ACME-NextJS-Tutorial/auth.ts at main · rdietscht/ACME-NextJS-Tutorial · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
import NextAuth from "./node_modules/.pnpm/next-auth@5.0.0-beta.25_next@15.1.0_react-dom@19.0.0-rc-cd22717c-20241013_react@19.0.0-rc-cd2_vpnyommcfiul5rcc26jgvsqwl4/node_modules/next-auth";
import { authConfig } from "./auth.config";
import Credentials from './node_modules/.pnpm/next-auth@5.0.0-beta.25_next@15.1.0_react-dom@19.0.0-rc-cd22717c-20241013_react@19.0.0-rc-cd2_vpnyommcfiul5rcc26jgvsqwl4/node_modules/next-auth/providers/credentials';
import { z } from 'zod';
import { sql } from "@vercel/postgres";
import type { User } from "@/app/lib/definitions";
import bcrypt from 'bcrypt';

// Helper function which makes a DB query to fetch a specific user entity given an email.
async function getUser (email: string): Promise<User | undefined>
{
    try
    {
        const user = await sql<User>`SELECT * FROM users WHERE email=${email}`;
        return user.rows[0];
    } catch (error)
    {
        console.error ('Failed to fetch user:', error);
        throw new Error ('Failed to fetch user.');
    }
}

export const { auth, signIn, signOut } = NextAuth ({
    ...authConfig,
    providers: [
        Credentials ({
            // Use the authorize function to handle authentication logic.
            async authorize (credentials)
            {
                // Use zod to validate entered form data.
                const parsedCredentials = z
                    .object ({ email: z.string ().email (), password: z.string ().min (6) })
                    .safeParse (credentials);

                // Ensure the form was validated by zod.
                if (parsedCredentials.success)
                {
                    const { email, password } = parsedCredentials.data;
                    const user = await getUser (email);
                    if (!user) return null; // The user with the provided email was not found

                    // Check if the passwords match using bcrypt.
                    const passwordsMatch = await bcrypt.compare (password, user.password);
                    if (passwordsMatch) return user; // Return the user's data if authenticated
                }

                // Code reaches here if either zod was unable to validate OR the password was incorrect.
                console.log ('Invalid credentials');
                return null;
            },
        }),
    ] // Generally, we would use something else
});