import NextAuth, { NextAuthOptions } from "next-auth"; import CredentialsProvider from "next-auth/providers/credentials"; import { prisma } from "../../../../lib/prisma"; import bcrypt from "bcryptjs"; // Define the shape of the JWT token declare module "next-auth/jwt" { interface JWT { companyId: string; role: string; } } // Define the shape of the session object declare module "next-auth" { interface Session { user: { id?: string; name?: string; email?: string; image?: string; companyId: string; role: string; }; } interface User { id: string; email: string; companyId: string; role: string; } } export const authOptions: NextAuthOptions = { providers: [ CredentialsProvider({ name: "Credentials", credentials: { email: { label: "Email", type: "text" }, password: { label: "Password", type: "password" }, }, async authorize(credentials) { if (!credentials?.email || !credentials?.password) { return null; } const user = await prisma.user.findUnique({ where: { email: credentials.email }, }); if (!user) return null; const valid = await bcrypt.compare(credentials.password, user.password); if (!valid) return null; return { id: user.id, email: user.email, companyId: user.companyId, role: user.role, }; }, }), ], session: { strategy: "jwt", maxAge: 30 * 24 * 60 * 60, // 30 days }, cookies: { sessionToken: { name: `next-auth.session-token`, options: { httpOnly: true, sameSite: "lax", path: "/", secure: process.env.NODE_ENV === "production", }, }, }, callbacks: { async jwt({ token, user }) { if (user) { token.companyId = user.companyId; token.role = user.role; } return token; }, async session({ session, token }) { if (token && session.user) { session.user.companyId = token.companyId; session.user.role = token.role; } return session; }, }, pages: { signIn: "/login", }, secret: process.env.NEXTAUTH_SECRET, debug: process.env.NODE_ENV === "development", }; const handler = NextAuth(authOptions); export { handler as GET, handler as POST };