feat: Add authentication and session management with NextAuth.js and Prisma [broken]

- Implemented API session retrieval in `lib/api-auth.ts` to manage user sessions.
- Created authentication options in `lib/auth-options.ts` using NextAuth.js with credentials provider.
- Added migration scripts to create necessary tables for authentication in `migrations/0002_create_auth_tables.sql` and `prisma/migrations/20250601033219_add_nextauth_tables/migration.sql`.
- Configured ESLint with Next.js and TypeScript support in `eslint.config.mjs`.
- Updated Next.js configuration in `next.config.ts` for Cloudflare compatibility.
- Defined Cloudflare Worker configuration in `open-next.config.ts` and `wrangler.jsonc`.
- Enhanced type definitions for authentication in `types/auth.d.ts`.
- Created a Cloudflare Worker entry point in `src/index.ts.backup` to handle API requests and responses.

pages/api/dashboard/config.ts

@@ -1,14 +1,13 @@
 // API endpoint: update company CSV URL config
 import { NextApiRequest, NextApiResponse } from "next";
-import { getServerSession } from "next-auth";
+import { getApiSession } from "../../../lib/api-auth";
 import { prisma } from "../../../lib/prisma";
-import { authOptions } from "../auth/[...nextauth]";
 
 export default async function handler(
   req: NextApiRequest,
   res: NextApiResponse
 ) {
-  const session = await getServerSession(req, res, authOptions);
+    const session = await getApiSession(req, res);
   if (!session?.user) return res.status(401).json({ error: "Not logged in" });
 
   const user = await prisma.user.findUnique({

pages/api/dashboard/metrics.ts

@@ -1,9 +1,8 @@
 // API endpoint: return metrics for current company
 import { NextApiRequest, NextApiResponse } from "next";
-import { getServerSession } from "next-auth";
+import { getApiSession } from "../../../lib/api-auth";
 import { prisma } from "../../../lib/prisma";
 import { sessionMetrics } from "../../../lib/metrics";
-import { authOptions } from "../auth/[...nextauth]";
 import { ChatSession } from "../../../lib/types"; // Import ChatSession
 
 interface SessionUser {
@@ -19,11 +18,7 @@ export default async function handler(
   req: NextApiRequest,
   res: NextApiResponse
 ) {
-  const session = (await getServerSession(
-    req,
-    res,
-    authOptions
-  )) as SessionData | null;
+    const session = await getApiSession(req, res);
   if (!session?.user) return res.status(401).json({ error: "Not logged in" });
 
   const user = await prisma.user.findUnique({

pages/api/dashboard/session-filter-options.ts

@@ -1,6 +1,5 @@
 import { NextApiRequest, NextApiResponse } from "next";
-import { getServerSession } from "next-auth/next";
-import { authOptions } from "../auth/[...nextauth]";
+import { getApiSession } from "../../../lib/api-auth";
 import { prisma } from "../../../lib/prisma";
 import { SessionFilterOptions } from "../../../lib/types";
 
@@ -14,7 +13,7 @@ export default async function handler(
     return res.status(405).json({ error: "Method not allowed" });
   }
 
-  const authSession = await getServerSession(req, res, authOptions);
+    const authSession = await getApiSession(req, res);
 
   if (!authSession || !authSession.user?.companyId) {
     return res.status(401).json({ error: "Unauthorized" });

pages/api/dashboard/sessions.ts

@@ -1,6 +1,5 @@
 import { NextApiRequest, NextApiResponse } from "next";
-import { getServerSession } from "next-auth/next";
-import { authOptions } from "../auth/[...nextauth]";
+import { getApiSession } from "../../../lib/api-auth";
 import { prisma } from "../../../lib/prisma";
 import {
   ChatSession,
@@ -17,7 +16,7 @@ export default async function handler(
     return res.status(405).json({ error: "Method not allowed" });
   }
 
-  const authSession = await getServerSession(req, res, authOptions);
+    const authSession = await getApiSession(req, res);
 
   if (!authSession || !authSession.user?.companyId) {
     return res.status(401).json({ error: "Unauthorized" });

pages/api/dashboard/settings.ts

@@ -1,13 +1,12 @@
 import { NextApiRequest, NextApiResponse } from "next";
-import { getServerSession } from "next-auth";
+import { getApiSession } from "../../../lib/api-auth";
 import { prisma } from "../../../lib/prisma";
-import { authOptions } from "../auth/[...nextauth]";
 
 export default async function handler(
   req: NextApiRequest,
   res: NextApiResponse
 ) {
-  const session = await getServerSession(req, res, authOptions);
+    const session = await getApiSession(req, res);
   if (!session?.user || session.user.role !== "admin")
     return res.status(403).json({ error: "Forbidden" });
 

pages/api/dashboard/users.ts

@@ -1,9 +1,8 @@
 import { NextApiRequest, NextApiResponse } from "next";
 import crypto from "crypto";
-import { getServerSession } from "next-auth";
 import { prisma } from "../../../lib/prisma";
 import bcrypt from "bcryptjs";
-import { authOptions } from "../auth/[...nextauth]";
+import { getApiSession } from "../../../lib/api-auth";
 // User type from prisma is used instead of the one in lib/types
 
 interface UserBasicInfo {
@@ -16,9 +15,18 @@ export default async function handler(
   req: NextApiRequest,
   res: NextApiResponse
 ) {
-  const session = await getServerSession(req, res, authOptions);
-  if (!session?.user || session.user.role !== "admin")
-    return res.status(403).json({ error: "Forbidden" });
+    const session = await getApiSession(req, res);
+    console.log("Session in users API:", session);
+
+    if (!session?.user) {
+        console.log("No session or user found");
+        return res.status(401).json({ error: "Not logged in" });
+    }
+
+    if (session.user.role !== "admin") {
+        console.log("User is not admin:", session.user.role);
+        return res.status(403).json({ error: "Admin access required" });
+    }
 
   const user = await prisma.user.findUnique({
     where: { email: session.user.email as string },