Version Packages (#4316)

* Version Packages

* chore: update pnpm lock

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Siddharth Suresh <siddh.suresh@gmail.com>

.changeset/README.md

@@ -0,0 +1,8 @@
+# Changesets
+
+Hello and welcome! This folder has been automatically generated by `@changesets/cli`, a build tool that works
+with multi-package repos, or single-package repos to help you version and publish your code. You can
+find the full documentation for it [in our repository](https://github.com/changesets/changesets)
+
+We have a quick list of common questions to get you started engaging with this project in
+[our documentation](https://github.com/changesets/changesets/blob/main/docs/common-questions.md)

.changeset/config.json

@@ -0,0 +1,11 @@
+{
+  "$schema": "https://unpkg.com/@changesets/config@2.0.0/schema.json",
+  "changelog": "@changesets/cli/changelog",
+  "commit": false,
+  "fixed": [["blitz"], ["@blitzjs/*"]],
+  "linked": [],
+  "access": "restricted",
+  "baseBranch": "main",
+  "updateInternalDependencies": "patch",
+  "ignore": ["web", "test-*", "toolkit-*", "@blitzjs/recipe-*"]
+}

.eslintignore

@@ -0,0 +1,2 @@
+**/package.json
+*.d.ts

.eslintrc.js

@@ -1,65 +0,0 @@
-module.exports = {
-  parser: "@typescript-eslint/parser",
-  parserOptions: {
-    ecmaVersion: 6,
-    sourceType: "module",
-    ecmaFeatures: {
-      jsx: true,
-    },
-    project: `./tsconfig.json`,
-  },
-  plugins: ["@typescript-eslint", "import", "unicorn", "simple-import-sort"],
-  extends: ["react-app"],
-  rules: {
-    "react/react-in-jsx-scope": "off", // React is always in scope with Blitz
-    "jsx-a11y/anchor-is-valid": "off", //Doesn't play well with Blitz/Next <Link> usage
-    "import/first": "off",
-    "import/no-default-export": "error",
-    "require-await": "error",
-    "no-async-promise-executor": "error",
-    "unicorn/filename-case": [
-      "error",
-      {
-        case: "kebabCase",
-      },
-    ],
-    "@typescript-eslint/no-floating-promises": "error",
-    // note you must disable the base rule as it can report incorrect errors
-    "no-use-before-define": "off",
-    "@typescript-eslint/no-use-before-define": ["error"],
-    // note you must disable the base rule as it can report incorrect errors
-    "no-redeclare": "off",
-    "@typescript-eslint/no-redeclare": ["error"],
-    "simple-import-sort/imports": [
-      "warn",
-      {
-        groups: [
-          [
-            // Side effect imports.
-            "^\\u0000",
-            // Packages.
-            // Things that start with a letter (or digit or underscore), or `@` followed by a letter.
-            "^@?\\w",
-            // Absolute imports and other imports such as Vue-style `@/foo`.
-            // Anything that does not start with a dot.
-            "^[^.]",
-            // Relative imports.
-            // Anything that starts with a dot.
-            "^\\.",
-          ],
-        ],
-      },
-    ],
-  },
-  ignorePatterns: ["packages/cli/", "packages/generator/templates", ".eslintrc.js"],
-  overrides: [
-    {
-      files: ["examples/**", "packages/gui/**", "recipes/**"],
-      rules: {
-        "import/no-default-export": "off",
-        "unicorn/filename-case": "off",
-        "@typescript-eslint/no-floating-promises": "off",
-      },
-    },
-  ],
-}

.github/CODEOWNERS

@@ -2,7 +2,4 @@
 
 * @flybayer
 
-packages/cli/**/* @aem, @flybayer
-packages/generator/**/* @aem @flybayer
-packages/generator/templates**/* @flybayer
-packages/installer/**/* @aem @flybayer
+# packages/generator/templates**/* @flybayer

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,23 +0,0 @@
----
-name: Bug report
-about: Something is not working right. Or error messages are unclear.
-title: ''
-labels: ''
-assignees: ''
----
-
-### What is the problem?
-
-### Steps to Reproduce
-
-1.
-
-### Versions
-
-```
-output of `blitz --version --verbose`
-```
-
-### Other
-
-Please include applicable logs and screenshots that show your problem.

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,48 @@
+name: Bug Report
+description: Something is not working right. Or error messages are unclear.
+labels: "kind/bug, status/triage"
+body:
+  - type: markdown
+    attributes:
+      value: Thanks for taking the time to file a bug report! Please fill out this form as completely as possible.
+  - type: textarea
+    attributes:
+      label: What is the problem?
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: "Paste all your error logs here:"
+      value: |
+        ```
+        PASTE_HERE (leave the ``` marks)
+        ```
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: "Paste all relevant code snippets here:"
+      value: |
+        ```
+        PASTE_HERE (leave the ``` marks)
+        ```
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: What are detailed steps to reproduce this?
+      value: "1."
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: "Run `blitz -v` and paste the output here:"
+      value: |
+        ```
+        PASTE_HERE (leave the ``` marks)
+        ```
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: "Please include below any other applicable logs and screenshots that show your problem:"

.github/ISSUE_TEMPLATE/config.yml

@@ -1,5 +1,8 @@
 blank_issues_enabled: false
 contact_links:
-  - name: Question or Discussion
+  - name: Prisma issue?
+    url: https://github.com/prisma/prisma/issues?q=is%3Aissue+is%3Aopen+sort%3Aupdated-desc
+    about: All Prisma issues should be opened in the Prisma Github
+  - name: Question, Discussion, Idea?
     url: https://github.com/blitz-js/blitz/discussions/new
     about: Ask questions and discuss with other community members

.github/ISSUE_TEMPLATE/feature_request.md

@@ -2,7 +2,7 @@
 name: Feature/change request
 about: Something new or better!
 title: ""
-labels: ""
+labels: "status/triage"
 assignees: ""
 ---
 

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,10 +1,26 @@
-Closes: ??
+<!--
+Thanks for opening a PR! Your contribution is much appreciated.
+To make sure your PR is handled as smoothly as possible please:
+ - Link issue via "Closes #[issue_number]
+ - Choose & follow the right checklist for the change that you're making:
+
+Please make sure to add a changeset. Run `pnpm changeset` in the root directory to do so.
+Then select updated Blitz packages when prompted, and add a short message describing the changes. 
+The message should be user-facing — explain **what** was changed, not **how**.
+Ignore if there are no user-facing changes.
+-->
+
+Closes: ?
 
 ### What are the changes and their implications?
 
-### Checklist
+## Bug Checklist
 
-- [ ] Tests added for changes
-- [ ] PR submitted to [blitzjs.com](https://github.com/blitz-js/blitzjs.com) for any user facing changes
+- [ ] Changeset added (run `pnpm changeset` in the root directory)
+- [ ] Integration test added (see [test docs](https://blitzjs.com/docs/contributing#running-tests) if needed)
 
-<!-- IMPORTANT: Make sure to check the "Allow edits from maintainers" box below this window -->
+## Feature Checklist
+
+- [ ] Changeset added (run `pnpm changeset` in the root directory)
+- [ ] Integration test added (see [test docs](https://blitzjs.com/docs/contributing#running-tests) if needed)
+- [ ] Documentation added/updated (submit PR to [blitzjs.com repo `main` branch](https://github.com/blitz-js/blitzjs.com))

.github/checkInstallTime.js

@@ -1,18 +0,0 @@
-#!/usr/bin/env node
-
-const fs = require("fs")
-const yarnOut = fs.readFileSync(0, {encoding: "utf8"})
-
-const [installTimeString] = /(?<=^Done in )\d+\.\d+(?=s\.$)/m.exec(yarnOut)
-const installTime = Number(installTimeString)
-
-console.log(`Install time: ${installTime}s`)
-
-if (installTime < 30) {
-  console.log("We're below 30 secs. That's awesome!")
-} else if (installTime < 50) {
-  console.log("We're below 50 secs. That's fine!")
-} else {
-  console.log("We're above 50 secs. That's not great!")
-  process.exit(1)
-}

.github/workflows/changeset_check.yml

@@ -0,0 +1,26 @@
+name: Changeset
+
+on:
+  pull_request:
+    types: [opened, synchronize, labeled, unlabeled]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  changeset:
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-changeset') && github.event.pull_request.merged == false }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Setup node
+        uses: actions/setup-node@v2
+        with:
+          node-version: 16
+      - name: Check if changeset is added
+        run: |
+          npx @changesets/cli@2.12.0 status --since=origin/${GITHUB_BASE_REF}

.github/workflows/compressed.yml

@@ -1,26 +0,0 @@
-name: CI
-
-on:
-  pull_request:
-    branches: [master, canary]
-
-jobs:
-  build:
-    name: Compressed Size
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v2
-      - name: Use Node and Yarn
-        uses: actions/setup-node@v2
-        with:
-          node-version: "14"
-      - name: Install dependencies
-        run: |
-          yarn && yarn build
-        env:
-          CI: true
-      - name: Count size
-        uses: preactjs/compressed-size-action@v2
-        with:
-          repo-token: "${{ secrets.GITHUB_TOKEN }}"

.github/workflows/main.yml

@@ -1,14 +1,15 @@
 name: CI
 
 on:
-  push:
-    branches:
-      - master
-      - canary
   pull_request:
-    branches:
-      - master
-      - canary
+    types: [opened, synchronize]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
 
 jobs:
   lint:
@@ -16,115 +17,146 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-      - name: Use Node.js
+      - uses: pnpm/action-setup@v2.2.4
+        with:
+          version: 8.6.5
+      - name: Setup node
         uses: actions/setup-node@v2
         with:
-          node-version: "14"
-      - name: Get yarn cache directory path
-        id: yarn-cache-dir-path
-        run: echo "::set-output name=dir::$(yarn cache dir)"
-      - name: Cache node_modules
-        id: yarn-cache
-        uses: actions/cache@v2
-        with:
-          path: |
-            ${{ steps.yarn-cache-dir-path.outputs.dir }}
-            **/node_modules
-            /home/runner/.cache/Cypress
-            C:\Users\runneradmin\AppData\Local\Cypress\Cache
-          key: ${{ runner.os }}-${{ runner.node_version}}-yarn-v4-${{ hashFiles('yarn.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-${{ runner.node_version}}-yarn-v4-
+          node-version: 18
+          cache: "pnpm"
       - name: Install dependencies
-        run: yarn install --frozen-lockfile --silent
-        env:
-          CI: true
-      - name: yarn lint
-        run: yarn lint
-        env:
-          CI: true
-  build_and_test_pkgs:
-    name: Packages Tests
-    strategy:
-      matrix:
-        os: [ubuntu-latest, windows-latest]
-        node_version: [12, 14]
-    runs-on: ${{ matrix.os }}
+        run: pnpm install  --frozen-lockfile
+      - run: pnpm manypkg check
+      - name: Build
+        run: pnpm build
+      - name: Lint
+        run: pnpm lint
+
+  build:
+    runs-on: ubuntu-latest
+    name: Build
     steps:
       - uses: actions/checkout@v2
-      - name: Use Node.js
+      - uses: pnpm/action-setup@v2.2.4
+        with:
+          version: 8.6.5
+      - name: Setup node
         uses: actions/setup-node@v2
         with:
-          node-version: ${{ matrix.node_version }}
-      - name: Get yarn cache directory path
-        id: yarn-cache-dir-path
-        run: echo "::set-output name=dir::$(yarn cache dir)"
-      - name: Cache node_modules
-        id: yarn-cache
-        uses: actions/cache@v2
-        with:
-          path: |
-            ${{ steps.yarn-cache-dir-path.outputs.dir }}
-            /home/runner/.cache/Cypress
-            C:\Users\runneradmin\AppData\Local\Cypress\Cache
-          key: ${{ runner.os }}-${{ runner.node_version}}-yarn-v4-${{ hashFiles('yarn.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-${{ runner.node_version}}-yarn-v4-
-      - name: Install dependencies
-        run: yarn install --frozen-lockfile --silent
-        env:
-          CI: true
-      - name: Setup kernel to increase watchers
-        if: matrix.os == 'ubuntu-latest'
-        run: echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && sudo sysctl -p
-      - name: Build packages
-        run: yarn build
-        env:
-          CI: true
-      - name: Test Blitz Packages
-        run: yarn testonly:packages
-        env:
-          CI: true
-  build_and_test_examples:
-    timeout-minutes: 30
-    name: Example Apps Tests
+          node-version: 18
+          cache: "pnpm"
+      - run: pnpm install --frozen-lockfile
+      - name: Build
+        run: pnpm build
+      - name: Build Apps
+        run: pnpm build:apps
+
+  Unit-Tests:
+    name: "Unit Test: ${{ matrix.os }} (node@16)"
+    runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [ubuntu-latest, windows-latest]
-        node_version: [12, 14]
-    runs-on: ${{ matrix.os }}
+        os:
+          - ubuntu-latest
+          - windows-latest
+      fail-fast: false
+    env:
+      NODE_VERSION: 18
     steps:
-      - uses: actions/checkout@v2
-      - name: Use Node.js
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup PNPM
+        uses: pnpm/action-setup@v2.2.4
+        with:
+          version: 8.6.5
+
+      - name: Setup node@16
         uses: actions/setup-node@v2
         with:
-          node-version: ${{ matrix.node_version }}
-      - name: Get yarn cache directory path
-        id: yarn-cache-dir-path
-        run: echo "::set-output name=dir::$(yarn cache dir)"
-      - name: Cache node_modules
-        id: yarn-cache
-        uses: actions/cache@v2
-        with:
-          path: |
-            ${{ steps.yarn-cache-dir-path.outputs.dir }}
-            /home/runner/.cache/Cypress
-            C:\Users\runneradmin\AppData\Local\Cypress\Cache
-          key: ${{ runner.os }}-${{ runner.node_version}}-yarn-v4-${{ hashFiles('yarn.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-${{ runner.node_version}}-yarn-v4-
+          node-version: 18
+          cache: "pnpm"
+
       - name: Install dependencies
-        run: yarn install --frozen-lockfile --silent
-        env:
-          CI: true
-      - name: Setup kernel to increase watchers
-        if: matrix.os == 'ubuntu-latest'
-        run: echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && sudo sysctl -p
-      - name: Build packages
-        run: yarn build
-        env:
-          CI: true
-      - name: Test examples
-        run: yarn testonly:examples
-        env:
-          CI: true
+        run: pnpm install --frozen-lockfile
+        shell: bash
+
+      - name: Build
+        run: pnpm build
+        shell: bash
+
+      - name: Test Packages
+        run: pnpm test -- --filter=./packages/*
+        shell: bash
+
+      - name: Test Apps
+        run: pnpm test -- --filter=./apps/*
+        shell: bash
+
+  find-integration-tests:
+    name: "Find Integration Tests"
+    runs-on: ubuntu-latest
+    outputs:
+      folders: ${{ steps.set-matrix.outputs.folders }}
+    steps:
+      - uses: actions/checkout@v2
+      - id: set-matrix
+        name: "Find all folders"
+        shell: bash
+        run: |
+          cd ./integration-tests
+          tree -J -d -L 1 | jq -c  '.[0].contents | map(.name | tostring) | map(select(. != "utils"))'
+          folders=$(tree -J -d -L 1 | jq -c  '.[0].contents | map(.name | tostring) | map(select(. != "utils"))')
+          echo "folders=$folders" >> $GITHUB_OUTPUT
+
+  Integration-Tests:
+    name: "Integration Test: ${{matrix.folder}} @ ${{ matrix.os }}"
+    needs: [find-integration-tests]
+    strategy:
+      matrix:
+        folder: ${{fromJSON(needs.find-integration-tests.outputs.folders)}}
+        os:
+          - ubuntu-latest
+          - windows-latest
+      fail-fast: false
+    runs-on: ${{ matrix.os }}
+    steps:
+      - run: echo ${{matrix.folder}}
+      - name: Checkout
+        if: matrix.folder != 'next-13-app-dir' || matrix.os != 'windows-latest'
+        uses: actions/checkout@v3
+
+      - name: Setup PNPM
+        if: matrix.folder != 'next-13-app-dir' || matrix.os != 'windows-latest'
+        uses: pnpm/action-setup@v2.2.4
+        with:
+          version: 8.6.5
+
+      - name: Setup node@18
+        if: matrix.folder != 'next-13-app-dir' || matrix.os != 'windows-latest'
+        uses: actions/setup-node@v2
+        with:
+          node-version: 18
+          cache: "pnpm"
+
+      - name: Install dependencies
+        if: matrix.folder != 'next-13-app-dir' || matrix.os != 'windows-latest'
+        run: pnpm install --frozen-lockfile
+        shell: bash
+
+      - name: Install playwright
+        if: matrix.folder != 'next-13-app-dir' || matrix.os != 'windows-latest'
+        run: |
+          pnpx playwright@1.28.0 install --with-deps
+        shell: bash
+
+      - name: Build
+        if: matrix.folder != 'next-13-app-dir' || matrix.os != 'windows-latest'
+        run: pnpm build
+        shell: bash
+
+      - name: Test Packages
+        if: matrix.folder != 'next-13-app-dir' || matrix.os != 'windows-latest'
+        run: pnpm test -- --filter=./integration-tests/${{matrix.folder}}
+        shell: bash

.github/workflows/pr-release.yml

@@ -0,0 +1,100 @@
+# https://github.com/withastro/astro/blob/main/.github/workflows/snapshot-release.yml
+
+name: Create a Snapshot Release
+
+on:
+  issue_comment:
+    types: [created]
+
+defaults:
+  run:
+    shell: bash
+jobs:
+  snapshot-release:
+    name: Create a snapshot release of a pull request
+    if: ${{ github.repository_owner == 'blitz-js' && github.event.issue.pull_request && startsWith(github.event.comment.body, '!preview') }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Check if user has admin access (only admins can publish snapshot releases)."
+        uses: "lannonbr/repo-permission-check-action@2.0.0"
+        with:
+          permission: "admin"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: resolve pr refs
+        id: refs
+        uses: eficode/resolve-pr-refs@main
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ steps.refs.outputs.head_ref }}
+
+      - name: Setup PNPM
+        uses: pnpm/action-setup@v2.2.1
+
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+          registry-url: "https://registry.npmjs.org"
+          cache: "pnpm"
+
+      - name: Short SHA
+        id: vars
+        run: echo "sha_short=$(git rev-parse --short "$GITHUB_SHA")" >> $GITHUB_OUTPUT
+
+      - name: Extract the snapshot name from comment body
+        id: getSnapshotName
+        uses: actions/github-script@v6
+        with:
+          script: |
+            const splitComment = context.payload.comment.body.split(' ');
+            if(splitComment.length !== 2) {
+              return "${{ steps.vars.outputs.sha_short }}";
+            }
+            return splitComment[1].trim();
+          result-encoding: string
+
+      - name: Install dependencies
+        run: pnpm install
+        env:
+          PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
+
+      - name: Build Packages
+        run: pnpm run build
+
+      - name: Bump Package Versions
+        id: changesets
+        run: |
+          pnpm changeset version --snapshot ${{ steps.getSnapshotName.outputs.result }} > changesets.output.txt 2>&1
+          echo ::set-output name=result::`cat changesets.output.txt`
+        env:
+          # Needs access to run the script
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Publish Release
+        id: publish
+        run: |
+          pnpm run release --tag next--${{ steps.getSnapshotName.outputs.result }} > publish.output.txt 2>&1
+          echo ::set-output name=result::`cat publish.output.txt`
+        env:
+          # Needs access to publish to npm
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      - name: Pull Request Notification
+        uses: actions/github-script@v6
+        env:
+          MESSAGE: ${{ steps.publish.outputs.result }}
+        with:
+          script: |
+            console.log(process.env.MESSAGE);
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: `Snapshot Release ${{steps.getSnapshotName.outputs.result}}`
+            })

.github/workflows/release.yml

@@ -0,0 +1,51 @@
+name: Release
+
+on:
+  push:
+    branches:
+      - main
+
+concurrency: ${{ github.workflow }}-${{ github.ref }}
+
+permissions:
+  contents: read
+
+jobs:
+  release:
+    name: Release
+    permissions:
+      contents: write
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js 20.x
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20.x
+
+      - name: Creating .npmrc
+        run: |
+          cat << EOF > "$HOME/.npmrc"
+            //registry.npmjs.org/:_authToken=$NPM_TOKEN
+          EOF
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      - name: Pre-publish
+        uses: pnpm/action-setup@646cdf48217256a3d0b80361c5a50727664284f2
+        with:
+          version: 8.9.0
+      - run: pnpm install
+      - run: pnpm build
+
+      - name: Create Release Pull Request
+        uses: blitz-js/changesets-action@main
+        with:
+          publish: pnpm release
+          createGithubReleases: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

.gitignore

@@ -1,7 +1,41 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+node_modules
+.pnp
+.pnp.js
+
+# testing
+coverage
+
+.next/
+out/
+build
+dist
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+.pnpm-debug.log*
+
+# local env files
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+# turbo
+.turbo
+
 .log
 .DS_Store
+.idea
 .jest-*
-lib
 node_modules
 reports
 *.log
@@ -14,13 +48,23 @@ tsconfig.tsbuildinfo
 .next
 dist
 .now
+
 # local env files
 **/.env.local
 **/.env.*.local
 **/.envrc
 .blitz-*
 .blitz-cli-cache
-.vscode
 .tsbuildinfo
 .nvmrc
 **/.test*
+examples/auth2
+.idea
+.ultra.cache.json
+db.sqlite-journal
+**/db/db.sqlite
+test/integration/**/db.json
+test/**/*/out
+test/**/next-env.d.ts
+examples/**/next-env.d.ts
+.blitz**

.husky/.gitignore

@@ -0,0 +1 @@
+_

.husky/pre-commit

@@ -0,0 +1,6 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+pnpm manypkg check
+# pnpm lint
+pnpm pretty-quick --staged

.node-version

@@ -1 +1 @@
-12.20.0
+16.13.2

.npmignore

@@ -1,16 +0,0 @@
-.DS_Store
-.prettierrc
-.nyc_output
-.travis.yml
-coverage
-coverage.lcov
-bench
-docs
-src
-examples
-babel.config.js
-test
-CONTRIBUTING.md
-CODE_OF_CONDUCT.md
-*.ts
-!*.d.ts

.npmrc

@@ -1 +1,10 @@
 save-exact=true
+dedupe-peer-dependents=true
+strict-peer-dependencies=false
+
+public-hoist-pattern[]=secure-password
+public-hoist-pattern[]=*types*
+public-hoist-pattern[]=*eslint*
+public-hoist-pattern[]=@prettier/plugin-*
+public-hoist-pattern[]=*prettier-plugin-*
+

.prettierignore

@@ -4,7 +4,7 @@
 .log
 .DS_Store
 .jest-*
-lib
+packages/cli/lib
 node_modules
 reports
 *.log
@@ -16,6 +16,5 @@ reports
 tsconfig.tsbuildinfo
 dist
 bin
-!packages/blitz/src/bin
-packages/generator/templates/**
 .github/ISSUE_TEMPLATE/bug_report.md
+packages/generator/templates/**

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+  "typescript.tsdk": "node_modules/typescript/lib"
+}

CONTRIBUTING.md

@@ -1,3 +1,19 @@
 # Contributing
 
 [Read the Contributing Guide at Blitzjs.com](https://blitzjs.com/docs/contributing)
+
+## To run tests
+
+Make sure you have `chromedriver` installed for your Chrome version. You can install it with
+
+- `brew install --cask chromedriver` on Mac OS X
+- `chocolatey install chromedriver` on Windows
+- Or manually download the version that matches your installed chrome version (if there's no match, download a version under it, but not above) from the [chromedriver repo](https://chromedriver.storage.googleapis.com/index.html) and add the binary to `<next-repo>/node_modules/.bin`
+
+You may also have to [install Rust](https://www.rust-lang.org/tools/install) and build our native packages to see all tests pass locally. We check in binaries for the most common targets and those required for CI so that most people don't have to, but if you do not see a binary for your target in `packages/next/native`, you can build it by running `yarn --cwd packages/next build-native`. If you are working on the Rust code and you need to build the binaries for ci, you can manually trigger [the workflow](https://github.com/vercel/next.js/actions/workflows/build_native.yml) to build and commit with the "Run workflow" button.
+
+Running all tests:
+
+```sh
+pnpm test
+```

CONTRIBUTOR_STATS.md

@@ -0,0 +1,3 @@
+# Contributor over time
+
+[![Contributor over time](https://contributor-graph-api.apiseven.com/contributors-svg?chart=contributorOverTime&repo=blitz-js/blitz)](https://www.apiseven.com/en/contributor-graph?chart=contributorOverTime&repo=blitz-js/blitz)

GOVERNANCE.md

@@ -1,11 +0,0 @@
-# Blitz.js Governance
-
-_From Brandon Bayer (@flybayer), the creator:_
-
-Currently at this very early stage it's basically a [BDFL situation](https://opensource.guide/leadership-and-governance/#what-are-some-of-the-common-governance-structures-for-open-source-projects), with me having the final say in decisions.
-
-However we will move away from BDFL to something that looks more like Ember.js. It's extremely important to me (Brandon) that Blitz.js is a long-term, sustainable, and community-run project.
-
-I would love some mentorship from people with experience in large open-source projects on making this transition.
-
-Also, it's possible I will create one or more business around Blitz, perhaps similar to how Taylor Otwell has around Laravel, but Blitz itself will always remain a separate community-run project.

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2020 Brandon Bayer
+Copyright (c) 2022 Blitz Revolution Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

MAINTAINERS.md

@@ -1 +0,0 @@
-This document has moved here: https://blitzjs.com/docs/maintainers

MANIFESTO.md

@@ -1,3 +0,0 @@
-# Manifesto
-
-[The Manifesto has been moved to Blitzjs.com](https://blitzjs.com/docs/manifesto)

MEETING_NOTES.md

@@ -1,124 +0,0 @@
-# 2020-08-17 Blitz Contributor Call
-
-- Attending: Brandon Bayer, Adam Markon, Kellen Mace, Myron Davis, Dwight Watson
-- Brandon:
-  - Auth out, set up by default in canary release
-  - Need to work on a potential CSRF bug
-  - Next major release will include auth by default and allow you to choose your form library
-  - Next auth features are email confirmation
-  - After that, logging and plugins are next
-- Adam:
-  - Overhauled the recipe infrastructure. Now using jscodeshift instead of recast
-  - Added support for conditional JSX in templates
-  - Going to work on custom templates next
-- Dwight
-  - Has been opening issues for problems
-  - Made a few PRs for some issues
-
-# 2020-07-07 Blitz Contributor Call
-
-- Attending: Brandon Bayer, Robert Rosenburg, Jeremy Liberman
-- Brandon:
-  - Finishing up session managment code
-  - Waiting for review of session managment code from Rishabh
-  - Will be working on actual auth code (vs session management) like password hashing, password reset, social login, etc.
-  - Benefits of our session managment vs rails
-    - Don’t have to redirect to login page
-    - Using top level error component that catches authentication errors
-    - You can login from anywhere, during sign up
-- Robert:
-  - Waiting on Kirstina’s website designs. Desktop design is finished, but she's working on mobile design
-  - Code snippet / sandbox of blitz code for the website
-
-# 2020-06-23 Blitz Contributor Call
-
-- Attending: Brandon Bayer, Robert Rosenberg, Justin Hall, Adam Markon
-- Brandon:
-  - Server side session management code is mostly set up. Still need to integrate client side of RPC calls to expose session information
-  - Identity verification/Oauth integrations still need to be firmed up
-  - Once auth is wrapped up we should be ready to start on plugins
-- Adam:
-  - Been experimenting with smart page generation based on the current schema model
-  - MDX installer recipes
-- Robert:
-  - Waiting on designs from Kristina
-  - Prism component from theme ui customization? If not try and grab source code from docusaurus line highlighting component
-- Justin:
-  - Updated the tutorial
-  - Helped with various bug fixes
-
-# 2020-06-17 Blitz Contributor Call
-
-- Attending: Brandon Bayer, Fran Zekan, Sigurd Wahl
-- Brandon:
-  - Spent the past week implementing HTTP middlware which is now released!
-  - Now working on implementing session management!
-- Fran:
-  - Finishing up the PR for adding `blitz db seed`
-- Sigurd:
-  - New to the community, slowly learning the codebase
-  - Exicited to get a first PR in here sometime soon :)
-
-# 2020-06-09 Blitz Contributor Call
-
-- Attending: Brandon Bayer, Rudi Yardley, Fran Zekan, Adam Markon, Robert Rosenberg, Kristina Matuska
-- Brandon:
-  - blitzjs.com published, docs + marketing site v0.1 live
-  - For now most of the docs copied from react-query and Next, we should eventually clean them up so they're stylistically similar to ours, but really easy to start
-  - HTTP middleware is almost done, just fixing a few edge cases
-  - Authentication is up next after that, translating pseudocode into actual code
-- Kristina:
-  - Homepage design mostly wrapped up right now, have to finish up mobile and light mode and then ready to move on to the rest of the docs
-  - Syntax highlighting, we can customize colors
-  - Sidebar inspiration from tailwindcss
-- Robert:
-  - Decided to wait to convert existing components to theme UI until the final design is done
-  - More docs content:
-    - More guides
-    - Improve the tutorial to incorporate relationship generation
-  - Add branches for canary and master
-    - If you add a feature you can add your documentation to the canary branch
-- Adam:
-  - blitz generate model finished!
-  - Installer rewrite complete
-    - At similar place to what Gatsby has for installing stuff
-  - Next up:
-    - Support gatsby MDX recipes
-    - Make all code generators aware of actual model attributes
-- Fran:
-  - Working on a package for getting the blitz config anywhere - getConfig()
-  - Prevent app from "warming" the server when deployed as server rather than serverless
-  - Testing examples - e2e with cypress and unit tests with Jest so we can link to a testing setup in the docs/getting started guide
-- Rudi:
-  - Extracted out the @blitzjs/file-pipeline (previously synchronizer)
-  - Extracted out the @blitzjs/display package
-  - Working on various Next.js compatibility issues
-  - Debugging a bug in blitz start where it gets stuck at \_manifest.json
-
-# 2020-05-26 Blitz Contributor Call
-
-- Attending: Brandon Bayer, Robert Rosenberg, Adam Markon, Simon Debbarma
-- Brandon:
-  - Kitze livestream last week went great — recording on youtube
-  - Codebase walkthrough yesterday went great — recording on youtube
-  - Website overhaul, installed Theme UI
-- Adam:
-  - Opened PR for Prisma model generation from the CLI
-  - Working on Installer stuff and prepping for integration with Gatsby recipes
-- Simon
-  - Working on custom illustrations for the web
-- Robert
-  - Misc work on website
-- Website
-  - Most website components are owned by us now instead of docusaurus, we'll need to be weary of api updates and any other important component updates
-  - Make sidebar like tailwind docs sidebar
-  - Dark theme needs to be fixed
-  - Theme switcher inconsistent
-  - Live code sandbox examples
-  - Code comparison between blitz and rails
-- Auth
-  - Rishabh continuing to work on pseudo code for the session management library
-  - Brandon planning to build http middleware support this week
-- CLI
-  - Adam working on new features, including generating prisma models and making existing templates aware of actual model attributes
-  - Plugin ideas / discussion once recipes are farther along. Will post an RFC for plugins at some point

SECURITY.md

@@ -0,0 +1,9 @@
+# Security Policy
+
+## Supported Versions
+
+TODO
+
+## Reporting a Vulnerability
+
+Email Brandon Bayer at b@bayer.ws to report a vulnerablity, and he will follow up with you asap.

__mocks__/fs.js

@@ -1,3 +0,0 @@
-const {fs} = require("memfs")
-
-module.exports = fs

apps/next13/.env

@@ -0,0 +1,7 @@
+# Environment variables declared in this file are automatically made available to Prisma.
+# See the documentation for more detail: https://pris.ly/d/prisma-schema#accessing-environment-variables-from-the-schema
+
+# Prisma supports the native connection string format for PostgreSQL, MySQL, SQLite, SQL Server, MongoDB and CockroachDB.
+# See the documentation for all the connection string options: https://pris.ly/d/connection-strings
+
+DATABASE_URL="file:./dev.db"

apps/next13/.eslintrc.json

@@ -0,0 +1,3 @@
+{
+  "extends": "next/core-web-vitals"
+}

apps/next13/.gitignore

@@ -7,33 +7,32 @@
 
 # testing
 /coverage
-cypress/videos
-cypress/screenshots
 
 # next.js
 /.next/
 /out/
-/.blitz/
-*.sqlite
-.generated-prisma-client
-.blitz-console-history
 
 # production
 /build
-.now
 
 # misc
 .DS_Store
+*.pem
 
 # debug
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
+.pnpm-debug.log*
 
 # local env files
-.envrc
-.env
-.env.local
-.env.development.local
-.env.test.local
-.env.production.local
+.env*.local
+
+# vercel
+.vercel
+
+# typescript
+*.tsbuildinfo
+next-env.d.ts
+
+.vscode

apps/next13/CHANGELOG.md

@@ -0,0 +1,536 @@
+# next-blitz-auth
+
+## 0.1.7
+
+### Patch Changes
+
+- Updated dependencies [76a2544f9]
+- Updated dependencies [5a587a6c3]
+  - blitz@2.0.6
+  - @blitzjs/auth@2.0.6
+  - @blitzjs/next@2.0.6
+  - @blitzjs/rpc@2.0.6
+  - @blitzjs/config@2.0.6
+
+## 0.1.6
+
+### Patch Changes
+
+- Updated dependencies [6f54841b7]
+- Updated dependencies [8a417533f]
+  - @blitzjs/auth@2.0.5
+  - blitz@2.0.5
+  - @blitzjs/rpc@2.0.5
+  - @blitzjs/next@2.0.5
+  - @blitzjs/config@2.0.5
+
+## 0.1.5
+
+### Patch Changes
+
+- Updated dependencies [dd604c767]
+- Updated dependencies [28a79040e]
+  - @blitzjs/auth@2.0.4
+  - blitz@2.0.4
+  - @blitzjs/next@2.0.4
+  - @blitzjs/rpc@2.0.4
+  - @blitzjs/config@2.0.4
+
+## 0.1.4
+
+### Patch Changes
+
+- Updated dependencies [2f5c8a3a0]
+  - @blitzjs/next@2.0.3
+  - @blitzjs/rpc@2.0.3
+  - blitz@2.0.3
+  - @blitzjs/auth@2.0.3
+  - @blitzjs/config@2.0.3
+
+## 0.1.3
+
+### Patch Changes
+
+- Updated dependencies [e8fd12e4f]
+  - @blitzjs/rpc@2.0.2
+  - blitz@2.0.2
+  - @blitzjs/next@2.0.2
+  - @blitzjs/auth@2.0.2
+  - @blitzjs/config@2.0.2
+
+## 0.1.2
+
+### Patch Changes
+
+- Updated dependencies [8782aae64]
+  - blitz@2.0.1
+  - @blitzjs/auth@2.0.1
+  - @blitzjs/next@2.0.1
+  - @blitzjs/rpc@2.0.1
+  - @blitzjs/config@2.0.1
+
+## 0.1.1
+
+### Patch Changes
+
+- Updated dependencies [db7233db6]
+- Updated dependencies [1569bd53e]
+- Updated dependencies [cee2dec17]
+- Updated dependencies [c5c727cb6]
+- Updated dependencies [5166e5e03]
+- Updated dependencies [72a4e594a]
+- Updated dependencies [9db6c8855]
+- Updated dependencies [1e1bb73b2]
+- Updated dependencies [83b355900]
+- Updated dependencies [4cad9cca2]
+- Updated dependencies [c1e004063]
+- Updated dependencies [365e67094]
+- Updated dependencies [fd31e56bc]
+- Updated dependencies [74a14b704]
+- Updated dependencies [eda14fa8a]
+- Updated dependencies [aec1bb076]
+- Updated dependencies [a3c92cb86]
+- Updated dependencies [270361886]
+- Updated dependencies [c721c104d]
+- Updated dependencies [82649f341]
+- Updated dependencies [072929109]
+- Updated dependencies [f397cc203]
+- Updated dependencies [cadefb88e]
+- Updated dependencies [271c58ac6]
+- Updated dependencies [8f166a5db]
+- Updated dependencies [8c247e26e]
+- Updated dependencies [c5572bec6]
+- Updated dependencies [69fb28034]
+- Updated dependencies [86e8eb7c8]
+- Updated dependencies [99205f52d]
+- Updated dependencies [3f20a4740]
+- Updated dependencies [82e8b64f5]
+- Updated dependencies [6ece09613]
+- Updated dependencies [9c2e7d372]
+- Updated dependencies [928e840b5]
+- Updated dependencies [9631c4583]
+- Updated dependencies [6f18cbdc9]
+- Updated dependencies [acc07ce94]
+- Updated dependencies [ea7561b8e]
+- Updated dependencies [1436e7618]
+- Updated dependencies [2533caf48]
+- Updated dependencies [696f48c4e]
+- Updated dependencies [d98e4bac4]
+- Updated dependencies [90f1741da]
+- Updated dependencies [4a9aa9f7f]
+- Updated dependencies [d692b4c1d]
+- Updated dependencies [638f2319b]
+- Updated dependencies [c213d521c]
+- Updated dependencies [7817fe3a8]
+- Updated dependencies [0e762fb55]
+- Updated dependencies [9529dbd6f]
+- Updated dependencies [3b213a35b]
+- Updated dependencies [8b01175b4]
+- Updated dependencies [3d004dc41]
+- Updated dependencies [5ea068b28]
+- Updated dependencies [1d863f352]
+- Updated dependencies [8b4bf999c]
+- Updated dependencies [1476a577b]
+- Updated dependencies [a6e81f156]
+- Updated dependencies [cacb65d63]
+- Updated dependencies [ae0b714f6]
+- Updated dependencies [c7ac86b85]
+- Updated dependencies [d9fc5d8e2]
+- Updated dependencies [ccb1af8d0]
+- Updated dependencies [630c71812]
+- Updated dependencies [bf1b2c824]
+- Updated dependencies [240f3f347]
+- Updated dependencies [55b1cb204]
+- Updated dependencies [1742eb45d]
+- Updated dependencies [54db8a46d]
+- Updated dependencies [962eb58af]
+- Updated dependencies [54a66a95d]
+- Updated dependencies [9fe0cc546]
+- Updated dependencies [55a43ce1f]
+- Updated dependencies [0b94a4503]
+- Updated dependencies [af58e2b23]
+- Updated dependencies [78fd5c489]
+- Updated dependencies [62bf12b5c]
+- Updated dependencies [6ff9ec0d7]
+- Updated dependencies [09e0c68db]
+- Updated dependencies [abb1ad5d1]
+- Updated dependencies [3a602b613]
+- Updated dependencies [ceb7db274]
+- Updated dependencies [2ade7268e]
+- Updated dependencies [0edeaa37a]
+- Updated dependencies [7b63f0f1f]
+- Updated dependencies [03bad3175]
+- Updated dependencies [f0ca738d5]
+- Updated dependencies [bee19a259]
+- Updated dependencies [0936cb38a]
+- Updated dependencies [c11f0401c]
+- Updated dependencies [989691ec8]
+- Updated dependencies [4d7d126d9]
+- Updated dependencies [8e5903c0f]
+- Updated dependencies [30fd61316]
+- Updated dependencies [6f4349896]
+- Updated dependencies [942536d9a]
+- Updated dependencies [666a3ae3e]
+- Updated dependencies [a80d2a8f7]
+- Updated dependencies [f6dac093d]
+- Updated dependencies [3ddb57072]
+- Updated dependencies [4e26ae21b]
+- Updated dependencies [abe2afccd]
+- Updated dependencies [da17cc8a2]
+- Updated dependencies [b84c5bedb]
+- Updated dependencies [a6f32d1d0]
+- Updated dependencies [b97366c42]
+- Updated dependencies [348fd6f5e]
+- Updated dependencies [1bb3a6556]
+- Updated dependencies [3bcbad1a9]
+- Updated dependencies [0a8b0cb35]
+- Updated dependencies [8490b0724]
+- Updated dependencies [9ded8dacb]
+- Updated dependencies [19898a488]
+- Updated dependencies [93851d90c]
+- Updated dependencies [f84d77a42]
+- Updated dependencies [6811eab1a]
+- Updated dependencies [a7e37c58d]
+- Updated dependencies [20fc9f80f]
+- Updated dependencies [8dedca1a2]
+- Updated dependencies [3511d5b69]
+- Updated dependencies [46a34c7b3]
+- Updated dependencies [e82a79be5]
+- Updated dependencies [890b0c0c9]
+- Updated dependencies [11b548ede]
+- Updated dependencies [ed2b0e22c]
+- Updated dependencies [430f6ec78]
+- Updated dependencies [df7cee84a]
+- Updated dependencies [adabb11a0]
+- Updated dependencies [38d945a3f]
+- Updated dependencies [c3c789740]
+- Updated dependencies [240f378b5]
+- Updated dependencies [df3265b85]
+- Updated dependencies [89bf993a1]
+- Updated dependencies [2150dcc3e]
+- Updated dependencies [0f4926fd1]
+- Updated dependencies [3f9fe8f04]
+- Updated dependencies [8aee25c58]
+- Updated dependencies [fe8c937d2]
+- Updated dependencies [0ac6e1712]
+- Updated dependencies [c0a3b1ee3]
+- Updated dependencies [5c5decbce]
+- Updated dependencies [dc694cf1c]
+- Updated dependencies [e5cd2c862]
+- Updated dependencies [807a2b564]
+- Updated dependencies [97469a126]
+- Updated dependencies [931156c35]
+- Updated dependencies [650a157e1]
+- Updated dependencies [1d9804a61]
+- Updated dependencies [41608c4c3]
+- Updated dependencies [a0596279b]
+- Updated dependencies [88caa18e6]
+- Updated dependencies [022392c12]
+- Updated dependencies [17ce29e5e]
+- Updated dependencies [f52ca398e]
+- Updated dependencies [c126b8191]
+- Updated dependencies [c9cf7adc3]
+- Updated dependencies [1b798d9a0]
+- Updated dependencies [0f18c68d6]
+- Updated dependencies [ea7561b8e]
+- Updated dependencies [6ab9db780]
+- Updated dependencies [727734955]
+- Updated dependencies [80e1ead7c]
+- Updated dependencies [f39ba1ff1]
+- Updated dependencies [161270e3b]
+- Updated dependencies [bec9512e3]
+- Updated dependencies [b6b9a1c5a]
+- Updated dependencies [1436e7618]
+- Updated dependencies [1c809094f]
+- Updated dependencies [145d5a02b]
+- Updated dependencies [8bcb471a5]
+- Updated dependencies [a3e6c49c4]
+- Updated dependencies [490280240]
+- Updated dependencies [15d22af24]
+- Updated dependencies [454591293]
+- Updated dependencies [6e88a847f]
+- Updated dependencies [0025856b9]
+- Updated dependencies [2073714f8]
+- Updated dependencies [716e188d1]
+- Updated dependencies [d87288a2e]
+- Updated dependencies [8aa22a0b2]
+- Updated dependencies [37aeaa7fa]
+- Updated dependencies [b918055bf]
+- Updated dependencies [aa34661fa]
+- Updated dependencies [61888d1a3]
+- Updated dependencies [dd5f51744]
+- Updated dependencies [ce4536833]
+- Updated dependencies [9ada0f666]
+- Updated dependencies [fb32903bf]
+- Updated dependencies [b33db0828]
+- Updated dependencies [f15a51901]
+- Updated dependencies [10f98c681]
+- Updated dependencies [42a2cf951]
+- Updated dependencies [9674efc0b]
+- Updated dependencies [8e0c9d76b]
+- Updated dependencies [9620ef6b1]
+- Updated dependencies [d5b8faa86]
+- Updated dependencies [a3bbe6ce3]
+- Updated dependencies [b493c93f8]
+- Updated dependencies [3b213a35b]
+- Updated dependencies [8d9ea00e1]
+- Updated dependencies [e2c18895d]
+- Updated dependencies [00bd849ee]
+- Updated dependencies [ffa7b5ccc]
+- Updated dependencies [1f6b0b54c]
+- Updated dependencies [527e48ac3]
+- Updated dependencies [01f3a03ea]
+- Updated dependencies [dfd2408e9]
+- Updated dependencies [b0c21b070]
+- Updated dependencies [25f4526f7]
+- Updated dependencies [31d7a6f41]
+- Updated dependencies [2cc888eff]
+- Updated dependencies [29c2b029a]
+- Updated dependencies [713aead93]
+  - blitz@2.0.0
+  - @blitzjs/auth@2.0.0
+  - @blitzjs/next@2.0.0
+  - @blitzjs/rpc@2.0.0
+  - @blitzjs/config@2.0.0
+
+## 0.1.1-beta.13
+
+### Patch Changes
+
+- Updated dependencies [86e8eb7c8]
+- Updated dependencies [b84c5bedb]
+- Updated dependencies [e5cd2c862]
+  - @blitzjs/rpc@2.0.0-beta.37
+  - blitz@2.0.0-beta.37
+  - @blitzjs/auth@2.0.0-beta.37
+  - @blitzjs/next@2.0.0-beta.37
+  - @blitzjs/config@2.0.0-beta.37
+
+## 0.1.1-beta.12
+
+### Patch Changes
+
+- Updated dependencies [09e0c68db]
+  - @blitzjs/auth@2.0.0-beta.36
+  - blitz@2.0.0-beta.36
+  - @blitzjs/rpc@2.0.0-beta.36
+  - @blitzjs/next@2.0.0-beta.36
+  - @blitzjs/config@2.0.0-beta.36
+
+## 0.1.1-beta.11
+
+### Patch Changes
+
+- Updated dependencies [cee2dec17]
+- Updated dependencies [aec1bb076]
+- Updated dependencies [b97366c42]
+- Updated dependencies [3bcbad1a9]
+  - @blitzjs/auth@2.0.0-beta.35
+  - blitz@2.0.0-beta.35
+  - @blitzjs/next@2.0.0-beta.35
+  - @blitzjs/rpc@2.0.0-beta.35
+  - @blitzjs/config@2.0.0-beta.35
+
+## 0.1.1-beta.10
+
+### Patch Changes
+
+- Updated dependencies [30fd61316]
+- Updated dependencies [3ddb57072]
+- Updated dependencies [fe8c937d2]
+  - blitz@2.0.0-beta.34
+  - @blitzjs/auth@2.0.0-beta.34
+  - @blitzjs/next@2.0.0-beta.34
+  - @blitzjs/rpc@2.0.0-beta.34
+  - @blitzjs/config@2.0.0-beta.34
+
+## 0.1.1-beta.9
+
+### Patch Changes
+
+- Updated dependencies [19898a488]
+- Updated dependencies [6811eab1a]
+- Updated dependencies [022392c12]
+  - @blitzjs/rpc@2.0.0-beta.33
+  - blitz@2.0.0-beta.33
+  - @blitzjs/next@2.0.0-beta.33
+  - @blitzjs/auth@2.0.0-beta.33
+  - @blitzjs/config@2.0.0-beta.33
+
+## 0.1.1-beta.8
+
+### Patch Changes
+
+- Updated dependencies [82649f341]
+- Updated dependencies [8b01175b4]
+  - blitz@2.0.0-beta.32
+  - @blitzjs/next@2.0.0-beta.32
+  - @blitzjs/auth@2.0.0-beta.32
+  - @blitzjs/rpc@2.0.0-beta.32
+  - @blitzjs/config@2.0.0-beta.32
+
+## 0.1.1-beta.7
+
+### Patch Changes
+
+- Updated dependencies [90f1741da]
+- Updated dependencies [df3265b85]
+  - @blitzjs/auth@2.0.0-beta.31
+  - blitz@2.0.0-beta.31
+  - @blitzjs/rpc@2.0.0-beta.31
+  - @blitzjs/next@2.0.0-beta.31
+  - @blitzjs/config@2.0.0-beta.31
+
+## 0.1.1-beta.6
+
+### Patch Changes
+
+- Updated dependencies [c5572bec6]
+- Updated dependencies [727734955]
+  - @blitzjs/auth@2.0.0-beta.30
+  - blitz@2.0.0-beta.30
+  - @blitzjs/rpc@2.0.0-beta.30
+  - @blitzjs/next@2.0.0-beta.30
+  - @blitzjs/config@2.0.0-beta.30
+
+## 0.1.1-beta.5
+
+### Patch Changes
+
+- Updated dependencies [b6b9a1c5a]
+- Updated dependencies [61888d1a3]
+  - @blitzjs/auth@2.0.0-beta.29
+  - blitz@2.0.0-beta.29
+  - @blitzjs/rpc@2.0.0-beta.29
+  - @blitzjs/next@2.0.0-beta.29
+  - @blitzjs/config@2.0.0-beta.29
+
+## 0.1.1-beta.4
+
+### Patch Changes
+
+- Updated dependencies [5166e5e03]
+- Updated dependencies [2533caf48]
+- Updated dependencies [c7ac86b85]
+- Updated dependencies [1bb3a6556]
+  - @blitzjs/auth@2.0.0-beta.28
+  - @blitzjs/next@2.0.0-beta.28
+  - @blitzjs/rpc@2.0.0-beta.28
+  - blitz@2.0.0-beta.28
+  - @blitzjs/config@2.0.0-beta.28
+
+## 0.1.1-beta.3
+
+### Patch Changes
+
+- Updated dependencies [eda14fa8a]
+- Updated dependencies [3d004dc41]
+- Updated dependencies [29c2b029a]
+  - @blitzjs/next@2.0.0-beta.27
+  - @blitzjs/rpc@2.0.0-beta.27
+  - @blitzjs/auth@2.0.0-beta.27
+  - blitz@2.0.0-beta.27
+  - @blitzjs/config@2.0.0-beta.27
+
+## 0.1.1-beta.2
+
+### Patch Changes
+
+- Updated dependencies [e82a79be5]
+- Updated dependencies [38d945a3f]
+  - @blitzjs/auth@2.0.0-beta.26
+  - @blitzjs/next@2.0.0-beta.26
+  - @blitzjs/rpc@2.0.0-beta.26
+  - blitz@2.0.0-beta.26
+  - @blitzjs/config@2.0.0-beta.26
+
+## 0.1.1-beta.1
+
+### Patch Changes
+
+- Updated dependencies [f84d77a42]
+  - @blitzjs/rpc@2.0.0-beta.25
+  - @blitzjs/next@2.0.0-beta.25
+  - @blitzjs/auth@2.0.0-beta.25
+  - @blitzjs/config@2.0.0-beta.25
+  - blitz@2.0.0-beta.25
+
+## 0.1.1-beta.0
+
+### Patch Changes
+
+- 37aeaa7fa: feature: Nextjs 13 App Directory Utility Methods
+
+  ### 🔧 New Blitz Auth Hook `useAuthenticatedBlitzContext`
+
+  This hook is implemented as the replacement of the [`BlitzPage` seurity auth utilities](https://blitzjs.com/docs/authorization#secure-your-pages) provided for the pages directory to work with React Server Components in the Nextjs 13 app directory
+  It can be used in any asynchronous server component be it in `page.ts` or in the layouts in `layout.ts`
+  It uses the new [`redirect` function](https://beta.nextjs.org/docs/api-reference/redirect) to provide the required authorization in server side
+
+  #### API
+
+  ```ts
+  useAuthenticatedBlitzContext({
+    redirectTo,
+    redirectAuthenticatedTo,
+    role,
+  }: {
+    redirectTo?: string | RouteUrlObject
+    redirectAuthenticatedTo?: string | RouteUrlObject | ((ctx: Ctx) => string | RouteUrlObject)
+    role?: string | string[]
+  }): Promise<void>
+  ```
+
+  #### Usage
+
+  **Example Usage in React Server Component in `app` directory in Next 13**
+
+  ```ts
+  import {getAppSession, useAuthenticatedBlitzContext} from "src/blitz-server"
+  ...
+  await useAuthenticatedBlitzContext({
+      redirectTo: "/auth/login",
+      role: ["admin"],
+      redirectAuthenticatedTo: "/dashboard",
+  })
+  ```
+
+  ### 🔧 New Blitz RPC Hook `invokeResolver`
+
+  #### API
+
+  ```ts
+  invokeResolver<T extends (...args: any) => any, TInput = FirstParam<T>>(
+    queryFn: T,
+    params: TInput,
+  ): Promise<PromiseReturnType<T>>
+  ```
+
+  #### Example Usage
+
+  ```ts
+  ...
+  import {invokeResolver, useAuthenticatedBlitzContext} from "../src/blitz-server"
+  import getCurrentUser from "../src/users/queries/getCurrentUser"
+
+  export default async function Home() {
+    await useAuthenticatedBlitzContext({
+      redirectTo: "/auth/login",
+    })
+    const user = await invokeResolver(getCurrentUser, null)
+  ...
+  ```
+
+- Updated dependencies [cadefb88e]
+- Updated dependencies [6f18cbdc9]
+- Updated dependencies [acc07ce94]
+- Updated dependencies [ea7561b8e]
+- Updated dependencies [9529dbd6f]
+- Updated dependencies [ea7561b8e]
+- Updated dependencies [6e88a847f]
+- Updated dependencies [37aeaa7fa]
+  - blitz@2.0.0-beta.24
+  - @blitzjs/auth@2.0.0-beta.24
+  - @blitzjs/next@2.0.0-beta.24
+  - @blitzjs/rpc@2.0.0-beta.24
+  - @blitzjs/config@2.0.0-beta.24

apps/next13/README.md

@@ -0,0 +1,26 @@
+# Next.js 13 + Blitz Auth
+
+This is a [Next.js](https://nextjs.org/) project bootstrapped with [`create-next-app`](https://github.com/vercel/next.js/tree/canary/packages/create-next-app) + [`Blitz Auth`](https://blitzjs.com/docs/auth).
+
+## Getting Started
+
+First, run the development server:
+
+```bash
+npm run dev
+# or
+yarn dev
+```
+
+Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
+
+You can go to the `/signup` page and create a new account.
+
+## Learn More
+
+To learn more about Next.js and Blitz.js, take a look at the following resources:
+
+- [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js features and API.
+- [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.
+- [Blitz.js Documentation](https://blitzjs.com/docs/) — learn about Blitz.js.
+- [Blitz Auth Documentation](https://blitzjs.com/docs/auth) — learn about Blitz Auth plugin.

apps/next13/next.config.js

@@ -0,0 +1,6 @@
+const {withBlitz} = require("@blitzjs/next")
+
+/** @type {import('next').NextConfig} */
+const nextConfig = {}
+
+module.exports = withBlitz(nextConfig)

apps/next13/package.json

@@ -0,0 +1,41 @@
+{
+  "name": "next-blitz-auth",
+  "version": "0.1.7",
+  "private": true,
+  "scripts": {
+    "blitz:dev": "next dev",
+    "blitz:build": "next build",
+    "blitz:start": "next start",
+    "lint": "next lint"
+  },
+  "prisma": {
+    "schema": "prisma/schema.prisma"
+  },
+  "dependencies": {
+    "@blitzjs/auth": "2.0.6",
+    "@blitzjs/config": "2.0.6",
+    "@blitzjs/next": "2.0.6",
+    "@blitzjs/rpc": "2.0.6",
+    "@hookform/error-message": "2.0.0",
+    "@hookform/resolvers": "2.9.10",
+    "@prisma/client": "^4.5.0",
+    "@tanstack/react-query": "4.0.10",
+    "blitz": "2.0.6",
+    "flatted": "3.2.7",
+    "next": "14.0.4",
+    "prisma": "^4.5.0",
+    "react": "18.2.0",
+    "react-dom": "18.2.0",
+    "react-hook-form": "7.39.1",
+    "superjson": "1.11.0",
+    "zod": "3.20.2"
+  },
+  "devDependencies": {
+    "@types/node": "18.11.7",
+    "@types/react": "18.0.23",
+    "@types/react-dom": "18.0.7",
+    "eslint": "8.26.0",
+    "eslint-config-next": "13.0.0",
+    "typescript": "4.8.4"
+  }
+}

apps/next13/prisma/index.ts

@@ -0,0 +1,5 @@
+import {PrismaClient} from "@prisma/client"
+
+export * from "@prisma/client"
+const db = new PrismaClient()
+export default db

apps/next13/prisma/migrations/20221027023832_init/migration.sql

@@ -0,0 +1,47 @@
+-- CreateTable
+CREATE TABLE "User" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "name" TEXT,
+    "email" TEXT NOT NULL,
+    "hashedPassword" TEXT,
+    "role" TEXT NOT NULL DEFAULT 'USER'
+);
+
+-- CreateTable
+CREATE TABLE "Session" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "expiresAt" DATETIME,
+    "handle" TEXT NOT NULL,
+    "hashedSessionToken" TEXT,
+    "antiCSRFToken" TEXT,
+    "publicData" TEXT,
+    "privateData" TEXT,
+    "userId" INTEGER,
+    CONSTRAINT "Session_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE SET NULL ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "Token" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "hashedToken" TEXT NOT NULL,
+    "type" TEXT NOT NULL,
+    "expiresAt" DATETIME NOT NULL,
+    "sentTo" TEXT NOT NULL,
+    "userId" INTEGER NOT NULL,
+    CONSTRAINT "Token_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Session_handle_key" ON "Session"("handle");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Token_hashedToken_type_key" ON "Token"("hashedToken", "type");

apps/next13/prisma/migrations/20230206052436_/migration.sql

@@ -0,0 +1,48 @@
+/*
+  Warnings:
+
+  - You are about to drop the `Token` table. If the table is not empty, all the data it contains will be lost.
+  - You are about to drop the column `createdAt` on the `User` table. All the data in the column will be lost.
+  - You are about to drop the column `role` on the `User` table. All the data in the column will be lost.
+  - You are about to drop the column `updatedAt` on the `User` table. All the data in the column will be lost.
+  - You are about to drop the column `createdAt` on the `Session` table. All the data in the column will be lost.
+  - You are about to drop the column `updatedAt` on the `Session` table. All the data in the column will be lost.
+
+*/
+-- DropIndex
+DROP INDEX "Token_hashedToken_type_key";
+
+-- DropTable
+PRAGMA foreign_keys=off;
+DROP TABLE "Token";
+PRAGMA foreign_keys=on;
+
+-- RedefineTables
+PRAGMA foreign_keys=OFF;
+CREATE TABLE "new_User" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "name" TEXT,
+    "email" TEXT NOT NULL,
+    "hashedPassword" TEXT
+);
+INSERT INTO "new_User" ("email", "hashedPassword", "id", "name") SELECT "email", "hashedPassword", "id", "name" FROM "User";
+DROP TABLE "User";
+ALTER TABLE "new_User" RENAME TO "User";
+CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
+CREATE TABLE "new_Session" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "expiresAt" DATETIME,
+    "handle" TEXT NOT NULL,
+    "hashedSessionToken" TEXT,
+    "antiCSRFToken" TEXT,
+    "publicData" TEXT,
+    "privateData" TEXT,
+    "userId" INTEGER,
+    CONSTRAINT "Session_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE SET NULL ON UPDATE CASCADE
+);
+INSERT INTO "new_Session" ("antiCSRFToken", "expiresAt", "handle", "hashedSessionToken", "id", "privateData", "publicData", "userId") SELECT "antiCSRFToken", "expiresAt", "handle", "hashedSessionToken", "id", "privateData", "publicData", "userId" FROM "Session";
+DROP TABLE "Session";
+ALTER TABLE "new_Session" RENAME TO "Session";
+CREATE UNIQUE INDEX "Session_handle_key" ON "Session"("handle");
+PRAGMA foreign_key_check;
+PRAGMA foreign_keys=ON;

apps/next13/prisma/migrations/migration_lock.toml

@@ -0,0 +1,3 @@
+# Please do not edit this file manually
+# It should be added in your version-control system (i.e. Git)
+provider = "sqlite"

apps/next13/prisma/schema.prisma

@@ -0,0 +1,33 @@
+// This is your Prisma schema file,
+// learn more about it in the docs: https://pris.ly/d/prisma-schema
+
+generator client {
+  provider = "prisma-client-js"
+}
+
+datasource db {
+  provider = "sqlite"
+  url      = env("DATABASE_URL")
+}
+
+model User {
+  id             Int      @id @default(autoincrement())
+  name           String?
+  email          String   @unique
+  hashedPassword String?
+
+  sessions Session[]
+}
+
+model Session {
+  id                 Int       @id @default(autoincrement())
+  expiresAt          DateTime?
+  handle             String    @unique
+  hashedSessionToken String?
+  antiCSRFToken      String?
+  publicData         String?
+  privateData        String?
+
+  user   User? @relation(fields: [userId], references: [id])
+  userId Int?
+}

apps/next13/public/vercel.svg

@@ -0,0 +1,4 @@
+<svg width="283" height="64" viewBox="0 0 283 64" fill="none" 
+    xmlns="http://www.w3.org/2000/svg">
+    <path d="M141.04 16c-11.04 0-19 7.2-19 18s8.96 18 20 18c6.67 0 12.55-2.64 16.19-7.09l-7.65-4.42c-2.02 2.21-5.09 3.5-8.54 3.5-4.79 0-8.86-2.5-10.37-6.5h28.02c.22-1.12.35-2.28.35-3.5 0-10.79-7.96-17.99-19-17.99zm-9.46 14.5c1.25-3.99 4.67-6.5 9.45-6.5 4.79 0 8.21 2.51 9.45 6.5h-18.9zM248.72 16c-11.04 0-19 7.2-19 18s8.96 18 20 18c6.67 0 12.55-2.64 16.19-7.09l-7.65-4.42c-2.02 2.21-5.09 3.5-8.54 3.5-4.79 0-8.86-2.5-10.37-6.5h28.02c.22-1.12.35-2.28.35-3.5 0-10.79-7.96-17.99-19-17.99zm-9.45 14.5c1.25-3.99 4.67-6.5 9.45-6.5 4.79 0 8.21 2.51 9.45 6.5h-18.9zM200.24 34c0 6 3.92 10 10 10 4.12 0 7.21-1.87 8.8-4.92l7.68 4.43c-3.18 5.3-9.14 8.49-16.48 8.49-11.05 0-19-7.2-19-18s7.96-18 19-18c7.34 0 13.29 3.19 16.48 8.49l-7.68 4.43c-1.59-3.05-4.68-4.92-8.8-4.92-6.07 0-10 4-10 10zm82.48-29v46h-9V5h9zM36.95 0L73.9 64H0L36.95 0zm92.38 5l-27.71 48L73.91 5H84.3l17.32 30 17.32-30h10.39zm58.91 12v9.69c-1-.29-2.06-.49-3.2-.49-5.81 0-10 4-10 10V51h-9V17h9v9.2c0-5.08 5.91-9.2 13.2-9.2z" fill="#000"/>
+</svg>

apps/next13/src/app/auth/layout.tsx

@@ -0,0 +1,8 @@
+import {useAuthenticatedBlitzContext} from "../../blitz-server"
+
+export default async function RootLayout({children}: {children: React.ReactNode}) {
+  await useAuthenticatedBlitzContext({
+    redirectAuthenticatedTo: "/",
+  })
+  return <>{children}</>
+}

apps/next13/src/app/auth/login/page.tsx

@@ -0,0 +1,13 @@
+"use client"
+
+import {LoginForm} from "../../../auth/components/LoginForm"
+import {useRouter} from "next/navigation"
+import {useSearchParams} from "next/navigation"
+
+const LoginPage = () => {
+  const router = useRouter()
+  const searchParams = useSearchParams()
+  return <LoginForm onSuccess={(_user) => {}} />
+}
+
+export default LoginPage

apps/next13/src/app/auth/signup/page.tsx

@@ -0,0 +1,11 @@
+"use client"
+
+import {useRouter} from "next/navigation"
+import SignupForm from "../../../auth/components/SignupForm"
+
+const SignUp = () => {
+  const router = useRouter()
+  return <SignupForm onSuccess={() => router.push("/")} />
+}
+
+export default SignUp

apps/next13/src/app/error.tsx

@@ -0,0 +1,24 @@
+"use client" // Error components must be Client components
+
+import React, {useEffect} from "react"
+
+export default function Error({error, reset}: {error: Error; reset: () => void}) {
+  useEffect(() => {
+    // Log the error to an error reporting service
+    console.error(error)
+  }, [error])
+
+  return (
+    <div>
+      <h2>Something went wrong!</h2>
+      <button
+        onClick={
+          // Attempt to recover by trying to re-render the segment
+          () => reset()
+        }
+      >
+        Try again
+      </button>
+    </div>
+  )
+}

apps/next13/src/app/layout.tsx

@@ -0,0 +1,57 @@
+import "src/styles/globals.css"
+import {BlitzProvider} from "../blitz-client"
+import styles from "src/styles/Home.module.css"
+
+export default function RootLayout({children}: {children: React.ReactNode}) {
+  return (
+    <html lang="en">
+      <head>
+        <title>Create Next App</title>
+        <meta name="description" content="Generated by create next app" />
+        <link rel="icon" href="/favicon.ico" />
+      </head>
+      <body>
+        <BlitzProvider>
+          <div className={styles.globe} />
+
+          <div className={styles.container}>
+            <div className={styles.toastContainer}>
+              <p>
+                <strong>Congrats!</strong> Your app is ready, including user sign-up and log-in.
+              </p>
+            </div>
+
+            <main className={styles.main}>
+              <div className={styles.wrapper}>
+                <div className={styles.header}>
+                  <div className={styles.logo}>
+                    <svg viewBox="0 0 165 66">
+                      <path d="M104.292 56.033C104.292 56.408 104.206 56.6636 104.036 56.8C103.9 56.9363 103.627 57.0045 103.218 57.0045H99.7409C99.4001 57.0045 99.1615 56.9533 99.0251 56.8511C98.8888 56.7147 98.8206 56.4932 98.8206 56.1864L98.9229 19.8324C98.9229 19.3211 99.1444 19.0654 99.5876 19.0654H103.627C103.839 19.0654 104.292 19.0672 104.292 19.0672V19.8324V56.033ZM64.3531 57.0081C64.1145 57.0081 63.927 56.9399 63.7906 56.8035C63.6543 56.6672 63.5861 56.4968 63.5861 56.2922V19.9383C63.5861 19.3588 63.8588 19.069 64.4042 19.069H76.829C81.533 19.069 85.1463 19.9212 87.6687 21.6256C90.1912 23.2958 91.4524 25.7331 91.4524 28.9373C91.4524 30.9484 90.924 32.6528 89.8673 34.0504C88.8106 35.4138 87.1063 36.5217 84.7543 37.3739C84.6179 37.4079 84.5497 37.4932 84.5497 37.6295C84.5497 37.7318 84.6179 37.7999 84.7543 37.834C87.2767 38.5158 89.1686 39.5895 90.4298 41.0553C91.7251 42.521 92.3727 44.4469 92.3727 46.833C92.3727 50.2418 91.0945 52.7983 88.5379 54.5027C85.9814 56.1729 82.2318 57.0081 77.2892 57.0081H64.3531ZM77.5448 35.5843C79.6923 35.5843 81.516 35.1071 83.0158 34.1526C84.5157 33.1982 85.2656 31.6983 85.2656 29.6531C85.2656 27.6079 84.5157 26.0569 83.0158 25.0002C81.5501 23.9435 79.5219 23.4151 76.9313 23.4151H70.5399C70.0286 23.4151 69.7729 23.6367 69.7729 24.0798V34.8684C69.7729 35.3457 69.9604 35.5843 70.3354 35.5843H77.5448ZM77.0335 52.662C82.9647 52.662 85.9303 50.5997 85.9303 46.4751C85.9303 44.3276 85.1633 42.7255 83.6294 41.6688C82.0955 40.6121 80.0673 40.0838 77.5448 40.0838H70.591C70.2843 40.0838 70.0627 40.1349 69.9263 40.2372C69.8241 40.3394 69.7729 40.5099 69.7729 40.7485V51.895C69.7729 52.4063 69.9604 52.662 70.3354 52.662H77.0335ZM142.707 56.8624C142.81 56.9647 142.997 57.0158 143.27 57.0158H163.876C164.387 57.0158 164.643 56.7772 164.643 56.3V53.948V53.3344H163.978H149.866C149.593 53.3344 149.457 53.2492 149.457 53.0788C149.457 52.9765 149.508 52.8572 149.61 52.7208L163.876 33.8536C164.251 33.2741 164.438 32.7628 164.438 32.3197V30.479V29.9144C164.438 29.9144 164.051 29.9165 163.876 29.9165H144.241C143.866 29.9165 143.679 30.121 143.679 30.5301V32.831C143.679 33.1037 143.713 33.2911 143.781 33.3934C143.883 33.4957 144.071 33.5468 144.344 33.5468H157.075C157.382 33.5468 157.535 33.632 157.535 33.8025L157.382 34.1092L143.219 52.9765C142.946 53.3515 142.759 53.6412 142.656 53.8457C142.588 54.0502 142.554 54.3059 142.554 54.6127V56.3C142.554 56.5727 142.605 56.7602 142.707 56.8624ZM116.929 19.0676H111.51V27.7684C114.503 27.7684 116.929 25.3419 116.929 22.3486V19.0676ZM116.926 56.0308C116.926 56.4058 116.841 56.6614 116.67 56.7978C116.534 56.9341 116.278 57.0023 115.903 57.0023H112.427C112.086 57.0023 111.847 56.9512 111.711 56.8489C111.574 56.7126 111.506 56.491 111.506 56.1842V30.6699C111.506 30.3972 111.557 30.2098 111.66 30.1075C111.762 29.9712 111.949 29.903 112.222 29.903H117.028L116.926 56.0308ZM132.183 34.3137C132.183 33.9728 132.336 33.8024 132.643 33.8024H138.779C139.256 33.8024 139.495 33.5979 139.495 33.1888V30.4789V29.9165H138.881H132.745C132.439 29.9165 132.285 29.7631 132.285 29.4563V21.531V20.713L131.621 20.7129H128.093C127.752 20.7129 127.547 20.9515 127.479 21.4288L126.865 29.4563C126.865 29.7631 126.729 29.9165 126.456 29.9165H122.366C121.957 29.9165 121.752 30.1039 121.752 30.4789V33.1888C121.752 33.5979 121.974 33.8024 122.417 33.8024H126.252C126.593 33.8024 126.763 34.0069 126.763 34.416V50.6244C126.763 52.806 127.309 54.4252 128.399 55.4819C129.49 56.5045 131.16 57.0158 133.41 57.0158C135.796 57.0158 137.535 56.9306 138.625 56.7601C139.137 56.6579 139.392 56.3681 139.392 55.8909V53.6923V53.0787H138.779H135.507C134.348 53.0787 133.495 52.806 132.95 52.2606C132.439 51.7152 132.183 50.7267 132.183 49.295V34.3137Z"></path>
+                      <path d="M0.241243 33.2639H10.9742C15.0585 33.2639 18.9054 35.1835 21.3612 38.4471L31.9483 52.5165C32.1484 52.7824 32.1786 53.1393 32.026 53.435L25.9232 65.2592C25.6304 65.8265 24.8455 65.8932 24.4612 65.3835L0.241243 33.2639Z"></path>
+                      <path d="M42.4727 33.2822H31.7398C27.6555 33.2822 23.8086 31.3626 21.3528 28.0991L10.7656 14.0297C10.5656 13.7638 10.5354 13.4068 10.688 13.1111L16.7908 1.28696C17.0836 0.719654 17.8684 0.652924 18.2528 1.16266L42.4727 33.2822Z"></path>
+                    </svg>
+                  </div>
+                  <div className={styles.buttonContainer}></div>
+                </div>
+
+                <div className={styles.body}>{children} </div>
+              </div>
+            </main>
+
+            <footer className={styles.footer}>
+              <span>Powered by</span>
+              <a
+                href="https://blitzjs.com?utm_source=blitz-new&utm_medium=app-template&utm_campaign=blitz-new"
+                target="_blank"
+                rel="noopener noreferrer"
+                className={styles.textLink}
+              >
+                Blitz.js
+              </a>
+            </footer>
+          </div>
+        </BlitzProvider>
+      </body>
+    </html>
+  )
+}

apps/next13/src/app/page.tsx

@@ -0,0 +1,46 @@
+import Link from "next/link"
+import styles from "src/styles/Home.module.css"
+import Test from "./react-query"
+import {invoke, useAuthenticatedBlitzContext} from "../blitz-server"
+import getCurrentUser from "../users/queries/getCurrentUser"
+
+export default async function Home() {
+  await useAuthenticatedBlitzContext({
+    redirectTo: "/auth/login",
+  })
+  const user = await invoke(getCurrentUser, null)
+  return (
+    <div
+      style={{
+        display: "flex",
+        justifyContent: "center",
+        alignItems: "center",
+        flexDirection: "column",
+        width: "100%",
+      }}
+    >
+      <div
+        style={{
+          display: "flex",
+          justifyContent: "center",
+          alignItems: "center",
+          flexDirection: "column",
+        }}
+      >
+        <Link href={"/auth/signup"} className={styles.button}>
+          <strong>Sign Up</strong>
+        </Link>
+        <Link href={"/auth/login"} className={styles.loginButton}>
+          <strong>Login</strong>
+        </Link>
+        <div style={{height: 20}} />
+        <p>Server Session</p>
+        <p>UserId: {user?.id}</p>
+        <p>Email: {user?.email}</p>
+        <div style={{height: 20}} />
+        <p>Client Session</p>
+        <Test />
+      </div>
+    </div>
+  )
+}

apps/next13/src/app/react-query.tsx

@@ -0,0 +1,34 @@
+"use client"
+
+import {useQuery, useMutation} from "@blitzjs/rpc"
+import logout from "../auth/mutations/logout"
+import getCurrentUser from "../users/queries/getCurrentUser"
+import {useTransition} from "react"
+import {useRouter} from "next/navigation"
+
+export default function Test() {
+  const router = useRouter()
+  const [user] = useQuery(getCurrentUser, null)
+  const [isPending, startTransition] = useTransition()
+  const [logoutMutation] = useMutation(logout)
+  console.log(user)
+  return (
+    <div>
+      <h1>Test</h1>
+      <p>{user?.email}</p>
+      <button
+        className="button small"
+        onClick={async () => {
+          await logoutMutation()
+          startTransition(() => {
+            // Refresh the current route and fetch new data from the server without
+            // losing client-side browser or React state.
+            router.refresh()
+          })
+        }}
+      >
+        Logout
+      </button>
+    </div>
+  )
+}

apps/next13/src/auth/components/LoginForm.tsx

@@ -0,0 +1,61 @@
+import {AuthenticationError, PromiseReturnType} from "blitz"
+import Link from "next/link"
+import {LabeledTextField} from "../../core/components/LabeledTextField"
+import {Form, FORM_ERROR} from "../../core/components/Form"
+import login from "../../auth/mutations/login"
+import {Login} from "../../auth/validations"
+import {useMutation} from "@blitzjs/rpc"
+import {startTransition} from "react"
+import {useRouter} from "next/navigation"
+
+type LoginFormProps = {
+  onSuccess?: (user: PromiseReturnType<typeof login>) => void
+}
+
+export const LoginForm = (props: LoginFormProps) => {
+  const [loginMutation] = useMutation(login)
+  const router = useRouter()
+  return (
+    <div>
+      <h1>Login</h1>
+
+      <Form
+        submitText="Login"
+        schema={Login}
+        initialValues={{email: "", password: ""}}
+        onSubmit={async (values) => {
+          try {
+            const user = await loginMutation(values)
+            props.onSuccess?.(user)
+            startTransition(() => {
+              // Refresh the current route and fetch new data from the server without
+              // losing client-side browser or React state.
+              router.refresh()
+            })
+          } catch (error: any) {
+            if (error instanceof AuthenticationError) {
+              return {[FORM_ERROR]: "Sorry, those credentials are invalid"}
+            } else {
+              return {
+                [FORM_ERROR]:
+                  "Sorry, we had an unexpected error. Please try again. - " + error.toString(),
+              }
+            }
+          }
+        }}
+      >
+        <LabeledTextField name="email" label="Email" placeholder="Email" />
+        <LabeledTextField name="password" label="Password" placeholder="Password" type="password" />
+        <div>
+          <a>Forgot your password?</a>
+        </div>
+      </Form>
+
+      <div style={{marginTop: "1rem"}}>
+        Or <Link href={"/auth/signup"}>Sign Up</Link>
+      </div>
+    </div>
+  )
+}
+
+export default LoginForm

apps/next13/src/auth/components/SignupForm.tsx

@@ -0,0 +1,51 @@
+import {LabeledTextField} from "../../core/components/LabeledTextField"
+import {Form, FORM_ERROR} from "../../core/components/Form"
+import signup from "../../auth/mutations/signup"
+import {Signup} from "../../auth/validations"
+import {useMutation} from "@blitzjs/rpc"
+import {startTransition} from "react"
+import {useRouter} from "next/navigation"
+
+type SignupFormProps = {
+  onSuccess?: () => void
+}
+
+export const SignupForm = (props: SignupFormProps) => {
+  const [signupMutation] = useMutation(signup)
+  const router = useRouter()
+
+  return (
+    <div>
+      <h1>Create an Account</h1>
+
+      <Form
+        submitText="Create Account"
+        schema={Signup}
+        initialValues={{email: "", password: ""}}
+        onSubmit={async (values) => {
+          try {
+            await signupMutation(values)
+            props.onSuccess?.()
+            startTransition(() => {
+              // Refresh the current route and fetch new data from the server without
+              // losing client-side browser or React state.
+              router.refresh()
+            })
+          } catch (error: any) {
+            if (error.code === "P2002" && error.meta?.target?.includes("email")) {
+              // Error "P2002" comes from Prisma (https://www.prisma.io/docs/reference/api-reference/error-reference#p2002)
+              return {email: "This email is already being used"}
+            } else {
+              return {[FORM_ERROR]: error.toString()}
+            }
+          }
+        }}
+      >
+        <LabeledTextField name="email" label="Email" placeholder="Email" />
+        <LabeledTextField name="password" label="Password" placeholder="Password" type="password" />
+      </Form>
+    </div>
+  )
+}
+
+export default SignupForm

apps/next13/src/auth/mutations/changePassword.ts

@@ -0,0 +1,26 @@
+import {NotFoundError} from "blitz"
+import db from "../../../prisma"
+// import {authenticateUser} from "./login"
+import {ChangePassword} from "../validations"
+import {resolver} from "@blitzjs/rpc"
+// import {SecurePassword} from "@blitzjs/auth"
+
+export default resolver.pipe(
+  //@ts-ignore
+  resolver.zod(ChangePassword),
+  resolver.authorize(),
+  async ({currentPassword, newPassword}, ctx) => {
+    const user = await db.user.findFirst({where: {id: ctx.session.userId}})
+    if (!user) throw new NotFoundError()
+
+    // await authenticateUser(user.email, currentPassword)
+
+    // const hashedPassword = await SecurePassword.hash(newPassword.trim())
+    await db.user.update({
+      where: {id: user.id},
+      data: {hashedPassword: newPassword},
+    })
+
+    return true
+  },
+)

apps/next13/src/auth/mutations/forgotPassword.test.ts

@@ -0,0 +1,64 @@
+import {vi, describe, it, beforeEach} from "vitest"
+import db from "db"
+import {hash256} from "@blitzjs/auth"
+import forgotPassword from "./forgotPassword"
+import previewEmail from "preview-email"
+import {Ctx} from "@blitzjs/next"
+
+beforeEach(async () => {
+  await db.$reset()
+})
+
+const generatedToken = "plain-token"
+vi.mock("@blitzjs/auth", async () => {
+  const auth = await vi.importActual<Record<string, unknown>>("@blitzjs/auth")!
+  return {
+    ...auth,
+    generateToken: () => generatedToken,
+  }
+})
+
+vi.mock("preview-email", () => ({default: vi.fn()}))
+
+describe("forgotPassword mutation", () => {
+  it("does not throw error if user doesn't exist", async () => {
+    await expect(forgotPassword({email: "no-user@email.com"}, {} as Ctx)).resolves.not.toThrow()
+  })
+
+  it("works correctly", async () => {
+    // Create test user
+    const user = await db.user.create({
+      data: {
+        email: "user@example.com",
+        tokens: {
+          // Create old token to ensure it's deleted
+          create: {
+            type: "RESET_PASSWORD",
+            hashedToken: "token",
+            expiresAt: new Date(),
+            sentTo: "user@example.com",
+          },
+        },
+      },
+      include: {tokens: true},
+    })
+
+    // Invoke the mutation
+    await forgotPassword({email: user.email}, {} as Ctx)
+
+    const tokens = await db.token.findMany({where: {userId: user.id}})
+    const token = tokens[0]
+    if (!user.tokens[0]) throw new Error("Missing user token")
+    if (!token) throw new Error("Missing token")
+
+    // delete's existing tokens
+    expect(tokens.length).toBe(1)
+
+    expect(token.id).not.toBe(user.tokens[0].id)
+    expect(token.type).toBe("RESET_PASSWORD")
+    expect(token.sentTo).toBe(user.email)
+    expect(token.hashedToken).toBe(hash256(generatedToken))
+    expect(token.expiresAt > new Date()).toBe(true)
+    expect(previewEmail).toBeCalled()
+  })
+})

apps/next13/src/auth/mutations/forgotPassword.ts

@@ -0,0 +1,40 @@
+import {generateToken, hash256} from "@blitzjs/auth"
+import {resolver} from "@blitzjs/rpc"
+import db from "../../../prisma"
+import {ForgotPassword} from "../validations"
+
+const RESET_PASSWORD_TOKEN_EXPIRATION_IN_HOURS = 4
+//@ts-ignore
+export default resolver.pipe(resolver.zod(ForgotPassword), async ({email}) => {
+  // 1. Get the user
+  const user = await db.user.findFirst({where: {email: email.toLowerCase()}})
+
+  // 2. Generate the token and expiration date.
+  const token = generateToken()
+  const hashedToken = hash256(token)
+  const expiresAt = new Date()
+  expiresAt.setHours(expiresAt.getHours() + RESET_PASSWORD_TOKEN_EXPIRATION_IN_HOURS)
+
+  // 3. If user with this email was found
+  if (user) {
+    // 4. Delete any existing password reset tokens
+    await db.token.deleteMany({where: {type: "RESET_PASSWORD", userId: user.id}})
+    // 5. Save this new token in the database.
+    await db.token.create({
+      data: {
+        user: {connect: {id: user.id}},
+        type: "RESET_PASSWORD",
+        expiresAt,
+        hashedToken,
+        sentTo: user.email,
+      },
+    })
+    // 6. Send the email
+  } else {
+    // 7. If no user found wait the same time so attackers can't tell the difference
+    await new Promise((resolve) => setTimeout(resolve, 750))
+  }
+
+  // 8. Return the same result whether a password reset email was sent or not
+  return
+})

apps/next13/src/auth/mutations/login.ts

@@ -0,0 +1,31 @@
+import {resolver} from "@blitzjs/rpc"
+// import {AuthenticationError} from "blitz"
+import db from "../../../prisma"
+import {Login} from "../validations"
+
+// export const authenticateUser = async (rawEmail: string, rawPassword: string) => {
+//   const {email, password} = Login.parse({email: rawEmail, password: rawPassword})
+//   const user = await db.user.findFirst({where: {email}})
+//   if (!user) throw new AuthenticationError()
+
+//   const result = await SecurePassword.verify(user.hashedPassword, password)
+
+//   if (result === SecurePassword.VALID_NEEDS_REHASH) {
+//     // Upgrade hashed password with a more secure hash
+//     const improvedHash = await SecurePassword.hash(password)
+//     await db.user.update({where: {id: user.id}, data: {hashedPassword: improvedHash}})
+//   }
+
+//   const {hashedPassword, ...rest} = user
+//   return rest
+// }
+//@ts-ignore
+export default resolver.pipe(resolver.zod(Login), async ({email, password}, ctx) => {
+  // This throws an error if credentials are invalid
+  // const user = await authenticateUser(email, password)
+  const user = await db.user.findFirst({where: {email}})
+  //@ts-ignore
+  await ctx.session.$create({userId: user.id, role: user.role})
+  console.log("user", user)
+  return user
+})

apps/next13/src/auth/mutations/logout.ts

@@ -0,0 +1,5 @@
+import {Ctx} from "blitz"
+
+export default async function logout(_: any, ctx: Ctx) {
+  return await ctx.session.$revoke()
+}

apps/next13/src/auth/mutations/resetPassword.test.ts

@@ -0,0 +1,83 @@
+import {vi, describe, it, beforeEach, expect} from "vitest"
+import resetPassword from "./resetPassword"
+import db from "db"
+import {SecurePassword, hash256} from "@blitzjs/auth"
+
+beforeEach(async () => {
+  await db.$reset()
+})
+
+const mockCtx: any = {
+  session: {
+    $create: vi.fn(),
+  },
+}
+
+describe("resetPassword mutation", () => {
+  it("works correctly", async () => {
+    expect(true).toBe(true)
+
+    // Create test user
+    const goodToken = "randomPasswordResetToken"
+    const expiredToken = "expiredRandomPasswordResetToken"
+    const future = new Date()
+    future.setHours(future.getHours() + 4)
+    const past = new Date()
+    past.setHours(past.getHours() - 4)
+
+    const user = await db.user.create({
+      data: {
+        email: "user@example.com",
+        tokens: {
+          // Create old token to ensure it's deleted
+          create: [
+            {
+              type: "RESET_PASSWORD",
+              hashedToken: hash256(expiredToken),
+              expiresAt: past,
+              sentTo: "user@example.com",
+            },
+            {
+              type: "RESET_PASSWORD",
+              hashedToken: hash256(goodToken),
+              expiresAt: future,
+              sentTo: "user@example.com",
+            },
+          ],
+        },
+      },
+      include: {tokens: true},
+    })
+
+    const newPassword = "newPassword"
+
+    // Non-existent token
+    await expect(
+      resetPassword({token: "no-token", password: "", passwordConfirmation: ""}, mockCtx),
+    ).rejects.toThrowError()
+
+    // Expired token
+    await expect(
+      resetPassword(
+        {token: expiredToken, password: newPassword, passwordConfirmation: newPassword},
+        mockCtx,
+      ),
+    ).rejects.toThrowError()
+
+    // Good token
+    await resetPassword(
+      {token: goodToken, password: newPassword, passwordConfirmation: newPassword},
+      mockCtx,
+    )
+
+    // Delete's the token
+    const numberOfTokens = await db.token.count({where: {userId: user.id}})
+    expect(numberOfTokens).toBe(0)
+
+    // Updates user's password
+    const updatedUser = await db.user.findFirst({where: {id: user.id}})
+    expect(await SecurePassword.verify(updatedUser!.hashedPassword, newPassword)).toBe(
+      SecurePassword.VALID,
+    )
+  })
+})

apps/next13/src/auth/mutations/resetPassword.ts

@@ -0,0 +1,50 @@
+import {hash256} from "@blitzjs/auth"
+import db from "../../../prisma"
+import {ResetPassword} from "../validations"
+import login from "./login"
+
+export class ResetPasswordError extends Error {
+  name = "ResetPasswordError"
+  message = "Reset password link is invalid or it has expired."
+}
+
+export default async function resetPassword(input: any, ctx: any) {
+  ResetPassword.parse(input)
+  // 1. Try to find this token in the database
+  const hashedToken = hash256(input.token)
+  const possibleToken = await db.token.findFirst({
+    where: {hashedToken, type: "RESET_PASSWORD"},
+    include: {user: true},
+  })
+
+  // 2. If token not found, error
+  if (!possibleToken) {
+    throw new ResetPasswordError()
+  }
+  const savedToken = possibleToken
+
+  // 3. Delete token so it can't be used again
+  await db.token.delete({where: {id: savedToken.id}})
+
+  // 4. If token has expired, error
+  if (savedToken.expiresAt < new Date()) {
+    throw new ResetPasswordError()
+  }
+
+  // 5. Since token is valid, now we can update the user's password
+  // const hashedPassword = await SecurePassword.hash(input.password.trim())
+  const user = await db.user.update({
+    where: {id: savedToken.userId},
+    data: {
+      hashedPassword: input.password,
+    },
+  })
+
+  // 6. Revoke all existing login sessions for this user
+  await db.session.deleteMany({where: {userId: user.id}})
+
+  // 7. Now log the user in with the new credentials
+  await login({email: user.email, password: input.password}, ctx)
+
+  return true
+}

apps/next13/src/auth/mutations/signup.ts

@@ -0,0 +1,18 @@
+import db from "../../../prisma"
+import {SecurePassword} from "@blitzjs/auth/secure-password"
+
+export default async function signup(input: {password: string; email: string}, ctx: any) {
+  const blitzContext = ctx
+  const hashedPassword = await SecurePassword.hash((input.password as string) || "test-password")
+  const email = input.email
+  const user = await db.user.create({
+    data: {email, hashedPassword},
+  })
+
+  await blitzContext.session.$create({
+    userId: user.id,
+    role: "user",
+  })
+
+  return {userId: blitzContext.session.userId, ...user, email: input.email}
+}

apps/next13/src/auth/validations.ts

@@ -0,0 +1,42 @@
+import {z} from "zod"
+
+export const email = z
+  .string()
+  .email()
+  .transform((str) => str.toLowerCase().trim())
+
+export const password = z
+  .string()
+  .min(10)
+  .max(100)
+  .transform((str) => str.trim())
+
+export const Signup = z.object({
+  email,
+  password,
+})
+
+export const Login = z.object({
+  email,
+  password: z.string(),
+})
+
+export const ForgotPassword = z.object({
+  email,
+})
+
+export const ResetPassword = z
+  .object({
+    password: password,
+    passwordConfirmation: password,
+    token: z.string(),
+  })
+  .refine((data) => data.password === data.passwordConfirmation, {
+    message: "Passwords don't match",
+    path: ["passwordConfirmation"], // set the path of the error
+  })
+
+export const ChangePassword = z.object({
+  currentPassword: z.string(),
+  newPassword: password,
+})

apps/next13/src/blitz-client.ts

@@ -0,0 +1,13 @@
+"use client"
+import {AuthClientPlugin} from "@blitzjs/auth"
+import {setupBlitzClient} from "@blitzjs/next"
+import {BlitzRpcPlugin} from "@blitzjs/rpc"
+
+export const {withBlitz, useSession, queryClient, BlitzProvider} = setupBlitzClient({
+  plugins: [
+    AuthClientPlugin({
+      cookiePrefix: "web-cookie-prefix",
+    }),
+    BlitzRpcPlugin({}),
+  ],
+})

apps/next13/src/blitz-server.ts

@@ -0,0 +1,32 @@
+import type {BlitzCliConfig} from "blitz"
+import {setupBlitzServer} from "@blitzjs/next"
+import {AuthServerPlugin, PrismaStorage} from "@blitzjs/auth"
+import db from "../prisma"
+import {simpleRolesIsAuthorized} from "@blitzjs/auth"
+import {BlitzLogger} from "blitz"
+import {RpcServerPlugin} from "@blitzjs/rpc"
+
+const {api, getBlitzContext, useAuthenticatedBlitzContext, invoke} = setupBlitzServer({
+  plugins: [
+    AuthServerPlugin({
+      cookiePrefix: "web-cookie-prefix",
+      storage: PrismaStorage(db),
+      isAuthorized: simpleRolesIsAuthorized,
+    }),
+    RpcServerPlugin({
+      logging: {
+        disablelevel: "debug",
+      },
+      onInvokeError(error) {
+        console.log("onInvokeError", error)
+      },
+    }),
+  ],
+  logger: BlitzLogger({}),
+})
+
+export {api, getBlitzContext, useAuthenticatedBlitzContext, invoke}
+
+export const cliConfig: BlitzCliConfig = {
+  customTemplates: "src/templates",
+}

apps/next13/src/core/components/Form.tsx

@@ -0,0 +1,83 @@
+import {useState, ReactNode, PropsWithoutRef} from "react"
+import {FormProvider, useForm, UseFormProps} from "react-hook-form"
+import {zodResolver} from "@hookform/resolvers/zod"
+import {z} from "zod"
+
+export interface FormProps<S extends z.ZodType<any, any>>
+  extends Omit<PropsWithoutRef<JSX.IntrinsicElements["form"]>, "onSubmit"> {
+  /** All your form fields */
+  children?: ReactNode
+  /** Text to display in the submit button */
+  submitText?: string
+  schema?: S
+  onSubmit: (values: z.infer<S>) => Promise<void | OnSubmitResult>
+  initialValues?: UseFormProps<z.infer<S>>["defaultValues"]
+}
+
+interface OnSubmitResult {
+  FORM_ERROR?: string
+  [prop: string]: any
+}
+
+export const FORM_ERROR = "FORM_ERROR"
+
+export function Form<S extends z.ZodType<any, any>>({
+  children,
+  submitText,
+  schema,
+  initialValues,
+  onSubmit,
+  ...props
+}: FormProps<S>) {
+  const ctx = useForm<z.infer<S>>({
+    mode: "onBlur",
+    resolver: schema ? zodResolver(schema) : undefined,
+    defaultValues: initialValues,
+  })
+  const [formError, setFormError] = useState<string | null>(null)
+
+  return (
+    <FormProvider {...ctx}>
+      <form
+        onSubmit={ctx.handleSubmit(async (values) => {
+          const result = (await onSubmit(values)) || {}
+          for (const [key, value] of Object.entries(result)) {
+            if (key === FORM_ERROR) {
+              setFormError(value)
+            } else {
+              ctx.setError(key as any, {
+                type: "submit",
+                message: value,
+              })
+            }
+          }
+        })}
+        className="form"
+        {...props}
+      >
+        {/* Form fields supplied as children are rendered here */}
+        {children}
+
+        {formError && (
+          <div role="alert" style={{color: "red"}}>
+            {formError}
+          </div>
+        )}
+
+        {submitText && (
+          <button type="submit" disabled={ctx.formState.isSubmitting}>
+            {submitText}
+          </button>
+        )}
+
+        <style global jsx>{`
+          .form > * + * {
+            margin-top: 1rem;
+          }
+        `}</style>
+      </form>
+    </FormProvider>
+  )
+}
+
+export default Form

apps/next13/src/core/components/LabeledTextField.tsx

@@ -0,0 +1,63 @@
+import {forwardRef, PropsWithoutRef, ComponentPropsWithoutRef} from "react"
+import {useFormContext} from "react-hook-form"
+import {ErrorMessage} from "@hookform/error-message"
+
+export interface LabeledTextFieldProps extends PropsWithoutRef<JSX.IntrinsicElements["input"]> {
+  /** Field name. */
+  name: string
+  /** Field label. */
+  label: string
+  /** Field type. Doesn't include radio buttons and checkboxes */
+  type?: "text" | "password" | "email" | "number"
+  outerProps?: PropsWithoutRef<JSX.IntrinsicElements["div"]>
+  labelProps?: ComponentPropsWithoutRef<"label">
+}
+
+export const LabeledTextField = forwardRef<HTMLInputElement, LabeledTextFieldProps>(
+  ({label, outerProps, labelProps, name, ...props}, ref) => {
+    const {
+      register,
+      formState: {isSubmitting, errors},
+    } = useFormContext()
+
+    return (
+      <div {...outerProps}>
+        <label {...labelProps}>
+          {label}
+          <input disabled={isSubmitting} {...register(name)} {...props} />
+        </label>
+
+        <ErrorMessage
+          render={({message}) => (
+            <div role="alert" style={{color: "red"}}>
+              {message}
+            </div>
+          )}
+          errors={errors}
+          name={name}
+        />
+
+        <style jsx>{`
+          label {
+            display: flex;
+            flex-direction: column;
+            align-items: start;
+            font-size: 1rem;
+          }
+          input {
+            font-size: 1rem;
+            padding: 0.25rem 0.5rem;
+            border-radius: 3px;
+            border: 1px solid purple;
+            appearance: none;
+            margin-top: 0.5rem;
+          }
+        `}</style>
+      </div>
+    )
+  },
+)
+
+LabeledTextField.displayName = "LabeledTextField"
+
+export default LabeledTextField

apps/next13/src/pages/api/auth/session.ts

@@ -0,0 +1,8 @@
+import {api} from "../../../blitz-server"
+
+export default api((req, res, ctx) => {
+  // console.log("session", ctx.session)
+  //get cookie
+  console.dir("cookie", req.headers.cookie)
+  res.json({session: ctx.session.userId})
+})

apps/next13/src/pages/api/rpc/[[...blitz]].ts

@@ -0,0 +1,4 @@
+import {rpcHandler} from "@blitzjs/rpc"
+import {api} from "../../../blitz-server"
+
+export default api(rpcHandler({onError: (error, ctx) => console.log(error)}))

apps/next13/src/styles/Home.module.css

@@ -0,0 +1,303 @@
+.container {
+  display: flex;
+  flex-direction: column;
+  height: 100vh;
+}
+
+.main {
+  flex: 1;
+  padding: 0rem 1rem;
+  display: flex;
+  flex-direction: column;
+}
+
+.wrapper {
+  display: flex;
+  flex-direction: column;
+  gap: 2rem;
+}
+
+.frost {
+  background: rgba(255, 255, 255, 0.2);
+  border-radius: 16px;
+  box-shadow: 0 4px 30px rgba(0, 0, 0, 0.1);
+  backdrop-filter: blur(5px);
+  -webkit-backdrop-filter: blur(5px);
+  border: 1px solid rgba(255, 255, 255, 0.31);
+}
+
+.header {
+  display: flex;
+  flex-direction: column;
+  padding: 4rem 0rem 2rem 0rem;
+  text-align: center;
+  gap: 2rem;
+}
+
+.header h1 {
+  max-width: 620px;
+  align-self: center;
+}
+
+.body {
+  composes: frost;
+  border-radius: var(--border-radius);
+  display: flex;
+  padding: 1rem;
+  width: 100%;
+  flex-direction: row;
+  align-self: center;
+  max-width: var(--screen-width);
+}
+
+.instructions {
+  display: inline-flex;
+  flex-direction: column;
+  padding: 1rem;
+  width: 100%;
+}
+
+.globe {
+  position: fixed;
+  width: 350vmin;
+  height: 75vmin;
+  left: 20%;
+  top: 50%;
+  transform: translate(-50%, calc(-50% + 40px));
+  z-index: -1;
+  border-radius: 100%;
+  background-image: radial-gradient(
+    95.63% 95.63% at 95.92% 0%,
+    rgba(255, 255, 255, 0.62) 0%,
+    #8155ff38 60.42%,
+    #002fff5c 169%
+  );
+  filter: blur(8vmin);
+}
+
+.footer {
+  display: flex;
+  padding: 2rem 0;
+  justify-content: center;
+  align-items: center;
+}
+
+.footer span {
+  margin-right: 0.2rem;
+}
+
+.code {
+  display: flex;
+  align-items: center;
+  gap: 0.5rem;
+}
+
+.code span {
+  background: rgba(124, 58, 237, 50%);
+  border-radius: 50rem;
+  font-size: 14px;
+  font-weight: 500;
+  padding: 17px;
+  width: 20px;
+  height: 20px;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  color: rgb(57, 33, 97);
+}
+
+.code pre {
+  background: rgba(124, 58, 237, 12%);
+  border-radius: 4px;
+  padding: 0.7em 1.4em;
+  text-align: center;
+}
+
+.code code {
+  font-size: 0.86em;
+  font-weight: bold;
+  color: rgb(124, 58, 237);
+  font-family: Menlo, Monaco, Lucida Console, Liberation Mono, DejaVu Sans Mono,
+    Bitstream Vera Sans Mono, Courier New, monospace;
+}
+
+.toastContainer {
+  border: 1px solid #edff;
+  padding: 0 1rem;
+  background: #eeff;
+  color: #62af;
+  text-align: center;
+}
+
+.toastContainer strong {
+  color: rgb(124, 58, 237);
+}
+
+.textLink {
+  color: rgb(124, 58, 237);
+  background: linear-gradient(to right, rgba(231, 216, 246, 1), rgba(231, 216, 246, 1)),
+    linear-gradient(to right, rgba(99, 1, 235, 1), rgba(124, 58, 237, 1), rgba(231, 216, 246, 1));
+  background-size: 100% 1px, 0 1px;
+  background-position: 100% 100%, 0 100%;
+  background-repeat: no-repeat;
+  transition: background-size 400ms;
+}
+
+.textLink:hover,
+.textLink:focus,
+.textLink:active {
+  background-size: 0 1px, 100% 1px;
+}
+
+.arrowIcon {
+  box-sizing: border-box;
+  display: block;
+  width: 8px;
+  height: 8px;
+  border-top: 2px solid;
+  transform: scale(var(--ggs, 1));
+  border-right: 2px solid;
+  position: absolute;
+  right: 6px;
+  top: 6px;
+  color: #b1a5c4;
+}
+
+.arrowIcon::after {
+  content: "";
+  display: block;
+  box-sizing: border-box;
+  position: absolute;
+  width: 8px;
+  height: 2px;
+  background: currentColor;
+  transform: rotate(-45deg);
+  top: 2px;
+  right: -1px;
+}
+
+.buttonContainer {
+  display: flex;
+  flex-direction: row;
+  gap: 1rem;
+  justify-content: center;
+  align-items: center;
+  flex: 1;
+}
+
+.button {
+  background: linear-gradient(to top, rgb(124, 58, 237), rgb(117, 81, 236));
+  border: 1px solid rgb(231, 216, 246);
+  color: white;
+  text-shadow: rgba(0, 0, 0, 0.25) 0px 3px 8px;
+  padding: 0 24px;
+  height: 48px;
+  width: 200px;
+  max-width: 300px;
+  position: relative;
+  display: inline-flex;
+  justify-content: center;
+  align-items: center;
+  flex-shrink: 0;
+  user-select: none;
+  white-space: nowrap;
+  border-radius: 0.75rem;
+  border-bottom-left-radius: 0px;
+  font-size: 15px;
+  transition: all 0.3s ease 0s;
+  cursor: pointer;
+}
+
+.button:hover {
+  color: white;
+  text-shadow: rgb(0 0 0 / 56%) 0px 3px 12px;
+  box-shadow: rgb(80 63 205 / 50%) 0px 1px 40px;
+}
+
+.loginButton {
+  composes: button;
+  background: rgb(248 250 252);
+  border: 1px solid rgb(231, 216, 246);
+  color: rgb(30 41 59);
+  text-shadow: none;
+}
+
+.loginButton:hover {
+  color: rgb(30 41 59);
+  text-shadow: none;
+}
+
+.card:hover .arrowIcon {
+  color: #7450ec;
+}
+
+.linkGrid {
+  display: flex;
+  flex-direction: column;
+  flex-wrap: wrap;
+  gap: 1rem;
+}
+
+.card {
+  composes: frost;
+  padding: 1rem 0rem;
+  text-align: center;
+  color: inherit;
+  text-decoration: none;
+  border-radius: 10px;
+  border-bottom-left-radius: 0px;
+  transition: color 0.15s ease, border-color 0.15s ease;
+  max-width: 200px;
+  min-width: 200px;
+  display: flex;
+  flex-direction: row;
+  justify-content: center;
+}
+
+.card:hover,
+.card:focus,
+.card:active {
+  color: #7450ec;
+  border-color: #7450ec;
+}
+
+.card h2 {
+  margin: 0 0 1rem 0;
+  font-size: 1.5rem;
+}
+
+.card p {
+  margin: 0;
+  font-size: 1.25rem;
+  line-height: 1.5;
+}
+
+.logo {
+  flex: 1;
+  padding: 1rem 2rem;
+}
+
+.logo svg {
+  height: 100%;
+  width: 200px;
+  fill: #7450ec;
+}
+
+/* MOBILE */
+@media (max-width: 800px) {
+  .linkGrid {
+    width: 100%;
+  }
+
+  .card {
+    max-width: 100%;
+  }
+
+  .body {
+    flex-wrap: wrap;
+  }
+
+  .buttonContainer {
+    flex-wrap: wrap;
+  }
+}

apps/next13/src/styles/globals.css

@@ -0,0 +1,25 @@
+:root {
+  --border-radius: 0.75rem;
+  --screen-width: 90vmin;
+}
+
+html,
+body {
+  padding: 0;
+  margin: 0;
+  font-family: -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, Oxygen, Ubuntu, Cantarell,
+    Fira Sans, Droid Sans, Helvetica Neue, sans-serif;
+}
+
+a {
+  color: inherit;
+  text-decoration: none;
+}
+
+i {
+  font-size: 0.8rem;
+}
+
+* {
+  box-sizing: border-box;
+}

apps/next13/src/users/hooks/useCurrentUser.ts

@@ -0,0 +1,7 @@
+import {useQuery} from "@blitzjs/rpc"
+import getCurrentUser from "../../../src/users/queries/getCurrentUser"
+
+export const useCurrentUser = () => {
+  const [user] = useQuery(getCurrentUser, null)
+  return user
+}

apps/next13/src/users/queries/getCurrentUser.ts

@@ -0,0 +1,16 @@
+import {Ctx} from "blitz"
+import db from "../../../prisma"
+
+export default async function getCurrentUser(input: null, ctx: Ctx) {
+  if (!ctx.session.userId) return null
+  const user = await db.user.findFirst({
+    where: {id: ctx.session.userId},
+    select: {id: true, name: true, email: true},
+  })
+
+  return user
+}
+
+export const config = {
+  httpMethod: "GET",
+}

apps/next13/tsconfig.json

@@ -0,0 +1,26 @@
+{
+  "compilerOptions": {
+    "target": "es5",
+    "lib": ["dom", "dom.iterable", "esnext"],
+    "allowJs": true,
+    "skipLibCheck": true,
+    "strict": true,
+    "forceConsistentCasingInFileNames": true,
+    "noEmit": true,
+    "esModuleInterop": true,
+    "module": "esnext",
+    "moduleResolution": "node",
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "jsx": "preserve",
+    "incremental": true,
+    "baseUrl": ".",
+    "plugins": [
+      {
+        "name": "next"
+      }
+    ]
+  },
+  "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", ".next/types/**/*.ts"],
+  "exclude": ["node_modules"]
+}

apps/next13/types.ts

@@ -0,0 +1,12 @@
+import {SimpleRolesIsAuthorized} from "@blitzjs/auth"
+import {User} from "./prisma"
+
+declare module "@blitzjs/auth" {
+  export interface Session {
+    isAuthorized: SimpleRolesIsAuthorized
+    PublicData: {
+      userId: User["id"]
+      email: User["email"]
+    }
+  }
+}

apps/toolkit-app-passportjs/.editorconfig

@@ -0,0 +1,11 @@
+# https://EditorConfig.org
+
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true

apps/toolkit-app-passportjs/.env

@@ -0,0 +1,3 @@
+# This env file should be checked into source control
+# This is the place for default values for all environments
+# Values in `.env.local` and `.env.production` will override these values

apps/toolkit-app-passportjs/.eslintrc.js

@@ -0,0 +1 @@
+module.exports = require("@blitzjs/next/eslint")

apps/toolkit-app-passportjs/.gitignore

@@ -1,8 +1,11 @@
 # dependencies
 node_modules
-.yarn/cache
-.yarn/unplugged
-.yarn/build-state.yml
+.yarn/*
+!.yarn/patches
+!.yarn/plugins
+!.yarn/releases
+!.yarn/sdks
+!.yarn/versions
 .pnp.*
 .npm
 web_modules/
@@ -11,20 +14,18 @@ web_modules/
 /.blitz/
 /.next/
 *.sqlite
+*.sqlite-journal
 .now
-.blitz-console-history
+.blitz**
 blitz-log.log
 
 # misc
 .DS_Store
 
 # local env files
-.env
-.envrc
 .env.local
-.env.development.local
-.env.test.local
-.env.production.local
+.env.*.local
+.envrc
 
 # Logs
 logs
@@ -37,7 +38,7 @@ pids
 *.pid.lock
 
 # Testing
-coverage
+.coverage
 *.lcov
 .nyc_output
 lib-cov

apps/toolkit-app-passportjs/.npmrc

@@ -0,0 +1,8 @@
+save-exact=true
+legacy-peer-deps=true
+
+public-hoist-pattern[]=@tanstack/react-query
+public-hoist-pattern[]=next
+public-hoist-pattern[]=secure-password
+public-hoist-pattern[]=*jest*
+public-hoist-pattern[]=@testing-library/*

apps/toolkit-app-passportjs/.prettierignore

@@ -3,3 +3,7 @@
 *.ico
 *.lock
 db/migrations
+.next
+.yarn
+.pnp.*
+node_modules

apps/toolkit-app-passportjs/CHANGELOG.md

@@ -0,0 +1,2 @@
+# toolkit-app-passportjs
+

apps/toolkit-app-passportjs/README.md

@@ -0,0 +1,175 @@
+TODO
+
+[![Blitz.js](https://raw.githubusercontent.com/blitz-js/art/master/github-cover-photo.png)](https://blitzjs.com)
+
+This is a [Blitz.js](https://github.com/blitz-js/blitz) app.
+
+# \***\*name\*\***
+
+## Getting Started
+
+Run your app in the development mode.
+
+```
+blitz dev
+```
+
+Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
+
+## Environment Variables
+
+Ensure the `.env.local` file has required environment variables:
+
+```
+DATABASE_URL=postgresql://<YOUR_DB_USERNAME>@localhost:5432/__name__
+```
+
+Ensure the `.env.test.local` file has required environment variables:
+
+```
+DATABASE_URL=postgresql://<YOUR_DB_USERNAME>@localhost:5432/__name___test
+```
+
+## Tests
+
+Runs your tests using Jest.
+
+```
+yarn test
+```
+
+Blitz comes with a test setup using [Jest](https://jestjs.io/) and [react-testing-library](https://testing-library.com/).
+
+## Commands
+
+Blitz comes with a powerful CLI that is designed to make development easy and fast. You can install it with `npm i -g blitz`
+
+```
+  blitz [COMMAND]
+
+  dev       Start a development server
+  build     Create a production build
+  start     Start a production server
+  export    Export your Blitz app as a static application
+  prisma    Run prisma commands
+  generate  Generate new files for your Blitz project
+  console   Run the Blitz console REPL
+  install   Install a recipe
+  help      Display help for blitz
+  test      Run project tests
+```
+
+You can read more about it on the [CLI Overview](https://blitzjs.com/docs/cli-overview) documentation.
+
+## What's included?
+
+Here is the starting structure of your app.
+
+```
+__name__
+├── src/
+│   ├── api/
+│   ├── auth/
+│   │   ├── components/
+│   │   │   ├── LoginForm.tsx
+│   │   │   └── SignupForm.tsx
+│   │   ├── mutations/
+│   │   │   ├── changePassword.ts
+│   │   │   ├── forgotPassword.test.ts
+│   │   │   ├── forgotPassword.ts
+│   │   │   ├── login.ts
+│   │   │   ├── logout.ts
+│   │   │   ├── resetPassword.test.ts
+│   │   │   ├── resetPassword.ts
+│   │   │   └── signup.ts
+│   │   ├── pages/
+│   │   │   ├── forgot-password.tsx
+│   │   │   ├── login.tsx
+│   │   │   ├── reset-password.tsx
+│   │   │   └── signup.tsx
+│   │   └── validations.ts
+│   ├── core/
+│   │   ├── components/
+│   │   │   ├── Form.tsx
+│   │   │   └── LabeledTextField.tsx
+│   │   └── layouts/
+│   │       └── Layout.tsx
+│   ├── pages/
+│   │   ├── _app.tsx
+│   │   ├── _document.tsx
+│   │   ├── 404.tsx
+│   │   ├── index.test.tsx
+│   │   └── index.tsx
+│   └── users/
+│       ├── hooks/
+│       │   └── useCurrentUser.ts
+│       └── queries/
+│           └── getCurrentUser.ts
+├── db/
+│   ├── migrations/
+│   ├── index.ts
+│   ├── schema.prisma
+│   └── seeds.ts
+├── integrations/
+├── mailers/
+│   └── forgotPasswordMailer.ts
+├── public/
+│   ├── favicon.ico
+│   └── logo.png
+├── test/
+│   ├── setup.ts
+│   └── utils.tsx
+├── .eslintrc.js
+├── babel.config.js
+├── blitz.config.ts
+├── jest.config.ts
+├── package.json
+├── README.md
+├── tsconfig.json
+└── types.ts
+```
+
+These files are:
+
+- The `src/` folder is a container for most of your project. This is where you’ll put any pages or API routes.
+
+- `db/` is where your database configuration goes. If you’re writing models or checking migrations, this is where to go.
+
+- `public/` is a folder where you will put any static assets. If you have images, files, or videos which you want to use in your app, this is where to put them.
+
+- `integrations/` is a folder to put all third-party integrations like with Stripe, Sentry, etc.
+
+- `test/` is a folder where you can put test utilities and integration tests.
+
+- `package.json` contains information about your dependencies and devDependencies. If you’re using a tool like `npm` or `yarn`, you won’t have to worry about this much.
+
+- `tsconfig.json` is our recommended setup for TypeScript.
+
+- `.babel.config.js`, `.eslintrc.js`, `.env`, etc. ("dotfiles") are configuration files for various bits of JavaScript tooling.
+
+- `blitz.config.ts` is for advanced custom configuration of Blitz. [Here you can learn how to use it](https://blitzjs.com/docs/blitz-config).
+
+- `jest.config.js` contains config for Jest tests. You can [customize it if needed](https://jestjs.io/docs/en/configuration).
+
+You can read more about it in the [File Structure](https://blitzjs.com/docs/file-structure) section of the documentation.
+
+### Tools included
+
+Blitz comes with a set of tools that corrects and formats your code, facilitating its future maintenance. You can modify their options and even uninstall them.
+
+- **ESLint**: It lints your code: searches for bad practices and tell you about it. You can customize it via the `.eslintrc.js`, and you can install (or even write) plugins to have it the way you like it. It already comes with the [`blitz`](https://github.com/blitz-js/blitz/tree/canary/packages/eslint-config) config, but you can remove it safely. [Learn More](https://blitzjs.com/docs/eslint-config).
+- **Husky**: It adds [githooks](https://git-scm.com/docs/githooks), little pieces of code that get executed when certain Git events are triggerd. For example, `pre-commit` is triggered just before a commit is created. You can see the current hooks inside `.husky/`. If are having problems commiting and pushing, check out ther [troubleshooting](https://typicode.github.io/husky/#/?id=troubleshoot) guide. [Learn More](https://blitzjs.com/docs/husky-config).
+- **Prettier**: It formats your code to look the same everywhere. You can configure it via the `.prettierrc` file. The `.prettierignore` contains the files that should be ignored by Prettier; useful when you have large files or when you want to keep a custom formatting. [Learn More](https://blitzjs.com/docs/prettier-config).
+
+## Learn more
+
+Read the [Blitz.js Documentation](https://blitzjs.com/docs/getting-started) to learn more.
+
+The Blitz community is warm, safe, diverse, inclusive, and fun! Feel free to reach out to us in any of our communication channels.
+
+- [Website](https://blitzjs.com)
+- [Discord](https://blitzjs.com/discord)
+- [Report an issue](https://github.com/blitz-js/blitz/issues/new/choose)
+- [Forum discussions](https://github.com/blitz-js/blitz/discussions)
+- [How to Contribute](https://blitzjs.com/docs/contributing)
+- [Sponsor or donate](https://github.com/blitz-js/blitz#sponsors-and-donations)

apps/toolkit-app-passportjs/db/index.ts

@@ -0,0 +1,8 @@
+import { enhancePrisma } from "blitz"
+import { PrismaClient } from "@prisma/client"
+
+const EnhancedPrisma = enhancePrisma(PrismaClient)
+
+export * from "@prisma/client"
+const db = new EnhancedPrisma()
+export default db

apps/toolkit-app-passportjs/db/migrations/20220427214932_/migration.sql

@@ -0,0 +1,47 @@
+-- CreateTable
+CREATE TABLE "User" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "name" TEXT,
+    "email" TEXT NOT NULL,
+    "hashedPassword" TEXT,
+    "role" TEXT NOT NULL DEFAULT 'USER'
+);
+
+-- CreateTable
+CREATE TABLE "Session" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "expiresAt" DATETIME,
+    "handle" TEXT NOT NULL,
+    "hashedSessionToken" TEXT,
+    "antiCSRFToken" TEXT,
+    "publicData" TEXT,
+    "privateData" TEXT,
+    "userId" INTEGER,
+    CONSTRAINT "Session_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE SET NULL ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "Token" (
+    "id" INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL,
+    "hashedToken" TEXT NOT NULL,
+    "type" TEXT NOT NULL,
+    "expiresAt" DATETIME NOT NULL,
+    "sentTo" TEXT NOT NULL,
+    "userId" INTEGER NOT NULL,
+    CONSTRAINT "Token_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "User_email_key" ON "User"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Session_handle_key" ON "Session"("handle");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "Token_hashedToken_type_key" ON "Token"("hashedToken", "type");

apps/toolkit-app-passportjs/db/migrations/migration_lock.toml

@@ -0,0 +1,3 @@
+# Please do not edit this file manually
+# It should be added in your version-control system (i.e. Git)
+provider = "sqlite"

apps/toolkit-app-passportjs/db/schema.prisma

@@ -0,0 +1,65 @@
+// This is your Prisma schema file,
+// learn more about it in the docs: https://pris.ly/d/prisma-schema
+
+datasource db {
+  provider = "sqlite"
+  url      = "file:./db.sqlite"
+}
+
+generator client {
+  provider = "prisma-client-js"
+}
+
+// --------------------------------------
+
+model User {
+  id             Int      @id @default(autoincrement())
+  createdAt      DateTime @default(now())
+  updatedAt      DateTime @updatedAt
+  name           String?
+  email          String   @unique
+  hashedPassword String?
+  role           String   @default("USER")
+
+  tokens   Token[]
+  sessions Session[]
+}
+
+model Session {
+  id                 Int       @id @default(autoincrement())
+  createdAt          DateTime  @default(now())
+  updatedAt          DateTime  @updatedAt
+  expiresAt          DateTime?
+  handle             String    @unique
+  hashedSessionToken String?
+  antiCSRFToken      String?
+  publicData         String?
+  privateData        String?
+
+  user   User? @relation(fields: [userId], references: [id])
+  userId Int?
+}
+
+model Token {
+  id          Int      @id @default(autoincrement())
+  createdAt   DateTime @default(now())
+  updatedAt   DateTime @updatedAt
+  hashedToken String
+  type        String
+  // See note below about TokenType enum
+  // type        TokenType
+  expiresAt   DateTime
+  sentTo      String
+
+  user   User @relation(fields: [userId], references: [id])
+  userId Int
+
+  @@unique([hashedToken, type])
+}
+
+// NOTE: It's highly recommended to use an enum for the token type
+//       but enums only work in Postgres.
+//       See: https://blitzjs.com/docs/database-overview#switch-to-postgre-sql
+// enum TokenType {
+//   RESET_PASSWORD
+// }

apps/toolkit-app-passportjs/db/seeds.ts

@@ -0,0 +1,21 @@
+import db from "./index"
+
+/*
+ * This seed function is executed when you run `blitz db seed`.
+ *
+ * Probably you want to use a library like https://chancejs.com
+ * to easily generate realistic data.
+ */
+const seed = async () => {
+  await db.$reset()
+
+  for (let i = 0; i < 1; i++) {
+    await db.user.create({
+      data: {
+        email: "test@test.com",
+      },
+    })
+  }
+}
+
+export default seed

apps/toolkit-app-passportjs/jest.config.js

@@ -0,0 +1,11 @@
+const nextJest = require("@blitzjs/next/jest")
+
+const createJestConfig = nextJest({
+  dir: "./",
+})
+
+const customJestConfig = {
+  testEnvironment: "jest-environment-jsdom",
+}
+
+module.exports = createJestConfig(customJestConfig)

apps/toolkit-app-passportjs/mailers/forgotPasswordMailer.ts

@@ -0,0 +1,45 @@
+/* TODO - You need to add a mailer integration in `integrations/` and import here.
+ *
+ * The integration file can be very simple. Instantiate the email client
+ * and then export it. That way you can import here and anywhere else
+ * and use it straight away.
+ */
+
+type ResetPasswordMailer = {
+  to: string
+  token: string
+}
+
+export function forgotPasswordMailer({ to, token }: ResetPasswordMailer) {
+  // In production, set APP_ORIGIN to your production server origin
+  const origin = process.env.APP_ORIGIN || process.env.BLITZ_DEV_SERVER_ORIGIN
+  const resetUrl = `${origin}/auth/reset-password?token=${token}`
+
+  const msg = {
+    from: "TODO@example.com",
+    to,
+    subject: "Your Password Reset Instructions",
+    html: `
+      <h1>Reset Your Password</h1>
+      <h3>NOTE: You must set up a production email integration in mailers/forgotPasswordMailer.ts</h3>
+
+      <a href="${resetUrl}">
+        Click here to set a new password
+      </a>
+    `,
+  }
+
+  return {
+    async send() {
+      if (process.env.NODE_ENV === "production") {
+        // TODO - send the production email, like this:
+        // await postmark.sendEmail(msg)
+        throw new Error("No production email implementation in mailers/forgotPasswordMailer")
+      } else {
+        // Preview email in the browser
+        const previewEmail = (await import("preview-email")).default
+        await previewEmail(msg)
+      }
+    },
+  }
+}

apps/toolkit-app-passportjs/next-env.d.ts

@@ -0,0 +1,5 @@
+/// <reference types="next" />
+/// <reference types="next/image-types/global" />
+
+// NOTE: This file should not be edited
+// see https://nextjs.org/docs/basic-features/typescript for more information.