fix: resolve issues with emailVerified jwt property

packages/lib/next-auth/auth-options.ts

@@ -1,9 +1,12 @@
+/// <reference types="../types/next-auth.d.ts" />
 import { PrismaAdapter } from '@next-auth/prisma-adapter';
 import { compare } from 'bcrypt';
 import { DateTime } from 'luxon';
-import { AuthOptions, Session, User } from 'next-auth';
+import type { AuthOptions, Session, User } from 'next-auth';
+import type { JWT } from 'next-auth/jwt';
 import CredentialsProvider from 'next-auth/providers/credentials';
-import GoogleProvider, { GoogleProfile } from 'next-auth/providers/google';
+import type { GoogleProfile } from 'next-auth/providers/google';
+import GoogleProvider from 'next-auth/providers/google';
 
 import { prisma } from '@documenso/prisma';
 
@@ -48,6 +51,7 @@ export const NEXT_AUTH_OPTIONS: AuthOptions = {
           id: Number(user.id),
           email: user.email,
           name: user.name,
+          emailVerified: user.emailVerified?.toISOString() ?? null,
         } satisfies User;
       },
     }),
@@ -61,6 +65,7 @@ export const NEXT_AUTH_OPTIONS: AuthOptions = {
           id: Number(profile.sub),
           name: profile.name || `${profile.given_name} ${profile.family_name}`.trim(),
           email: profile.email,
+          emailVerified: profile.email_verified ? new Date().toISOString() : null,
         };
       },
     }),
@@ -70,9 +75,10 @@ export const NEXT_AUTH_OPTIONS: AuthOptions = {
       const merged = {
         ...token,
         ...user,
-      };
+        emailVerified: user?.emailVerified ? new Date(user.emailVerified).toISOString() : null,
+      } satisfies JWT;
 
-      if (!merged.email) {
+      if (!merged.email || typeof merged.emailVerified !== 'string') {
         const userId = Number(merged.id ?? token.sub);
 
         const retrieved = await prisma.user.findFirst({
@@ -88,7 +94,7 @@ export const NEXT_AUTH_OPTIONS: AuthOptions = {
         merged.id = retrieved.id;
         merged.name = retrieved.name;
         merged.email = retrieved.email;
-        merged.emailVerified = retrieved.emailVerified;
+        merged.emailVerified = retrieved.emailVerified?.toISOString() ?? null;
       }
 
       if (
@@ -98,7 +104,7 @@ export const NEXT_AUTH_OPTIONS: AuthOptions = {
       ) {
         merged.lastSignedIn = new Date().toISOString();
 
-        await prisma.user.update({
+        const user = await prisma.user.update({
           where: {
             id: Number(merged.id),
           },
@@ -106,6 +112,8 @@ export const NEXT_AUTH_OPTIONS: AuthOptions = {
             lastSignedIn: merged.lastSignedIn,
           },
         });
+
+        merged.emailVerified = user.emailVerified?.toISOString() ?? null;
       }
 
       return {
@@ -114,7 +122,7 @@ export const NEXT_AUTH_OPTIONS: AuthOptions = {
         email: merged.email,
         lastSignedIn: merged.lastSignedIn,
         emailVerified: merged.emailVerified,
-      };
+      } satisfies JWT;
     },
 
     session({ token, session }) {
@@ -125,8 +133,7 @@ export const NEXT_AUTH_OPTIONS: AuthOptions = {
             id: Number(token.id),
             name: token.name,
             email: token.email,
-            emailVerified:
-              typeof token.emailVerified === 'string' ? new Date(token.emailVerified) : null,
+            emailVerified: token.emailVerified ?? null,
           },
         } satisfies Session;
       }