-
Notifications
You must be signed in to change notification settings - Fork 63
/
Copy pathauth.ts
101 lines (84 loc) · 2.82 KB
/
auth.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
import bcrypt from "bcryptjs";
import NextAuth from "next-auth";
import Credentials from "next-auth/providers/credentials";
import GitHub from "next-auth/providers/github";
import Google from "next-auth/providers/google";
import { IAccountDoc } from "./database/account.model";
import { IUserDoc } from "./database/user.model";
import { api } from "./lib/api";
import { SignInSchema } from "./lib/validations";
export const { handlers, signIn, signOut, auth } = NextAuth({
providers: [
GitHub,
Google,
Credentials({
async authorize(credentials) {
const validatedFields = SignInSchema.safeParse(credentials);
if (validatedFields.success) {
const { email, password } = validatedFields.data;
const { data: existingAccount } = (await api.accounts.getByProvider(
email
)) as ActionResponse<IAccountDoc>;
if (!existingAccount) return null;
const { data: existingUser } = (await api.users.getById(
existingAccount.userId.toString()
)) as ActionResponse<IUserDoc>;
if (!existingUser) return null;
const isValidPassword = await bcrypt.compare(
password,
existingAccount.password!
);
if (isValidPassword) {
return {
id: existingUser.id,
name: existingUser.name,
email: existingUser.email,
image: existingUser.image,
};
}
}
return null;
},
}),
],
callbacks: {
async session({ session, token }) {
session.user.id = token.sub as string;
return session;
},
async jwt({ token, account }) {
if (account) {
const { data: existingAccount, success } =
(await api.accounts.getByProvider(
account.type === "credentials"
? token.email!
: account.providerAccountId
)) as ActionResponse<IAccountDoc>;
if (!success || !existingAccount) return token;
const userId = existingAccount.userId;
if (userId) token.sub = userId.toString();
}
return token;
},
async signIn({ user, profile, account }) {
if (account?.type === "credentials") return true;
if (!account || !user) return false;
const userInfo = {
name: user.name!,
email: user.email!,
image: user.image!,
username:
account.provider === "github"
? (profile?.login as string)
: (user.name?.toLowerCase() as string),
};
const { success } = (await api.auth.oAuthSignIn({
user: userInfo,
provider: account.provider as "github" | "google",
providerAccountId: account.providerAccountId,
})) as ActionResponse;
if (!success) return false;
return true;
},
},
});