBO_TEAM: foo
+
 jobs:
-  build:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os:
-          - ubuntu-latest
-        node_version:
-          - 16
-    name: Node ${{ matrix.node_version }} - ${{ matrix.os }}
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
       - uses: pnpm/action-setup@646cdf48217256a3d0b80361c5a50727664284f2
@@ -28,11 +24,157 @@ jobs:
       - name: Setup node
         uses: actions/setup-node@v2
         with:
-          node-version: ${{ matrix.node_version }}
+          node-version: 16
+          cache: "pnpm"
+      - name: Install dependencies
+        run: pnpm install  --frozen-lockfile
+      - run: pnpm manypkg check
+      - name: Turborepo local server
+        uses: felixmosh/turborepo-gh-artifacts@v1
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          server-token: ${{ env.TURBO_TOKEN }}
+      - name: Build
+        run: pnpm build -- --api="http://127.0.0.1:9080"
+      - name: Lint
+        run: pnpm lint -- --api="http://127.0.0.1:9080"
+
+  build:
+    runs-on: ubuntu-latest
+    name: Build
+    steps:
+      - uses: actions/checkout@v2
+      - uses: pnpm/action-setup@646cdf48217256a3d0b80361c5a50727664284f2
+        with:
+          version: 6.32.6
+      - name: Setup node
+        uses: actions/setup-node@v2
+        with:
+          node-version: 16
           cache: "pnpm"
       - run: pnpm install --frozen-lockfile
       - run: pnpm manypkg check
-      - run: pnpm build
-      - run: pnpm lint
-      - run: pnpm build:apps
-      - run: pnpm test
+      - name: Turborepo local server
+        uses: felixmosh/turborepo-gh-artifacts@v1
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          server-token: ${{ env.TURBO_TOKEN }}
+      - name: Build
+        run: pnpm build -- --api="http://127.0.0.1:9080"
+      - name: Build Apps
+        run: pnpm build:apps -- --api="http://127.0.0.1:9080"
+
+  Unit-Tests:
+    name: "Unit Test: ${{ matrix.os }} (node@16)"
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os:
+          - ubuntu-latest
+          - windows-latest
+      fail-fast: false
+    env:
+      NODE_VERSION: 16
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup PNPM
+        uses: pnpm/action-setup@646cdf48217256a3d0b80361c5a50727664284f2
+        with:
+          version: 6.32.6
+
+      - name: Setup node@16
+        uses: actions/setup-node@v2
+        with:
+          node-version: 16
+          cache: "pnpm"
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+        shell: bash
+
+      - run: pnpm manypkg check
+        shell: bash
+
+      - name: Turborepo local server
+        uses: felixmosh/turborepo-gh-artifacts@v1
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          server-token: ${{ env.TURBO_TOKEN }}
+
+      - name: Build
+        run: pnpm build -- --api="http://127.0.0.1:9080"
+        shell: bash
+
+      - name: Test Packages
+        run: pnpm test -- --filter=./packages/*
+        shell: bash
+
+      - name: Test Apps
+        run: pnpm test -- --filter=./apps/*
+        shell: bash
+
+  find-integration-tests:
+    name: "Find Integration Tests"
+    runs-on: ubuntu-latest
+    outputs:
+      folders: ${{ steps.set-matrix.outputs.folders }}
+    steps:
+      - uses: actions/checkout@v2
+      - id: set-matrix
+        name: "Find all folders"
+        shell: bash
+        run: |
+          cd ./integration-tests
+          tree -J -d -L 1 | jq -c  '.[0].contents | map(.name | tostring)'
+          folders=$(tree -J -d -L 1 | jq -c  '.[0].contents | map(.name | tostring)')
+          echo "::set-output name=folders::$folders"
+
+  Integration-Tests:
+    name: "Integration Test: ${{matrix.folder}} @ ${{ matrix.os }} "
+    needs: [find-integration-tests]
+    strategy:
+      matrix:
+        folder: ${{fromJSON(needs.find-integration-tests.outputs.folders)}}
+        os:
+          - ubuntu-latest
+          - windows-latest
+      fail-fast: false
+    runs-on: ${{ matrix.os }}
+    steps:
+      - run: echo ${{matrix.folder}}
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup PNPM
+        uses: pnpm/action-setup@646cdf48217256a3d0b80361c5a50727664284f2
+        with:
+          version: 6.32.6
+
+      - name: Setup node@${{ matrix.NODE_VERSION }}
+        uses: actions/setup-node@v2
+        with:
+          node-version: ${{ matrix.NODE_VERSION }}
+          cache: "pnpm"
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+        shell: bash
+
+      - run: pnpm manypkg check
+        shell: bash
+
+      - name: Turborepo local server
+        uses: felixmosh/turborepo-gh-artifacts@v1
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          server-token: ${{ env.TURBO_TOKEN }}
+
+      - name: Build
+        run: pnpm build -- --api="http://127.0.0.1:9080"
+        shell: bash
+
+      - name: Test Packages
+        run: pnpm test -- --filter=./integration-tests/${{matrix.folder}}
+        shell: bash

.gitignore

@@ -48,13 +48,13 @@ tsconfig.tsbuildinfo
 .next
 dist
 .now
+
 # local env files
 **/.env.local
 **/.env.*.local
 **/.envrc
 .blitz-*
 .blitz-cli-cache
-.vscode
 .tsbuildinfo
 .nvmrc
 **/.test*
@@ -65,7 +65,6 @@ db.sqlite-journal
 **/db/db.sqlite
 test/integration/**/db.json
 test/**/*/out
-test/**/blitz-env.d.ts
-examples/**/blitz-env.d.ts
+test/**/next-env.d.ts
+examples/**/next-env.d.ts
 .blitz**
-

CONTRIBUTING.md

@@ -1,6 +1,6 @@
 # Contributing
 
-[Read the Contributing Guide at Blitzjs.com](https://alpha.blitzjs.com/docs/contributing)
+[Read the Contributing Guide at Blitzjs.com](https://blitzjs.com/docs/contributing)
 
 ## To run tests
 

README.md

@@ -6,7 +6,7 @@
     <img alt="" src="https://img.shields.io/badge/Join%20our%20community-6700EB.svg?style=for-the-badge&labelColor=000000&logoWidth=20&logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAACACAYAAADDPmHLAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAQ9SURBVHgB7d3dVdtAEIbhcSpICUoH0IEogQqSVBBSAU4FSSpIOoAORAfQgSghHXzZ1U/YcMD4R9rZmf2ec3y448LyiNf27iLiGIAmPLrweC9Un3DhrzG6EarLNP09nlwJ1SOZ/lQr5N80/S/p2QMVCBf5N17XCfm1Y/rBHqjAG9PPHvBsz+mf9WAP+HLA9M/YA14cOP2payH7jpj+VCtk1wnTP+vj7xCy6cTpn7EHLMLp059iD1iD8eveJbVCNsSLheX1YA/YgOWnf8YeKB3Wmf7Ud6Fy4f/FHmtpxbl3YlC4MJ/Cj0bWdwPnPbARg+L0S54XQHS32WwuxClzd4CM0z9rPfeAuTtA5ulPXYQ7wZ04Y+oOoDD9KZc9YOoOoDj9s4dwFzgXR6w1wIPoOvPWA9buAHEJ173o3gWiy3AnuBUHLEbgmYwvAk1/wuM8vAgexThzbwPDkx7/DHwVXfFOxP2GmsKd4Ab6zPeAyU8CI7AHFmH2BRCBPXAyk18GzUrqAXCTiR4ssyj0VFw/oCU8+e+RZ33AWz6KMaYbIIWxB+JSLs1bsbkeMN0AqakHvoku9oA2sAfqBvbAQdw0QArsgb25aYBUQT3QgT2gB+yBuqGcHij2UCqXDZACe2Anlw2QYg/QAOyBuoE98CL3DZDCuK4/rh/Q7oGL6U+TOvcNkJoijN8X1C48+T+g75eQDrAH/qmqAVJgDwyqaoAUe4AGYA/UDZX3QLUNkEIZPRCd5+6BahsgVUgPROwBTSijB7jpVAvGHriHvmw9wAZ4BpX1ABvgmakHtPcbRuwBTWAPULgAV9D/jKDY9YRvwvgEaurD44uQHvAol7qBW7WKluVtIHiUS7GyvA0s6CiXDnxrpQfsgbqBS7GKk/2jYHCrVlGyfxTMrVo0ALdq1Q3sgSKofh0M9oA61a+D2QM0AHugbmAPqClmSRjK2apVVQ8UsySsoK1aHdgDesCtWnUDeyCrIpeFg1u3sylyWTi3btMA7IG6gT2wuuK3hoE9sKrit4YVslWLPaAN7IG6ocKt2zmY2h4O9sDiTG0PZw/QANy6XTewBxZj9ogYVHy025LMHhEz9cBn0We6B0yfERReBLfhx0/R1YQHPx/QBPbA0VwcEwf2wNFcHBPHHjiem3MC2QPHcXdSaJjA+KfgTPQ8hhfjBzHC40mhlzJ+Xq9lK4a4PCs43AVaGTed5mZq+iOXZwWHi3AnOj2wFWNcnxYe7gTxLtBKHuamP/J+Wnh8a5irB7ZC5Yk9gPX1QuXC+usHWqGyhYvUYR0a7zboUOFCNVhnk0krZAOW7wFOvzXhom2xnEbIHizTA1wEYhWW6YFGyC6c1gOcfg9wfA80Qj7g8B7g9HuCww+haIR8wf49wOn3Cvv9k8tGyC/s7gFOv3fY3QONkH+v9MBWqB7PeqDn9FcIT//kcitUn6kHOu/T/xfWzlQy3dEHhwAAAABJRU5ErkJggg==">
   </a>
 <!-- ALL-CONTRIBUTORS-BADGE:START - Do not remove or modify this section -->
-<a aria-label="All Contributors" href="#contributors-"><img alt="" src="https://img.shields.io/badge/all_contributors-391-17BB8A.svg?style=for-the-badge&labelColor=000000"></a>
+<a aria-label="All Contributors" href="#contributors-"><img alt="" src="https://img.shields.io/badge/all_contributors-393-17BB8A.svg?style=for-the-badge&labelColor=000000"></a>
 <!-- ALL-CONTRIBUTORS-BADGE:END -->
   <a aria-label="License" href="https://github.com/blitz-js/blitz/blob/main/LICENSE">
     <img alt="" src="https://img.shields.io/npm/l/blitz.svg?style=for-the-badge&labelColor=000000&color=blue">
@@ -713,7 +713,10 @@ Thanks to these wonderful people ([emoji key](https://allcontributors.org/docs/e
     <td align="center"><a href="oltdaniel.eu"><img src="https://avatars.githubusercontent.com/u/53529846?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Daniel Oltmanns</b></sub></a><br /><a href="https://github.com/blitz-js/blitz/commits?author=oltdaniel" title="Documentation">📖</a> <a href="https://github.com/blitz-js/blitz/commits?author=oltdaniel" title="Code">💻</a></td>
     <td align="center"><a href="https://github.com/edrickleong"><img src="https://avatars.githubusercontent.com/u/10529706?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Edrick Leong</b></sub></a><br /><a href="https://github.com/blitz-js/blitz/commits?author=edrickleong" title="Documentation">📖</a> <a href="https://github.com/blitz-js/blitz/commits?author=edrickleong" title="Code">💻</a> <a href="https://github.com/blitz-js/blitz/commits?author=edrickleong" title="Tests">⚠️</a></td>
     <td align="center"><a href="https://github.com/siddhsuresh"><img src="https://avatars.githubusercontent.com/u/83594610?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Siddharth Suresh</b></sub></a><br /><a href="https://github.com/blitz-js/blitz/commits?author=siddhsuresh" title="Documentation">📖</a> <a href="https://github.com/blitz-js/blitz/commits?author=siddhsuresh" title="Code">💻</a></td>
-    <td align="center"><a href="http://jins.dev"><img src="https://avatars.githubusercontent.com/u/39466936?v=4" width="100px;" alt=""/><br /><sub><b>JH.Lee</b></sub></a><br /><a href="https://github.com/blitz-js/blitz/commits?author=orionmiz" title="Code">💻</a> <a href="https://github.com/blitz-js/blitz/commits?author=orionmiz" title="Tests">⚠️</a> <a href="#maintenance-orionmiz" title="Maintenance">🚧</a> <a href="https://github.com/blitz-js/blitz/commits?author=orionmiz" title="Documentation">📖</a></td>
+    <td align="center"><a href="http://jins.dev"><img src="https://avatars.githubusercontent.com/u/39466936?v=4?s=100" width="100px;" alt=""/><br /><sub><b>JH.Lee</b></sub></a><br /><a href="https://github.com/blitz-js/blitz/commits?author=orionmiz" title="Code">💻</a> <a href="https://github.com/blitz-js/blitz/commits?author=orionmiz" title="Tests">⚠️</a> <a href="#maintenance-orionmiz" title="Maintenance">🚧</a> <a href="https://github.com/blitz-js/blitz/commits?author=orionmiz" title="Documentation">📖</a></td>
+  </tr>
+  <tr>
+    <td align="center"><a href="https://github.com/corydeppen"><img src="https://avatars.githubusercontent.com/u/313264?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Cory Deppen</b></sub></a><br /><a href="https://github.com/blitz-js/blitz/commits?author=corydeppen" title="Documentation">📖</a></td>
   </tr>
 </table>
 

apps/toolkit-app-passportjs/.editorconfig

@@ -0,0 +1,11 @@
+# https://EditorConfig.org
+
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true

apps/toolkit-app-passportjs/.env

@@ -0,0 +1,3 @@
+# This env file should be checked into source control
+# This is the place for default values for all environments
+# Values in `.env.local` and `.env.production` will override these values

apps/toolkit-app-passportjs/.eslintrc.js

@@ -0,0 +1 @@
+module.exports = require("@blitzjs/next/eslint")

apps/toolkit-app-passportjs/.gitignore

@@ -0,0 +1,56 @@
+# dependencies
+node_modules
+.yarn/*
+!.yarn/patches
+!.yarn/plugins
+!.yarn/releases
+!.yarn/sdks
+!.yarn/versions
+.pnp.*
+.npm
+web_modules/
+
+# blitz
+/.blitz/
+/.next/
+*.sqlite
+*.sqlite-journal
+.now
+.blitz**
+blitz-log.log
+
+# misc
+.DS_Store
+
+# local env files
+.env.local
+.env.*.local
+.envrc
+
+# Logs
+logs
+*.log
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Testing
+.coverage
+*.lcov
+.nyc_output
+lib-cov
+
+# Caches
+*.tsbuildinfo
+.eslintcache
+.node_repl_history
+.yarn-integrity
+
+# Serverless directories
+.serverless/
+
+# Stores VSCode versions used for testing VSCode extensions
+.vscode-test

apps/toolkit-app-passportjs/.npmrc

@@ -0,0 +1,8 @@
+save-exact=true
+legacy-peer-deps=true
+
+public-hoist-pattern[]=@tanstack/react-query
+public-hoist-pattern[]=next
+public-hoist-pattern[]=secure-password
+public-hoist-pattern[]=*jest*
+public-hoist-pattern[]=@testing-library/*

apps/toolkit-app-passportjs/.prettierignore

@@ -0,0 +1,9 @@
+.gitkeep
+.env*
+*.ico
+*.lock
+db/migrations
+.next
+.yarn
+.pnp.*
+node_modules

apps/toolkit-app-passportjs/CHANGELOG.md

@@ -0,0 +1,2 @@
+# toolkit-app-passportjs
+

apps/toolkit-app-passportjs/README.md

@@ -0,0 +1,175 @@
+TODO
+
+[![Blitz.js](https://raw.githubusercontent.com/blitz-js/art/master/github-cover-photo.png)](https://blitzjs.com)
+
+This is a [Blitz.js](https://github.com/blitz-js/blitz) app.
+
+# \***\*name\*\***
+
+## Getting Started
+
+Run your app in the development mode.
+
+```
+blitz dev
+```
+
+Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
+
+## Environment Variables
+
+Ensure the `.env.local` file has required environment variables:
+
+```
+DATABASE_URL=postgresql://<YOUR_DB_USERNAME>@localhost:5432/__name__
+```
+
+Ensure the `.env.test.local` file has required environment variables:
+
+```
+DATABASE_URL=postgresql://<YOUR_DB_USERNAME>@localhost:5432/__name___test
+```
+
+## Tests
+
+Runs your tests using Jest.
+
+```
+yarn test
+```
+
+Blitz comes with a test setup using [Jest](https://jestjs.io/) and [react-testing-library](https://testing-library.com/).
+
+## Commands
+
+Blitz comes with a powerful CLI that is designed to make development easy and fast. You can install it with `npm i -g blitz`
+
+```
+  blitz [COMMAND]
+
+  dev       Start a development server
+  build     Create a production build
+  start     Start a production server
+  export    Export your Blitz app as a static application
+  prisma    Run prisma commands
+  generate  Generate new files for your Blitz project
+  console   Run the Blitz console REPL
+  install   Install a recipe
+  help      Display help for blitz
+  test      Run project tests
+```
+
+You can read more about it on the [CLI Overview](https://blitzjs.com/docs/cli-overview) documentation.
+
+## What's included?
+
+Here is the starting structure of your app.
+
+```
+__name__
+├── app/
+│   ├── api/
+│   ├── auth/
+│   │   ├── components/
+│   │   │   ├── LoginForm.tsx
+│   │   │   └── SignupForm.tsx
+│   │   ├── mutations/
+│   │   │   ├── changePassword.ts
+│   │   │   ├── forgotPassword.test.ts
+│   │   │   ├── forgotPassword.ts
+│   │   │   ├── login.ts
+│   │   │   ├── logout.ts
+│   │   │   ├── resetPassword.test.ts
+│   │   │   ├── resetPassword.ts
+│   │   │   └── signup.ts
+│   │   ├── pages/
+│   │   │   ├── forgot-password.tsx
+│   │   │   ├── login.tsx
+│   │   │   ├── reset-password.tsx
+│   │   │   └── signup.tsx
+│   │   └── validations.ts
+│   ├── core/
+│   │   ├── components/
+│   │   │   ├── Form.tsx
+│   │   │   └── LabeledTextField.tsx
+│   │   ├── hooks/
+│   │   │   └── useCurrentUser.ts
+│   │   └── layouts/
+│   │       └── Layout.tsx
+│   ├── pages/
+│   │   ├── _app.tsx
+│   │   ├── _document.tsx
+│   │   ├── 404.tsx
+│   │   ├── index.test.tsx
+│   │   └── index.tsx
+│   └── users/
+│       └── queries/
+│           └── getCurrentUser.ts
+├── db/
+│   ├── migrations/
+│   ├── index.ts
+│   ├── schema.prisma
+│   └── seeds.ts
+├── integrations/
+├── mailers/
+│   └── forgotPasswordMailer.ts
+├── public/
+│   ├── favicon.ico
+│   └── logo.png
+├── test/
+│   ├── setup.ts
+│   └── utils.tsx
+├── .eslintrc.js
+├── babel.config.js
+├── blitz.config.ts
+├── jest.config.ts
+├── package.json
+├── README.md
+├── tsconfig.json
+└── types.ts
+```
+
+These files are:
+
+- The `app/` folder is a container for most of your project. This is where you’ll put any pages or API routes.
+
+- `db/` is where your database configuration goes. If you’re writing models or checking migrations, this is where to go.
+
+- `public/` is a folder where you will put any static assets. If you have images, files, or videos which you want to use in your app, this is where to put them.
+
+- `integrations/` is a folder to put all third-party integrations like with Stripe, Sentry, etc.
+
+- `test/` is a folder where you can put test utilities and integration tests.
+
+- `package.json` contains information about your dependencies and devDependencies. If you’re using a tool like `npm` or `yarn`, you won’t have to worry about this much.
+
+- `tsconfig.json` is our recommended setup for TypeScript.
+
+- `.babel.config.js`, `.eslintrc.js`, `.env`, etc. ("dotfiles") are configuration files for various bits of JavaScript tooling.
+
+- `blitz.config.ts` is for advanced custom configuration of Blitz. [Here you can learn how to use it](https://blitzjs.com/docs/blitz-config).
+
+- `jest.config.js` contains config for Jest tests. You can [customize it if needed](https://jestjs.io/docs/en/configuration).
+
+You can read more about it in the [File Structure](https://blitzjs.com/docs/file-structure) section of the documentation.
+
+### Tools included
+
+Blitz comes with a set of tools that corrects and formats your code, facilitating its future maintenance. You can modify their options and even uninstall them.
+
+- **ESLint**: It lints your code: searches for bad practices and tell you about it. You can customize it via the `.eslintrc.js`, and you can install (or even write) plugins to have it the way you like it. It already comes with the [`blitz`](https://github.com/blitz-js/blitz/tree/canary/packages/eslint-config) config, but you can remove it safely. [Learn More](https://blitzjs.com/docs/eslint-config).
+- **Husky**: It adds [githooks](https://git-scm.com/docs/githooks), little pieces of code that get executed when certain Git events are triggerd. For example, `pre-commit` is triggered just before a commit is created. You can see the current hooks inside `.husky/`. If are having problems commiting and pushing, check out ther [troubleshooting](https://typicode.github.io/husky/#/?id=troubleshoot) guide. [Learn More](https://blitzjs.com/docs/husky-config).
+- **Prettier**: It formats your code to look the same everywhere. You can configure it via the `.prettierrc` file. The `.prettierignore` contains the files that should be ignored by Prettier; useful when you have large files or when you want to keep a custom formatting. [Learn More](https://blitzjs.com/docs/prettier-config).
+
+## Learn more
+
+Read the [Blitz.js Documentation](https://blitzjs.com/docs/getting-started) to learn more.
+
+The Blitz community is warm, safe, diverse, inclusive, and fun! Feel free to reach out to us in any of our communication channels.
+
+- [Website](https://blitzjs.com)
+- [Discord](https://blitzjs.com/discord)
+- [Report an issue](https://github.com/blitz-js/blitz/issues/new/choose)
+- [Forum discussions](https://github.com/blitz-js/blitz/discussions)
+- [How to Contribute](https://blitzjs.com/docs/contributing)
+- [Sponsor or donate](https://github.com/blitz-js/blitz#sponsors-and-donations)

apps/toolkit-app-passportjs/app/auth/components/LoginForm.tsx

@@ -0,0 +1,59 @@
+import { AuthenticationError, PromiseReturnType } from "blitz"
+import Link from "next/link"
+import { LabeledTextField } from "app/core/components/LabeledTextField"
+import { Form, FORM_ERROR } from "app/core/components/Form"
+import login from "app/auth/mutations/login"
+import { Login } from "app/auth/validations"
+import { useMutation } from "@blitzjs/rpc"
+import { Routes } from "@blitzjs/next"
+
+type LoginFormProps = {
+  onSuccess?: (user: PromiseReturnType<typeof login>) => void
+}
+
+export const LoginForm = (props: LoginFormProps) => {
+  const [loginMutation] = useMutation(login)
+  return (
+    <div>
+      <h1>Login</h1>
+
+      <Form
+        submitText="Login"
+        schema={Login}
+        initialValues={{ email: "", password: "" }}
+        onSubmit={async (values) => {
+          try {
+            const user = await loginMutation(values)
+            props.onSuccess?.(user)
+          } catch (error: any) {
+            if (error instanceof AuthenticationError) {
+              return { [FORM_ERROR]: "Sorry, those credentials are invalid" }
+            } else {
+              return {
+                [FORM_ERROR]:
+                  "Sorry, we had an unexpected error. Please try again. - " + error.toString(),
+              }
+            }
+          }
+        }}
+      >
+        <LabeledTextField name="email" label="Email" placeholder="Email" />
+        <LabeledTextField name="password" label="Password" placeholder="Password" type="password" />
+        <div>
+          <Link href={Routes.ForgotPasswordPage()} passHref>
+            <a>Forgot your password?</a>
+          </Link>
+        </div>
+      </Form>
+
+      <div style={{ marginTop: "1rem" }}>
+        Or{" "}
+        <Link href={Routes.SignupPage()} passHref>
+          <a>Sign Up</a>
+        </Link>
+      </div>
+    </div>
+  )
+}
+
+export default LoginForm

apps/toolkit-app-passportjs/app/auth/components/SignupForm.tsx

@@ -0,0 +1,42 @@
+import { LabeledTextField } from "app/core/components/LabeledTextField"
+import { Form, FORM_ERROR } from "app/core/components/Form"
+import signup from "app/auth/mutations/signup"
+import { Signup } from "app/auth/validations"
+import { useMutation } from "@blitzjs/rpc"
+
+type SignupFormProps = {
+  onSuccess?: () => void
+}
+
+export const SignupForm = (props: SignupFormProps) => {
+  const [signupMutation] = useMutation(signup)
+  return (
+    <div>
+      <h1>Create an Account</h1>
+
+      <Form
+        submitText="Create Account"
+        schema={Signup}
+        initialValues={{ email: "", password: "" }}
+        onSubmit={async (values) => {
+          try {
+            await signupMutation(values)
+            props.onSuccess?.()
+          } catch (error: any) {
+            if (error.code === "P2002" && error.meta?.target?.includes("email")) {
+              // This error comes from Prisma
+              return { email: "This email is already being used" }
+            } else {
+              return { [FORM_ERROR]: error.toString() }
+            }
+          }
+        }}
+      >
+        <LabeledTextField name="email" label="Email" placeholder="Email" />
+        <LabeledTextField name="password" label="Password" placeholder="Password" type="password" />
+      </Form>
+    </div>
+  )
+}
+
+export default SignupForm

apps/toolkit-app-passportjs/app/auth/mutations/changePassword.ts

@@ -0,0 +1,25 @@
+import { NotFoundError } from "blitz"
+import db from "db"
+import { authenticateUser } from "./login"
+import { ChangePassword } from "../validations"
+import { resolver } from "@blitzjs/rpc"
+import { SecurePassword } from "@blitzjs/auth"
+
+export default resolver.pipe(
+  resolver.zod(ChangePassword),
+  resolver.authorize(),
+  async ({ currentPassword, newPassword }, ctx) => {
+    const user = await db.user.findFirst({ where: { id: ctx.session.userId as number } })
+    if (!user) throw new NotFoundError()
+
+    await authenticateUser(user.email, currentPassword)
+
+    const hashedPassword = await SecurePassword.hash(newPassword.trim())
+    await db.user.update({
+      where: { id: user.id },
+      data: { hashedPassword },
+    })
+
+    return true
+  }
+)

apps/toolkit-app-passportjs/app/auth/mutations/forgotPassword.ts

@@ -0,0 +1,42 @@
+import { generateToken, hash256 } from "@blitzjs/auth"
+import { resolver } from "@blitzjs/rpc"
+import db from "db"
+import { forgotPasswordMailer } from "mailers/forgotPasswordMailer"
+import { ForgotPassword } from "../validations"
+
+const RESET_PASSWORD_TOKEN_EXPIRATION_IN_HOURS = 4
+
+export default resolver.pipe(resolver.zod(ForgotPassword), async ({ email }) => {
+  // 1. Get the user
+  const user = await db.user.findFirst({ where: { email: email.toLowerCase() } })
+
+  // 2. Generate the token and expiration date.
+  const token = generateToken()
+  const hashedToken = hash256(token)
+  const expiresAt = new Date()
+  expiresAt.setHours(expiresAt.getHours() + RESET_PASSWORD_TOKEN_EXPIRATION_IN_HOURS)
+
+  // 3. If user with this email was found
+  if (user) {
+    // 4. Delete any existing password reset tokens
+    await db.token.deleteMany({ where: { type: "RESET_PASSWORD", userId: user.id } })
+    // 5. Save this new token in the database.
+    await db.token.create({
+      data: {
+        user: { connect: { id: user.id } },
+        type: "RESET_PASSWORD",
+        expiresAt,
+        hashedToken,
+        sentTo: user.email,
+      },
+    })
+    // 6. Send the email
+    await forgotPasswordMailer({ to: user.email, token }).send()
+  } else {
+    // 7. If no user found wait the same time so attackers can't tell the difference
+    await new Promise((resolve) => setTimeout(resolve, 750))
+  }
+
+  // 8. Return the same result whether a password reset email was sent or not
+  return
+})

apps/toolkit-app-passportjs/app/auth/mutations/login.ts

@@ -0,0 +1,32 @@
+import { SecurePassword } from "@blitzjs/auth"
+import { resolver } from "@blitzjs/rpc"
+import { AuthenticationError } from "blitz"
+import db from "db"
+import { Role } from "types"
+import { Login } from "../validations"
+
+export const authenticateUser = async (rawEmail: string, rawPassword: string) => {
+  const { email, password } = Login.parse({ email: rawEmail, password: rawPassword })
+  const user = await db.user.findFirst({ where: { email } })
+  if (!user) throw new AuthenticationError()
+
+  const result = await SecurePassword.verify(user.hashedPassword, password)
+
+  if (result === SecurePassword.VALID_NEEDS_REHASH) {
+    // Upgrade hashed password with a more secure hash
+    const improvedHash = await SecurePassword.hash(password)
+    await db.user.update({ where: { id: user.id }, data: { hashedPassword: improvedHash } })
+  }
+
+  const { hashedPassword, ...rest } = user
+  return rest
+}
+
+export default resolver.pipe(resolver.zod(Login), async ({ email, password }, ctx) => {
+  // This throws an error if credentials are invalid
+  const user = await authenticateUser(email, password)
+
+  await ctx.session.$create({ userId: user.id, role: user.role as Role })
+
+  return user
+})

apps/toolkit-app-passportjs/app/auth/mutations/logout.ts

@@ -0,0 +1,5 @@
+import { Ctx } from "blitz"
+
+export default async function logout(_: any, ctx: Ctx) {
+  return await ctx.session.$revoke()
+}

apps/toolkit-app-passportjs/app/auth/mutations/resetPassword.ts

@@ -0,0 +1,48 @@
+import { SecurePassword, hash256 } from "@blitzjs/auth"
+import db from "db"
+import { ResetPassword } from "../validations"
+import login from "./login"
+
+export class ResetPasswordError extends Error {
+  name = "ResetPasswordError"
+  message = "Reset password link is invalid or it has expired."
+}
+
+export default async function resetPassword(input, ctx) {
+  ResetPassword.parse(input)
+  // 1. Try to find this token in the database
+  const hashedToken = hash256(input.token)
+  const possibleToken = await db.token.findFirst({
+    where: { hashedToken, type: "RESET_PASSWORD" },
+    include: { user: true },
+  })
+
+  // 2. If token not found, error
+  if (!possibleToken) {
+    throw new ResetPasswordError()
+  }
+  const savedToken = possibleToken
+
+  // 3. Delete token so it can't be used again
+  await db.token.delete({ where: { id: savedToken.id } })
+
+  // 4. If token has expired, error
+  if (savedToken.expiresAt < new Date()) {
+    throw new ResetPasswordError()
+  }
+
+  // 5. Since token is valid, now we can update the user's password
+  const hashedPassword = await SecurePassword.hash(input.password.trim())
+  const user = await db.user.update({
+    where: { id: savedToken.userId },
+    data: { hashedPassword },
+  })
+
+  // 6. Revoke all existing login sessions for this user
+  await db.session.deleteMany({ where: { userId: user.id } })
+
+  // 7. Now log the user in with the new credentials
+  await login({ email: user.email, password: input.password }, ctx)
+
+  return true
+}

apps/toolkit-app-passportjs/app/auth/mutations/signup.ts

@@ -0,0 +1,21 @@
+import db from "db"
+import { SecurePassword } from "@blitzjs/auth"
+import { Role } from "types"
+
+export default async function signup(input, ctx) {
+  const blitzContext = ctx
+
+  const hashedPassword = await SecurePassword.hash((input.password as string) || "test-password")
+  const email = (input.email as string) || "test" + Math.random() + "@test.com"
+  const user = await db.user.create({
+    data: { email, hashedPassword, role: "user" },
+    select: { id: true, name: true, email: true, role: true },
+  })
+
+  await blitzContext.session.$create({
+    userId: user.id,
+    role: user.role as Role,
+  })
+
+  return { userId: blitzContext.session.userId, ...user, email: input.email }
+}

apps/toolkit-app-passportjs/app/auth/validations.ts

@@ -0,0 +1,42 @@
+import { z } from "zod"
+
+export const email = z
+  .string()
+  .email()
+  .transform((str) => str.toLowerCase().trim())
+
+export const password = z
+  .string()
+  .min(10)
+  .max(100)
+  .transform((str) => str.trim())
+
+export const Signup = z.object({
+  email,
+  password,
+})
+
+export const Login = z.object({
+  email,
+  password: z.string(),
+})
+
+export const ForgotPassword = z.object({
+  email,
+})
+
+export const ResetPassword = z
+  .object({
+    password: password,
+    passwordConfirmation: password,
+    token: z.string(),
+  })
+  .refine((data) => data.password === data.passwordConfirmation, {
+    message: "Passwords don't match",
+    path: ["passwordConfirmation"], // set the path of the error
+  })
+
+export const ChangePassword = z.object({
+  currentPassword: z.string(),
+  newPassword: password,
+})

apps/toolkit-app-passportjs/app/blitz-client.ts

@@ -0,0 +1,12 @@
+import { AuthClientPlugin } from "@blitzjs/auth"
+import { setupBlitzClient } from "@blitzjs/next"
+import { BlitzRpcPlugin } from "@blitzjs/rpc"
+
+export const { withBlitz } = setupBlitzClient({
+  plugins: [
+    AuthClientPlugin({
+      cookiePrefix: "web-cookie-prefix",
+    }),
+    BlitzRpcPlugin({}),
+  ],
+})

apps/toolkit-app-passportjs/app/blitz-server.ts

@@ -0,0 +1,16 @@
+import { setupBlitzServer } from "@blitzjs/next"
+import { AuthServerPlugin, PrismaStorage } from "@blitzjs/auth"
+import db from "db"
+import { simpleRolesIsAuthorized } from "@blitzjs/auth"
+
+const { gSSP, gSP, api } = setupBlitzServer({
+  plugins: [
+    AuthServerPlugin({
+      cookiePrefix: "web-cookie-prefix",
+      storage: PrismaStorage(db),
+      isAuthorized: simpleRolesIsAuthorized,
+    }),
+  ],
+})
+
+export { gSSP, gSP, api }

apps/toolkit-app-passportjs/app/core/components/Form.tsx

@@ -0,0 +1,83 @@
+import { useState, ReactNode, PropsWithoutRef } from "react"
+import { FormProvider, useForm, UseFormProps } from "react-hook-form"
+import { zodResolver } from "@hookform/resolvers/zod"
+import { z } from "zod"
+
+export interface FormProps<S extends z.ZodType<any, any>>
+  extends Omit<PropsWithoutRef<JSX.IntrinsicElements["form"]>, "onSubmit"> {
+  /** All your form fields */
+  children?: ReactNode
+  /** Text to display in the submit button */
+  submitText?: string
+  schema?: S
+  onSubmit: (values: z.infer<S>) => Promise<void | OnSubmitResult>
+  initialValues?: UseFormProps<z.infer<S>>["defaultValues"]
+}
+
+interface OnSubmitResult {
+  FORM_ERROR?: string
+  [prop: string]: any
+}
+
+export const FORM_ERROR = "FORM_ERROR"
+
+export function Form<S extends z.ZodType<any, any>>({
+  children,
+  submitText,
+  schema,
+  initialValues,
+  onSubmit,
+  ...props
+}: FormProps<S>) {
+  const ctx = useForm<z.infer<S>>({
+    mode: "onBlur",
+    resolver: schema ? zodResolver(schema) : undefined,
+    defaultValues: initialValues,
+  })
+  const [formError, setFormError] = useState<string | null>(null)
+
+  return (
+    <FormProvider {...ctx}>
+      <form
+        onSubmit={ctx.handleSubmit(async (values) => {
+          const result = (await onSubmit(values)) || {}
+          for (const [key, value] of Object.entries(result)) {
+            if (key === FORM_ERROR) {
+              setFormError(value)
+            } else {
+              ctx.setError(key as any, {
+                type: "submit",
+                message: value,
+              })
+            }
+          }
+        })}
+        className="form"
+        {...props}
+      >
+        {/* Form fields supplied as children are rendered here */}
+        {children}
+
+        {formError && (
+          <div role="alert" style={{ color: "red" }}>
+            {formError}
+          </div>
+        )}
+
+        {submitText && (
+          <button type="submit" disabled={ctx.formState.isSubmitting}>
+            {submitText}
+          </button>
+        )}
+
+        <style global jsx>{`
+          .form > * + * {
+            margin-top: 1rem;
+          }
+        `}</style>
+      </form>
+    </FormProvider>
+  )
+}
+
+export default Form

apps/toolkit-app-passportjs/app/core/components/LabeledTextField.tsx

@@ -0,0 +1,59 @@
+import { forwardRef, PropsWithoutRef, ComponentPropsWithoutRef } from "react"
+import { useFormContext } from "react-hook-form"
+
+export interface LabeledTextFieldProps extends PropsWithoutRef<JSX.IntrinsicElements["input"]> {
+  /** Field name. */
+  name: string
+  /** Field label. */
+  label: string
+  /** Field type. Doesn't include radio buttons and checkboxes */
+  type?: "text" | "password" | "email" | "number"
+  outerProps?: PropsWithoutRef<JSX.IntrinsicElements["div"]>
+  labelProps?: ComponentPropsWithoutRef<"label">
+}
+
+export const LabeledTextField = forwardRef<HTMLInputElement, LabeledTextFieldProps>(
+  ({ label, outerProps, labelProps, name, ...props }, ref) => {
+    const {
+      register,
+      formState: { isSubmitting, errors },
+    } = useFormContext()
+    const error = Array.isArray(errors[name])
+      ? errors[name].join(", ")
+      : errors[name]?.message || errors[name]
+
+    return (
+      <div {...outerProps}>
+        <label {...labelProps}>
+          {label}
+          <input disabled={isSubmitting} {...register(name)} {...props} />
+        </label>
+
+        {error && (
+          <div role="alert" style={{ color: "red" }}>
+            {error}
+          </div>
+        )}
+
+        <style jsx>{`
+          label {
+            display: flex;
+            flex-direction: column;
+            align-items: start;
+            font-size: 1rem;
+          }
+          input {
+            font-size: 1rem;
+            padding: 0.25rem 0.5rem;
+            border-radius: 3px;
+            border: 1px solid purple;
+            appearance: none;
+            margin-top: 0.5rem;
+          }
+        `}</style>
+      </div>
+    )
+  }
+)
+
+export default LabeledTextField

apps/toolkit-app-passportjs/app/core/hooks/useCurrentUser.ts

@@ -0,0 +1,7 @@
+import { useQuery } from "@blitzjs/rpc"
+import getCurrentUser from "app/users/queries/getCurrentUser"
+
+export const useCurrentUser = () => {
+  const [user] = useQuery(getCurrentUser, null)
+  return user
+}

apps/toolkit-app-passportjs/app/core/layouts/Layout.tsx

@@ -0,0 +1,21 @@
+import React from "react"
+import Head from "next/head"
+import { BlitzLayout } from "@blitzjs/next"
+
+const Layout: BlitzLayout<{ title?: string; children?: React.ReactNode }> = ({
+  title,
+  children,
+}) => {
+  return (
+    <>
+      <Head>
+        <title>{title || "__name__"}</title>
+        <link rel="icon" href="/favicon.ico" />
+      </Head>
+
+      {children}
+    </>
+  )
+}
+
+export default Layout

apps/toolkit-app-passportjs/app/users/queries/getCurrentUser.ts

@@ -0,0 +1,13 @@
+import { Ctx } from "blitz"
+import db from "db"
+
+export default async function getCurrentUser(_ = null, { session }: Ctx) {
+  if (!session.userId) return null
+
+  const user = await db.user.findFirst({
+    where: { id: session.userId as number },
+    select: { id: true, name: true, email: true, role: true },
+  })
+
+  return user
+}

apps/toolkit-app-passportjs/db/index.ts

@@ -0,0 +1,8 @@
+import { enhancePrisma } from "blitz"
+import { PrismaClient } from "@prisma/client"
+
+const EnhancedPrisma = enhancePrisma(PrismaClient)
+
+export * from "@prisma/client"
+const db = new EnhancedPrisma()
+export default db

apps/toolkit-app-passportjs/db/migrations/20220427214932_/migration.sql

@@ -0,0 +1,47 @@
+-- CreateTable
+CREATE TABLE "User" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "name" TEXT,
+    "email" TEXT NOT NULL,
+    "hashedPassword" TEXT,
+    "role" TEXT NOT NULL DEFAULT 'USER'
+);
+
+-- CreateTable
+CREATE TABLE "Session" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "expiresAt" DATETIME,
+    "handle" TEXT NOT NULL,
+    "hashedSessionToken" TEXT,
+    "antiCSRFToken" TEXT,
+    "publicData" TEXT,
+    "privateData" TEXT,
+    "userId" INTEGER,
+    CONSTRAINT "Session_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE SET NULL ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "Token" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "hashedToken" TEXT NOT NULL,
+    "type" TEXT NOT NULL,
+    "expiresAt" DATETIME NOT NULL,
+    "sentTo" TEXT NOT NULL,
+    "userId" INTEGER NOT NULL,
+    CONSTRAINT "Token_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Session_handle_key" ON "Session"("handle");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Token_hashedToken_type_key" ON "Token"("hashedToken", "type");

apps/toolkit-app-passportjs/db/migrations/migration_lock.toml

@@ -0,0 +1,3 @@
+# Please do not edit this file manually
+# It should be added in your version-control system (i.e. Git)
+provider = "sqlite"

apps/toolkit-app-passportjs/db/schema.prisma

@@ -0,0 +1,65 @@
+// This is your Prisma schema file,
+// learn more about it in the docs: https://pris.ly/d/prisma-schema
+
+datasource db {
+  provider = "sqlite"
+  url      = "file:./db.sqlite"
+}
+
+generator client {
+  provider = "prisma-client-js"
+}
+
+// --------------------------------------
+
+model User {
+  id             Int      @id @default(autoincrement())
+  createdAt      DateTime @default(now())
+  updatedAt      DateTime @updatedAt
+  name           String?
+  email          String   @unique
+  hashedPassword String?
+  role           String   @default("USER")
+
+  tokens   Token[]
+  sessions Session[]
+}
+
+model Session {
+  id                 Int       @id @default(autoincrement())
+  createdAt          DateTime  @default(now())
+  updatedAt          DateTime  @updatedAt
+  expiresAt          DateTime?
+  handle             String    @unique
+  hashedSessionToken String?
+  antiCSRFToken      String?
+  publicData         String?
+  privateData        String?
+
+  user   User? @relation(fields: [userId], references: [id])
+  userId Int?
+}
+
+model Token {
+  id          Int      @id @default(autoincrement())
+  createdAt   DateTime @default(now())
+  updatedAt   DateTime @updatedAt
+  hashedToken String
+  type        String
+  // See note below about TokenType enum
+  // type        TokenType
+  expiresAt   DateTime
+  sentTo      String
+
+  user   User @relation(fields: [userId], references: [id])
+  userId Int
+
+  @@unique([hashedToken, type])
+}
+
+// NOTE: It's highly recommended to use an enum for the token type
+//       but enums only work in Postgres.
+//       See: https://blitzjs.com/docs/database-overview#switch-to-postgre-sql
+// enum TokenType {
+//   RESET_PASSWORD
+// }

apps/toolkit-app-passportjs/db/seeds.ts

@@ -0,0 +1,21 @@
+import db from "./index"
+
+/*
+ * This seed function is executed when you run `blitz db seed`.
+ *
+ * Probably you want to use a library like https://chancejs.com
+ * to easily generate realistic data.
+ */
+const seed = async () => {
+  await db.$reset()
+
+  for (let i = 0; i < 1; i++) {
+    await db.user.create({
+      data: {
+        email: "test@test.com",
+      },
+    })
+  }
+}
+
+export default seed

apps/toolkit-app-passportjs/jest.config.js

@@ -0,0 +1,11 @@
+const nextJest = require("@blitzjs/next/jest")
+
+const createJestConfig = nextJest({
+  dir: "./",
+})
+
+const customJestConfig = {
+  testEnvironment: "jest-environment-jsdom",
+}
+
+module.exports = createJestConfig(customJestConfig)

apps/toolkit-app-passportjs/jsconfig.json

@@ -0,0 +1,5 @@
+{
+  "compilerOptions": {
+    "baseUrl": "."
+  }
+}

apps/toolkit-app-passportjs/mailers/forgotPasswordMailer.ts

@@ -0,0 +1,45 @@
+/* TODO - You need to add a mailer integration in `integrations/` and import here.
+ *
+ * The integration file can be very simple. Instantiate the email client
+ * and then export it. That way you can import here and anywhere else
+ * and use it straight away.
+ */
+
+type ResetPasswordMailer = {
+  to: string
+  token: string
+}
+
+export function forgotPasswordMailer({ to, token }: ResetPasswordMailer) {
+  // In production, set APP_ORIGIN to your production server origin
+  const origin = process.env.APP_ORIGIN || process.env.BLITZ_DEV_SERVER_ORIGIN
+  const resetUrl = `${origin}/auth/reset-password?token=${token}`
+
+  const msg = {
+    from: "TODO@example.com",
+    to,
+    subject: "Your Password Reset Instructions",
+    html: `
+      <h1>Reset Your Password</h1>
+      <h3>NOTE: You must set up a production email integration in mailers/forgotPasswordMailer.ts</h3>
+
+      <a href="${resetUrl}">
+        Click here to set a new password
+      </a>
+    `,
+  }
+
+  return {
+    async send() {
+      if (process.env.NODE_ENV === "production") {
+        // TODO - send the production email, like this:
+        // await postmark.sendEmail(msg)
+        throw new Error("No production email implementation in mailers/forgotPasswordMailer")
+      } else {
+        // Preview email in the browser
+        const previewEmail = (await import("preview-email")).default
+        await previewEmail(msg)
+      }
+    },
+  }
+}

apps/toolkit-app-passportjs/next-env.d.ts

@@ -0,0 +1,5 @@
+/// <reference types="next" />
+/// <reference types="next/image-types/global" />
+
+// NOTE: This file should not be edited
+// see https://nextjs.org/docs/basic-features/typescript for more information.

apps/toolkit-app-passportjs/next.config.js

@@ -0,0 +1,15 @@
+// @ts-check
+
+const withBundleAnalyzer = require("@next/bundle-analyzer")({
+  enabled: process.env.ANALYZE === "true",
+})
+const { withBlitz } = require("@blitzjs/next")
+
+/**
+ * @type {import('@blitzjs/next').BlitzConfig}
+ **/
+const config = {
+  reactStrictMode: true,
+}
+
+module.exports = withBlitz(withBundleAnalyzer(config))

apps/toolkit-app-passportjs/package.json

@@ -0,0 +1,64 @@
+{
+  "name": "toolkit-app-passport",
+  "version": "1.0.1-alpha.16",
+  "scripts": {
+    "start:dev": "pnpm run prisma:start && blitz dev",
+    "buildapp": "pnpm blitz codegen && pnpm prisma generate && next build",
+    "start": "next start",
+    "lint": "next lint",
+    "prisma:start": "prisma generate && prisma migrate deploy",
+    "prisma:studio": "prisma studio",
+    "test:local": "jest"
+  },
+  "prisma": {
+    "schema": "db/schema.prisma"
+  },
+  "prettier": {
+    "semi": false,
+    "printWidth": 100
+  },
+  "lint-staged": {
+    "*.{js}": [
+      "eslint --fix"
+    ]
+  },
+  "dependencies": {
+    "@blitzjs/auth": "workspace:*",
+    "@blitzjs/config": "workspace:*",
+    "@blitzjs/next": "workspace:*",
+    "@blitzjs/rpc": "workspace:*",
+    "@hookform/resolvers": "2.8.8",
+    "@prisma/client": "4.0.0",
+    "blitz": "workspace:2.0.0-beta.4",
+    "next": "12.2.5",
+    "openid-client": "5.1.8",
+    "prisma": "4.0.0",
+    "react": "18.2.0",
+    "react-dom": "18.2.0",
+    "react-hook-form": "7.29.0",
+    "ts-node": "10.7.0",
+    "zod": "3.17.3"
+  },
+  "devDependencies": {
+    "@next/bundle-analyzer": "12.0.8",
+    "@testing-library/react": "13.0.0",
+    "@testing-library/react-hooks": "7.0.2",
+    "@types/jest": "27.4.1",
+    "@types/node": "17.0.16",
+    "@types/preview-email": "2.0.1",
+    "@types/react": "18.0.17",
+    "@typescript-eslint/eslint-plugin": "5.9.1",
+    "eslint": "7.32.0",
+    "eslint-config-next": "12.2.0",
+    "eslint-config-prettier": "8.5.0",
+    "husky": "7.0.4",
+    "jest": "27.5.1",
+    "lint-staged": "12.1.7",
+    "prettier": "^2.5.1",
+    "prettier-plugin-prisma": "3.8.0",
+    "pretty-quick": "3.1.3",
+    "preview-email": "3.x",
+    "typescript": "^4.5.3"
+  },
+  "private": true
+}

apps/toolkit-app-passportjs/pages/404.tsx

@@ -0,0 +1,20 @@
+import Head from "next/head"
+import { ErrorComponent } from "@blitzjs/next"
+
+// ------------------------------------------------------
+// This page is rendered if a route match is not found
+// ------------------------------------------------------
+export default function Page404() {
+  const statusCode = 404
+  const title = "This page could not be found"
+  return (
+    <>
+      <Head>
+        <title>
+          {statusCode}: {title}
+        </title>
+      </Head>
+      <ErrorComponent statusCode={statusCode} title={title} />
+    </>
+  )
+}

apps/toolkit-app-passportjs/pages/_app.tsx

@@ -0,0 +1,34 @@
+import { ErrorFallbackProps, ErrorComponent, ErrorBoundary, AppProps } from "@blitzjs/next"
+import { AuthenticationError, AuthorizationError } from "blitz"
+import React from "react"
+import { withBlitz } from "app/blitz-client"
+
+function RootErrorFallback({ error }: ErrorFallbackProps) {
+  if (error instanceof AuthenticationError) {
+    return <div>Error: You are not authenticated</div>
+  } else if (error instanceof AuthorizationError) {
+    return (
+      <ErrorComponent
+        statusCode={error.statusCode}
+        title="Sorry, you are not authorized to access this"
+      />
+    )
+  } else {
+    return (
+      <ErrorComponent
+        statusCode={(error as any)?.statusCode || 400}
+        title={error.message || error.name}
+      />
+    )
+  }
+}
+
+function MyApp({ Component, pageProps }: AppProps) {
+  return (
+    <ErrorBoundary FallbackComponent={RootErrorFallback}>
+      <Component {...pageProps} />
+    </ErrorBoundary>
+  )
+}
+
+export default withBlitz(MyApp)

apps/toolkit-app-passportjs/pages/_document.tsx

@@ -0,0 +1,22 @@
+import Document, { Html, Main, NextScript, Head } from "next/document"
+
+class MyDocument extends Document {
+  // Only uncomment if you need to customize this behaviour
+  // static async getInitialProps(ctx: DocumentContext) {
+  //   const initialProps = await Document.getInitialProps(ctx)
+  //   return {...initialProps}
+  // }
+  render() {
+    return (
+      <Html lang="en">
+        <Head />
+        <body>
+          <Main />
+          <NextScript />
+        </body>
+      </Html>
+    )
+  }
+}
+
+export default MyDocument

apps/toolkit-app-passportjs/pages/api/auth/[...auth].ts

@@ -0,0 +1,130 @@
+import { passportAuth } from "@blitzjs/auth"
+import { api } from "app/blitz-server"
+import db, { User } from "db"
+import { Issuer, Strategy as OpenIdStrategy } from "openid-client"
+
+// OAuth Mock Server
+// https://github.com/axa-group/oauth2-mock-server
+
+const issuer = new Issuer({
+  issuer: "http://localhost:8080",
+  authorization_endpoint: "http://localhost:8080/authorize",
+  token_endpoint: "http://localhost:8080/token",
+  userinfo_endpoint: "http://localhost:8080/userinfo",
+  jwks_uri: "http://localhost:8080/jwks",
+})
+
+const client1 = new issuer.Client({
+  client_id: "client_id1",
+  client_secret: "client_secret1",
+  redirect_uris: ["http://localhost:3000/api/auth/mock1/callback"],
+})
+
+const client2 = new issuer.Client({
+  client_id: "client_id2",
+  client_secret: "client_secret2",
+  redirect_uris: ["http://localhost:3000/api/auth/mock2/callback"],
+})
+
+const client3 = new issuer.Client({
+  client_id: "client_id3",
+  client_secret: "client_secret3",
+  redirect_uris: ["http://localhost:3000/api/auth/localhost/callback"],
+})
+
+export default api(
+  passportAuth({
+    successRedirectUrl: "/",
+    errorRedirectUrl: "/",
+    strategies: [
+      {
+        name: "mock1",
+        strategy: new OpenIdStrategy(
+          { client: client1 },
+          // Available callback parameters
+          // https://github.com/panva/node-openid-client/blob/main/docs/README.md#strategy
+          async (_token, profile, done) => {
+            let user: User
+            try {
+              user = await db.user.findFirstOrThrow({ where: { name: { equals: "user1" } } })
+            } catch (e) {
+              user = await db.user.create({
+                data: {
+                  email: "dummy1@email.com",
+                  name: "user1",
+                  role: "USER",
+                },
+              })
+            }
+
+            const publicData = {
+              userId: user.id,
+              roles: [user.role],
+              source: "mock_client1",
+            }
+            done(undefined, { publicData })
+          }
+        ),
+      },
+      {
+        name: "mock2",
+        strategy: new OpenIdStrategy(
+          { client: client2 },
+          // Available callback parameters
+          // https://github.com/panva/node-openid-client/blob/main/docs/README.md#strategy
+          async (_token, profile, done) => {
+            let user: User
+            try {
+              user = await db.user.findFirstOrThrow({ where: { name: { equals: "user2" } } })
+            } catch (e) {
+              user = await db.user.create({
+                data: {
+                  email: "dummy2@email.com",
+                  name: "user2",
+                  role: "USER",
+                },
+              })
+            }
+
+            const publicData = {
+              userId: user.id,
+              roles: [user.role],
+              source: "mock_client2",
+            }
+            done(undefined, { publicData })
+          }
+        ),
+      },
+      {
+        // name is not set, it will use the issuer hostname
+        // which is in this example just `localhost`
+        strategy: new OpenIdStrategy(
+          { client: client3 },
+          // Available callback parameters
+          // https://github.com/panva/node-openid-client/blob/main/docs/README.md#strategy
+          async (_token, profile, done) => {
+            let user: User
+            try {
+              user = await db.user.findFirstOrThrow({ where: { name: { equals: "user3" } } })
+            } catch (e) {
+              user = await db.user.create({
+                data: {
+                  email: "dummy3@email.com",
+                  name: "user3",
+                  role: "USER",
+                },
+              })
+            }
+
+            const publicData = {
+              userId: user.id,
+              roles: [user.role],
+              source: "mock_client3",
+            }
+            done(undefined, { publicData })
+          }
+        ),
+      },
+    ],
+  })
+)

apps/toolkit-app-passportjs/pages/api/rpc/[[...blitz]].ts

@@ -0,0 +1,4 @@
+import { rpcHandler } from "@blitzjs/rpc"
+import { api } from "app/blitz-server"
+
+export default api(rpcHandler({ onError: console.log }))

apps/toolkit-app-passportjs/pages/auth/forgot-password.tsx

@@ -0,0 +1,46 @@
+import Layout from "app/core/layouts/Layout"
+import { LabeledTextField } from "app/core/components/LabeledTextField"
+import { Form, FORM_ERROR } from "app/core/components/Form"
+import { ForgotPassword } from "app/auth/validations"
+import forgotPassword from "app/auth/mutations/forgotPassword"
+import { useMutation } from "@blitzjs/rpc"
+import { BlitzPage } from "@blitzjs/next"
+
+const ForgotPasswordPage: BlitzPage = () => {
+  const [forgotPasswordMutation, { isSuccess }] = useMutation(forgotPassword)
+
+  return (
+    <Layout title="Forgot Your Password?">
+      <h1>Forgot your password?</h1>
+
+      {isSuccess ? (
+        <div>
+          <h2>Request Submitted</h2>
+          <p>
+            If your email is in our system, you will receive instructions to reset your password
+            shortly.
+          </p>
+        </div>
+      ) : (
+        <Form
+          submitText="Send Reset Password Instructions"
+          schema={ForgotPassword}
+          initialValues={{ email: "" }}
+          onSubmit={async (values) => {
+            try {
+              await forgotPasswordMutation(values)
+            } catch (error: any) {
+              return {
+                [FORM_ERROR]: "Sorry, we had an unexpected error. Please try again.",
+              }
+            }
+          }}
+        >
+          <LabeledTextField name="email" label="Email" placeholder="Email" />
+        </Form>
+      )}
+    </Layout>
+  )
+}
+
+export default ForgotPasswordPage

apps/toolkit-app-passportjs/pages/auth/login.tsx

@@ -0,0 +1,28 @@
+import Layout from "app/core/layouts/Layout"
+import { LoginForm } from "app/auth/components/LoginForm"
+import { useRouter } from "next/router"
+import { BlitzPage } from "@blitzjs/next"
+import Link from "next/link"
+
+const LoginPage: BlitzPage = () => {
+  const router = useRouter()
+
+  return (
+    <Layout title="Log In">
+      <LoginForm
+        onSuccess={(_user) => {
+          const next = router.query.next ? decodeURIComponent(router.query.next as string) : "/"
+          return router.push(next)
+        }}
+      />
+
+      <Link href={"/api/auth/mock1"}>Sign in as Mock User 1</Link>
+
+      <Link href={"/api/auth/mock2"}>Sign in as Mock User 2</Link>
+
+      <Link href={"/api/auth/localhost"}>Sign in as Mock User 3</Link>
+    </Layout>
+  )
+}
+
+export default LoginPage

apps/toolkit-app-passportjs/pages/auth/reset-password.tsx

@@ -0,0 +1,66 @@
+import Layout from "app/core/layouts/Layout"
+import { LabeledTextField } from "app/core/components/LabeledTextField"
+import { Form, FORM_ERROR } from "app/core/components/Form"
+import { ResetPassword } from "app/auth/validations"
+import resetPassword from "app/auth/mutations/resetPassword"
+import { BlitzPage, Routes } from "@blitzjs/next"
+import { useRouter } from "next/router"
+import { useMutation } from "@blitzjs/rpc"
+import Link from "next/link"
+
+const ResetPasswordPage: BlitzPage = () => {
+  const router = useRouter()
+  const [resetPasswordMutation, { isSuccess }] = useMutation(resetPassword)
+
+  return (
+    <div>
+      <h1>Set a New Password</h1>
+
+      {isSuccess ? (
+        <div>
+          <h2>Password Reset Successfully</h2>
+          <p>
+            Go to the <Link href={Routes.Home()}>homepage</Link>
+          </p>
+        </div>
+      ) : (
+        <Form
+          submitText="Reset Password"
+          schema={ResetPassword}
+          initialValues={{
+            password: "",
+            passwordConfirmation: "",
+            token: router.query.token as string,
+          }}
+          onSubmit={async (values) => {
+            try {
+              await resetPasswordMutation(values)
+            } catch (error: any) {
+              if (error.name === "ResetPasswordError") {
+                return {
+                  [FORM_ERROR]: error.message,
+                }
+              } else {
+                return {
+                  [FORM_ERROR]: "Sorry, we had an unexpected error. Please try again.",
+                }
+              }
+            }
+          }}
+        >
+          <LabeledTextField name="password" label="New Password" type="password" />
+          <LabeledTextField
+            name="passwordConfirmation"
+            label="Confirm New Password"
+            type="password"
+          />
+        </Form>
+      )}
+    </div>
+  )
+}
+
+ResetPasswordPage.redirectAuthenticatedTo = "/"
+ResetPasswordPage.getLayout = (page) => <Layout title="Reset Your Password">{page}</Layout>
+
+export default ResetPasswordPage

apps/toolkit-app-passportjs/pages/auth/signup.tsx

@@ -0,0 +1,16 @@
+import { useRouter } from "next/router"
+import Layout from "app/core/layouts/Layout"
+import { SignupForm } from "app/auth/components/SignupForm"
+import { BlitzPage, Routes } from "@blitzjs/next"
+
+const SignupPage: BlitzPage = () => {
+  const router = useRouter()
+
+  return (
+    <Layout title="Sign Up">
+      <SignupForm onSuccess={() => router.push(Routes.Home())} />
+    </Layout>
+  )
+}
+
+export default SignupPage

apps/toolkit-app-passportjs/pages/index.tsx

@@ -0,0 +1,274 @@
+import { Suspense } from "react"
+import Image from "next/image"
+import Link from "next/link"
+import Layout from "app/core/layouts/Layout"
+import { useCurrentUser } from "app/core/hooks/useCurrentUser"
+import logout from "app/auth/mutations/logout"
+import logo from "public/logo.png"
+import { useMutation } from "@blitzjs/rpc"
+import { Routes, BlitzPage } from "@blitzjs/next"
+
+/*
+ * This file is just for a pleasant getting started page for your new app.
+ * You can delete everything in here and start from scratch if you like.
+ */
+
+const UserInfo = () => {
+  const currentUser = useCurrentUser()
+  const [logoutMutation] = useMutation(logout)
+
+  if (currentUser) {
+    return (
+      <>
+        <button
+          className="button small"
+          onClick={async () => {
+            await logoutMutation()
+          }}
+        >
+          Logout
+        </button>
+        <div>
+          User id: <code>{currentUser.id}</code>
+          <br />
+          User role: <code>{currentUser.role}</code>
+        </div>
+      </>
+    )
+  } else {
+    return (
+      <>
+        <Link href={Routes.SignupPage()} passHref>
+          <a className="button small">
+            <strong>Sign Up</strong>
+          </a>
+        </Link>
+        <Link href={Routes.LoginPage()} passHref>
+          <a className="button small">
+            <strong>Login</strong>
+          </a>
+        </Link>
+      </>
+    )
+  }
+}
+
+const Home: BlitzPage = () => {
+  return (
+    <Layout title="Home">
+      <div className="container">
+        <main>
+          <div className="logo">
+            <Image src={`${logo.src}`} alt="blitzjs" width="256px" height="118px" layout="fixed" />
+          </div>
+          <p>
+            <strong>Congrats!</strong> Your app is ready, including user sign-up and log-in.
+          </p>
+          <div className="buttons" style={{ marginTop: "1rem", marginBottom: "1rem" }}>
+            <Suspense fallback="Loading...">
+              <UserInfo />
+            </Suspense>
+          </div>
+          <p>
+            <strong>
+              To add a new model to your app, <br />
+              run the following in your terminal:
+            </strong>
+          </p>
+          <pre>
+            <code>blitz generate all project name:string</code>
+          </pre>
+          <div style={{ marginBottom: "1rem" }}>(And select Yes to run prisma migrate)</div>
+          <div>
+            <p>
+              Then <strong>restart the server</strong>
+            </p>
+            <pre>
+              <code>Ctrl + c</code>
+            </pre>
+            <pre>
+              <code>blitz dev</code>
+            </pre>
+            <p>
+              and go to{" "}
+              <Link href="/projects">
+                <a>/projects</a>
+              </Link>
+            </p>
+          </div>
+          <div className="buttons" style={{ marginTop: "5rem" }}>
+            <a
+              className="button"
+              href="https://blitzjs.com/docs/getting-started?utm_source=blitz-new&utm_medium=app-template&utm_campaign=blitz-new"
+              target="_blank"
+              rel="noopener noreferrer"
+            >
+              Documentation
+            </a>
+            <a
+              className="button-outline"
+              href="https://github.com/blitz-js/blitz"
+              target="_blank"
+              rel="noopener noreferrer"
+            >
+              Github Repo
+            </a>
+            <a
+              className="button-outline"
+              href="https://discord.blitzjs.com"
+              target="_blank"
+              rel="noopener noreferrer"
+            >
+              Discord Community
+            </a>
+          </div>
+        </main>
+
+        <footer>
+          <a
+            href="https://blitzjs.com?utm_source=blitz-new&utm_medium=app-template&utm_campaign=blitz-new"
+            target="_blank"
+            rel="noopener noreferrer"
+          >
+            Powered by Blitz.js
+          </a>
+        </footer>
+
+        <style jsx global>{`
+          @import url("https://fonts.googleapis.com/css2?family=Libre+Franklin:wght@300;700&display=swap");
+
+          html,
+          body {
+            padding: 0;
+            margin: 0;
+            font-family: "Libre Franklin", -apple-system, BlinkMacSystemFont, Segoe UI, Roboto,
+              Oxygen, Ubuntu, Cantarell, Fira Sans, Droid Sans, Helvetica Neue, sans-serif;
+          }
+
+          * {
+            -webkit-font-smoothing: antialiased;
+            -moz-osx-font-smoothing: grayscale;
+            box-sizing: border-box;
+          }
+          .container {
+            min-height: 100vh;
+            display: flex;
+            flex-direction: column;
+            justify-content: center;
+            align-items: center;
+          }
+
+          main {
+            padding: 5rem 0;
+            flex: 1;
+            display: flex;
+            flex-direction: column;
+            justify-content: center;
+            align-items: center;
+          }
+
+          main p {
+            font-size: 1.2rem;
+          }
+
+          p {
+            text-align: center;
+          }
+
+          footer {
+            width: 100%;
+            height: 60px;
+            border-top: 1px solid #eaeaea;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+            background-color: #45009d;
+          }
+
+          footer a {
+            display: flex;
+            justify-content: center;
+            align-items: center;
+          }
+
+          footer a {
+            color: #f4f4f4;
+            text-decoration: none;
+          }
+
+          .logo {
+            margin-bottom: 2rem;
+          }
+
+          .logo img {
+            width: 300px;
+          }
+
+          .buttons {
+            display: grid;
+            grid-auto-flow: column;
+            grid-gap: 0.5rem;
+          }
+          .button {
+            font-size: 1rem;
+            background-color: #6700eb;
+            padding: 1rem 2rem;
+            color: #f4f4f4;
+            text-align: center;
+          }
+
+          .button.small {
+            padding: 0.5rem 1rem;
+          }
+
+          .button:hover {
+            background-color: #45009d;
+          }
+
+          .button-outline {
+            border: 2px solid #6700eb;
+            padding: 1rem 2rem;
+            color: #6700eb;
+            text-align: center;
+          }
+
+          .button-outline:hover {
+            border-color: #45009d;
+            color: #45009d;
+          }
+
+          pre {
+            background: #fafafa;
+            border-radius: 5px;
+            padding: 0.75rem;
+            text-align: center;
+          }
+          code {
+            font-size: 0.9rem;
+            font-family: Menlo, Monaco, Lucida Console, Liberation Mono, DejaVu Sans Mono,
+              Bitstream Vera Sans Mono, Courier New, monospace;
+          }
+
+          .grid {
+            display: flex;
+            align-items: center;
+            justify-content: center;
+            flex-wrap: wrap;
+
+            max-width: 800px;
+            margin-top: 3rem;
+          }
+
+          @media (max-width: 600px) {
+            .grid {
+              width: 100%;
+              flex-direction: column;
+            }
+          }
+        `}</style>
+      </div>
+    </Layout>
+  )
+}
+
+export default Home

apps/toolkit-app-passportjs/test/setup.ts

@@ -0,0 +1,4 @@
+// This is the jest 'setupFilesAfterEnv' setup file
+// It's a good place to set globals, add global before/after hooks, etc
+
+export {} // so TS doesn't complain

apps/toolkit-app-passportjs/tsconfig.json

@@ -0,0 +1,24 @@
+{
+  "compilerOptions": {
+    "target": "es5",
+    "lib": ["dom", "dom.iterable", "esnext"],
+    "baseUrl": ".",
+    "allowJs": true,
+    "skipLibCheck": true,
+    "strict": false,
+    "strictNullChecks": true,
+    "forceConsistentCasingInFileNames": true,
+    "noEmit": true,
+    "noUncheckedIndexedAccess": true,
+    "esModuleInterop": true,
+    "module": "esnext",
+    "moduleResolution": "node",
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "jsx": "preserve",
+    "incremental": true,
+    "tsBuildInfoFile": ".tsbuildinfo"
+  },
+  "exclude": ["node_modules", "**/*.e2e.ts", "cypress"],
+  "include": ["blitz-env.d.ts", "**/*.ts", "**/*.tsx", "types"]
+}

apps/toolkit-app-passportjs/types.ts

@@ -0,0 +1,15 @@
+import { SimpleRolesIsAuthorized } from "@blitzjs/auth"
+import { User } from "db"
+
+export type Role = "ADMIN" | "USER"
+
+declare module "@blitzjs/auth" {
+  export interface Session {
+    isAuthorized: SimpleRolesIsAuthorized<Role>
+    PublicData: {
+      userId: User["id"]
+      role: Role
+      views?: number
+    }
+  }
+}

apps/toolkit-app/.vscode/launch.json

@@ -0,0 +1,28 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "Blitz: debug server-side",
+      "type": "node-terminal",
+      "request": "launch",
+      "command": "pnpm start:dev"
+    },
+    {
+      "name": "Blitz: debug client-side",
+      "type": "chrome",
+      "request": "launch",
+      "url": "http://localhost:3000"
+    },
+    {
+      "name": "Blitz: debug full stack",
+      "type": "node-terminal",
+      "request": "launch",
+      "command": "pnpm start:dev",
+      "serverReadyAction": {
+        "pattern": "started server on .+, url: (https?://.+)",
+        "uriFormat": "%s",
+        "action": "debugWithChrome"
+      }
+    }
+  ]
+}

apps/toolkit-app/mailers/forgotPasswordMailer.ts

@@ -13,7 +13,7 @@ type ResetPasswordMailer = {
 export function forgotPasswordMailer({ to, token }: ResetPasswordMailer) {
   // In production, set APP_ORIGIN to your production server origin
   const origin = process.env.APP_ORIGIN || process.env.BLITZ_DEV_SERVER_ORIGIN
-  const resetUrl = `${origin}/reset-password?token=${token}`
+  const resetUrl = `${origin}/auth/reset-password?token=${token}`
 
   const msg = {
     from: "TODO@example.com",

apps/toolkit-app/package.json

@@ -3,7 +3,7 @@
   "version": "1.0.1-alpha.16",
   "scripts": {
     "start:dev": "pnpm run prisma:start && blitz dev",
-    "buildapp": "NODE_ENV=production pnpm blitz codegen && pnpm prisma generate && next build",
+    "buildapp": "pnpm blitz codegen && pnpm prisma generate && next build",
     "start": "next start",
     "lint": "next lint",
     "prisma:start": "prisma generate && prisma migrate deploy",
@@ -29,11 +29,11 @@
     "@blitzjs/rpc": "workspace:*",
     "@hookform/resolvers": "2.8.8",
     "@prisma/client": "4.0.0",
-    "blitz": "workspace:2.0.0-beta.0",
-    "next": "12.2.0",
+    "blitz": "workspace:2.0.0-beta.4",
+    "next": "12.2.5",
     "prisma": "4.0.0",
-    "react": "18.0.0",
-    "react-dom": "18.0.0",
+    "react": "18.2.0",
+    "react-dom": "18.2.0",
     "react-hook-form": "7.29.0",
     "ts-node": "10.7.0",
     "zod": "3.17.3"
@@ -45,7 +45,7 @@
     "@types/jest": "27.4.1",
     "@types/node": "17.0.16",
     "@types/preview-email": "2.0.1",
-    "@types/react": "18.0.1",
+    "@types/react": "18.0.17",
     "@typescript-eslint/eslint-plugin": "5.9.1",
     "eslint": "7.32.0",
     "eslint-config-next": "12.2.0",

apps/toolkit-app/pages/_app.tsx

@@ -24,9 +24,10 @@ function RootErrorFallback({ error }: ErrorFallbackProps) {
 }
 
 function MyApp({ Component, pageProps }: AppProps) {
+  const getLayout = Component.getLayout || ((page) => page)
   return (
     <ErrorBoundary FallbackComponent={RootErrorFallback}>
-      <Component {...pageProps} />
+      {getLayout(<Component {...pageProps} />)}
     </ErrorBoundary>
   )
 }

apps/toolkit-app/pages/auth/forgot-password.tsx

@@ -4,8 +4,9 @@ import { Form, FORM_ERROR } from "app/core/components/Form"
 import { ForgotPassword } from "app/auth/validations"
 import forgotPassword from "app/auth/mutations/forgotPassword"
 import { useMutation } from "@blitzjs/rpc"
+import { BlitzPage } from "@blitzjs/next"
 
-const ForgotPasswordPage = () => {
+const ForgotPasswordPage: BlitzPage = () => {
   const [forgotPasswordMutation, { isSuccess }] = useMutation(forgotPassword)
 
   return (

apps/toolkit-app/pages/auth/login.tsx

@@ -1,8 +1,9 @@
 import Layout from "app/core/layouts/Layout"
 import { LoginForm } from "app/auth/components/LoginForm"
 import { useRouter } from "next/router"
+import { BlitzPage } from "@blitzjs/next"
 
-const LoginPage = () => {
+const LoginPage: BlitzPage = () => {
   const router = useRouter()
 
   return (

apps/toolkit-app/pages/auth/reset-password.tsx

@@ -0,0 +1,66 @@
+import Layout from "app/core/layouts/Layout"
+import { LabeledTextField } from "app/core/components/LabeledTextField"
+import { Form, FORM_ERROR } from "app/core/components/Form"
+import { ResetPassword } from "app/auth/validations"
+import resetPassword from "app/auth/mutations/resetPassword"
+import { BlitzPage, Routes } from "@blitzjs/next"
+import { useRouter } from "next/router"
+import { useMutation } from "@blitzjs/rpc"
+import Link from "next/link"
+
+const ResetPasswordPage: BlitzPage = () => {
+  const router = useRouter()
+  const [resetPasswordMutation, { isSuccess }] = useMutation(resetPassword)
+
+  return (
+    <div>
+      <h1>Set a New Password</h1>
+
+      {isSuccess ? (
+        <div>
+          <h2>Password Reset Successfully</h2>
+          <p>
+            Go to the <Link href={Routes.Home()}>homepage</Link>
+          </p>
+        </div>
+      ) : (
+        <Form
+          submitText="Reset Password"
+          schema={ResetPassword}
+          initialValues={{
+            password: "",
+            passwordConfirmation: "",
+            token: router.query.token as string,
+          }}
+          onSubmit={async (values) => {
+            try {
+              await resetPasswordMutation(values)
+            } catch (error: any) {
+              if (error.name === "ResetPasswordError") {
+                return {
+                  [FORM_ERROR]: error.message,
+                }
+              } else {
+                return {
+                  [FORM_ERROR]: "Sorry, we had an unexpected error. Please try again.",
+                }
+              }
+            }
+          }}
+        >
+          <LabeledTextField name="password" label="New Password" type="password" />
+          <LabeledTextField
+            name="passwordConfirmation"
+            label="Confirm New Password"
+            type="password"
+          />
+        </Form>
+      )}
+    </div>
+  )
+}
+
+ResetPasswordPage.redirectAuthenticatedTo = "/"
+ResetPasswordPage.getLayout = (page) => <Layout title="Reset Your Password">{page}</Layout>
+
+export default ResetPasswordPage

apps/toolkit-app/pages/auth/signup.tsx

@@ -1,9 +1,9 @@
 import { useRouter } from "next/router"
 import Layout from "app/core/layouts/Layout"
 import { SignupForm } from "app/auth/components/SignupForm"
-import { Routes } from "@blitzjs/next"
+import { BlitzPage, Routes } from "@blitzjs/next"
 
-const SignupPage = () => {
+const SignupPage: BlitzPage = () => {
   const router = useRouter()
 
   return (

apps/toolkit-app/tsconfig.json

@@ -20,5 +20,5 @@
     "tsBuildInfoFile": ".tsbuildinfo"
   },
   "exclude": ["node_modules", "**/*.e2e.ts", "cypress"],
-  "include": ["blitz-env.d.ts", "**/*.ts", "**/*.tsx", "types"]
+  "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", "types"]
 }

apps/web/package.json

@@ -4,7 +4,7 @@
   "private": true,
   "scripts": {
     "start:dev": "pnpm run prisma:start && next dev",
-    "buildapp": "NODE_ENV=production pnpm blitz codegen && pnpm prisma generate && next build",
+    "buildapp": "pnpm blitz codegen && pnpm prisma generate && next build",
     "start": "next start",
     "lint": "next lint",
     "clean": "rm -rf .turbo && rm -rf node_modules && rm -rf .next",
@@ -25,17 +25,17 @@
     "@types/passport-twitter": "1.0.37",
     "blitz": "workspace:*",
     "jest": "27.5.1",
-    "next": "12.2.0",
+    "next": "12.2.5",
     "passport-mock-strategy": "2.0.0",
     "passport-twitter": "1.0.4",
     "prisma": "4.0.0",
-    "react": "18.0.0",
-    "react-dom": "18.0.0",
+    "react": "18.2.0",
+    "react-dom": "18.2.0",
     "ts-node": "10.7.0"
   },
   "devDependencies": {
     "@next/bundle-analyzer": "12.0.8",
-    "@types/react": "18.0.1",
+    "@types/react": "18.0.17",
     "eslint": "7.32.0",
     "typescript": "^4.5.3"
   }

integration-tests/auth/package.json

@@ -2,6 +2,9 @@
   "name": "test-auth",
   "version": "0.0.0",
   "private": true,
+  "prisma": {
+    "seed": "ts-node --compiler-options {\"module\":\"CommonJS\"} prisma/seed.ts"
+  },
   "scripts": {
     "start:dev": "pnpm run prisma:start && next dev",
     "test": "pnpm run prisma:start && vitest run",
@@ -9,7 +12,7 @@
     "start": "next start",
     "lint": "next lint",
     "clean": "rm -rf .turbo && rm -rf node_modules && rm -rf .next",
-    "prisma:start": "prisma generate && prisma migrate deploy",
+    "prisma:start": "prisma generate && prisma migrate dev",
     "prisma:studio": "prisma studio"
   },
   "dependencies": {
@@ -19,22 +22,24 @@
     "@prisma/client": "4.0.0",
     "blitz": "workspace:*",
     "lowdb": "3.0.0",
-    "next": "12.2.0",
+    "next": "12.2.5",
     "prisma": "4.0.0",
-    "react": "18.0.0",
-    "react-dom": "18.0.0"
+    "react": "18.2.0",
+    "react-dom": "18.2.0"
   },
   "devDependencies": {
     "@next/bundle-analyzer": "12.0.8",
     "@types/express": "4.17.13",
     "@types/fs-extra": "9.0.13",
+    "@types/node": "18.7.13",
     "@types/node-fetch": "2.6.1",
-    "@types/react": "18.0.1",
+    "@types/react": "18.0.17",
     "b64-lite": "1.4.0",
     "eslint": "7.32.0",
     "fs-extra": "10.0.1",
     "get-port": "6.1.2",
     "node-fetch": "3.2.3",
+    "ts-node": "10.9.1",
     "typescript": "^4.5.3"
   }
 }

integration-tests/auth/prisma/seed.ts

@@ -1,8 +1,8 @@
 import prisma from "./index"
-import {SecurePassword} from "@blitzjs/auth"
+import { SecurePassword } from "@blitzjs/auth"
 
 const seed = async () => {
-  await prisma.$reset()
+  // await prisma.$reset()
 
   const hashedPassword = await SecurePassword.hash("abcd1234")
 
@@ -12,7 +12,11 @@ const seed = async () => {
       hashedPassword,
       role: "user",
     },
-  })
+  }).catch(console.error)
+
+  process.exit(0);
 }
 
+seed()
+
 export default seed

integration-tests/auth/test/index.test.ts

@@ -128,7 +128,7 @@ describe("Auth Tests", () => {
       try {
         appPort = await findPort()
         app = await launchApp(appDir, appPort, {cwd: process.cwd()})
-        await seed()
+        // await seed()
       } catch (error) {
         console.log(error)
       }