src/auth.config.ts


import type { NextAuthConfig } from 'next-auth';
import Credentials from 'next-auth/providers/credentials';
import { z } from 'zod';
import db from '@/lib/db';

export const authConfig = {
  pages: {
    signIn: '/login',
  },
  providers: [
    Credentials({
      async authorize(credentials) {
        const parsedCredentials = z
          .object({ email: z.string().email(), password: z.string().min(1) })
          .safeParse(credentials);

        if (parsedCredentials.success) {
          const { email, password } = parsedCredentials.data;
          
          try {
            const userStmt = db.prepare('SELECT * FROM users WHERE email = ?');
            const user = userStmt.get(email) as any;

            if (!user) return null;
            
            // WARNING: Storing passwords in plaintext is insecure.
            // This is for demonstration purposes only.
            // In a real application, you MUST hash and salt passwords.
            const passwordsMatch = password === user.password;

            if (passwordsMatch) return user;
          } catch (e) {
            console.error(e)
            return null
          }
        }

        return null;
      },
    }),
  ],
  callbacks: {
    authorized({ auth, request: { nextUrl } }) {
      const isLoggedIn = !!auth?.user;
      const isOnAdmin = nextUrl.pathname.startsWith('/admin');
      
      if (isOnAdmin) {
        return isLoggedIn;
      } else if (isLoggedIn) {
        // Redirect logged-in users from the login page to the admin dashboard
        if (nextUrl.pathname === '/login') {
            return Response.redirect(new URL('/admin', nextUrl));
        }
        return true;
      }
      
      return true;
    },
  },
} satisfies NextAuthConfig;
The `npm install` command failed in my project. Analyze the following er 2025-09-01 06:34:12 +00:00
			`import type { NextAuthConfig } from 'next-auth';`
			`import Credentials from 'next-auth/providers/credentials';`
			`import { z } from 'zod';`
			`import db from '@/lib/db';`

			`export const authConfig = {`
			`pages: {`
			`signIn: '/login',`
			`},`
			`providers: [`
			`Credentials({`
			`async authorize(credentials) {`
			`const parsedCredentials = z`
			`.object({ email: z.string().email(), password: z.string().min(1) })`
			`.safeParse(credentials);`

			`if (parsedCredentials.success) {`
			`const { email, password } = parsedCredentials.data;`

			`try {`
			`const userStmt = db.prepare('SELECT * FROM users WHERE email = ?');`
			`const user = userStmt.get(email) as any;`

			`if (!user) return null;`

			`// WARNING: Storing passwords in plaintext is insecure.`
			`// This is for demonstration purposes only.`
			`// In a real application, you MUST hash and salt passwords.`
			`const passwordsMatch = password === user.password;`

			`if (passwordsMatch) return user;`
			`} catch (e) {`
			`console.error(e)`
			`return null`
			`}`
			`}`

			`return null;`
			`},`
			`}),`
			`],`
			`callbacks: {`
			`authorized({ auth, request: { nextUrl } }) {`
			`const isLoggedIn = !!auth?.user;`
			`const isOnAdmin = nextUrl.pathname.startsWith('/admin');`

			`if (isOnAdmin) {`
			`return isLoggedIn;`
			`} else if (isLoggedIn) {`
			`// Redirect logged-in users from the login page to the admin dashboard`
			`if (nextUrl.pathname === '/login') {`
			`return Response.redirect(new URL('/admin', nextUrl));`
			`}`
			`return true;`
			`}`

			`return true;`
			`},`
			`},`
			`} satisfies NextAuthConfig;`