diff --git a/src/auth.ts b/src/auth.ts
index bfa7472..4822173 100644
--- a/src/auth.ts
+++ b/src/auth.ts
@@ -28,7 +28,11 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
             // In a real application, you MUST hash and salt passwords.
             const passwordsMatch = password === user.password;
 
-            if (passwordsMatch) return user;
+            if (passwordsMatch) {
+              // The user object returned here will be encoded in the JWT.
+              return { id: user.id, name: user.name, email: user.email };
+            }
+
           } catch (e) {
             console.error(e)
             return null