https://remaster.com/blog/next-auth-jwt-session

NextAuth.js Callbacks

jwt Callback

What It Does:

• Called when a JSON Web Token is created or accessed.
• Receives token and user as parameters.

Parameters:

• token: Existing or new token object.
• user: User object from authorize.

Usage:

1. Add custom claims to token.
2. Return modified token.

Example Code:

jwt: async (token, user) => {
  if (user) {
    token.id = user.id;
    token.email = user.email;
  }
  return token;
}

Note:

• token is automatically encrypted by NextAuth.js.

session Callback

What It Does:

• Called when session data is sent to the client.
• Receives session and token as parameters.

Parameters:

• session: Existing session object.
• token: Encrypted token from jwt callback.

Usage:

1. Add properties to session.
2. Return modified session.

Example Code:

session: async (session, token) => {
  session.user.id = token.id;
  return session;
}

Note:

• session is sent to the client.