consent-management-demo/auth.config.ts at main · sovio-id/consent-management-demo · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
import CredentialsProvider from 'next-auth/providers/credentials';
import { supabase } from './lib/client';

interface SupabaseUser {
  id: string;
  email: string;
  name?: string;
  image?: string;
}

// User interface represents the user data returned by Supabase
interface SupabaseUser {
  id: string;
  email: string;
  name?: string;
  image?: string;
}

// Token interface represents the JWT token, which is used to store the user data
interface JWT {
  id: string;
  email: string;
  name?: string;
  image?: string;
  iat?: number;  // Issued at time
  exp?: number;  // Expiration time
}

const authConfig = {
  providers: [
    CredentialsProvider({
      credentials: {
        email: { type: 'email' },
        password: { type: 'password' },
      },
      async authorize(credentials) {
        console.log('\n\n\n\n authorize called....')
        if (!credentials?.email || !credentials?.password) {
          return null; // Return null if credentials are missing
        }

        try {
          // Authenticate with Supabase using email/password
          const { data, error } = await supabase.auth.signInWithPassword({
            email: credentials.email.toString(),
            password: credentials.password.toString(),
          });

          if (error) {
            console.error('Authentication error:', error.message);
            return null; // If there's an error, return null
          }

          // Return user data if authentication is successful
          if (data?.user) {
            const supabaseUser: SupabaseUser = {
              id: data.user.id,
              email: data.user.email ?? '',
              name: data.user.user_metadata?.full_name,
              image: data.user.user_metadata?.avatar_url,
            };
            return supabaseUser;
          }

          return null; // Return null if no user found
        } catch (err) {
          console.error('Error during authorization:', err);
          return null; // Return null on error
        }
      },
    }),
  ],

  pages: {
    signIn: '/', // Custom sign-in page (optional)
  },

  callbacks: {
    // Callback to add custom data to the JWT token
    async jwt({ token, user }: any) {
      if (user) {
        token.id = user.id;
        token.email = user.email;
        token.name = user.name;
        token.image = user.image;
      }
      return token;
    },

    // Callback to attach user data from JWT to session
    async session({ session, token }: any) {
      if (token) {
        session.user.id = token.id;
        session.user.email = token.email;
        session.user.name = token.name;
        session.user.image = token.image;
      }
      return session;
    },
  },

  // Session configuration
  session: {
    jwt: true, // Use JWT for session (recommended for scalability)
    maxAge: 30 * 24 * 60 * 60, // Session maxAge in seconds (30 days)
  },
};

export default authConfig;