wip: clerk auth
This commit is contained in:
Carl-Gerhard Lindesvärd
@@ -1,124 +1,3 @@
|
||||
import { cache } from 'react';
|
||||
import { db } from '@/server/db';
|
||||
import { verifyPassword } from '@/server/services/hash.service';
|
||||
import type { NextApiRequest, NextApiResponse } from 'next';
|
||||
import { getServerSession } from 'next-auth';
|
||||
import type { DefaultSession, NextAuthOptions } from 'next-auth';
|
||||
import Credentials from 'next-auth/providers/credentials';
|
||||
|
||||
import { createError } from './exceptions';
|
||||
|
||||
/**
|
||||
* Module augmentation for `next-auth` types. Allows us to add custom properties to the `session`
|
||||
* object and keep type safety.
|
||||
*
|
||||
* @see https://next-auth.js.org/getting-started/typescript#module-augmentation
|
||||
*/
|
||||
declare module 'next-auth' {
|
||||
interface Session extends DefaultSession {
|
||||
user: DefaultSession['user'] & {
|
||||
id: string;
|
||||
};
|
||||
}
|
||||
|
||||
// interface User {
|
||||
// // ...other properties
|
||||
// // role: UserRole;
|
||||
// }
|
||||
}
|
||||
|
||||
/**
|
||||
* Options for NextAuth.js used to configure adapters, providers, callbacks, etc.
|
||||
*
|
||||
* @see https://next-auth.js.org/configuration/options
|
||||
*/
|
||||
export const authOptions: NextAuthOptions = {
|
||||
callbacks: {
|
||||
session: ({ session, token }) => ({
|
||||
...session,
|
||||
user: {
|
||||
...session.user,
|
||||
id: token.sub,
|
||||
},
|
||||
}),
|
||||
},
|
||||
session: {
|
||||
strategy: 'jwt',
|
||||
},
|
||||
providers: [
|
||||
Credentials({
|
||||
name: 'Credentials',
|
||||
credentials: {
|
||||
email: { label: 'Email', type: 'text', placeholder: 'jsmith' },
|
||||
password: { label: 'Password', type: 'password' },
|
||||
},
|
||||
async authorize(credentials) {
|
||||
if (!credentials?.password || !credentials?.email) {
|
||||
return null;
|
||||
}
|
||||
|
||||
const user = await db.user.findFirst({
|
||||
where: { email: credentials?.email },
|
||||
});
|
||||
|
||||
if (!user) {
|
||||
return null;
|
||||
}
|
||||
|
||||
if (!(await verifyPassword(credentials.password, user.password))) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return {
|
||||
...user,
|
||||
image: 'https://api.dicebear.com/7.x/adventurer/svg?seed=Abby',
|
||||
};
|
||||
},
|
||||
}),
|
||||
],
|
||||
};
|
||||
|
||||
export const getSession = cache(
|
||||
async () => await getServerSession(authOptions)
|
||||
);
|
||||
|
||||
export async function validateSdkRequest(
|
||||
req: NextApiRequest,
|
||||
res: NextApiResponse
|
||||
): Promise<string> {
|
||||
const clientId = req?.headers['mixan-client-id'] as string | undefined;
|
||||
const clientSecret = req.headers['mixan-client-secret'] as string | undefined;
|
||||
|
||||
if (!clientId) {
|
||||
throw createError(401, 'Misisng client id');
|
||||
}
|
||||
|
||||
const client = await db.client.findUnique({
|
||||
where: {
|
||||
id: clientId,
|
||||
},
|
||||
});
|
||||
|
||||
if (!client) {
|
||||
throw createError(401, 'Invalid client id');
|
||||
}
|
||||
|
||||
if (client.secret) {
|
||||
if (!(await verifyPassword(clientSecret || '', client.secret))) {
|
||||
throw createError(401, 'Invalid client secret');
|
||||
}
|
||||
} else if (client.cors !== '*') {
|
||||
const ok = client.cors.split(',').find((origin) => {
|
||||
if (origin === req.headers.origin) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
if (ok) {
|
||||
res.setHeader('Access-Control-Allow-Origin', String(req.headers.origin));
|
||||
} else {
|
||||
throw createError(401, 'Invalid cors settings');
|
||||
}
|
||||
}
|
||||
|
||||
return client.project_id;
|
||||
export async function getSession() {
|
||||
return true;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user