-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathauth.ts
114 lines (93 loc) · 3.33 KB
/
auth.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
// will not execute in edge
import NextAuth, { Session } from "next-auth";
import authConfig from "./auth.config";
import { getUserById } from "./data/user";
import { JWT } from "@auth/core/jwt";
import { PrismaAdapter } from "@auth/prisma-adapter";
import { db } from "./lib/db";
import { getTwoFactorConfirmationByUserId } from "./data/two-factor-confirmation";
import { getAccountByUserId } from "./data/account";
export const {
handlers: { GET, POST },
auth,
signIn,
signOut,
unstable_update: update,
} = NextAuth({
pages: {
signIn: "/auth/login", // page for sigin
error: "/auth/error", // if i get some error , i come here
},
events: {
// this event will trigger if we sign in using some 3rd party providers
async linkAccount({ user }) {
// i do not wnat to verify email if he is using 3rd party provider
await db.user.update({
where: { id: user.id },
data: { emailVerified: new Date() },
});
},
},
callbacks: {
async signIn({ user, account }) {
//if the user tries to signin/login and his email is not verified , don't allow
if (account?.provider !== "credentials") return true;
const existingUser = await getUserById(user.id!);
if (!existingUser || !existingUser.emailVerified) {
return false;
}
if (existingUser.isTwoFactorEnabled) {
const twoFactorConfirmation = await getTwoFactorConfirmationByUserId(
existingUser.id
);
if (!twoFactorConfirmation) return false;
await db.twoFactorConfirmation.delete({
where: {
id: twoFactorConfirmation.id,
},
});
}
return true;
},
async session(params: { session: Session; token?: JWT }) {
const { session, token } = params;
if (token?.sub && session.user) {
session.user.id = token.sub;
}
if (token?.role && session.user) {
session.user.role = token?.role;
}
if (session.user) {
session.user.isTwoFactorEnabled = token?.isTwoFactorEnabled as boolean;
}
if (session.user) {
session.user.name = token?.name;
session.user.email = token?.email;
session.user.isOAuth = token?.isOAuth as boolean;
session.user.storageUsed = token?.storageUsed as number;
}
return session;
},
async jwt({ token }) {
if (!token.sub) return token;
const user = await getUserById(token.sub);
if (!user) return token;
const account = await getAccountByUserId(user.id);
// we are syncing token with db properties because as we change the db stuffs , it will also going to change, as we change database, out token and session also changes
token.isOAuth = !!account;
token.name = user.name;
token.email = user.email;
token.role = user?.role;
token.isTwoFactorEnabled = user.isTwoFactorEnabled;
token.storageUsed = user.storageUsed!;
return token;
},
},
adapter: PrismaAdapter(db),
secret: process.env.AUTH_SECRET,
session: { strategy: "jwt" },
...authConfig,
});
// it returns handler (i can use it to create next auth server) and auth (i can use it to communicate with nextauth server for checking if he is loggedin or not etc)
// i could use signIn and signOut in server actions and server component
// re_ixzga6TQ_CKps8ZE2AcF92RwHWSXFteT4