55 lines
1.5 KiB
TypeScript
55 lines
1.5 KiB
TypeScript
import type { NextAuthOptions } from "next-auth";
|
|
import CredentialsProvider from "next-auth/providers/credentials";
|
|
import bcrypt from "bcryptjs";
|
|
import { prisma } from "@/lib/prisma";
|
|
|
|
export const authOptions: NextAuthOptions = {
|
|
trustHost: true,
|
|
session: { strategy: "jwt", maxAge: 60 * 60 * 24 * 14 },
|
|
pages: { signIn: "/login" },
|
|
providers: [
|
|
CredentialsProvider({
|
|
name: "E-Mail",
|
|
credentials: {
|
|
email: { label: "E-Mail", type: "email" },
|
|
password: { label: "Passwort", type: "password" },
|
|
},
|
|
async authorize(credentials) {
|
|
const email = credentials?.email?.trim().toLowerCase();
|
|
const password = credentials?.password;
|
|
if (!email || !password) return null;
|
|
|
|
const user = await prisma.user.findUnique({ where: { email } });
|
|
if (!user) return null;
|
|
|
|
const ok = await bcrypt.compare(password, user.passwordHash);
|
|
if (!ok) return null;
|
|
|
|
return {
|
|
id: user.id,
|
|
email: user.email,
|
|
name: user.name,
|
|
role: user.role,
|
|
};
|
|
},
|
|
}),
|
|
],
|
|
callbacks: {
|
|
async jwt({ token, user }) {
|
|
if (user) {
|
|
token.id = user.id;
|
|
token.role = (user as { role?: string }).role;
|
|
}
|
|
return token;
|
|
},
|
|
async session({ session, token }) {
|
|
if (session.user) {
|
|
session.user.id = token.id as string;
|
|
session.user.role = (token.role as string) ?? "LEARNER";
|
|
}
|
|
return session;
|
|
},
|
|
},
|
|
secret: process.env.NEXTAUTH_SECRET,
|
|
};
|