-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathauth.ts
89 lines (80 loc) · 2.79 KB
/
auth.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
import NextAuth from "next-auth"
import { JWT } from "next-auth/jwt"
import Google from "next-auth/providers/google"
import { PrismaAdapter } from "@auth/prisma-adapter"
import Credentials from "next-auth/providers/credentials"
import { db } from "@/lib/prisma"
import { comparePassword, hashPassword } from "@/lib/bcrypt"
export const { handlers, auth, signIn, signOut } = NextAuth({
adapter: PrismaAdapter(db),
session: { strategy: "jwt" },
providers: [
Google({
clientId: process.env.AUTH_GOOGLE_ID!,
clientSecret: process.env.AUTH_GOOGLE_SECRET!,
}),
Credentials({
name: "credentials",
credentials: {
email: { label: "Email", type: "email" },
password: { label: "Password", type: "password" },
role: { label: "Role", type: "text" },
},
authorize: async (credentials) => {
if (
!credentials ||
!credentials.email ||
!credentials.password ||
!credentials.role
) {
return null
}
const email = credentials.email as string
const role = credentials.role as string
const user = await db.user.findUnique({
where: {
email,
},
})
if (!user) {
return null
}
const isMatch = await comparePassword(
credentials.password as string,
user.password as string
)
if (!isMatch) {
return null
}
if (user.role !== role) {
return null
}
return user
},
}),
],
secret: process.env.AUTH_SECRET,
callbacks: {
async jwt({ token, user }: { token: JWT; user?: any }) {
if (user) {
token.sub = user.id // Standard JWT `sub` claim
token.name = user.name // Standard JWT `name` claim
token.email = user.email // Optional
token.image = user.image // Optional
token.role = user.role // Include role in the token
}
return token
},
async session({ session, token }: { session: any; token: JWT }) {
session.user = {
id: token.sub,
name: token.name,
email: token.email,
image: token.image,
role: token.role, // Include role in the session
}
// session.token = token
return session
},
},
})