diff --git a/lib/auth.ts b/lib/auth.ts index f8bc04e..fd846c9 100644 --- a/lib/auth.ts +++ b/lib/auth.ts @@ -1,51 +1,28 @@ import { NextAuthOptions } from 'next-auth'; -import CredentialsProvider from 'next-auth/providers/credentials'; -import { PrismaClient } from '@prisma/client'; - -const prisma = new PrismaClient(); +import KeycloakProvider from 'next-auth/providers/keycloak'; declare module 'next-auth' { interface User { id: string; email: string; - password: string; + name?: string; + role: string[]; } interface Session { user: User; } + interface Profile { + roles?: string[]; + } } export const authOptions: NextAuthOptions = { providers: [ - CredentialsProvider({ - name: 'Credentials', - credentials: { - email: { label: 'Email', type: 'email' }, - password: { label: 'Password', type: 'password' } - }, - async authorize(credentials) { - if (!credentials?.email || !credentials?.password) { - return null; - } - - // Find user in database - const user = await prisma.user.findUnique({ - where: { email: credentials.email }, - }); - - if (!user) { - return null; - } - - // Here you would typically verify the password - // For now, we'll just return the user - return { - id: user.id, - email: user.email, - password: user.password, - }; - } - }) + KeycloakProvider({ + clientId: process.env.KEYCLOAK_CLIENT_ID!, + clientSecret: process.env.KEYCLOAK_CLIENT_SECRET!, + issuer: process.env.KEYCLOAK_ISSUER, + }), ], session: { strategy: 'jwt', @@ -54,11 +31,13 @@ export const authOptions: NextAuthOptions = { signIn: '/login', }, callbacks: { - async jwt({ token, user }) { - if (user) { - token.id = user.id; - token.email = user.email; - token.password = user.password; + async jwt({ token, account, profile }) { + if (account && profile) { + // Store the Keycloak user ID + token.id = profile.sub; + token.email = profile.email || ''; + token.name = profile.name; + token.role = profile.roles || ['user']; } return token; }, @@ -66,9 +45,10 @@ export const authOptions: NextAuthOptions = { if (token) { session.user.id = token.id as string; session.user.email = token.email as string; - session.user.password = token.password as string; + session.user.name = token.name as string; + session.user.role = token.role as string[]; } return session; - } - } + }, + }, }; \ No newline at end of file diff --git a/prisma/schema.prisma b/prisma/schema.prisma index 0500d83..7c2e344 100644 --- a/prisma/schema.prisma +++ b/prisma/schema.prisma @@ -11,16 +11,6 @@ datasource db { url = env("DATABASE_URL") } -model User { - id String @id @default(uuid()) - email String @unique - password String - createdAt DateTime @default(now()) - updatedAt DateTime @updatedAt - calendars Calendar[] - events Event[] -} - model Calendar { id String @id @default(uuid()) name String @@ -30,7 +20,6 @@ model Calendar { createdAt DateTime @default(now()) updatedAt DateTime @updatedAt events Event[] - user User @relation(fields: [userId], references: [id], onDelete: Cascade) @@index([userId]) } @@ -48,7 +37,6 @@ model Event { userId String createdAt DateTime @default(now()) updatedAt DateTime @updatedAt - user User @relation(fields: [userId], references: [id], onDelete: Cascade) @@index([calendarId]) @@index([userId])