Passing additional data on first signIn while creating user

[baunov]

I'm having a use-case where I have 2 different user types (with separate signIn ui flows) - e.g. Company and Employee.
My setup is Next13, next-auth 4 and Prisma with Postgresql.
I added an accountType field to my User schema. And I would like to populate it with the corresponding Company/Employee account type during first signIn.
I'm using OAuth providers sign in as well as Email (magic link) sign in. So, passing additional accountType data is required for all sign-ins.
So far, I found a way to pass additional parameters to signIn function using the third argument which is then parsed in auth handler as query parameters (using Advanced Initialization from docs).

But that's pretty much where I got stuck and not sure how to proceed with creating user with that additional accountType field.
Potentially, if there's no simpler solution, I assume I could override the default signIn flow as a whole using auth handler but that seems a bit too complex for that task.

That seems like a common task, so I might be missing some simpler flow.

So, question is - how to pass additional user data to be saved in DB from signIn to createUser?

[baunov]

For now I found a workaround. A bit complex but it works.

1. I added extra table to my Prisma schema - UserAccountType:

model UserAccountType {
  email       String      @unique
  accountType AccountType @default(EMPLOYEE)
}

2. Set server-side cookie using Next13 server actions whenever user changes sign-up page flow (either for company or for employee).

export async function setAccountType(accountType: AccountType) {
    'use server'
    cookies().set('accountType', accountType, {
        httpOnly: true,
        sameSite: 'lax', // CSRF protection
        secure: process.env.NODE_ENV === 'production', // cookie only sent on HTTPS
    });
}

3. In next-auth signIn callback I take the accountType cookie and create a record in the database linking user email with provided accountType:

const accountType =  cookies().get('accountType')?.value ?? 'EMPLOYEE';
try {
    await prisma.userAccountType.create({
        data: {
            email: params.user.email!,
            accountType: accountType as AccountType
        }
    });
} catch (e) {
    console.log(`Account type is already assigned to ${params.user.email}`);
}

4. In next-auth createUser event I search for the user email from UserAccountType and update the User record with the accountType found in UserAccountType table:

const accountType = (await prisma.userAccountType.findUnique({where: {email: message.user.email!}}))?.accountType;
await prisma.user.update({
    where: {id: message.user.id},
    data: {accountType}
});

This ensures that both OAuth and magic links work the same. Also, the database persistence ensures that even if user uses different browsers during signIn, the accountType is set correctly.

[shawnmclean]

Any better way has come about as yet?