mirror of
https://github.com/kjanat/livedash-node.git
synced 2026-01-16 13:32:08 +01:00
Kaj Kowalski
60d1b72aba
- Add PlatformUser model with roles (SUPER_ADMIN, ADMIN, SUPPORT) - Implement platform authentication with NextAuth - Create platform dashboard showing companies, users, and sessions - Add platform API endpoints for company management - Update landing page with SaaS design - Include test improvements and accessibility updates
108 lines
2.7 KiB
TypeScript
108 lines
2.7 KiB
TypeScript
import NextAuth, { NextAuthOptions } from "next-auth";
|
|
import CredentialsProvider from "next-auth/providers/credentials";
|
|
import { prisma } from "../../../../../lib/prisma";
|
|
import bcrypt from "bcryptjs";
|
|
|
|
// Define the shape of the JWT token for platform users
|
|
declare module "next-auth/jwt" {
|
|
interface JWT {
|
|
isPlatformUser: boolean;
|
|
platformRole: string;
|
|
}
|
|
}
|
|
|
|
// Define the shape of the session object for platform users
|
|
declare module "next-auth" {
|
|
interface Session {
|
|
user: {
|
|
id?: string;
|
|
name?: string;
|
|
email?: string;
|
|
image?: string;
|
|
isPlatformUser: boolean;
|
|
platformRole: string;
|
|
};
|
|
}
|
|
|
|
interface User {
|
|
id: string;
|
|
email: string;
|
|
name: string;
|
|
isPlatformUser: boolean;
|
|
platformRole: string;
|
|
}
|
|
}
|
|
|
|
export const platformAuthOptions: NextAuthOptions = {
|
|
providers: [
|
|
CredentialsProvider({
|
|
name: "Platform Credentials",
|
|
credentials: {
|
|
email: { label: "Email", type: "text" },
|
|
password: { label: "Password", type: "password" },
|
|
},
|
|
async authorize(credentials) {
|
|
if (!credentials?.email || !credentials?.password) {
|
|
return null;
|
|
}
|
|
|
|
const platformUser = await prisma.platformUser.findUnique({
|
|
where: { email: credentials.email },
|
|
});
|
|
|
|
if (!platformUser) return null;
|
|
|
|
const valid = await bcrypt.compare(credentials.password, platformUser.password);
|
|
if (!valid) return null;
|
|
|
|
return {
|
|
id: platformUser.id,
|
|
email: platformUser.email,
|
|
name: platformUser.name,
|
|
isPlatformUser: true,
|
|
platformRole: platformUser.role,
|
|
};
|
|
},
|
|
}),
|
|
],
|
|
session: {
|
|
strategy: "jwt",
|
|
maxAge: 8 * 60 * 60, // 8 hours for platform users (more secure)
|
|
},
|
|
cookies: {
|
|
sessionToken: {
|
|
name: `platform-auth.session-token`,
|
|
options: {
|
|
httpOnly: true,
|
|
sameSite: "lax",
|
|
path: "/platform",
|
|
secure: process.env.NODE_ENV === "production",
|
|
},
|
|
},
|
|
},
|
|
callbacks: {
|
|
async jwt({ token, user }) {
|
|
if (user) {
|
|
token.isPlatformUser = user.isPlatformUser;
|
|
token.platformRole = user.platformRole;
|
|
}
|
|
return token;
|
|
},
|
|
async session({ session, token }) {
|
|
if (token && session.user) {
|
|
session.user.isPlatformUser = token.isPlatformUser;
|
|
session.user.platformRole = token.platformRole;
|
|
}
|
|
return session;
|
|
},
|
|
},
|
|
pages: {
|
|
signIn: "/platform/login",
|
|
},
|
|
secret: process.env.NEXTAUTH_SECRET,
|
|
debug: process.env.NODE_ENV === "development",
|
|
};
|
|
|
|
const handler = NextAuth(platformAuthOptions);
|
|
|
|
export { handler as GET, handler as POST }; |