54 lines
1.2 KiB
TypeScript
54 lines
1.2 KiB
TypeScript
import { NextAuthOptions } from 'next-auth';
|
|
import KeycloakProvider from 'next-auth/providers/keycloak';
|
|
|
|
declare module 'next-auth' {
|
|
interface User {
|
|
id: string;
|
|
email: string;
|
|
name?: string;
|
|
role: string[];
|
|
}
|
|
interface Session {
|
|
user: User;
|
|
}
|
|
interface Profile {
|
|
roles?: string[];
|
|
}
|
|
}
|
|
|
|
export const authOptions: NextAuthOptions = {
|
|
providers: [
|
|
KeycloakProvider({
|
|
clientId: process.env.KEYCLOAK_CLIENT_ID!,
|
|
clientSecret: process.env.KEYCLOAK_CLIENT_SECRET!,
|
|
issuer: process.env.KEYCLOAK_ISSUER,
|
|
}),
|
|
],
|
|
session: {
|
|
strategy: 'jwt',
|
|
},
|
|
pages: {
|
|
signIn: '/login',
|
|
},
|
|
callbacks: {
|
|
async jwt({ token, account, profile }) {
|
|
if (account && profile) {
|
|
// Store the Keycloak user ID
|
|
token.id = profile.sub;
|
|
token.email = profile.email || '';
|
|
token.name = profile.name;
|
|
token.role = profile.roles || ['user'];
|
|
}
|
|
return token;
|
|
},
|
|
async session({ session, token }) {
|
|
if (token) {
|
|
session.user.id = token.id as string;
|
|
session.user.email = token.email as string;
|
|
session.user.name = token.name as string;
|
|
session.user.role = token.role as string[];
|
|
}
|
|
return session;
|
|
},
|
|
},
|
|
};
|