signIn callback does not follow NextAuth API and is not called.

[FunMiles]

I am trying to implement a two step authorization. i.e. use Google/Facebook/name-your-method authentication and then check the associated email is verified and is in a white list database of authorized emails. It is my understanding that this can be done with NextAuth using the signIn call back.

For sk-auth, the documentation states:

SvelteKitAuth provides some callbacks, similar to NextAuth.js. Their call signatures are:

interface AuthCallbacks {
  signIn?: () => boolean | Promise<boolean>;
  jwt?: (token: JWT, profile?: any) => JWT | Promise<JWT>;
  session?: (token: JWT, session: Session) => Session | Promise<Session>;
  redirect?: (url: string) => string | Promise<string>;
}

NextAuth has the following interface for signIn:

async signIn({ user, account, profile, email, credentials }) {
     const isAllowedToSignIn = true
    if (isAllowedToSignIn) {
      return true
    } else {
      // Return false to display a default error message
      return false
      // Or you can return a URL to redirect to:
      // return '/unauthorized'
    }
}

Even when I put a signIn() call back, it is never called. Looking for all appearances of signIn in the source code gives this:

sk-auth % grep -rn signIn *      
README.md:71:  signIn?: () => boolean | Promise<boolean>;
src/client/index.ts:1:export { signIn } from "./signIn";
src/client/signIn.ts:10:export async function signIn(provider: string, data?: any, config?: SignInConfig) {
src/auth.ts:21:  signIn?: () => boolean | Promise<boolean>;

Thus it seems signIn is never called. Is that an upcoming upgrade, or is there another method to do what I want to do?

[Dan6erbond]

This is a good point. That might have just been a blunder on my part, forgetting to call the method in the auth provider.

To-do!