initial commit - code moved to separate repo

2024-02-22 04:19:38 +02:00
commit 560d503219
240 changed files with 105125 additions and 0 deletions
--- a/pages/api/auth/[...nextauth].ts
+++ b/pages/api/auth/[...nextauth].ts
@ -0,0 +1,200 @@
+import NextAuth, { NextAuthOptions } from "next-auth"
+import GoogleProvider from "next-auth/providers/google"
+import FacebookProvider from "next-auth/providers/facebook"
+import GithubProvider from "next-auth/providers/github"
+import TwitterProvider from "next-auth/providers/twitter"
+import Auth0Provider from "next-auth/providers/auth0"
+// import AppleProvider from "next-auth/providers/apple"
+import EmailProvider from "next-auth/providers/email"
+import CredentialsProvider from "next-auth/providers/credentials"
+import { PrismaAdapter } from "@auth/prisma-adapter"
+
+// https://next-auth.js.org/getting-started/client
+
+const common = require("../../../src/helpers/common");
+import { isLoggedIn, setAuthTokens, clearAuthTokens, getAccessToken, getRefreshToken } from 'axios-jwt'
+
+
+// console.log(process.env.EMAIL_SERVER)
+// For more information on each option (and a full list of options) go to
+// https://next-auth.js.org/configuration/options
+export const authOptions: NextAuthOptions = {
+  // https://next-auth.js.org/configuration/providers/oauth
+
+  site: process.env.NEXTAUTH_URL,
+  secret: process.env.NEXTAUTH_SECRET, // Ensure you have this set in your .env file
+  //adapter: PrismaAdapter(prisma),
+  providers: [
+    // register new URL at  https://console.cloud.google.com/apis/credentials/oauthclient/926212607479-d3m8hm8f8esp3rf1639prskn445sa01v.apps.googleusercontent.com?project=grand-forge-108716 
+    //Request details: redirect_uri=http://20.101.62.76:8005/api/auth/callback/google https://s.mwhitnessing.com/
+    GoogleProvider({
+      clientId: process.env.GOOGLE_ID,
+      clientSecret: process.env.GOOGLE_SECRET,
+      authorization: {
+        params: {
+          prompt: "consent",
+          access_type: "offline",
+          response_type: "code"
+        }
+      }
+    }),
+    CredentialsProvider({
+      // The name to display on the sign in form (e.g. 'Sign in with...')
+      name: 'Credentials',
+      credentials: {
+        username: { label: "Потребител", type: "text", placeholder: "Потребителско име" },
+        password: { label: "Парола", type: "password" }
+      },
+      async authorize(credentials, req) {
+        //const user = { id: "1", name: "Администратора", email: "jsmith@example.com" }
+        //return user
+        // const res = await fetch("/your/endpoint", {
+        //   method: 'POST',
+        //   body: JSON.stringify(credentials),
+        //   headers: { "Content-Type": "application/json" }
+        // })
+        // const user = await res.json()
+
+        // // If no error and we have user data, return it
+        // if (res.ok && user) {
+        //   return user
+        // }
+        // // Return null if user data could not be retrieved
+        // return null
+        const users = [
+          { id: "1", name: "admin", email: "admin@example.com", password: "admin123", role: "ADMIN" },
+          { id: "2", name: "krasi", email: "krasi@example.com", password: "krasi123", role: "ADMIN" },
+          { id: "3", name: "popov", email: "popov@example.com", password: "popov123", role: "ADMIN" }
+        ];
+
+        // Check if a user with the given username and password exists
+        const user = users.find(user =>
+          user.name === credentials.username && user.password === credentials.password
+        );
+
+        // If a matching user is found, return the user data, otherwise return null
+        if (user) {
+          return user; //{ id: user.id, name: user.name, email: user.email };
+        }
+
+        return null;
+      }
+    }),
+    /*
+    EmailProvider({
+      server: {
+        host: "smtp.mailtrap.io",
+        port: 2525,
+        auth: {
+          user: "8ec69527ff2104",
+          pass: "c7bc05f171c96c"
+        }
+      },
+      // server: process.env.EMAIL_SERVER,
+      from: "noreply@example.com",
+    }),
+
+    // Temporarily removing the Apple provider from the demo site as the
+    // callback URL for it needs updating due to Vercel changing domains
+    /* 
+        Providers.Apple({
+          clientId: process.env.APPLE_ID,
+          clientSecret: {
+            appleId: process.env.APPLE_ID,
+            teamId: process.env.APPLE_TEAM_ID,
+            privateKey: process.env.APPLE_PRIVATE_KEY,
+            keyId: process.env.APPLE_KEY_ID,
+          },
+        }),
+        */
+
+    //d-popov@abv.bg
+    Auth0Provider({
+      clientId: process.env.AUTH0_ID,
+      clientSecret: process.env.AUTH0_SECRET,
+      issuer: process.env.AUTH0_ISSUER,
+    }),
+  ],
+  theme: {
+    colorScheme: "light",
+  },
+  session: {
+    strategy: "jwt"
+  },
+  callbacks: {
+    async signIn({ user, account, profile }) {
+      var prisma = common.getPrismaClient();
+
+      console.log("[nextauth] signIn:", account.provider, user.email)
+      if (account.provider === 'google') {
+        try {
+          // Check user in your database and assign roles
+          const dbUser = await prisma.publisher.findUnique({
+            where: { email: user.email }
+          });
+
+          if (dbUser) {
+            // Assign roles from your database to the session
+            user.role = dbUser.role;
+            user.id = dbUser.id;
+            //user.permissions = dbUser.permissions;
+            const session = { ...user };
+            return true; // Sign-in successful
+          } else {
+            // Optionally create a new user in your DB
+            // Or return false to deny access
+            return false;
+          }
+        } catch (e) {
+          console.log(e);
+        }
+      }
+
+      return true; // Allow other providers or default behavior
+    },
+
+    // Persist the OAuth access_token to the token right after signin
+    async jwt({ token, user, account, profile, isNewUser }) {
+      //!console.log("[nextauth] JWT", token, user)
+      //token.userRole = "adminer"
+      if (user) {
+        token.role = user.role;
+        token.id = user.id; //already done in session?
+        //token.name = user.name; already done in session (name, email, picture, sub)
+      }
+      if (account && user) {
+        token.accessToken = account.access_token; // Set the access token from the account object
+        token.provider = account.provider;
+        console.log("[nextauth] setting token.accessToken", token.accessToken);
+        setAuthTokens({
+          accessToken: account.accessToken,
+          refreshToken: account.refreshToken,
+        })
+      }
+
+      return token;
+    },
+
+    // Send properties to the client, like an access_token from a provider.
+    async session({ session, token, user }) {
+      //!console.log("[nextauth] session", token, user)
+      if (token) {
+        //session.user.role = token.role;
+        session.user.id = token.id;
+        session.user.role = token.role;
+        session.user.name = token.name || token.email;
+      }
+
+      // if (session?.user) {
+      //   session.user.id = user.id; //duplicate
+      // }
+
+      return {
+        ...session,
+        accessToken: token.accessToken
+      };
+    },
+  },
+}
+
+export default NextAuth(authOptions)