import NextAuth, { NextAuthOptions } from "next-auth" import GoogleProvider from "next-auth/providers/google" import FacebookProvider from "next-auth/providers/facebook" import GithubProvider from "next-auth/providers/github" import TwitterProvider from "next-auth/providers/twitter" import Auth0Provider from "next-auth/providers/auth0" import AppleProvider from "next-auth/providers/apple" import EmailProvider from "next-auth/providers/email" import CredentialsProvider from "next-auth/providers/credentials" import { PrismaAdapter } from "@auth/prisma-adapter" //microsoft import AzureADProvider from "next-auth/providers/azure-ad"; // https://next-auth.js.org/getting-started/client const common = require("../../../src/helpers/common"); import { isLoggedIn, setAuthTokens, clearAuthTokens, getAccessToken, getRefreshToken } from 'axios-jwt' // console.log(process.env.EMAIL_SERVER) // For more information on each option (and a full list of options) go to // https://next-auth.js.org/configuration/options export const authOptions: NextAuthOptions = { // https://next-auth.js.org/configuration/providers/oauth site: process.env.PUBLIC_URL, secret: process.env.NEXTAUTH_SECRET, // Ensure you have this set in your .env file //adapter: PrismaAdapter(prisma), providers: [ // register new URL at https://console.cloud.google.com/apis/credentials/oauthclient/926212607479-d3m8hm8f8esp3rf1639prskn445sa01v.apps.googleusercontent.com?project=grand-forge-108716 //Request details: redirect_uri=http://20.101.62.76:8005/api/auth/callback/google https://s.mwhitnessing.com/ GoogleProvider({ clientId: process.env.GOOGLE_ID, clientSecret: process.env.GOOGLE_SECRET, authorization: { params: { prompt: "consent", access_type: "offline", response_type: "code" } } }), AzureADProvider({ clientId: process.env.AZURE_AD_CLIENT_ID, clientSecret: process.env.AZURE_AD_CLIENT_SECRET, tenantId: process.env.AZURE_AD_TENANT_ID, }), CredentialsProvider({ // The name to display on the sign in form (e.g. 'Sign in with...') name: 'Credentials', credentials: { username: { label: "Потребител", type: "text", placeholder: "Потребителско име" }, password: { label: "Парола", type: "password" } }, async authorize(credentials, req) { //const user = { id: "1", name: "Администратора", email: "jsmith@example.com" } //return user // const res = await fetch("/your/endpoint", { // method: 'POST', // body: JSON.stringify(credentials), // headers: { "Content-Type": "application/json" } // }) // const user = await res.json() // // If no error and we have user data, return it // if (res.ok && user) { // return user // } // // Return null if user data could not be retrieved // return null const users = [ { id: "1", name: "admin", email: "admin@example.com", password: "admin123", role: "ADMIN" }, { id: "2", name: "krasi", email: "krasi@example.com", password: "krasi123", role: "ADMIN" }, { id: "3", name: "popov", email: "popov@example.com", password: "popov123", role: "ADMIN" } ]; // Check if a user with the given username and password exists const user = users.find(user => user.name === credentials.username && user.password === credentials.password ); // If a matching user is found, return the user data, otherwise return null if (user) { return user; //{ id: user.id, name: user.name, email: user.email }; } return null; } }), // AppleProvider({ // clientId: process.env.APPLE_ID, // clientSecret: process.env.APPLE_SECRET // }) /* EmailProvider({ server: { host: "smtp.mailtrap.io", port: 2525, auth: { user: "8ec69527ff2104", pass: "c7bc05f171c96c" } }, // server: process.env.EMAIL_SERVER, from: "noreply@example.com", }), // Temporarily removing the Apple provider from the demo site as the // callback URL for it needs updating due to Vercel changing domains /* */ //d-popov@abv.bg // Auth0Provider({ // clientId: process.env.AUTH0_ID, // clientSecret: process.env.AUTH0_SECRET, // issuer: process.env.AUTH0_ISSUER, // }), ], theme: { colorScheme: "light", }, session: { strategy: "jwt" }, callbacks: { async signIn({ user, account, profile }) { var prisma = common.getPrismaClient(); console.log("[nextauth] signIn:", account.provider, user.email) if (account.provider === 'google') { try { // Check user in your database and assign roles const dbUser = await prisma.publisher.findUnique({ where: { email: user.email } }); if (dbUser) { // Assign roles from your database to the session user.role = dbUser.role; user.id = dbUser.id; //user.permissions = dbUser.permissions; const session = { ...user }; return true; // Sign-in successful } else { // Optionally create a new user in your DB // Or return false to deny access return false; } } catch (e) { console.log(e); } } return true; // Allow other providers or default behavior }, // Persist the OAuth access_token to the token right after signin async jwt({ token, user, account, profile, isNewUser }) { //!console.log("[nextauth] JWT", token, user) //token.userRole = "adminer" if (user) { token.role = user.role; token.id = user.id; //already done in session? //token.name = user.name; already done in session (name, email, picture, sub) } if (account && user) { token.accessToken = account.access_token; // Set the access token from the account object token.provider = account.provider; console.log("[nextauth] setting token.accessToken", token.accessToken); setAuthTokens({ accessToken: account.accessToken, refreshToken: account.refreshToken, }) } return token; }, // Send properties to the client, like an access_token from a provider. async session({ session, token, user }) { //!console.log("[nextauth] session", token, user) if (token) { //session.user.role = token.role; session.user.id = token.id; session.user.role = token.role; session.user.name = token.name || token.email; } // if (session?.user) { // session.user.id = user.id; //duplicate // } return { ...session, accessToken: token.accessToken }; }, }, } export default NextAuth(authOptions)