Neah version calendar fix 3 debuger sec chance danger debug 5

2025-04-17 00:36:59 +02:00 · 2025-04-17 00:36:59 +02:00 · f22f9490e4
commit f22f9490e4
parent 16219fc250
1 changed files with 2 additions and 29 deletions
--- a/lib/auth.ts
+++ b/lib/auth.ts
@ -65,7 +65,7 @@ export const authOptions: NextAuthOptions = {
      },
    }),
  ],
-  debug: true,
+  debug: false,
  session: {
    strategy: 'jwt',
    maxAge: 30 * 24 * 60 * 60, // 30 days
@ -76,19 +76,11 @@ export const authOptions: NextAuthOptions = {
  },
  callbacks: {
    async jwt({ token, account, profile }) {
      console.log('JWT callback:', { 
        tokenBefore: { ...token, refreshToken: token.refreshToken ? '[REDACTED]' : undefined },
        account: account ? { ...account, refresh_token: '[REDACTED]' } : null,
        profile
      });
      if (account && profile) {
        if (!profile.sub) {
          console.error('No user ID (sub) provided by Keycloak');
          throw new Error('No user ID (sub) provided by Keycloak');
        }
        if (!account.access_token || !account.refresh_token || !account.expires_at) {
          console.error('Missing required token fields from Keycloak');
          throw new Error('Missing required token fields from Keycloak');
        }
        token.id = profile.sub;
@ -101,10 +93,6 @@ export const authOptions: NextAuthOptions = {
        token.accessToken = account.access_token;
        token.refreshToken = account.refresh_token;
        token.accessTokenExpires = account.expires_at * 1000;
        console.log('JWT token updated:', { 
          tokenAfter: { ...token, refreshToken: '[REDACTED]' }
        });
      }
      // Return previous token if not expired
@ -114,12 +102,10 @@ export const authOptions: NextAuthOptions = {
      // Token expired, try to refresh
      if (!token.refreshToken) {
        console.error('No refresh token available');
        throw new Error('No refresh token available');
      }
      try {
        console.log('Attempting to refresh token...');
        const response = await fetch(
          `${process.env.KEYCLOAK_BASE_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`,
          {
@ -139,11 +125,9 @@ export const authOptions: NextAuthOptions = {
        const tokens = await response.json();
        if (!response.ok) {
          console.error('Token refresh failed:', tokens);
          throw new Error('RefreshAccessTokenError');
        }
        console.log('Token refreshed successfully');
        return {
          ...token,
          accessToken: tokens.access_token,
@ -151,7 +135,6 @@ export const authOptions: NextAuthOptions = {
          accessTokenExpires: Date.now() + tokens.expires_in * 1000,
        };
      } catch (error) {
        console.error('Error refreshing token:', error);
        return {
          ...token,
          error: 'RefreshAccessTokenError',
@ -159,13 +142,7 @@ export const authOptions: NextAuthOptions = {
      }
    },
    async session({ session, token }) {
      console.log('Session callback:', { 
        sessionBefore: session,
        token: { ...token, refreshToken: '[REDACTED]' }
      });
      if (token.error) {
        console.error('Token error:', token.error);
        throw new Error('RefreshAccessTokenError');
      }
@ -173,15 +150,11 @@ export const authOptions: NextAuthOptions = {
        id: token.sub ?? token.id ?? '',
        email: token.email ?? '',
        name: token.name ?? '',
-        role: token.role ?? 'user',
+        role: token.role ?? ['user'],
        first_name: token.first_name ?? '',
        last_name: token.last_name ?? '',
        username: token.username ?? ''
      };
      console.log('Session after:', { 
        sessionAfter: { ...session, user: { ...session.user, id: '[REDACTED]' } }
      });
      return session;
    },