diff --git a/app/api/auth/[...nextauth]/route.ts b/app/api/auth/[...nextauth]/route.ts index c0777683..354cfec7 100644 --- a/app/api/auth/[...nextauth]/route.ts +++ b/app/api/auth/[...nextauth]/route.ts @@ -1,23 +1,20 @@ -import NextAuth from "next-auth"; -import { KeycloakProvider } from "@auth/keycloak"; -import { NextAuthOptions } from "next-auth"; +import NextAuth, { NextAuthOptions } from "next-auth"; +import { prisma } from '@/lib/prisma'; +import CredentialsProvider from 'next-auth/providers/credentials'; declare module "next-auth" { - interface User { - id: string; - name?: string | null; - email?: string | null; - image?: string | null; - username: string; - first_name: string; - last_name: string; - role: string[]; - } - interface Session { - user: User; + user: { + id: string; + name?: string | null; + email?: string | null; + image?: string | null; + username: string; + first_name: string; + last_name: string; + role: string[]; + }; accessToken: string; - refreshToken: string; } interface JWT { @@ -31,48 +28,70 @@ declare module "next-auth" { } } -export const authOptions: NextAuthOptions = { +const authOptions: NextAuthOptions = { providers: [ - KeycloakProvider({ - clientId: process.env.KEYCLOAK_CLIENT_ID!, - clientSecret: process.env.KEYCLOAK_CLIENT_SECRET!, - issuer: process.env.KEYCLOAK_ISSUER, + CredentialsProvider({ + name: 'Credentials', + credentials: { + email: { label: 'Email', type: 'email' }, + password: { label: 'Password', type: 'password' } + }, + async authorize(credentials) { + if (!credentials?.email || !credentials?.password) { + return null; + } + + const user = await prisma.user.findUnique({ + where: { email: credentials.email }, + }); + + if (!user) { + return null; + } + + return { + id: user.id, + email: user.email, + username: user.username || user.email.split('@')[0], + first_name: user.first_name || '', + last_name: user.last_name || '', + role: user.role || [], + }; + } }) ], session: { - strategy: 'jwt', + strategy: 'jwt' as const, }, pages: { - signIn: '/signin', + signIn: '/login', }, callbacks: { - async jwt({ token, account, profile }) { - if (account) { - token.accessToken = account.access_token ?? ''; - token.refreshToken = account.refresh_token ?? ''; - token.accessTokenExpires = account.expires_at ?? 0; - } - if (profile) { - token.username = profile.preferred_username ?? ''; - token.first_name = profile.given_name ?? ''; - token.last_name = profile.family_name ?? ''; - token.role = profile.groups ?? []; + async jwt({ token, user }: { token: any; user: any }) { + if (user) { + token.id = user.id; + token.email = user.email; + token.username = user.username; + token.first_name = user.first_name; + token.last_name = user.last_name; + token.role = user.role; } return token; }, - async session({ session, token }) { - session.user = { - id: token.sub ?? '', - name: token.name ?? null, - email: token.email ?? null, - image: token.picture ?? null, - username: token.username, - first_name: token.first_name, - last_name: token.last_name, - role: token.role, - }; - session.accessToken = token.accessToken; - session.refreshToken = token.refreshToken; + async session({ session, token }: { session: any; token: any }) { + if (token) { + session.user = { + id: token.id as string, + email: token.email as string | null, + name: token.name as string | null, + image: token.picture as string | null, + username: token.username as string, + first_name: token.first_name as string, + last_name: token.last_name as string, + role: token.role as string[], + }; + session.accessToken = token.accessToken as string; + } return session; } }