-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.config.ts
66 lines (55 loc) · 2.13 KB
/
auth.config.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import { NextAuthConfig } from 'next-auth';
const authConfig = {
secret: process.env.AUTH_SECRET!,
// We do this to avoid bringing bcrypt into the middleware
providers: [],
pages: {
signIn: '/auth',
verifyRequest: '/auth',
error: '/auth', // Error code passed in query string as ?error=
},
callbacks: {
authorized({ auth, request: { nextUrl } }) {
const isLoggedIn = !!auth?.user;
const isOnDashboard = nextUrl.pathname.startsWith('/dashboard');
const isOnAuth = nextUrl.pathname.startsWith('/auth');
if (isOnAuth) {
return !isLoggedIn;
}
if (isOnDashboard) {
return isLoggedIn;
}
return true;
},
// NOTE: The `profile` and `user` object is only visible at the login phase for oauth type.
// On Credentials type, only `account` and `user` object is visible at login
// How this works: On the first login, the shape of token is really simple { name, email, sub, picture }
// but we have info inside account (simple form because this is credentials), user (returned from authorize callback)
// we dont have value in `profile` because it only comes from OAuth like login by Google/Facebook
jwt: async ({ token, account, user }) => {
// Only trigger at the login phase. In here, we merge them back.
if (user && account && account.type === 'credentials') {
// 'user' is the AuthResponse returned from /auth/login
// we should make it smaller, let's not use value there
return {
...token,
user,
};
}
return token;
},
// https://github.com/nextauthjs/next-auth/blob/main/docs/docs/guides/03-basics/refresh-token-rotation.md
// The `token` is the object return from `jwt` callback. The `session.user` object, again, is the default value
// from the `token` we see inside jwt callback. Because of that, it's good to merge them.
session: async ({ session, token }) => {
return {
...session,
user: {
...session.user,
...(token.user || {}),
},
};
},
},
} satisfies NextAuthConfig;
export default authConfig;