import { type NextAuthOptions } from "next-auth"; import CredentialsProvider from "next-auth/providers/credentials"; import { prisma } from "@/lib/prisma"; import { compare } from "bcryptjs"; import { Role } from '@/types/types'; console.log('[authOptions] NEXTAUTH_SECRET loaded:', process.env.NEXTAUTH_SECRET ? process.env.NEXTAUTH_SECRET.slice(0, 5) + '...' : 'undefined'); // Helper function to create a user object with the correct type // In the createUserObject function const createUserObject = (user: any) => { return { id: user.id.toString(), email: user.email, name: `${user.firstName} ${user.lastName}`.trim(), firstName: user.firstName, lastName: user.lastName, role: user.role as Role, image: user.profileImage || null, createdAt: user.createdAt, // Add this line }; }; // Remove or comment out these standalone callback functions // They're already properly defined in the authOptions object below /* async jwt({ token, user, account }) { // Initial sign in if (account && user) { return { ...token, id: user.id, email: user.email, name: user.name, firstName: (user as any).firstName, lastName: (user as any).lastName, role: (user as any).role, image: user.image, createdAt: (user as any).createdAt, // Add this line }; } return token; }, // And in the session callback async session({ session, token }) { if (session.user) { session.user = { ...session.user, id: token.id as string, email: token.email as string, name: token.name as string, firstName: token.firstName as string, lastName: token.lastName as string, role: token.role as Role, image: token.image as string | null, createdAt: token.createdAt, // Add this line }; } return session; } */ export const authOptions: NextAuthOptions = { providers: [ CredentialsProvider({ name: "Credentials", credentials: { email: { label: "Email", type: "email" }, password: { label: "Password", type: "password" }, }, async authorize(credentials) { if (!credentials?.email || !credentials?.password) { console.log('[AUTH] Missing credentials'); return null; } try { const user = await prisma.user.findUnique({ where: { email: credentials.email }, }); if (!user) { console.log(`[AUTH] User not found: ${credentials.email}`); return null; } const isPasswordValid = await compare(credentials.password, user.password); if (!isPasswordValid) { console.log(`[AUTH] Invalid password for user: ${credentials.email}`); return null; } console.log(`[AUTH] User authenticated: ${user.email} (${user.role})`); return createUserObject(user); } catch (error) { console.error('[AUTH] Error during authentication:', error); return null; } }, }), ], session: { strategy: "jwt", maxAge: 24 * 60 * 60, // 24 hours }, pages: { signIn: "/sign-in", error: "/sign-in", }, callbacks: { async jwt({ token, user, account }) { // Initial sign in if (account && user) { return { ...token, id: user.id, email: user.email, name: user.name, firstName: (user as any).firstName, lastName: (user as any).lastName, role: (user as any).role, image: user.image, }; } return token; }, async session({ session, token }) { if (session.user) { session.user = { ...session.user, id: token.id as string, email: token.email as string, name: token.name as string, firstName: token.firstName as string, lastName: token.lastName as string, role: token.role as Role, image: token.image as string | null, }; } return session; }, }, debug: process.env.NODE_ENV === 'development', secret: process.env.NEXTAUTH_SECRET || 'default-secret-key-for-dev', useSecureCookies: process.env.NODE_ENV === 'production', cookies: { sessionToken: { name: `${process.env.NODE_ENV === 'production' ? '__Secure-' : ''}next-auth.session-token`, options: { httpOnly: true, sameSite: 'lax', path: '/', secure: process.env.NODE_ENV === 'production', }, }, }, };