| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 |
- import { NextAuthOptions } from 'next-auth';
- import CredentialsProvider from 'next-auth/providers/credentials';
- import { DrizzleAdapter } from '@auth/drizzle-adapter';
- import { db } from './db';
- import { users } from './db/schema';
- import { eq } from 'drizzle-orm';
- import bcrypt from 'bcryptjs';
- import type { Adapter } from 'next-auth/adapters';
- export const authOptions: NextAuthOptions = {
- adapter: DrizzleAdapter(db) as Adapter,
- providers: [
- CredentialsProvider({
- name: 'credentials',
- credentials: {
- email: { label: 'Email', type: 'email' },
- password: { label: 'Password', type: 'password' },
- },
- async authorize(credentials: Record<string, string> | undefined) {
- if (!credentials?.email || !credentials?.password) {
- return null;
- }
- try {
- const user = await db
- .select()
- .from(users)
- .where(eq(users.email, credentials.email))
- .limit(1);
- if (!user[0] || !user[0].isActive) {
- return null;
- }
- const isPasswordValid = await bcrypt.compare(
- credentials.password,
- user[0].password
- );
- if (!isPasswordValid) {
- return null;
- }
- return {
- id: user[0].id,
- email: user[0].email,
- name: `${user[0].firstName} ${user[0].lastName}`,
- role: user[0].role,
- };
- } catch (error) {
- console.error('Auth error:', error);
- return null;
- }
- },
- }),
- ],
- session: {
- strategy: 'jwt',
- },
- callbacks: {
- async jwt({ token, user }) {
- if (user) {
- token.role = user.role;
- }
- return token;
- },
- async session({ session, token }) {
- if (token) {
- session.user.id = token.sub!;
- session.user.role = token.role as string;
- }
- return session;
- },
- },
- pages: {
- signIn: '/auth/signin',
- },
- };
|
