import { PrismaAdapter } from "@auth/prisma-adapter"; import bcrypt from "bcryptjs"; import type { NextAuthOptions } from "next-auth"; import type { Adapter } from "next-auth/adapters"; import CredentialsProvider from "next-auth/providers/credentials"; import { prisma } from "@/lib/prisma"; process.env.NEXTAUTH_URL ??= process.env.AUTH_URL; process.env.NEXTAUTH_SECRET ??= process.env.AUTH_SECRET; export const authOptions: NextAuthOptions = { adapter: PrismaAdapter(prisma) as Adapter, session: { strategy: "jwt", }, pages: { error: "/admin/login", signIn: "/admin/login", }, providers: [ CredentialsProvider({ name: "Admin Login", credentials: { email: { label: "Email", type: "email" }, password: { label: "Password", type: "password" }, }, async authorize(credentials) { const email = credentials?.email?.toLowerCase().trim(); const password = credentials?.password; if (!email || !password) { return null; } try { const user = await prisma.user.findUnique({ where: { email }, }); if (!user?.passwordHash) { return null; } const isValid = await bcrypt.compare(password, user.passwordHash); if (!isValid) { return null; } return { id: user.id, email: user.email, name: user.name, image: user.image, role: user.role, }; } catch (error) { console.error("Credentials authorize failed", error); return null; } }, }), ], callbacks: { async jwt({ token, user }) { if (user) { token.id = user.id; token.role = user.role; } return token; }, async session({ session, token }) { if (session.user) { session.user.id = token.id; session.user.role = token.role; } return session; }, }, secret: process.env.AUTH_SECRET ?? process.env.NEXTAUTH_SECRET, };