Update login hook params

waspc/data/Generator/templates/sdk/wasp/server/auth/hooks.ts

@@ -1,5 +1,5 @@
 import type { Request as ExpressRequest } from 'express'
-import type { ProviderId, createUser } from '../../auth/utils.js'
+import { type ProviderId, createUser, findAuthWithUserBy } from '../../auth/utils.js'
 import { prisma } from '../index.js'
 import { Expand } from '../../universal/types.js'
 
@@ -122,6 +122,7 @@ type OnAfterLoginHookParams = {
      */
     uniqueRequestId: string
   },
+  user: Awaited<ReturnType<typeof findAuthWithUserBy>>['user']
   /**
    * Request object that can be used to access the incoming request.
    */

waspc/data/Generator/templates/server/src/auth/providers/email/login.ts

@@ -40,8 +40,11 @@ export function getLoginRoute() {
 
         const session = await createSession(auth.id)
 
-        // TODO: update params
-        await onAfterLoginHook({ req, providerId })
+        await onAfterLoginHook({
+            req,
+            providerId,
+            user: auth.user,
+        })
 
         return res.json({
             sessionId: session.id,

waspc/data/Generator/templates/server/src/auth/providers/oauth/user.ts

@@ -6,6 +6,7 @@ import {
   sanitizeAndSerializeProviderData,
   validateAndGetUserFields,
   createProviderId,
+  findAuthWithUserBy,
 } from 'wasp/auth/utils'
 import { type {= authEntityUpper =} } from 'wasp/entities'
 import { prisma } from 'wasp/server'
@@ -83,20 +84,31 @@ async function getAuthIdFromProviderDetails({
   })
 
   if (existingAuthIdentity) {
-    // TODO: it feels weird calling one hook before the other, but we need to call onBeforeLoginHook before onAfterLoginHook
+    const authId = existingAuthIdentity.{= authFieldOnAuthIdentityEntityName =}.id
+
+    // NOTE: We are calling login hooks here even though we didn't log in the user yet.
+    // We are doing it here because we have access to the OAuth tokens and we can pass them to the hooks.
+    // This isn't a big deal because the next step of the OAuth flow happens immediately after this function
+    // and the user is redirected to the client with the one-time code which is then used to create the session.
+    // The downside of this approach is that we can't provide the session to the login hooks, but this is
+    // an okay trade-off for now.
     await onBeforeLoginHook({ req, providerId })
 
-    // TODO: update params, add refresh token
+    // NOTE: Fetching the user to pass it to the onAfterLoginHook - it's a bit wasteful
+    // but we wanted to keep the onAfterLoginHook params consistent for all auth providers.
+    const auth = await findAuthWithUserBy({ id: authId })
+
     await onAfterLoginHook({
       req,
       providerId,
       oauth: {
         accessToken,
         uniqueRequestId: oAuthState.state,
       },
+      user: auth.user,
     })
 
-    return existingAuthIdentity.{= authFieldOnAuthIdentityEntityName =}.id
+    return authId
   } else {
     const userFields = await validateAndGetUserFields(
       { profile: providerProfile },

waspc/data/Generator/templates/server/src/auth/providers/username/login.ts

@@ -39,8 +39,11 @@ export default handleRejection(async (req, res) => {
 
   const session = await createSession(auth.id)
 
-  // TODO: update params
-  await onAfterLoginHook({ req, providerId })
+  await onAfterLoginHook({
+    req,
+    providerId,
+    user: auth.user,
+  })
 
   return res.json({
       sessionId: session.id,

waspc/examples/todoApp/src/auth/hooks.ts

@@ -63,6 +63,7 @@ export const onBeforeLogin: OnBeforeLoginHook = async (args) => {
 export const onAfterLogin: OnAfterLoginHook = async (args) => {
   const log = createLoggerForHook('onAfterLogin')
   log('providerId object', args.providerId)
+  log('user object', args.user)
   if (args.oauth) {
     log('accessToken', args.oauth.accessToken)
   }