Upgrades next-auth to v4 (#1185)

* Upgrades next-auth to v4 * Fixes next-auth session types * Type fixes * Fixes login issue * Team page fixes * Type fixes * Fixes secret * Adds test for forgotten password * Skips if pw secret is undefined * Prevents error if PW secret is undefined * Adds PLAYWRIGHT_SECRET explainer * Adds pending auth TODOs * Adds missing secret * Fixed imports * Fixed imports * Type fixes * Test fixes Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
2022-01-07 13:23:37 -07:00 · 2022-01-07 13:23:37 -07:00 · 84d75cf693
parent bf46038474
commit 84d75cf693
31 changed files with 298 additions and 466 deletions
--- a/.env.example
+++ b/.env.example
@ -16,6 +16,8 @@ BASE_URL='http://localhost:3000'
 NEXT_PUBLIC_APP_URL='http://localhost:3000'

 JWT_SECRET='secret'
+# This is used so we can bypass emails in auth flows for E2E testing
+PLAYWRIGHT_SECRET=

 # @see: https://github.com/calendso/calendso/issues/263
 # Required for Vercel hosting - set NEXTAUTH_URL to equal your BASE_URL
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -10,6 +10,7 @@ jobs:
      NODE_ENV: test
      BASE_URL: http://localhost:3000
      JWT_SECRET: secret
+      PLAYWRIGHT_SECRET: ${{ secrets.CI_PLAYWRIGHT_SECRET }}
    services:
      postgres:
        image: postgres:12.1
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@ -9,6 +9,7 @@ jobs:
      DATABASE_URL: postgresql://postgres:@localhost:5432/calendso
      BASE_URL: http://localhost:3000
      JWT_SECRET: secret
+      PLAYWRIGHT_SECRET: ${{ secrets.CI_PLAYWRIGHT_SECRET }}
      GOOGLE_API_CREDENTIALS: "{}"
      # GOOGLE_API_CREDENTIALS: ${{ secrets.CI_GOOGLE_API_CREDENTIALS }}
      # CRON_API_KEY: xxx
@ -91,3 +92,4 @@ jobs:
          path: |
            playwright/screenshots
            playwright/videos
+            playwright/results
--- a/.gitignore
+++ b/.gitignore
@ -15,6 +15,7 @@
 playwright/videos
 playwright/screenshots
 playwright/artifacts
+playwright/results

 # next.js
 /.next/
@ -57,4 +58,4 @@ yarn-error.log*
 .history/

 # Typescript 
-tsconfig.tsbuildinfo
+tsconfig.tsbuildinfo
--- a/components/Shell.tsx
+++ b/components/Shell.tsx
@ -9,7 +9,7 @@ import {
  LogoutIcon,
  PuzzleIcon,
 } from "@heroicons/react/solid";
-import { signOut, useSession } from "next-auth/client";
+import { signOut, useSession } from "next-auth/react";
 import Link from "next/link";
 import { useRouter } from "next/router";
 import React, { ReactNode, useEffect, useState } from "react";
@ -51,7 +51,8 @@ export function useMeQuery() {
 }

 function useRedirectToLoginIfUnauthenticated() {
-  const [session, loading] = useSession();
+  const { data: session, status } = useSession();
+  const loading = status === "loading";
  const router = useRouter();

  useEffect(() => {
--- a/lib/app-providers.tsx
+++ b/lib/app-providers.tsx
@ -1,5 +1,5 @@
 import { IdProvider } from "@radix-ui/react-id";
-import { Provider } from "next-auth/client";
+import { SessionProvider } from "next-auth/react";
 import { appWithTranslation } from "next-i18next";
 import type { AppProps as NextAppProps } from "next/app";
 import React, { ComponentProps, ReactNode } from "react";
@ -44,9 +44,9 @@ const AppProviders = (props: AppPropsWithChildren) => {
    <TelemetryProvider value={createTelemetryClient()}>
      <IdProvider>
        <DynamicIntercomProvider>
-          <Provider session={session || undefined}>
+          <SessionProvider session={session || undefined}>
            <CustomI18nextProvider {...props}>{props.children}</CustomI18nextProvider>
-          </Provider>
+          </SessionProvider>
        </DynamicIntercomProvider>
      </IdProvider>
    </TelemetryProvider>
--- a/lib/auth.ts
+++ b/lib/auth.ts
@ -1,6 +1,6 @@
 import { compare, hash } from "bcryptjs";
-import { DefaultSession } from "next-auth";
-import { getSession as getSessionInner, GetSessionOptions } from "next-auth/client";
+import { Session } from "next-auth";
+import { getSession as getSessionInner, GetSessionParams } from "next-auth/react";

 export async function hashPassword(password: string) {
  const hashedPassword = await hash(password, 12);
@ -12,16 +12,7 @@ export async function verifyPassword(password: string, hashedPassword: string) {
  return isValid;
 }

-type DefaultSessionUser = NonNullable<DefaultSession["user"]>;
-type CalendsoSessionUser = DefaultSessionUser & {
-  id: number;
-  username: string;
-};
-export interface Session extends DefaultSession {
-  user?: CalendsoSessionUser;
-}
-
-export async function getSession(options: GetSessionOptions): Promise<Session | null> {
+export async function getSession(options: GetSessionParams): Promise<Session | null> {
  const session = await getSessionInner(options);

  // that these are equal are ensured in `[...nextauth]`'s callback
--- a/package.json
+++ b/package.json
@ -71,7 +71,7 @@
    "lodash": "^4.17.21",
    "micro": "^9.3.4",
    "next": "^12.0.7",
-    "next-auth": "^3.29.0",
+    "next-auth": "^4.0.6",
    "next-i18next": "^8.9.0",
    "next-seo": "^4.26.0",
    "next-transpile-modules": "^9.0.0",
--- a/pages/api/auth/[...nextauth].tsx
+++ b/pages/api/auth/[...nextauth].tsx
@ -1,32 +1,37 @@
-import NextAuth from "next-auth";
-import Providers from "next-auth/providers";
+import NextAuth, { Session } from "next-auth";
+import CredentialsProvider from "next-auth/providers/credentials";
 import { authenticator } from "otplib";

-import { ErrorCode, Session, verifyPassword } from "@lib/auth";
+import { ErrorCode, verifyPassword } from "@lib/auth";
 import { symmetricDecrypt } from "@lib/crypto";
 import prisma from "@lib/prisma";

 export default NextAuth({
  session: {
-    jwt: true,
-  },
-  jwt: {
-    secret: process.env.JWT_SECRET,
+    strategy: "jwt",
  },
+  secret: process.env.JWT_SECRET,
  pages: {
    signIn: "/auth/login",
    signOut: "/auth/logout",
    error: "/auth/error", // Error code passed in query string as ?error=
  },
  providers: [
-    Providers.Credentials({
+    CredentialsProvider({
+      id: "credentials",
      name: "Cal.com",
+      type: "credentials",
      credentials: {
        email: { label: "Email Address", type: "email", placeholder: "john.doe@example.com" },
        password: { label: "Password", type: "password", placeholder: "Your super secure password" },
        totpCode: { label: "Two-factor Code", type: "input", placeholder: "Code from authenticator app" },
      },
      async authorize(credentials) {
+        if (!credentials) {
+          console.error(`For some reason credentials are missing`);
+          throw new Error(ErrorCode.InternalServerError);
+        }
+
        const user = await prisma.user.findUnique({
          where: {
            email: credentials.email.toLowerCase(),
@ -85,14 +90,14 @@ export default NextAuth({
    }),
  ],
  callbacks: {
-    async jwt(token, user) {
+    async jwt({ token, user }) {
      if (user) {
        token.id = user.id;
        token.username = user.username;
      }
      return token;
    },
-    async session(session, token) {
+    async session({ session, token }) {
      const calendsoSession: Session = {
        ...session,
        user: {
--- a/pages/api/auth/forgot-password.ts
+++ b/pages/api/auth/forgot-password.ts
@ -54,14 +54,23 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
      passwordRequest = createdResetPasswordRequest;
    }

+    const resetLink = `${process.env.BASE_URL}/auth/forgot-password/${passwordRequest.id}`;
    const passwordEmail: PasswordReset = {
      language: t,
      user: maybeUser,
-      resetLink: `${process.env.BASE_URL}/auth/forgot-password/${passwordRequest.id}`,
+      resetLink,
    };

    await sendPasswordResetEmail(passwordEmail);

+    /** So we can test the password reset flow on CI */
+    if (
+      process.env.PLAYWRIGHT_SECRET &&
+      req.headers["x-playwright-secret"] === process.env.PLAYWRIGHT_SECRET
+    ) {
+      return res.status(201).json({ message: "Reset Requested", resetLink });
+    }
+
    return res.status(201).json({ message: "Reset Requested" });
  } catch (reason) {
    // console.error(reason);
--- a/pages/api/auth/reset-password.ts
+++ b/pages/api/auth/reset-password.ts
@ -1,14 +1,7 @@
-import { User, ResetPasswordRequest } from "@prisma/client";
-import dayjs from "dayjs";
-import timezone from "dayjs/plugin/timezone";
-import utc from "dayjs/plugin/utc";
 import { NextApiRequest, NextApiResponse } from "next";

-import { hashPassword } from "../../../lib/auth";
-import prisma from "../../../lib/prisma";
-
-dayjs.extend(utc);
-dayjs.extend(timezone);
+import { hashPassword } from "@lib/auth";
+import prisma from "@lib/prisma";

 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
  if (req.method !== "POST") {
@ -23,7 +16,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
      return res.status(400).json({ message: "Couldn't find an account for this email" });
    }

-    const maybeRequest: ResetPasswordRequest = await prisma.resetPasswordRequest.findUnique({
+    const maybeRequest = await prisma.resetPasswordRequest.findUnique({
      where: {
        id: rawRequestId,
      },
@ -33,7 +26,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
      return res.status(400).json({ message: "Couldn't find an account for this email" });
    }

-    const maybeUser: User = await prisma.user.findUnique({
+    const maybeUser = await prisma.user.findUnique({
      where: {
        email: maybeRequest.email,
      },
--- a/pages/api/eventType.ts
+++ b/pages/api/eventType.ts
@ -1,6 +1,6 @@
 import { Prisma } from "@prisma/client";
 import type { NextApiRequest, NextApiResponse } from "next";
-import { getSession } from "next-auth/client";
+import { getSession } from "next-auth/react";

 import prisma from "@lib/prisma";

@ -32,6 +32,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
  });

  const user = await prisma.user.findUnique({
+    rejectOnNotFound: true,
    where: {
      id: session.user.id,
    },
--- a/pages/api/me.ts
+++ b/pages/api/me.ts
@ -4,14 +4,18 @@ import { getSession } from "@lib/auth";
 import prisma from "@lib/prisma";
 import { defaultAvatarSrc } from "@lib/profile";

+/**
+ * @deprecated Use TRCP's viewer.me query
+ */
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
-  const session = await getSession({ req: req });
+  const session = await getSession({ req });
  if (!session) {
    res.status(401).json({ message: "Not authenticated" });
    return;
  }

-  const user: User = await prisma.user.findUnique({
+  const user = await prisma.user.findUnique({
+    rejectOnNotFound: true,
    where: {
      id: session.user.id,
    },
--- a/pages/api/user/[id].ts
+++ b/pages/api/user/[id].ts
@ -5,18 +5,19 @@ import { getSession } from "@lib/auth";
 import prisma from "@lib/prisma";

 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
-  const session = await getSession({ req: req });
+  const session = await getSession({ req });

-  if (!session) {
+  if (!session?.user.id) {
    return res.status(401).json({ message: "Not authenticated" });
  }

  const userIdQuery = req.query?.id ?? null;
-  const userId = Array.isArray(userIdQuery) ? parseInt(userIdQuery.pop()) : parseInt(userIdQuery);
+  const userId = Array.isArray(userIdQuery) ? parseInt(userIdQuery.pop() || "") : parseInt(userIdQuery);

  const authenticatedUser = await prisma.user.findFirst({
+    rejectOnNotFound: true,
    where: {
-      email: session.user.email,
+      id: session.user.id,
    },
    select: {
      id: true,
--- a/pages/auth/forgot-password/[id].tsx
+++ b/pages/auth/forgot-password/[id].tsx
@ -2,7 +2,7 @@ import { ResetPasswordRequest } from "@prisma/client";
 import dayjs from "dayjs";
 import debounce from "lodash/debounce";
 import { GetServerSidePropsContext } from "next";
-import { getCsrfToken } from "next-auth/client";
+import { getCsrfToken } from "next-auth/react";
 import Link from "next/link";
 import React, { useMemo } from "react";

@ -20,15 +20,12 @@ type Props = {
 export default function Page({ resetPasswordRequest, csrfToken }: Props) {
  const { t } = useLocale();
  const [loading, setLoading] = React.useState(false);
-  const [error, setError] = React.useState(null);
+  const [error, setError] = React.useState<{ message: string } | null>(null);
  const [success, setSuccess] = React.useState(false);

  const [password, setPassword] = React.useState("");
-  const handleChange = (e) => {
-    setPassword(e.target.value);
-  };

-  const submitChangePassword = async ({ password, requestId }) => {
+  const submitChangePassword = async ({ password, requestId }: { password: string; requestId: string }) => {
    try {
      const res = await fetch("/api/auth/reset-password", {
        method: "POST",
@ -56,30 +53,12 @@ export default function Page({ resetPasswordRequest, csrfToken }: Props) {

  const debouncedChangePassword = debounce(submitChangePassword, 250);

-  const handleSubmit = async (e) => {
-    e.preventDefault();
-
-    if (!password) {
-      return;
-    }
-
-    if (loading) {
-      return;
-    }
-
-    setLoading(true);
-    setError(null);
-    setSuccess(false);
-
-    await debouncedChangePassword({ password, requestId: resetPasswordRequest.id });
-  };
-
  const Success = () => {
    return (
      <>
        <div className="space-y-6">
          <div>
-            <h2 className="font-cal mt-6 text-center text-3xl font-extrabold text-gray-900">
+            <h2 className="mt-6 text-3xl font-extrabold text-center text-gray-900 font-cal">
              {t("success")}
            </h2>
          </div>
@ -87,7 +66,7 @@ export default function Page({ resetPasswordRequest, csrfToken }: Props) {
          <Link href="/auth/login">
            <button
              type="button"
-              className="w-full flex justify-center py-2 px-4 text-sm font-medium text-blue-600 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-black">
+              className="flex justify-center w-full px-4 py-2 text-sm font-medium text-blue-600 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-black">
              {t("login")}
            </button>
          </Link>
@ -101,14 +80,14 @@ export default function Page({ resetPasswordRequest, csrfToken }: Props) {
      <>
        <div className="space-y-6">
          <div>
-            <h2 className="font-cal mt-6 text-center text-3xl font-extrabold text-gray-900">{t("whoops")}</h2>
-            <h2 className="text-center text-3xl font-extrabold text-gray-900">{t("request_is_expired")}</h2>
+            <h2 className="mt-6 text-3xl font-extrabold text-center text-gray-900 font-cal">{t("whoops")}</h2>
+            <h2 className="text-3xl font-extrabold text-center text-gray-900">{t("request_is_expired")}</h2>
          </div>
          <p>{t("request_is_expired_instructions")}</p>
          <Link href="/auth/forgot-password">
            <button
              type="button"
-              className="w-full flex justify-center py-2 px-4 text-sm font-medium text-blue-600 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-black">
+              className="flex justify-center w-full px-4 py-2 text-sm font-medium text-blue-600 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-black">
              {t("try_again")}
            </button>
          </Link>
@ -123,21 +102,40 @@ export default function Page({ resetPasswordRequest, csrfToken }: Props) {
  }, [resetPasswordRequest]);

  return (
-    <div className="min-h-screen bg-gray-50 flex flex-col justify-center py-12 sm:px-6 lg:px-8">
+    <div className="flex flex-col justify-center min-h-screen py-12 bg-gray-50 sm:px-6 lg:px-8">
      <HeadSeo title={t("reset_password")} description={t("change_your_password")} />
      <div className="mt-8 sm:mx-auto sm:w-full sm:max-w-md">
-        <div className="bg-white py-8 px-4 mx-2 shadow rounded-lg sm:px-10 space-y-6">
+        <div className="px-4 py-8 mx-2 space-y-6 bg-white rounded-lg shadow sm:px-10">
          {isRequestExpired && <Expired />}
          {!isRequestExpired && !success && (
            <>
              <div className="space-y-6">
-                <h2 className="font-cal mt-6 text-center text-3xl font-extrabold text-gray-900">
+                <h2 className="mt-6 text-3xl font-extrabold text-center text-gray-900 font-cal">
                  {t("reset_password")}
                </h2>
                <p>{t("enter_new_password")}</p>
                {error && <p className="text-red-600">{error.message}</p>}
              </div>
-              <form className="space-y-6" onSubmit={handleSubmit} action="#">
+              <form
+                className="space-y-6"
+                onSubmit={async (e) => {
+                  e.preventDefault();
+
+                  if (!password) {
+                    return;
+                  }
+
+                  if (loading) {
+                    return;
+                  }
+
+                  setLoading(true);
+                  setError(null);
+                  setSuccess(false);
+
+                  await debouncedChangePassword({ password, requestId: resetPasswordRequest.id });
+                }}
+                action="#">
                <input name="csrfToken" type="hidden" defaultValue={csrfToken} hidden />
                <div>
                  <label htmlFor="email" className="block text-sm font-medium text-gray-700">
@ -145,13 +143,15 @@ export default function Page({ resetPasswordRequest, csrfToken }: Props) {
                  </label>
                  <div className="mt-1">
                    <input
-                      onChange={handleChange}
+                      onChange={(e) => {
+                        setPassword(e.target.value);
+                      }}
                      id="password"
                      name="password"
                      type="password"
                      autoComplete="password"
                      required
-                      className="appearance-none block w-full px-3 py-2 border border-gray-300 rounded-md shadow-sm placeholder-gray-400 focus:outline-none focus:ring-black focus:border-brand sm:text-sm"
+                      className="block w-full px-3 py-2 placeholder-gray-400 border border-gray-300 rounded-md shadow-sm appearance-none focus:outline-none focus:ring-black focus:border-brand sm:text-sm"
                    />
                  </div>
                </div>
@ -165,7 +165,7 @@ export default function Page({ resetPasswordRequest, csrfToken }: Props) {
                    }`}>
                    {loading && (
                      <svg
-                        className="animate-spin -ml-1 mr-3 h-5 w-5 text-white"
+                        className="w-5 h-5 mr-3 -ml-1 text-white animate-spin"
                        xmlns="http://www.w3.org/2000/svg"
                        fill="none"
                        viewBox="0 0 24 24">
@ -200,12 +200,13 @@ export default function Page({ resetPasswordRequest, csrfToken }: Props) {
 }

 export async function getServerSideProps(context: GetServerSidePropsContext) {
-  const id = context.params.id;
+  const id = context.params?.id as string;

  try {
    const resetPasswordRequest = await prisma.resetPasswordRequest.findUnique({
+      rejectOnNotFound: true,
      where: {
-        id: id,
+        id,
      },
      select: {
        id: true,
--- a/pages/auth/forgot-password/index.tsx
+++ b/pages/auth/forgot-password/index.tsx
@ -1,6 +1,6 @@
 import debounce from "lodash/debounce";
 import { GetServerSidePropsContext } from "next";
-import { getCsrfToken } from "next-auth/client";
+import { getCsrfToken } from "next-auth/react";
 import React, { SyntheticEvent } from "react";

 import { getSession } from "@lib/auth";
@ -35,6 +35,8 @@ export default function ForgotPassword({ csrfToken }: { csrfToken: string }) {
      const json = await res.json();
      if (!res.ok) {
        setError(json);
+      } else if ("resetLink" in json) {
+        window.location = json.resetLink;
      } else {
        setSuccess(true);
      }
--- a/pages/auth/login.tsx
+++ b/pages/auth/login.tsx
@ -1,5 +1,5 @@
 import { GetServerSidePropsContext } from "next";
-import { getCsrfToken, signIn } from "next-auth/client";
+import { getCsrfToken, signIn } from "next-auth/react";
 import Link from "next/link";
 import { useRouter } from "next/router";
 import { useState } from "react";
@ -46,7 +46,7 @@ export default function Login({ csrfToken }: inferSSRProps<typeof getServerSideP
    setErrorMessage(null);

    try {
-      const response = await signIn("credentials", {
+      const response = await signIn<"credentials">("credentials", {
        redirect: false,
        email,
        password,
--- a/pages/auth/signup.tsx
+++ b/pages/auth/signup.tsx
@ -1,5 +1,5 @@
 import { GetServerSidePropsContext } from "next";
-import { signIn } from "next-auth/client";
+import { signIn } from "next-auth/react";
 import { useRouter } from "next/router";
 import { useForm, SubmitHandler, FormProvider } from "react-hook-form";

--- a/pages/call/[uid].tsx
+++ b/pages/call/[uid].tsx
@ -1,15 +1,20 @@
 import DailyIframe from "@daily-co/daily-js";
-import { getSession } from "next-auth/client";
+import { NextPageContext } from "next";
+import { getSession } from "next-auth/react";
 import Head from "next/head";
 import Link from "next/link";
 import { useRouter } from "next/router";
 import React, { useEffect } from "react";

+import prisma from "@lib/prisma";
+import { inferSSRProps } from "@lib/types/inferSSRProps";
+
 import { HeadSeo } from "@components/seo/head-seo";

-import prisma from "../../lib/prisma";
+export type JoinCallPageProps = inferSSRProps<typeof getServerSideProps>;

-export default function JoinCall(props, session) {
+export default function JoinCall(props: JoinCallPageProps) {
+  const session = props.session;
  const router = useRouter();

  //if no booking redirectis to the 404 page
@ -23,8 +28,8 @@ export default function JoinCall(props, session) {
  console.log(enterDate);

  //find out if the meeting is upcoming or in the past
-  const isPast = new Date(props.booking.endTime) <= exitDate;
-  const isUpcoming = new Date(props.booking.startTime) >= enterDate;
+  const isPast = new Date(props.booking?.endTime || "") <= exitDate;
+  const isUpcoming = new Date(props.booking?.startTime || "") >= enterDate;
  const meetingUnavailable = isUpcoming == true || isPast == true;

  useEffect(() => {
@ -33,16 +38,16 @@ export default function JoinCall(props, session) {
    }

    if (isUpcoming) {
-      router.push(`/call/meeting-not-started/${props.booking.uid}`);
+      router.push(`/call/meeting-not-started/${props.booking?.uid}`);
    }

    if (isPast) {
-      router.push(`/call/meeting-ended/${props.booking.uid}`);
+      router.push(`/call/meeting-ended/${props.booking?.uid}`);
    }
  });

  useEffect(() => {
-    if (!meetingUnavailable && !emptyBooking && session.userid !== props.booking.user.id) {
+    if (!meetingUnavailable && !emptyBooking && session?.userid !== props.booking.user?.id) {
      const callFrame = DailyIframe.createFrame({
        theme: {
          colors: {
@ -66,11 +71,11 @@ export default function JoinCall(props, session) {
        },
      });
      callFrame.join({
-        url: props.booking.dailyRef.dailyurl,
+        url: props.booking.dailyRef?.dailyurl,
        showLeaveButton: true,
      });
    }
-    if (!meetingUnavailable && !emptyBooking && session.userid === props.booking.user.id) {
+    if (!meetingUnavailable && !emptyBooking && session?.userid === props.booking.user?.id) {
      const callFrame = DailyIframe.createFrame({
        theme: {
          colors: {
@ -94,9 +99,9 @@ export default function JoinCall(props, session) {
        },
      });
      callFrame.join({
-        url: props.booking.dailyRef.dailyurl,
+        url: props.booking.dailyRef?.dailyurl,
        showLeaveButton: true,
-        token: props.booking.dailyRef.dailytoken,
+        token: props.booking.dailyRef?.dailytoken,
      });
    }
  }, []);
@ -128,10 +133,10 @@ export default function JoinCall(props, session) {
  );
 }

-export async function getServerSideProps(context) {
+export async function getServerSideProps(context: NextPageContext) {
  const booking = await prisma.booking.findUnique({
    where: {
-      uid: context.query.uid,
+      uid: context.query.uid as string,
    },
    select: {
      uid: true,
@ -142,6 +147,7 @@ export async function getServerSideProps(context) {
      endTime: true,
      user: {
        select: {
+          id: true,
          credentials: true,
        },
      },
--- a/pages/call/meeting-ended/[uid].tsx
+++ b/pages/call/meeting-ended/[uid].tsx
@ -1,17 +1,19 @@
 import { CalendarIcon, XIcon } from "@heroicons/react/outline";
 import { ArrowRightIcon } from "@heroicons/react/solid";
 import dayjs from "dayjs";
-import { getSession } from "next-auth/client";
+import { NextPageContext } from "next";
+import { getSession } from "next-auth/react";
 import { useRouter } from "next/router";
 import { useState } from "react";
 import { useEffect } from "react";

 import prisma from "@lib/prisma";
+import { inferSSRProps } from "@lib/types/inferSSRProps";

 import { HeadSeo } from "@components/seo/head-seo";
 import Button from "@components/ui/Button";

-export default function MeetingUnavailable(props) {
+export default function MeetingUnavailable(props: inferSSRProps<typeof getServerSideProps>) {
  const router = useRouter();

  // eslint-disable-next-line @typescript-eslint/no-unused-vars
@ -79,10 +81,10 @@ export default function MeetingUnavailable(props) {
  return null;
 }

-export async function getServerSideProps(context) {
+export async function getServerSideProps(context: NextPageContext) {
  const booking = await prisma.booking.findUnique({
    where: {
-      uid: context.query.uid,
+      uid: context.query.uid as string,
    },
    select: {
      uid: true,
--- a/pages/call/meeting-not-started/[uid].tsx
+++ b/pages/call/meeting-not-started/[uid].tsx
@ -1,17 +1,19 @@
 import { CalendarIcon, XIcon } from "@heroicons/react/outline";
 import { ArrowRightIcon } from "@heroicons/react/solid";
 import dayjs from "dayjs";
-import { getSession } from "next-auth/client";
+import { NextPageContext } from "next";
+import { getSession } from "next-auth/react";
 import { useRouter } from "next/router";
 import { useState } from "react";
 import { useEffect } from "react";

 import prisma from "@lib/prisma";
+import { inferSSRProps } from "@lib/types/inferSSRProps";

 import { HeadSeo } from "@components/seo/head-seo";
 import Button from "@components/ui/Button";

-export default function MeetingUnavailable(props) {
+export default function MeetingNotStarted(props: inferSSRProps<typeof getServerSideProps>) {
  const router = useRouter();

  //if no booking redirectis to the 404 page
@ -83,10 +85,10 @@ export default function MeetingUnavailable(props) {
  return null;
 }

-export async function getServerSideProps(context) {
+export async function getServerSideProps(context: NextPageContext) {
  const booking = await prisma.booking.findUnique({
    where: {
-      uid: context.query.uid,
+      uid: context.query.uid as string,
    },
    select: {
      uid: true,
--- a/pages/cancel/success.tsx
+++ b/pages/cancel/success.tsx
@ -1,6 +1,6 @@
 import { CheckIcon } from "@heroicons/react/outline";
 import { ArrowRightIcon } from "@heroicons/react/solid";
-import { useSession } from "next-auth/client";
+import { useSession } from "next-auth/react";
 import { useRouter } from "next/router";

 import { useLocale } from "@lib/hooks/useLocale";
@ -13,7 +13,8 @@ export default function CancelSuccess() {
  // Get router variables
  const router = useRouter();
  const { title, name, eventPage } = router.query;
-  const [session, loading] = useSession();
+  const { data: session, status } = useSession();
+  const loading = status === "loading";
  return (
    <div>
      <HeadSeo
@ -21,36 +22,36 @@ export default function CancelSuccess() {
        description={`${t("cancelled")} ${title} | ${name}`}
      />
      <main className="max-w-3xl mx-auto my-24">
-        <div className="fixed z-50 inset-0 overflow-y-auto">
-          <div className="flex items-end justify-center min-h-screen pt-4 px-4 pb-20 text-center sm:block sm:p-0">
-            <div className="fixed inset-0 my-4 sm:my-0 transition-opacity" aria-hidden="true">
+        <div className="fixed inset-0 z-50 overflow-y-auto">
+          <div className="flex items-end justify-center min-h-screen px-4 pt-4 pb-20 text-center sm:block sm:p-0">
+            <div className="fixed inset-0 my-4 transition-opacity sm:my-0" aria-hidden="true">
              <span className="hidden sm:inline-block sm:align-middle sm:h-screen" aria-hidden="true">
                &#8203;
              </span>
              <div
-                className="inline-block align-bottom bg-white rounded-lg px-4 pt-5 pb-4 text-left overflow-hidden shadow-xl transform transition-all sm:my-8 sm:align-middle sm:max-w-sm sm:w-full sm:p-6"
+                className="inline-block px-4 pt-5 pb-4 overflow-hidden text-left align-bottom transition-all transform bg-white rounded-lg shadow-xl sm:my-8 sm:align-middle sm:max-w-sm sm:w-full sm:p-6"
                role="dialog"
                aria-modal="true"
                aria-labelledby="modal-headline">
                <div>
-                  <div className="mx-auto flex items-center justify-center h-12 w-12 rounded-full bg-green-100">
-                    <CheckIcon className="h-6 w-6 text-green-600" />
+                  <div className="flex items-center justify-center w-12 h-12 mx-auto bg-green-100 rounded-full">
+                    <CheckIcon className="w-6 h-6 text-green-600" />
                  </div>
                  <div className="mt-3 text-center sm:mt-5">
-                    <h3 className="text-lg leading-6 font-medium text-gray-900" id="modal-headline">
+                    <h3 className="text-lg font-medium leading-6 text-gray-900" id="modal-headline">
                      {t("cancellation_successful")}
                    </h3>
-                    {!loading && !session.user && (
+                    {!loading && !session?.user && (
                      <div className="mt-2">
                        <p className="text-sm text-gray-500">{t("free_to_pick_another_event_type")}</p>
                      </div>
                    )}
                  </div>
                </div>
-                <div className="mt-5 sm:mt-6 text-center">
+                <div className="mt-5 text-center sm:mt-6">
                  <div className="mt-5">
-                    {!loading && !session.user && <Button href={eventPage}>Pick another</Button>}
-                    {!loading && session.user && (
+                    {!loading && !session?.user && <Button href={eventPage as string}>Pick another</Button>}
+                    {!loading && session?.user && (
                      <Button data-testid="back-to-bookings" href="/bookings" EndIcon={ArrowRightIcon}>
                        {t("back_to_bookings")}
                      </Button>
--- a/pages/getting-started.tsx
+++ b/pages/getting-started.tsx
@ -8,7 +8,7 @@ import utc from "dayjs/plugin/utc";
 import debounce from "lodash/debounce";
 import omit from "lodash/omit";
 import { NextPageContext } from "next";
-import { useSession } from "next-auth/client";
+import { useSession } from "next-auth/react";
 import Head from "next/head";
 import { useRouter } from "next/router";
 import React, { useEffect, useRef, useState } from "react";
@ -68,7 +68,8 @@ export default function Onboarding(props: inferSSRProps<typeof getServerSideProp

  const [isSubmitting, setSubmitting] = React.useState(false);
  const [enteredName, setEnteredName] = React.useState("");
-  const Sess = useSession();
+  const { status } = useSession();
+  const loading = status === "loading";
  const [ready, setReady] = useState(false);
  const [error, setError] = useState<Error | null>(null);

@ -410,7 +411,7 @@ export default function Onboarding(props: inferSSRProps<typeof getServerSideProp
    // eslint-disable-next-line react-hooks/exhaustive-deps
  }, []);

-  if (Sess[1] || !ready) {
+  if (loading || !ready) {
    return <div className="loader"></div>;
  }

--- a/pages/settings/teams.tsx
+++ b/pages/settings/teams.tsx
@ -1,6 +1,6 @@
 import { PlusIcon } from "@heroicons/react/solid";
 import classNames from "classnames";
-import { useSession } from "next-auth/client";
+import { useSession } from "next-auth/react";
 import { useState } from "react";

 import { useLocale } from "@lib/hooks/useLocale";
@ -16,7 +16,8 @@ import Button from "@components/ui/Button";

 export default function Teams() {
  const { t } = useLocale();
-  const [, loading] = useSession();
+  const { status } = useSession();
+  const loading = status === "loading";
  const [showCreateTeamModal, setShowCreateTeamModal] = useState(false);
  const [errorMessage, setErrorMessage] = useState("");

--- a/playwright.config.ts
+++ b/playwright.config.ts
@ -7,6 +7,7 @@ const config: PlaywrightTestConfig = {
  retries: process.env.CI ? 3 : 0,
  reporter: "list",
  globalSetup: require.resolve("./playwright/lib/globalSetup"),
+  outputDir: "playwright/results",
  webServer: {
    command: "yarn start",
    port: 3000,
--- a/playwright/auth/auth-index.test.ts
+++ b/playwright/auth/auth-index.test.ts
@ -0,0 +1,5 @@
+import { todo } from "../lib/testUtils";
+
+todo("Can signup from a team invite");
+
+todo("Can login using 2FA");
--- a/playwright/auth/forgot-password.test.ts
+++ b/playwright/auth/forgot-password.test.ts
@ -0,0 +1,49 @@
+import { expect, test } from "@playwright/test";
+
+test("Can reset forgotten password", async ({ browser }) => {
+  // Create a new incognito browser context
+  const context = await browser.newContext({
+    extraHTTPHeaders: {
+      // Only needed for bypassing emails while testing
+      "X-Playwright-Secret": process.env.PLAYWRIGHT_SECRET || "",
+    },
+  });
+  // Create a new page inside context.
+  const page = await context.newPage();
+
+  // Got to reset password flow
+  await page.goto("/auth/forgot-password");
+
+  // Fill [placeholder="john.doe@example.com"]
+  await page.fill('input[name="email"]', "pro@example.com");
+
+  // Press Enter
+  await Promise.all([
+    page.waitForNavigation({
+      url: "/auth/forgot-password/*",
+    }),
+    page.press('input[type="email"]', "Enter"),
+  ]);
+
+  // Fill input[name="password"]
+  await page.fill('input[name="password"]', "pro");
+
+  // Click text=Submit
+  await page.click('button[type="submit"]');
+
+  await page.waitForSelector("text=Success", {
+    timeout: 3000,
+  });
+  expect(page.locator(`text=Success`)).toBeTruthy();
+
+  // Click button:has-text("Login")
+  await Promise.all([page.waitForNavigation({ url: "/auth/login" }), page.click('button:has-text("Login")')]);
+
+  // Fill input[name="email"]
+  await page.fill('input[name="email"]', "pro@example.com");
+  await page.fill('input[name="password"]', "pro");
+  await page.press('input[name="password"]', "Enter");
+  await page.waitForSelector("[data-testid=dashboard-shell]");
+  expect(page.locator("[data-testid=dashboard-shell]")).toBeTruthy();
+  await context.close();
+});
--- a/server/createContext.ts
+++ b/server/createContext.ts
@ -1,8 +1,8 @@
-/* eslint-disable @typescript-eslint/no-unused-vars */
-import { GetServerSidePropsContext, NextApiRequest } from "next";
+import { GetServerSidePropsContext } from "next";
+import { Session } from "next-auth";
 import { serverSideTranslations } from "next-i18next/serverSideTranslations";

-import { getSession, Session } from "@lib/auth";
+import { getSession } from "@lib/auth";
 import { getLocaleFromHeaders } from "@lib/core/i18n/i18n.utils";
 import prisma from "@lib/prisma";
 import { defaultAvatarSrc } from "@lib/profile";
@ -91,7 +91,7 @@ async function getUserFromSession({
 * Creates context for an incoming request
 * @link https://trpc.io/docs/context
 */
-export const createContext = async ({ req, res }: CreateContextOptions) => {
+export const createContext = async ({ req }: CreateContextOptions) => {
  // for API-response caching see https://trpc.io/docs/caching
  const session = await getSession({ req });

--- a/tsconfig.json
+++ b/tsconfig.json
@ -33,6 +33,7 @@
    "isolatedModules": true,
    "useUnknownInCatchVariables": true,
    "jsx": "preserve",
+    "typeRoots": ["./types"],
    "types": [
      "@types/jest",
    ],
--- a/types/next-auth.d.ts
+++ b/types/next-auth.d.ts
@ -0,0 +1,16 @@
+/* eslint-disable @typescript-eslint/no-unused-vars */
+import NextAuth, { DefaultSession } from "next-auth";
+
+declare module "next-auth" {
+  type DefaultSessionUser = NonNullable<DefaultSession["user"]>;
+  type CalendsoSessionUser = DefaultSessionUser & {
+    id: number;
+    username: string;
+  };
+  /**
+   * Returned by `useSession`, `getSession` and received as a prop on the `Provider` React Context
+   */
+  interface Session {
+    user: CalendsoSessionUser;
+  }
+}
--- a/yarn.lock
+++ b/yarn.lock
@ -472,13 +472,20 @@
  dependencies:
    regenerator-runtime "^0.13.4"

-"@babel/runtime@^7.0.0", "@babel/runtime@^7.1.2", "@babel/runtime@^7.12.0", "@babel/runtime@^7.12.1", "@babel/runtime@^7.12.13", "@babel/runtime@^7.12.5", "@babel/runtime@^7.13.10", "@babel/runtime@^7.13.17", "@babel/runtime@^7.14.0", "@babel/runtime@^7.14.5", "@babel/runtime@^7.15.4", "@babel/runtime@^7.5.5", "@babel/runtime@^7.6.2", "@babel/runtime@^7.7.2", "@babel/runtime@^7.8.7", "@babel/runtime@^7.9.0":
+"@babel/runtime@^7.0.0", "@babel/runtime@^7.1.2", "@babel/runtime@^7.12.0", "@babel/runtime@^7.12.1", "@babel/runtime@^7.12.13", "@babel/runtime@^7.12.5", "@babel/runtime@^7.13.10", "@babel/runtime@^7.13.17", "@babel/runtime@^7.14.5", "@babel/runtime@^7.15.4", "@babel/runtime@^7.5.5", "@babel/runtime@^7.6.2", "@babel/runtime@^7.7.2", "@babel/runtime@^7.8.7", "@babel/runtime@^7.9.0":
  version "7.16.3"
  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.16.3.tgz#b86f0db02a04187a3c17caa77de69840165d42d5"
  integrity sha512-WBwekcqacdY2e9AF/Q7WLFUWmdJGJTkbjqTjoMDgXkVZ3ZRUvOPsLb5KdwISoQVsbP+DQzVZW4Zhci0DvpbNTQ==
  dependencies:
    regenerator-runtime "^0.13.4"

+"@babel/runtime@^7.16.3":
+  version "7.16.7"
+  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.16.7.tgz#03ff99f64106588c9c403c6ecb8c3bafbbdff1fa"
+  integrity sha512-9E9FJowqAsytyOY6LG+1KuueckRL+aQW+mKvXRXnuFGyRAyepJPmEo9vgMfXUA6O9u3IeEdv9MAkppFcaQwogQ==
+  dependencies:
+    regenerator-runtime "^0.13.4"
+
 "@babel/template@^7.12.13", "@babel/template@^7.16.0", "@babel/template@^7.3.3":
  version "7.16.0"
  resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.16.0.tgz#d16a35ebf4cd74e202083356fab21dd89363ddd6"
@ -1313,22 +1320,6 @@
  resolved "https://registry.yarnpkg.com/@napi-rs/triples/-/triples-1.0.3.tgz#76d6d0c3f4d16013c61e45dfca5ff1e6c31ae53c"
  integrity sha512-jDJTpta+P4p1NZTFVLHJ/TLFVYVcOqv6l8xwOeBKNPMgY/zDYH/YH7SJbvrr/h1RcS9GzbPcLKGzpuK9cV56UA==

-"@next-auth/prisma-legacy-adapter@0.1.2":
-  version "0.1.2"
-  resolved "https://registry.yarnpkg.com/@next-auth/prisma-legacy-adapter/-/prisma-legacy-adapter-0.1.2.tgz#d19b65696bf16bda5dbc88f85da98aee6f30e2f3"
-  integrity sha512-QpGcRvrnFERkvVFroqS89qDbnskw9AjhvWxO095u3xl/8QVI++Y+doluQdZWuV6PewjrV7xY+uVUEnRhnGM8yQ==
-  dependencies:
-    "@babel/runtime" "^7.14.0"
-
-"@next-auth/typeorm-legacy-adapter@0.1.4":
-  version "0.1.4"
-  resolved "https://registry.yarnpkg.com/@next-auth/typeorm-legacy-adapter/-/typeorm-legacy-adapter-0.1.4.tgz#a250498613669b736d76b36a2a46f7eafc9e6ed5"
-  integrity sha512-UDnctrPiUU0yaPNeFhD6uw0FAuWGvx6IUVwUYTEzZm26RCEe/BBjkpGLYk43M3rcnkBPfkiljomAs/O7Uzh12w==
-  dependencies:
-    "@babel/runtime" "^7.14.0"
-    require_optional "^1.0.1"
-    typeorm "^0.2.30"
-
 "@next/bundle-analyzer@11.1.2":
  version "11.1.2"
  resolved "https://registry.yarnpkg.com/@next/bundle-analyzer/-/bundle-analyzer-11.1.2.tgz#7892c86f58028399000f402a5c7ca8aecb65686f"
@ -1482,10 +1473,10 @@
    "@otplib/plugin-crypto" "^12.0.1"
    "@otplib/plugin-thirty-two" "^12.0.1"

-"@panva/asn1.js@^1.0.0":
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/@panva/asn1.js/-/asn1.js-1.0.0.tgz#dd55ae7b8129e02049f009408b97c61ccf9032f6"
-  integrity sha512-UdkG3mLEqXgnlKsWanWcgb6dOjUzJ+XC5f+aWw30qrtjxeNUSfKX1cd5FBzOaXQumoe9nIqeZUvrRJS03HCCtw==
+"@panva/hkdf@^1.0.1":
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/@panva/hkdf/-/hkdf-1.0.1.tgz#ed0da773bd5f794d0603f5a5b5cee6d2354e5660"
+  integrity sha512-mMyQ9vjpuFqePkfe5bZVIf/H3Dmk6wA8Kjxff9RcO4kqzJo+Ek9pGKwZHpeMr7Eku0QhLXMCd7fNCSnEnRMubg==

 "@playwright/test@^1.17.1":
  version "1.17.1"
@ -1993,11 +1984,6 @@
  resolved "https://registry.yarnpkg.com/@socket.io/component-emitter/-/component-emitter-3.0.0.tgz#8863915676f837d9dad7b76f50cb500c1e9422e9"
  integrity sha512-2pTGuibAXJswAPJjaKisthqS/NOK5ypG4LYT6tEAV0S/mxW0zOIvYvGK0V8w8+SHxAm6vRMSjqSalFXeBAqs+Q==

-"@sqltools/formatter@^1.2.2":
-  version "1.2.3"
-  resolved "https://registry.yarnpkg.com/@sqltools/formatter/-/formatter-1.2.3.tgz#1185726610acc37317ddab11c3c7f9066966bd20"
-  integrity sha512-O3uyB/JbkAEMZaP3YqyHH7TMnex7tWyCbCI4EfJdOCoN6HIhqdJBWTM6aCCiWQ/5f5wxjgU735QAIpJbjDvmzg==
-
 "@stripe/react-stripe-js@^1.4.1":
  version "1.6.0"
  resolved "https://registry.yarnpkg.com/@stripe/react-stripe-js/-/react-stripe-js-1.6.0.tgz#e3adf6a6ea6d839193164fa3cfe73cf52db3a080"
@ -2376,11 +2362,6 @@
  dependencies:
    "@types/node" "*"

-"@types/zen-observable@0.8.3":
-  version "0.8.3"
-  resolved "https://registry.yarnpkg.com/@types/zen-observable/-/zen-observable-0.8.3.tgz#781d360c282436494b32fe7d9f7f8e64b3118aa3"
-  integrity sha512-fbF6oTd4sGGy0xjHPKAt+eS2CrxJ3+6gQ3FGcBoIJR2TLAyCkCyI8JqZNy+FeON0AhVgNJoUumVoZQjBFUqHkw==
-
 "@typescript-eslint/eslint-plugin@^4.33.0":
  version "4.33.0"
  resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.33.0.tgz#c24dc7c8069c7706bc40d99f6fa87edcb2005276"
@ -2623,11 +2604,6 @@ any-base@^1.1.0:
  resolved "https://registry.yarnpkg.com/any-base/-/any-base-1.1.0.tgz#ae101a62bc08a597b4c9ab5b7089d456630549fe"
  integrity sha512-uMgjozySS8adZZYePpaWs8cxB9/kdzmpX6SgJZ+wbz1K5eYk5QMYDVJaZKhxyIHUdnnJkfR7SVgStgH7LkGUyg==

-any-promise@^1.0.0:
-  version "1.3.0"
-  resolved "https://registry.yarnpkg.com/any-promise/-/any-promise-1.3.0.tgz#abc6afeedcea52e809cdc0376aed3ce39635d17f"
-  integrity sha1-q8av7tzqUugJzcA3au0845Y10X8=
-
 anymatch@^2.0.0:
  version "2.0.0"
  resolved "https://registry.npmjs.org/anymatch/-/anymatch-2.0.0.tgz#bcb24b4f37934d9aa7ac17b4adaf89e7c76ef2eb"
@ -2644,11 +2620,6 @@ anymatch@^3.0.3, anymatch@~3.1.1, anymatch@~3.1.2:
    normalize-path "^3.0.0"
    picomatch "^2.0.4"

-app-root-path@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/app-root-path/-/app-root-path-3.0.0.tgz#210b6f43873227e18a4b810a032283311555d5ad"
-  integrity sha512-qMcx+Gy2UZynHjOHOIXPNvpf+9cjvk3cWrBBK7zg4gH9+clobJRb9NGzcT7mQTcV/6Gm/1WelUtqxVXnNlrwcw==
-
 arg@4.1.0:
  version "4.1.0"
  resolved "https://registry.yarnpkg.com/arg/-/arg-4.1.0.tgz#583c518199419e0037abb74062c37f8519e575f0"
@ -2671,11 +2642,6 @@ argparse@^1.0.7:
  dependencies:
    sprintf-js "~1.0.2"

-argparse@^2.0.1:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/argparse/-/argparse-2.0.1.tgz#246f50f3ca78a3240f6c997e8a9bd1eac49e4b38"
-  integrity sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==
-
 aria-hidden@^1.1.1:
  version "1.1.3"
  resolved "https://registry.yarnpkg.com/aria-hidden/-/aria-hidden-1.1.3.tgz#bb48de18dc84787a3c6eee113709c473c64ec254"
@ -3182,14 +3148,6 @@ buffer@^5.2.0:
    base64-js "^1.3.1"
    ieee754 "^1.1.13"

-buffer@^6.0.3:
-  version "6.0.3"
-  resolved "https://registry.yarnpkg.com/buffer/-/buffer-6.0.3.tgz#2ace578459cc8fbe2a70aaa8f52ee63b6a74c6c6"
-  integrity sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==
-  dependencies:
-    base64-js "^1.3.1"
-    ieee754 "^1.2.1"
-
 builtin-status-codes@^3.0.0:
  version "3.0.0"
  resolved "https://registry.yarnpkg.com/builtin-status-codes/-/builtin-status-codes-3.0.0.tgz#85982878e21b98e1c66425e03d0174788f569ee8"
@ -3375,18 +3333,6 @@ cli-cursor@^3.1.0:
  dependencies:
    restore-cursor "^3.1.0"

-cli-highlight@^2.1.11:
-  version "2.1.11"
-  resolved "https://registry.yarnpkg.com/cli-highlight/-/cli-highlight-2.1.11.tgz#49736fa452f0aaf4fae580e30acb26828d2dc1bf"
-  integrity sha512-9KDcoEVwyUXrjcJNvHD0NFc/hiwe/WPVYIleQh2O1N2Zro5gWJZ/K+3DGn8w8P/F6FxOgzyC5bxDyHIgCSPhGg==
-  dependencies:
-    chalk "^4.0.0"
-    highlight.js "^10.7.1"
-    mz "^2.4.0"
-    parse5 "^5.1.1"
-    parse5-htmlparser2-tree-adapter "^6.0.0"
-    yargs "^16.0.0"
-
 cli-truncate@2.1.0, cli-truncate@^2.1.0:
  version "2.1.0"
  resolved "https://registry.yarnpkg.com/cli-truncate/-/cli-truncate-2.1.0.tgz#c39e28bf05edcde5be3b98992a22deed5a2b93c7"
@ -3404,15 +3350,6 @@ cliui@^6.0.0:
    strip-ansi "^6.0.0"
    wrap-ansi "^6.2.0"

-cliui@^7.0.2:
-  version "7.0.4"
-  resolved "https://registry.yarnpkg.com/cliui/-/cliui-7.0.4.tgz#a0265ee655476fc807aea9df3df8df7783808b4f"
-  integrity sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==
-  dependencies:
-    string-width "^4.2.0"
-    strip-ansi "^6.0.0"
-    wrap-ansi "^7.0.0"
-
 clone@^2.1.2:
  version "2.1.2"
  resolved "https://registry.yarnpkg.com/clone/-/clone-2.1.2.tgz#1b7f4b9f591f1e8f83670401600345a02887435f"
@ -3556,6 +3493,11 @@ convert-source-map@^1.4.0, convert-source-map@^1.6.0, convert-source-map@^1.7.0:
  dependencies:
    safe-buffer "~5.1.1"

+cookie@^0.4.1:
+  version "0.4.1"
+  resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.4.1.tgz#afd713fe26ebd21ba95ceb61f9a8116e50a537d1"
+  integrity sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA==
+
 copy-descriptor@^0.1.0:
  version "0.1.1"
  resolved "https://registry.npmjs.org/copy-descriptor/-/copy-descriptor-0.1.1.tgz#676f6eb3c39997c2ee1ac3a924fd6124748f578d"
@ -3968,11 +3910,6 @@ domexception@^2.0.1:
  dependencies:
    webidl-conversions "^5.0.0"

-dotenv@^8.2.0:
-  version "8.6.0"
-  resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-8.6.0.tgz#061af664d19f7f4d8fc6e4ff9b584ce237adcb8b"
-  integrity sha512-IrPdXQsk2BbzvCBGBOTmmSH5SodmqZNt4ERAZDmW4CT+tL8VtvinqywuANaFu4bOMWki16nqf0e4oC0QIaDr/g==
-
 duplexer@^0.1.2:
  version "0.1.2"
  resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.2.tgz#3abe43aef3835f8ae077d136ddce0f276b0400e6"
@ -4665,11 +4602,6 @@ functional-red-black-tree@^1.0.1:
  resolved "https://registry.yarnpkg.com/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz#1b0ab3bd553b2a0d6399d29c0e3ea0b252078327"
  integrity sha1-GwqzvVU7Kg1jmdKcDj6gslIHgyc=

-futoin-hkdf@^1.3.2:
-  version "1.4.2"
-  resolved "https://registry.yarnpkg.com/futoin-hkdf/-/futoin-hkdf-1.4.2.tgz#fd534e848e0e50339b8bfbd81250b09cbff10ba3"
-  integrity sha512-2BggwLEJOTfXzKq4Tl2bIT37p0IqqKkblH4e0cMp2sXTdmwg/ADBKMxvxaEytYYcgdxgng8+acsi3WgMVUl6CQ==
-
 fwd-stream@^1.0.4:
  version "1.0.4"
  resolved "https://registry.npmjs.org/fwd-stream/-/fwd-stream-1.0.4.tgz#ed281cabed46feecf921ee32dc4c50b372ac7cfa"
@ -4701,7 +4633,7 @@ gensync@^1.0.0-beta.2:
  resolved "https://registry.yarnpkg.com/gensync/-/gensync-1.0.0-beta.2.tgz#32a6ee76c3d7f52d46b2b1ae5d93fea8580a25e0"
  integrity sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==

-get-caller-file@^2.0.1, get-caller-file@^2.0.5:
+get-caller-file@^2.0.1:
  version "2.0.5"
  resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e"
  integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==
@ -4803,7 +4735,7 @@ glob-to-regexp@^0.4.1:
  resolved "https://registry.yarnpkg.com/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz#c75297087c851b9a578bd217dd59a92f59fe546e"
  integrity sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==

-glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, glob@^7.1.6:
+glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4:
  version "7.2.0"
  resolved "https://registry.yarnpkg.com/glob/-/glob-7.2.0.tgz#d15535af7732e02e948f4c41628bd910293f6023"
  integrity sha512-lmLf6gtyrPq8tTjSmrO94wBeQbFR3HbLHbuyD69wuyQkImp2hWqMGB47OX65FBkPffO641IP9jWa1z4ivqG26Q==
@ -5019,11 +4951,6 @@ he@1.2.0:
  resolved "https://registry.yarnpkg.com/he/-/he-1.2.0.tgz#84ae65fa7eafb165fddb61566ae14baf05664f0f"
  integrity sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==

-highlight.js@^10.7.1:
-  version "10.7.3"
-  resolved "https://registry.yarnpkg.com/highlight.js/-/highlight.js-10.7.3.tgz#697272e3991356e40c3cac566a74eef681756531"
-  integrity sha512-tzcUFauisWKNHaRkN4Wjl/ZA07gENAjFl3J/c480dprkGTg5EQstgaNFqBfUqCq54kZRIEcreTsAgF/m2quD7A==
-
 history@^4.9.0:
  version "4.10.1"
  resolved "https://registry.yarnpkg.com/history/-/history-4.10.1.tgz#33371a65e3a83b267434e2b3f3b1b4c58aad4cf3"
@ -5183,7 +5110,7 @@ idb-wrapper@^1.5.0:
  resolved "https://registry.npmjs.org/idb-wrapper/-/idb-wrapper-1.7.2.tgz#8251afd5e77fe95568b1c16152eb44b396767ea2"
  integrity sha512-zfNREywMuf0NzDo9mVsL0yegjsirJxHpKHvWcyRozIqQy89g0a3U+oBPOCN4cc0oCiOuYgZHimzaW/R46G1Mpg==

-ieee754@^1.1.13, ieee754@^1.1.4, ieee754@^1.2.1:
+ieee754@^1.1.13, ieee754@^1.1.4:
  version "1.2.1"
  resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352"
  integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==
@ -6195,12 +6122,10 @@ jimp@^0.16.1:
    "@jimp/types" "^0.16.1"
    regenerator-runtime "^0.13.3"

-jose@^1.27.2:
-  version "1.28.1"
-  resolved "https://registry.yarnpkg.com/jose/-/jose-1.28.1.tgz#34a0f851a534be59ffab82a6e8845f6874e8c128"
-  integrity sha512-6JK28rFu5ENp/yxMwM+iN7YeaInnY9B9Bggjkz5fuwLiJhbVrl2O4SJr65bdNBPl9y27fdC3Mymh+FVCvozLIg==
-  dependencies:
-    "@panva/asn1.js" "^1.0.0"
+jose@^4.1.4, jose@^4.3.7:
+  version "4.3.7"
+  resolved "https://registry.yarnpkg.com/jose/-/jose-4.3.7.tgz#5000e4a2d41ae411a5abdd11e6baf63fc2973a69"
+  integrity sha512-S7Xfsy8nN9Iw/AZxk+ZxEbd5ImIwJPM0TfAo8zI8FF+3lidQ2yiK4dqzsaPKSbZD0woNVSY0KCql6rlKc5V7ug==

 jpeg-js@0.4.2:
  version "0.4.2"
@ -6230,13 +6155,6 @@ js-yaml@^3.13.1:
    argparse "^1.0.7"
    esprima "^4.0.0"

-js-yaml@^4.0.0:
-  version "4.1.0"
-  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602"
-  integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==
-  dependencies:
-    argparse "^2.0.1"
-
 jsdom@^16.4.0:
  version "16.7.0"
  resolved "https://registry.npmjs.org/jsdom/-/jsdom-16.7.0.tgz#918ae71965424b197c819f8183a754e18977b710"
@ -6321,22 +6239,6 @@ json5@^1.0.1:
  dependencies:
    minimist "^1.2.0"

-jsonwebtoken@^8.5.1:
-  version "8.5.1"
-  resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz#00e71e0b8df54c2121a1f26137df2280673bcc0d"
-  integrity sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==
-  dependencies:
-    jws "^3.2.2"
-    lodash.includes "^4.3.0"
-    lodash.isboolean "^3.0.3"
-    lodash.isinteger "^4.0.4"
-    lodash.isnumber "^3.0.3"
-    lodash.isplainobject "^4.0.6"
-    lodash.isstring "^4.0.1"
-    lodash.once "^4.0.0"
-    ms "^2.1.1"
-    semver "^5.6.0"
-
 "jsx-ast-utils@^2.4.1 || ^3.0.0":
  version "3.2.1"
  resolved "https://registry.yarnpkg.com/jsx-ast-utils/-/jsx-ast-utils-3.2.1.tgz#720b97bfe7d901b927d87c3773637ae8ea48781b"
@ -6345,15 +6247,6 @@ jsonwebtoken@^8.5.1:
    array-includes "^3.1.3"
    object.assign "^4.1.2"

-jwa@^1.4.1:
-  version "1.4.1"
-  resolved "https://registry.yarnpkg.com/jwa/-/jwa-1.4.1.tgz#743c32985cb9e98655530d53641b66c8645b039a"
-  integrity sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==
-  dependencies:
-    buffer-equal-constant-time "1.0.1"
-    ecdsa-sig-formatter "1.0.11"
-    safe-buffer "^5.0.1"
-
 jwa@^2.0.0:
  version "2.0.0"
  resolved "https://registry.yarnpkg.com/jwa/-/jwa-2.0.0.tgz#a7e9c3f29dae94027ebcaf49975c9345593410fc"
@ -6363,14 +6256,6 @@ jwa@^2.0.0:
    ecdsa-sig-formatter "1.0.11"
    safe-buffer "^5.0.1"

-jws@^3.2.2:
-  version "3.2.2"
-  resolved "https://registry.yarnpkg.com/jws/-/jws-3.2.2.tgz#001099f3639468c9414000e99995fa52fb478304"
-  integrity sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==
-  dependencies:
-    jwa "^1.4.1"
-    safe-buffer "^5.0.1"
-
 jws@^4.0.0:
  version "4.0.0"
  resolved "https://registry.yarnpkg.com/jws/-/jws-4.0.0.tgz#2d4e8cf6a318ffaa12615e9dec7e86e6c97310f4"
@ -6621,42 +6506,12 @@ lodash.clonedeep@^4.5.0:
  resolved "https://registry.yarnpkg.com/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz#e23f3f9c4f8fbdde872529c1071857a086e5ccef"
  integrity sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8=

-lodash.includes@^4.3.0:
-  version "4.3.0"
-  resolved "https://registry.yarnpkg.com/lodash.includes/-/lodash.includes-4.3.0.tgz#60bb98a87cb923c68ca1e51325483314849f553f"
-  integrity sha1-YLuYqHy5I8aMoeUTJUgzFISfVT8=
-
-lodash.isboolean@^3.0.3:
-  version "3.0.3"
-  resolved "https://registry.yarnpkg.com/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz#6c2e171db2a257cd96802fd43b01b20d5f5870f6"
-  integrity sha1-bC4XHbKiV82WgC/UOwGyDV9YcPY=
-
-lodash.isinteger@^4.0.4:
-  version "4.0.4"
-  resolved "https://registry.yarnpkg.com/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz#619c0af3d03f8b04c31f5882840b77b11cd68343"
-  integrity sha1-YZwK89A/iwTDH1iChAt3sRzWg0M=
-
-lodash.isnumber@^3.0.3:
-  version "3.0.3"
-  resolved "https://registry.yarnpkg.com/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz#3ce76810c5928d03352301ac287317f11c0b1ffc"
-  integrity sha1-POdoEMWSjQM1IwGsKHMX8RwLH/w=
-
-lodash.isplainobject@^4.0.6:
-  version "4.0.6"
-  resolved "https://registry.yarnpkg.com/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz#7c526a52d89b45c45cc690b88163be0497f550cb"
-  integrity sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs=
-
-lodash.isstring@^4.0.1:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/lodash.isstring/-/lodash.isstring-4.0.1.tgz#d527dfb5456eca7cc9bb95d5daeaf88ba54a5451"
-  integrity sha1-1SfftUVuynzJu5XV2ur4i6VKVFE=
-
 lodash.merge@^4.6.2:
  version "4.6.2"
  resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.2.tgz#558aa53b43b661e1925a0afdfa36a9a1085fe57a"
  integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==

-lodash.once@^4.0.0, lodash.once@^4.1.1:
+lodash.once@^4.1.1:
  version "4.1.1"
  resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac"
  integrity sha1-DdOXEhPHxW34gJd9UEyI+0cal6w=
@ -6922,7 +6777,7 @@ mixin-deep@^1.2.0:
    for-in "^1.0.2"
    is-extendable "^1.0.1"

-mkdirp@1.x, mkdirp@^1.0.4:
+mkdirp@1.x:
  version "1.0.4"
  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-1.0.4.tgz#3eb5ed62622756d79a5f0e2a221dfebad75c2f7e"
  integrity sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==
@ -6954,15 +6809,6 @@ ms@^2.1.1, ms@^2.1.2:
  resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.3.tgz#574c8138ce1d2b5861f0b44579dbadd60c6615b2"
  integrity sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==

-mz@^2.4.0:
-  version "2.7.0"
-  resolved "https://registry.yarnpkg.com/mz/-/mz-2.7.0.tgz#95008057a56cafadc2bc63dde7f9ff6955948e32"
-  integrity sha512-z81GNO7nnYMEhrGh9LeymoE4+Yr0Wn5McHIZMK5cfQCl+NDX08sCZgUc9/6MHni9IWuFLm1Z3HTCXu2z9fN62Q==
-  dependencies:
-    any-promise "^1.0.0"
-    object-assign "^4.0.1"
-    thenify-all "^1.0.0"
-
 nano-time@1.0.0:
  version "1.0.0"
  resolved "https://registry.yarnpkg.com/nano-time/-/nano-time-1.0.0.tgz#b0554f69ad89e22d0907f7a12b0993a5d96137ef"
@ -7007,23 +6853,20 @@ neo-async@^2.6.0:
  resolved "https://registry.yarnpkg.com/neo-async/-/neo-async-2.6.2.tgz#b4aafb93e3aeb2d8174ca53cf163ab7d7308305f"
  integrity sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==

-next-auth@^3.29.0:
-  version "3.29.0"
-  resolved "https://registry.yarnpkg.com/next-auth/-/next-auth-3.29.0.tgz#60ddbfc7ed8ae7d43ebb02c16dc58eebf5dcb337"
-  integrity sha512-B//4QTv/1Of0D+roZ82URmI6L2JSbkKgeaKI7Mdrioq8lAzp9ff8NdmouvZL/7zwrPe2cUyM6MLYlasfuI3ZIQ==
+next-auth@^4.0.6:
+  version "4.0.6"
+  resolved "https://registry.yarnpkg.com/next-auth/-/next-auth-4.0.6.tgz#93ca158993fc259c3d00029f644fc98825321e3c"
+  integrity sha512-44IwABioPpfI+T8zEHfCH3S7xigd+7XxbqVj2uUTwLZaaYXpjhsNYgiE2ZCh5+8vbj/ls89ypl0TLL7mQeKA8Q==
  dependencies:
-    "@babel/runtime" "^7.14.0"
-    "@next-auth/prisma-legacy-adapter" "0.1.2"
-    "@next-auth/typeorm-legacy-adapter" "0.1.4"
-    futoin-hkdf "^1.3.2"
-    jose "^1.27.2"
-    jsonwebtoken "^8.5.1"
-    nodemailer "^6.4.16"
+    "@babel/runtime" "^7.16.3"
+    "@panva/hkdf" "^1.0.1"
+    cookie "^0.4.1"
+    jose "^4.3.7"
    oauth "^0.9.15"
-    pkce-challenge "^2.1.0"
-    preact "^10.4.1"
-    preact-render-to-string "^5.1.14"
-    querystring "^0.2.0"
+    openid-client "^5.1.0"
+    preact "^10.6.3"
+    preact-render-to-string "^5.1.19"
+    uuid "^8.3.2"

 next-i18next@^8.9.0:
  version "8.10.0"
@ -7187,11 +7030,6 @@ node-releases@^2.0.1:
  resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-2.0.1.tgz#3d1d395f204f1f2f29a54358b9fb678765ad2fc5"
  integrity sha512-CqyzN6z7Q6aMeF/ktcMVTzhAHCEpf8SOarwpzpf8pNBY2k5/oM34UHldUwp8VKI7uxct2HxSRdJjBaZeESzcxA==

-nodemailer@^6.4.16:
-  version "6.7.0"
-  resolved "https://registry.yarnpkg.com/nodemailer/-/nodemailer-6.7.0.tgz#86614722c4e0c33d1b5b02aecb90d6d629932b0d"
-  integrity sha512-AtiTVUFHLiiDnMQ43zi0YgkzHOEWUkhDgPlBXrsDzJiJvB29Alo4OKxHQ0ugF3gRqRQIneCLtZU3yiUo7pItZw==
-
 nodemailer@^6.7.2:
  version "6.7.2"
  resolved "https://registry.yarnpkg.com/nodemailer/-/nodemailer-6.7.2.tgz#44b2ad5f7ed71b7067f7a21c4fedabaec62b85e0"
@ -7268,7 +7106,7 @@ oauth@^0.9.15:
  resolved "https://registry.yarnpkg.com/oauth/-/oauth-0.9.15.tgz#bd1fefaf686c96b75475aed5196412ff60cfb9c1"
  integrity sha1-vR/vr2hslrdUda7VGWQS/2DPucE=

-object-assign@^4.0.1, object-assign@^4.1.1:
+object-assign@^4.1.1:
  version "4.1.1"
  resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863"
  integrity sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=
@ -7282,7 +7120,7 @@ object-copy@^0.1.0:
    define-property "^0.2.5"
    kind-of "^3.0.3"

-object-hash@^2.2.0:
+object-hash@^2.0.1, object-hash@^2.2.0:
  version "2.2.0"
  resolved "https://registry.yarnpkg.com/object-hash/-/object-hash-2.2.0.tgz#5ad518581eefc443bd763472b8ff2e9c2c0d54a5"
  integrity sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==
@ -7388,6 +7226,11 @@ octal@^1.0.0:
  resolved "https://registry.npmjs.org/octal/-/octal-1.0.0.tgz#63e7162a68efbeb9e213588d58e989d1e5c4530b"
  integrity sha1-Y+cWKmjvvrniE1iNWOmJ0eXEUws=

+oidc-token-hash@^5.0.1:
+  version "5.0.1"
+  resolved "https://registry.yarnpkg.com/oidc-token-hash/-/oidc-token-hash-5.0.1.tgz#ae6beec3ec20f0fd885e5400d175191d6e2f10c6"
+  integrity sha512-EvoOtz6FIEBzE+9q253HsLCVRiK/0doEJ2HCvvqMQb3dHZrP3WlJKYtJ55CRTw4jmYomzH4wkPuCj/I3ZvpKxQ==
+
 omggif@^1.0.10, omggif@^1.0.9:
  version "1.0.10"
  resolved "https://registry.yarnpkg.com/omggif/-/omggif-1.0.10.tgz#ddaaf90d4a42f532e9e7cb3a95ecdd47f17c7b19"
@ -7421,6 +7264,16 @@ opener@^1.5.2:
  resolved "https://registry.yarnpkg.com/opener/-/opener-1.5.2.tgz#5d37e1f35077b9dcac4301372271afdeb2a13598"
  integrity sha512-ur5UIdyw5Y7yEj9wLzhqXiy6GZ3Mwx0yGI+5sMn2r0N0v3cKJvUmFH5yPP+WXh9e0xfyzyJX95D8l088DNFj7A==

+openid-client@^5.1.0:
+  version "5.1.1"
+  resolved "https://registry.yarnpkg.com/openid-client/-/openid-client-5.1.1.tgz#4b6597c34444f77494e1a057e93ad83875529324"
+  integrity sha512-vwbS4T7hpaWol0GerNabnslUWTxq1NHjnLqdFovzqWlLHW5kp08Tme8FSSeTswABjSC9d88ofTFnfAYy/zwtlQ==
+  dependencies:
+    jose "^4.1.4"
+    lru-cache "^6.0.0"
+    object-hash "^2.0.1"
+    oidc-token-hash "^5.0.1"
+
 optionator@^0.8.1:
  version "0.8.3"
  resolved "https://registry.yarnpkg.com/optionator/-/optionator-0.8.3.tgz#84fa1d036fe9d3c7e21d99884b601167ec8fb495"
@ -7585,23 +7438,11 @@ parse-json@^5.0.0:
    json-parse-even-better-errors "^2.3.0"
    lines-and-columns "^1.1.6"

-parse5-htmlparser2-tree-adapter@^6.0.0:
-  version "6.0.1"
-  resolved "https://registry.yarnpkg.com/parse5-htmlparser2-tree-adapter/-/parse5-htmlparser2-tree-adapter-6.0.1.tgz#2cdf9ad823321140370d4dbf5d3e92c7c8ddc6e6"
-  integrity sha512-qPuWvbLgvDGilKc5BoicRovlT4MtYT6JfJyBOMDsKoiT+GiuP5qyrPCnR9HcPECIJJmZh5jRndyNThnhhb/vlA==
-  dependencies:
-    parse5 "^6.0.1"
-
-parse5@6.0.1, parse5@^6.0.1:
+parse5@6.0.1:
  version "6.0.1"
  resolved "https://registry.yarnpkg.com/parse5/-/parse5-6.0.1.tgz#e1a1c085c569b3dc08321184f19a39cc27f7c30b"
  integrity sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==

-parse5@^5.1.1:
-  version "5.1.1"
-  resolved "https://registry.yarnpkg.com/parse5/-/parse5-5.1.1.tgz#f68e4e5ba1852ac2cadc00f4555fff6c2abb6178"
-  integrity sha512-ugq4DFI0Ptb+WWjAdOK16+u/nHfiIrcE+sh8kZMaM0WllQKLI9rOUq6c2b7cwPkXdzfQESqvoqK6ug7U/Yyzug==
-
 pascalcase@^0.1.1:
  version "0.1.1"
  resolved "https://registry.npmjs.org/pascalcase/-/pascalcase-0.1.1.tgz#b363e55e8006ca6fe21784d2db22bd15d7917f14"
@ -7723,11 +7564,6 @@ pixelmatch@^5.2.1:
  dependencies:
    pngjs "^4.0.1"

-pkce-challenge@^2.1.0:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/pkce-challenge/-/pkce-challenge-2.2.0.tgz#02622e0498b82aab248c8c7dbf6507e8bbe20abf"
-  integrity sha512-Ly0Y0OwhtG2N1ynk5ruqoyJxkrWhAPmvdRk0teiLh9Dp2+J4URKpv1JSKWD0j1Sd+QCeiwO9lTl0EjmrB2jWeA==
-
 pkg-dir@^2.0.0:
  version "2.0.0"
  resolved "https://registry.npmjs.org/pkg-dir/-/pkg-dir-2.0.0.tgz#f6d5d1109e19d63edf428e0bd57e12777615334b"
@ -7865,17 +7701,17 @@ postcss@^8.4.4:
    picocolors "^1.0.0"
    source-map-js "^1.0.1"

-preact-render-to-string@^5.1.14:
+preact-render-to-string@^5.1.19:
  version "5.1.19"
  resolved "https://registry.yarnpkg.com/preact-render-to-string/-/preact-render-to-string-5.1.19.tgz#ffae7c3bd1680be5ecf5991d41fe3023b3051e0e"
  integrity sha512-bj8sn/oytIKO6RtOGSS/1+5CrQyRSC99eLUnEVbqUa6MzJX5dYh7wu9bmT0d6lm/Vea21k9KhCQwvr2sYN3rrQ==
  dependencies:
    pretty-format "^3.8.0"

-preact@^10.4.1:
-  version "10.5.15"
-  resolved "https://registry.yarnpkg.com/preact/-/preact-10.5.15.tgz#6df94d8afecf3f9e10a742fd8c362ddab464225f"
-  integrity sha512-5chK29n6QcJc3m1lVrKQSQ+V7K1Gb8HeQY6FViQ5AxCAEGu3DaHffWNDkC9+miZgsLvbvU9rxbV1qinGHMHzqA==
+preact@^10.6.3:
+  version "10.6.4"
+  resolved "https://registry.yarnpkg.com/preact/-/preact-10.6.4.tgz#ad12c409ff1b4316158486e0a7b8d43636f7ced8"
+  integrity sha512-WyosM7pxGcndU8hY0OQlLd54tOU+qmG45QXj2dAYrL11HoyU/EzOSTlpJsirbBr1QW7lICxSsVJJmcmUglovHQ==

 prelude-ls@^1.2.1:
  version "1.2.1"
@ -8049,11 +7885,6 @@ querystring-es3@0.2.1:
  resolved "https://registry.yarnpkg.com/querystring-es3/-/querystring-es3-0.2.1.tgz#9ec61f79049875707d69414596fd907a4d711e73"
  integrity sha1-nsYfeQSYdXB9aUFFlv2Qek1xHnM=

-querystring@^0.2.0:
-  version "0.2.1"
-  resolved "https://registry.yarnpkg.com/querystring/-/querystring-0.2.1.tgz#40d77615bb09d16902a85c3e38aa8b5ed761c2dd"
-  integrity sha512-wkvS7mL/JMugcup3/rMitHmd9ecIGd2lhFhK9N3UUQ450h66d1r3Y9nvXzQAW1Lq+wyx61k/1pfKS5KuKiyEbg==
-
 queue-microtask@^1.2.2:
  version "1.2.3"
  resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.3.tgz#4929228bbc724dfac43e0efb058caf7b6cfb6243"
@ -8453,11 +8284,6 @@ readdirp@~3.6.0:
  dependencies:
    picomatch "^2.2.1"

-reflect-metadata@^0.1.13:
-  version "0.1.13"
-  resolved "https://registry.yarnpkg.com/reflect-metadata/-/reflect-metadata-0.1.13.tgz#67ae3ca57c972a2aa1642b10fe363fe32d49dc08"
-  integrity sha512-Ts1Y/anZELhSsjMcU605fU9RE4Oi3p5ORujwbIKXfWa+0Zxs510Qrmrce5/Jowq3cHSZSJqBjypxmHarc+vEWg==
-
 regenerator-runtime@0.13.4:
  version "0.13.4"
  resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.4.tgz#e96bf612a3362d12bb69f7e8f74ffeab25c7ac91"
@ -8524,14 +8350,6 @@ require-main-filename@^2.0.0:
  resolved "https://registry.yarnpkg.com/require-main-filename/-/require-main-filename-2.0.0.tgz#d0b329ecc7cc0f61649f62215be69af54aa8989b"
  integrity sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg==

-require_optional@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/require_optional/-/require_optional-1.0.1.tgz#4cf35a4247f64ca3df8c2ef208cc494b1ca8fc2e"
-  integrity sha512-qhM/y57enGWHAe3v/NcwML6a3/vfESLe/sGM2dII+gEO0BpKRUkWZow/tyloNqJyN6kXSl3RyyM8Ll5D/sJP8g==
-  dependencies:
-    resolve-from "^2.0.0"
-    semver "^5.1.0"
-
 resolve-cwd@^3.0.0:
  version "3.0.0"
  resolved "https://registry.yarnpkg.com/resolve-cwd/-/resolve-cwd-3.0.0.tgz#0f0075f1bb2544766cf73ba6a6e2adfebcb13f2d"
@ -8539,11 +8357,6 @@ resolve-cwd@^3.0.0:
  dependencies:
    resolve-from "^5.0.0"

-resolve-from@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-2.0.0.tgz#9480ab20e94ffa1d9e80a804c7ea147611966b57"
-  integrity sha1-lICrIOlP+h2egKgEx+oUdhGWa1c=
-
 resolve-from@^4.0.0:
  version "4.0.0"
  resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-4.0.0.tgz#4abcd852ad32dd7baabfe9b40e00a36db5f392e6"
@ -8716,7 +8529,7 @@ semver-compare@^1.0.0:
  resolved "https://registry.yarnpkg.com/semver-compare/-/semver-compare-1.0.0.tgz#0dee216a1c941ab37e9efb1788f6afc5ff5537fc"
  integrity sha1-De4hahyUGrN+nvsXiPavxf9VN/w=

-"semver@2 || 3 || 4 || 5", semver@^5.1.0, semver@^5.5.0, semver@^5.6.0:
+"semver@2 || 3 || 4 || 5", semver@^5.5.0:
  version "5.7.1"
  resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7"
  integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==
@ -8768,7 +8581,7 @@ setprototypeof@1.1.1:
  resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.1.1.tgz#7e95acb24aa92f5885e0abef5ba131330d4ae683"
  integrity sha512-JvdAWfbXeIGaZ9cILp38HntZSFSo3mWg6xGcJJsd+d4aRMOqauag1C63dJfDw7OaMYwEbHMOxEZ1lqVRYP2OAw==

-sha.js@^2.4.0, sha.js@^2.4.11, sha.js@^2.4.8:
+sha.js@^2.4.0, sha.js@^2.4.8:
  version "2.4.11"
  resolved "https://registry.yarnpkg.com/sha.js/-/sha.js-2.4.11.tgz#37a5cf0b81ecbc6943de109ba2960d1b26584ae7"
  integrity sha512-QMEp5B7cftE7APOjk5Y6xgrbWu+WkLVQwk8JNjZ8nKRciZaByEW6MubieAiToS7+dwvrjGhH8jRXz3MVd0AYqQ==
@ -9375,20 +9188,6 @@ text-table@^0.2.0:
  resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4"
  integrity sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=

-thenify-all@^1.0.0:
-  version "1.6.0"
-  resolved "https://registry.yarnpkg.com/thenify-all/-/thenify-all-1.6.0.tgz#1a1918d402d8fc3f98fbf234db0bcc8cc10e9726"
-  integrity sha1-GhkY1ALY/D+Y+/I02wvMjMEOlyY=
-  dependencies:
-    thenify ">= 3.1.0 < 4"
-
-"thenify@>= 3.1.0 < 4":
-  version "3.3.1"
-  resolved "https://registry.yarnpkg.com/thenify/-/thenify-3.3.1.tgz#8932e686a4066038a016dd9e2ca46add9838a95f"
-  integrity sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw==
-  dependencies:
-    any-promise "^1.0.0"
-
 thirty-two@^1.0.2:
  version "1.0.2"
  resolved "https://registry.yarnpkg.com/thirty-two/-/thirty-two-1.0.2.tgz#4ca2fffc02a51290d2744b9e3f557693ca6b627a"
@ -9675,28 +9474,6 @@ typedarray@^0.0.6:
  resolved "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"
  integrity sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c=

-typeorm@^0.2.30:
-  version "0.2.39"
-  resolved "https://registry.yarnpkg.com/typeorm/-/typeorm-0.2.39.tgz#4d22fc68d114b2ca88a8d7b064f31af15e836ade"
-  integrity sha512-yQdvDpmmmn8wp1We25V76KIBPYR/lDbymNbGC++Uq8mSRhpHIPnlg26VAT4CF6Ypqx72zn8eqr+/72uSo7HdJQ==
-  dependencies:
-    "@sqltools/formatter" "^1.2.2"
-    app-root-path "^3.0.0"
-    buffer "^6.0.3"
-    chalk "^4.1.0"
-    cli-highlight "^2.1.11"
-    debug "^4.3.1"
-    dotenv "^8.2.0"
-    glob "^7.1.6"
-    js-yaml "^4.0.0"
-    mkdirp "^1.0.4"
-    reflect-metadata "^0.1.13"
-    sha.js "^2.4.11"
-    tslib "^2.1.0"
-    xml2js "^0.4.23"
-    yargs "^17.0.1"
-    zen-observable-ts "^1.0.0"
-
 typescript@^4.5.2:
  version "4.5.2"
  resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.5.2.tgz#8ac1fba9f52256fdb06fb89e4122fa6a346c2998"
@ -10085,7 +9862,7 @@ xml-parse-from-string@^1.0.0:
  resolved "https://registry.yarnpkg.com/xml-parse-from-string/-/xml-parse-from-string-1.0.1.tgz#a9029e929d3dbcded169f3c6e28238d95a5d5a28"
  integrity sha1-qQKekp09vN7RafPG4oI42VpdWig=

-xml2js@^0.4.23, xml2js@^0.4.5:
+xml2js@^0.4.5:
  version "0.4.23"
  resolved "https://registry.yarnpkg.com/xml2js/-/xml2js-0.4.23.tgz#a0c69516752421eb2ac758ee4d4ccf58843eac66"
  integrity sha512-ySPiMjM0+pLDftHgXY4By0uswI3SPKLDw/i3UXbnO8M/p28zqexCUoPmQFrYD+/1BzhGJSs2i1ERWKJAtiLrug==
@ -10138,11 +9915,6 @@ y18n@^4.0.0:
  resolved "https://registry.yarnpkg.com/y18n/-/y18n-4.0.3.tgz#b5f259c82cd6e336921efd7bfd8bf560de9eeedf"
  integrity sha512-JKhqTOwSrqNA1NY5lSztJ1GrBiUodLMmIZuLiDaMRJ+itFd+ABVE8XBjOvIWL+rSqNDC74LCSFmlb/U4UZ4hJQ==

-y18n@^5.0.5:
-  version "5.0.8"
-  resolved "https://registry.yarnpkg.com/y18n/-/y18n-5.0.8.tgz#7f4934d0f7ca8c56f95314939ddcd2dd91ce1d55"
-  integrity sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==
-
 yallist@^4.0.0:
  version "4.0.0"
  resolved "https://registry.yarnpkg.com/yallist/-/yallist-4.0.0.tgz#9bb92790d9c0effec63be73519e11a35019a3a72"
@ -10153,7 +9925,7 @@ yaml@^1.10.0, yaml@^1.10.2:
  resolved "https://registry.yarnpkg.com/yaml/-/yaml-1.10.2.tgz#2301c5ffbf12b467de8da2333a459e29e7920e4b"
  integrity sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==

-yargs-parser@20.x, yargs-parser@^20.2.2:
+yargs-parser@20.x:
  version "20.2.9"
  resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.9.tgz#2eb7dc3b0289718fc295f362753845c41a0c94ee"
  integrity sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==
@ -10183,32 +9955,6 @@ yargs@^15.3.1, yargs@^15.4.1:
    y18n "^4.0.0"
    yargs-parser "^18.1.2"

-yargs@^16.0.0:
-  version "16.2.0"
-  resolved "https://registry.yarnpkg.com/yargs/-/yargs-16.2.0.tgz#1c82bf0f6b6a66eafce7ef30e376f49a12477f66"
-  integrity sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==
-  dependencies:
-    cliui "^7.0.2"
-    escalade "^3.1.1"
-    get-caller-file "^2.0.5"
-    require-directory "^2.1.1"
-    string-width "^4.2.0"
-    y18n "^5.0.5"
-    yargs-parser "^20.2.2"
-
-yargs@^17.0.1:
-  version "17.2.1"
-  resolved "https://registry.yarnpkg.com/yargs/-/yargs-17.2.1.tgz#e2c95b9796a0e1f7f3bf4427863b42e0418191ea"
-  integrity sha512-XfR8du6ua4K6uLGm5S6fA+FIJom/MdJcFNVY8geLlp2v8GYbOXD4EB1tPNZsRn4vBzKGMgb5DRZMeWuFc2GO8Q==
-  dependencies:
-    cliui "^7.0.2"
-    escalade "^3.1.1"
-    get-caller-file "^2.0.5"
-    require-directory "^2.1.1"
-    string-width "^4.2.0"
-    y18n "^5.0.5"
-    yargs-parser "^20.2.2"
-
 yauzl@^2.10.0:
  version "2.10.0"
  resolved "https://registry.yarnpkg.com/yauzl/-/yauzl-2.10.0.tgz#c7eb17c93e112cb1086fa6d8e51fb0667b79a5f9"
@ -10247,19 +9993,6 @@ yup@^0.32.9:
    property-expr "^2.0.4"
    toposort "^2.0.2"

-zen-observable-ts@^1.0.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/zen-observable-ts/-/zen-observable-ts-1.1.0.tgz#2d1aa9d79b87058e9b75698b92791c1838551f83"
-  integrity sha512-1h4zlLSqI2cRLPJUHJFL8bCWHhkpuXkF+dbGkRaWjgDIG26DmzyshUMrdV/rL3UnR+mhaX4fRq8LPouq0MYYIA==
-  dependencies:
-    "@types/zen-observable" "0.8.3"
-    zen-observable "0.8.15"
-
-zen-observable@0.8.15:
-  version "0.8.15"
-  resolved "https://registry.yarnpkg.com/zen-observable/-/zen-observable-0.8.15.tgz#96415c512d8e3ffd920afd3889604e30b9eaac15"
-  integrity sha512-PQ2PC7R9rslx84ndNBZB/Dkv8V8fZEpk83RLgXtYd0fwUgEjseMn1Dgajh2x6S8QbZAFa9p2qVCEuYZNgve0dQ==
-
 zod@^3.8.2:
  version "3.11.6"
  resolved "https://registry.yarnpkg.com/zod/-/zod-3.11.6.tgz#e43a5e0c213ae2e02aefe7cb2b1a6fa3d7f1f483"