MCPcopy
hub / github.com/nextauthjs/next-auth / getToken

Function getToken

src/jwt/index.ts:67–111  ·  view source on GitHub ↗
(
  params?: GetTokenParams<R>
)

Source from the content-addressed store, hash-verified

65 * [Documentation](https://next-auth.js.org/tutorials/securing-pages-and-api-routes#using-gettoken)
66 */
67export async function getToken<R extends boolean = false>(
68 params?: GetTokenParams<R>
69): Promise<R extends true ? string : JWT | null> {
70 const {
71 req,
72 secureCookie = process.env.NEXTAUTH_URL?.startsWith("https://") ??
73 !!process.env.VERCEL,
74 cookieName = secureCookie
75 ? "__Secure-next-auth.session-token"
76 : "next-auth.session-token",
77 raw,
78 decode: _decode = decode,
79 logger = console,
80 secret = process.env.NEXTAUTH_SECRET,
81 } = params ?? {}
82
83 if (!req) throw new Error("Must pass `req` to JWT getToken()")
84
85 const sessionStore = new SessionStore(
86 { name: cookieName, options: { secure: secureCookie } },
87 { cookies: req.cookies, headers: req.headers },
88 logger
89 )
90
91 let token = sessionStore.value
92
93 if (!token && req.headers.authorization?.split(" ")[0] === "Bearer") {
94 const urlEncodedToken = req.headers.authorization.split(" ")[1]
95 token = decodeURIComponent(urlEncodedToken)
96 }
97
98 // @ts-expect-error
99 if (!token) return null
100
101 // @ts-expect-error
102 if (raw) return token
103
104 try {
105 // @ts-expect-error
106 return await _decode({ token, secret })
107 } catch {
108 // @ts-expect-error
109 return null
110 }
111}
112
113async function getDerivedEncryptionKey(secret: string | Buffer) {
114 return await hkdf(

Callers 2

handleMiddlewareFunction · 0.90
jwt.jsFile · 0.90

Calls

no outgoing calls

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…