Is it okay to have CredentialsProvider as JWT and save Google/Discord users in database session?
I want to use both GoogleProvider and have an option to use traditional registered with Email/Password. How would you go around this?
4 Replies
You can have both google and traditional auth providers, store users, accounts, and verification tokens (required for email/password) in database, and use JWTs to store session details. This way you have less data stored in the database.
Dont think those are required for email/password. For example I did this t3 credentials example and on my prisma schema I only have User model.
Prisma schema:
https://github.com/ruhap/t3-credentials/blob/main/prisma/schema.prisma
Endpoint: https://github.com/ruhap/t3-credentials/blob/main/src/server/trpc/router/auth.ts
Next auth:
https://github.com/ruhap/t3-credentials/blob/main/src/pages/api/auth/%5B...nextauth%5D.ts
You're right, I mistake Credentials provider with Email provider.
I haven't encounter to store OAuth sessions in db with Credentials provider as this required you to use JWT strategy for sessions. I'd have to try it
this is really helpful, I implemented this in my code and it works, however I need to read JWT docs to understand what it does.
Yeah, Session and Account model is not required for email/password but I think it's required for Google/GitHub Providers
@rocawear I don't like to have Account and Session table in my DB just for google oauth, I plan to remove google auth from my project and just go with email/password where having only User model is enough.