121 lines
3.8 KiB
TypeScript
121 lines
3.8 KiB
TypeScript
import { SignInAction } from '@/feactures/auth/actions/login-action';
|
|
import { resfreshTokenAction } from '@/feactures/auth/actions/refresh-token-action';
|
|
import { CredentialsSignin, NextAuthConfig, Session, User } from 'next-auth';
|
|
import { DefaultJWT } from 'next-auth/jwt';
|
|
import CredentialProvider from 'next-auth/providers/credentials';
|
|
|
|
const authConfig: NextAuthConfig = {
|
|
providers: [
|
|
CredentialProvider({
|
|
credentials: {
|
|
username: {
|
|
type: 'username',
|
|
},
|
|
password: {
|
|
type: 'password',
|
|
},
|
|
},
|
|
async authorize(
|
|
credentials: Partial<Record<'username' | 'password', unknown>>,
|
|
request: Request,
|
|
): Promise<User | null> {
|
|
const credential = {
|
|
username: credentials?.username as string,
|
|
password: credentials?.password as string,
|
|
};
|
|
|
|
const response = await SignInAction(credential);
|
|
|
|
if (
|
|
response &&
|
|
'type' in response &&
|
|
(response.type === 'API_ERROR' ||
|
|
response.type === 'VALIDATION_ERROR')
|
|
) {
|
|
throw new CredentialsSignin(response.message);
|
|
}
|
|
|
|
|
|
return {
|
|
id: response?.user.id?.toString() ?? '0',
|
|
username: response?.user.username ?? '',
|
|
fullname: response?.user.fullname ?? '',
|
|
email: response?.user.email ?? '',
|
|
role: response?.user.rol ?? [], // Add role array
|
|
access_token: response?.tokens.access_token ?? '',
|
|
access_expire_in: response?.tokens.access_expire_in ?? 0,
|
|
refresh_token: response?.tokens.refresh_token ?? '',
|
|
refresh_expire_in: response?.tokens.refresh_expire_in ?? 0,
|
|
};
|
|
|
|
|
|
},
|
|
}),
|
|
],
|
|
pages: {
|
|
signIn: '/', //sigin page
|
|
},
|
|
callbacks: {
|
|
async jwt({
|
|
token,
|
|
user,
|
|
account,
|
|
}: {
|
|
token: any;
|
|
user: User;
|
|
account: any;
|
|
}) {
|
|
// Si es un nuevo login, asignamos los datos
|
|
if (user) {
|
|
token.id = user.id;
|
|
token.username = user.username;
|
|
token.fullname = user.fullname;
|
|
token.email = user.email;
|
|
token.role = user.role;
|
|
token.access_token = user.access_token;
|
|
token.access_expire_in = user.access_expire_in;
|
|
token.refresh_token = user.refresh_token;
|
|
token.refresh_expire_in = user.refresh_expire_in;
|
|
}
|
|
|
|
// Renovar access_token si ha expirado
|
|
if (Date.now() / 1000 > (token.access_expire_in as number)) {
|
|
if (Date.now() / 1000 > (token.refresh_expire_in as number)) {
|
|
return null; // Forzar logout
|
|
}
|
|
|
|
try {
|
|
const res = await resfreshTokenAction({
|
|
token: token.refresh_token as string,
|
|
});
|
|
if (!res) throw new Error('Failed to refresh token');
|
|
token.access_token = res.tokens.access_token;
|
|
token.access_expire_in = res.tokens.access_expire_in;
|
|
token.refresh_token = res.tokens.refresh_token;
|
|
token.refresh_expire_in = res.tokens.refresh_expire_in;
|
|
} catch (error) {
|
|
return null;
|
|
}
|
|
}
|
|
|
|
return token;
|
|
},
|
|
async session({ session, token }: { session: Session; token: DefaultJWT }) {
|
|
session.access_token = token.access_token as string;
|
|
session.access_expire_in = token.access_expire_in as number;
|
|
session.refresh_token = token.refresh_token as string;
|
|
session.refresh_expire_in = token.refresh_expire_in as number;
|
|
session.user = {
|
|
id: token.id as number,
|
|
username: token.username as string,
|
|
fullname: token.fullname as string,
|
|
email: token.email as string,
|
|
role: token.role as Array<{ id: number; rol: string }>,
|
|
};
|
|
return session;
|
|
},
|
|
},
|
|
} satisfies NextAuthConfig;
|
|
|
|
export default authConfig;
|