70 lines
2.1 KiB
TypeScript
70 lines
2.1 KiB
TypeScript
// lib/auth.ts
|
|
import NextAuth from 'next-auth';
|
|
import { PrismaAdapter } from '@next-auth/prisma-adapter';
|
|
import CredentialsProvider from 'next-auth/providers/credentials';
|
|
import { prisma } from './prisma';
|
|
import type { NextAuthOptions, User } from 'next-auth';
|
|
import bcrypt from "bcrypt";
|
|
|
|
export const authOptions: NextAuthOptions = {
|
|
adapter: PrismaAdapter(prisma),
|
|
providers: [
|
|
CredentialsProvider({
|
|
name: 'Credentials',
|
|
credentials: {
|
|
email: { label: "Email", type: "email" },
|
|
password: { label: "Password", type: "password" },
|
|
},
|
|
async authorize(credentials) {
|
|
if (!credentials?.email || !credentials?.password) {
|
|
throw new Error("Missing email or password");
|
|
}
|
|
|
|
const user = await prisma.user.findUnique({
|
|
where: { email: credentials.email },
|
|
});
|
|
|
|
if (!user || !user.password) {
|
|
throw new Error("Invalid credentials");
|
|
}
|
|
|
|
const isValid = await bcrypt.compare(credentials.password, user.password);
|
|
if (!isValid) {
|
|
throw new Error("Invalid credentials");
|
|
}
|
|
|
|
return {
|
|
id: user.id,
|
|
email: user.email,
|
|
name: user.name,
|
|
role: user.role,
|
|
};
|
|
},
|
|
}),
|
|
],
|
|
session: {
|
|
strategy: 'jwt',
|
|
},
|
|
callbacks: {
|
|
async session({ session, token }: { session: any; token: any }) {
|
|
if (session.user) {
|
|
session.user.id = token.sub!;
|
|
session.user.role = token.role;
|
|
}
|
|
return session;
|
|
},
|
|
async jwt({ token, user }: { token: any; user?: any }) {
|
|
if (user) {
|
|
token.role = user.role;
|
|
}
|
|
return token;
|
|
},
|
|
},
|
|
secret: process.env.NEXTAUTH_SECRET,
|
|
};
|
|
|
|
export const {
|
|
handlers: { GET, POST },
|
|
auth,
|
|
} = NextAuth(authOptions);
|