Add option to get raw JWT from getToken helper

nextauthjs · Jul 27, 2020 · 8115a7c · 8115a7c
1 parent 1ab029c
commit 8115a7c
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 2 deletions.
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "next-auth",
-  "version": "3.0.0-beta.25",
+  "version": "3.0.0-beta.26",
   "description": "Authentication for Next.js",
   "homepage": "https://next-auth.js.org",
   "repository": "https://github.com/iaincollins/next-auth.git",

diff --git a/src/lib/jwt.js b/src/lib/jwt.js
@@ -97,7 +97,8 @@ const getToken = async (args) => {
     // Use secure prefix for cookie name, unless URL is NEXTAUTH_URL is http://
     // or not set (e.g. development or test instance) case use unprefixed name
     secureCookie = !(!process.env.NEXTAUTH_URL || process.env.NEXTAUTH_URL.startsWith('http://')),
-    cookieName = (secureCookie) ? '__Secure-next-auth.session-token' : 'next-auth.session-token'
+    cookieName = (secureCookie) ? '__Secure-next-auth.session-token' : 'next-auth.session-token',
+    raw = false
   } = args
   if (!req) throw new Error('Must pass `req` to JWT getToken()')
 
@@ -112,6 +113,10 @@ const getToken = async (args) => {
     token = decodeURIComponent(urlEncodedToken)
   }
 
+  if (raw) {
+    return token
+  }
+
   try {
     return await decode({ token, ...args })
   } catch (error) {

diff --git a/www/docs/configuration/options.md b/www/docs/configuration/options.md
@@ -178,6 +178,10 @@ It also supports the following options:
 
   The `secureCookie` option is ignored if `cookieName` is explcitly specified.
 
+* `raw` - (boolean) Get raw token (not decoded)
+
+  If set to `true` returns the raw token without decrypting or verifying it.
+
 :::note
 The JWT is stored in the Session Token cookie, the same cookie used for tokens with database sessions.
 :::