Leon Serfaty G
49 lines
1.4 KiB
TypeScript
49 lines
1.4 KiB
TypeScript
|
|
import NextAuth from 'next-auth';
|
|
import { authConfig } from './auth.config';
|
|
import Credentials from 'next-auth/providers/credentials';
|
|
import { z } from 'zod';
|
|
import db from '@/lib/db';
|
|
|
|
export const { handlers, auth, signIn, signOut } = NextAuth({
|
|
...authConfig,
|
|
providers: [
|
|
Credentials({
|
|
async authorize(credentials) {
|
|
const parsedCredentials = z
|
|
.object({ email: z.string().email(), password: z.string().min(1) })
|
|
.safeParse(credentials);
|
|
|
|
if (parsedCredentials.success) {
|
|
const { email, password } = parsedCredentials.data;
|
|
|
|
try {
|
|
const userStmt = db.prepare('SELECT * FROM users WHERE email = ?');
|
|
const user = userStmt.get(email) as any;
|
|
|
|
if (!user) return null;
|
|
|
|
// WARNING: Storing passwords in plaintext is insecure.
|
|
// This is for demonstration purposes only.
|
|
// In a real application, you MUST hash and salt passwords.
|
|
const passwordsMatch = password === user.password;
|
|
|
|
if (passwordsMatch) {
|
|
// The user object returned here will be encoded in the JWT.
|
|
return { id: user.id, name: user.name, email: user.email };
|
|
}
|
|
|
|
} catch (e) {
|
|
console.error(e)
|
|
return null
|
|
}
|
|
}
|
|
|
|
return null;
|
|
},
|
|
}),
|
|
]
|
|
});
|
|
|
|
export const runtime = "nodejs";
|