alma/Neah
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

database wf 3

Browse Source
This commit is contained in:
alma 2025-04-17 12:51:24 +02:00
parent c22d04eb99
commit d34d0ac5b8
1 changed files with 66 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
app/api/auth/[...nextauth]/route.ts
View File

@ -1,23 +1,20 @@
import NextAuth from "next-auth";
import { KeycloakProvider } from "@auth/keycloak";
import { NextAuthOptions } from "next-auth";
import NextAuth, { NextAuthOptions } from "next-auth";
import { prisma } from '@/lib/prisma';
import CredentialsProvider from 'next-auth/providers/credentials';
declare module "next-auth" {
interface User {
id: string;
name?: string | null;
email?: string | null;
image?: string | null;
username: string;
first_name: string;
last_name: string;
role: string[];
}
interface Session {
user: User;
user: {
id: string;
name?: string | null;
email?: string | null;
image?: string | null;
username: string;
first_name: string;
last_name: string;
role: string[];
};
accessToken: string;
refreshToken: string;
}
interface JWT {
@ -31,48 +28,70 @@ declare module "next-auth" {
}
}
export const authOptions: NextAuthOptions = {
const authOptions: NextAuthOptions = {
providers: [
KeycloakProvider({
clientId: process.env.KEYCLOAK_CLIENT_ID!,
clientSecret: process.env.KEYCLOAK_CLIENT_SECRET!,
issuer: process.env.KEYCLOAK_ISSUER,
CredentialsProvider({
name: 'Credentials',
credentials: {
email: { label: 'Email', type: 'email' },
password: { label: 'Password', type: 'password' }
},
async authorize(credentials) {
if (!credentials?.email || !credentials?.password) {
return null;
}
const user = await prisma.user.findUnique({
where: { email: credentials.email },
});
if (!user) {
return null;
}
return {
id: user.id,
email: user.email,
username: user.username || user.email.split('@')[0],
first_name: user.first_name || '',
last_name: user.last_name || '',
role: user.role || [],
};
}
})
],
session: {
strategy: 'jwt',
strategy: 'jwt' as const,
},
pages: {
signIn: '/signin',
signIn: '/login',
},
callbacks: {
async jwt({ token, account, profile }) {
if (account) {
token.accessToken = account.access_token ?? '';
token.refreshToken = account.refresh_token ?? '';
token.accessTokenExpires = account.expires_at ?? 0;
}
if (profile) {
token.username = profile.preferred_username ?? '';
token.first_name = profile.given_name ?? '';
token.last_name = profile.family_name ?? '';
token.role = profile.groups ?? [];
async jwt({ token, user }: { token: any; user: any }) {
if (user) {
token.id = user.id;
token.email = user.email;
token.username = user.username;
token.first_name = user.first_name;
token.last_name = user.last_name;
token.role = user.role;
}
return token;
},
async session({ session, token }) {
session.user = {
id: token.sub ?? '',
name: token.name ?? null,
email: token.email ?? null,
image: token.picture ?? null,
username: token.username,
first_name: token.first_name,
last_name: token.last_name,
role: token.role,
};
session.accessToken = token.accessToken;
session.refreshToken = token.refreshToken;
async session({ session, token }: { session: any; token: any }) {
if (token) {
session.user = {
id: token.id as string,
email: token.email as string | null,
name: token.name as string | null,
image: token.picture as string | null,
username: token.username as string,
first_name: token.first_name as string,
last_name: token.last_name as string,
role: token.role as string[],
};
session.accessToken = token.accessToken as string;
}
return session;
}
}