2023-06-28 12:55:24 +00:00
|
|
|
import { NextRequest } from "next/server";
|
2023-02-13 12:41:30 +00:00
|
|
|
import NextAuth from "next-auth";
|
|
|
|
|
import Google from "next-auth/providers/google";
|
|
|
|
|
import GitHub from "next-auth/providers/github";
|
|
|
|
|
import GitLab from "next-auth/providers/gitlab";
|
|
|
|
|
import Cognito from "next-auth/providers/cognito";
|
2023-03-15 12:17:43 +00:00
|
|
|
import { loadConfig, IAppConfig } from "@digiresilience/metamigo-config";
|
2023-06-28 12:55:24 +00:00
|
|
|
import { MetamigoAdapter } from "app/_lib/nextauth-adapter";
|
|
|
|
|
import { CloudflareAccessProvider } from "app/_lib/cloudflare";
|
2023-02-13 12:41:30 +00:00
|
|
|
|
2023-06-28 12:55:24 +00:00
|
|
|
const nextAuthOptions = (config: IAppConfig, req: NextRequest) => {
|
2023-02-13 12:41:30 +00:00
|
|
|
const { nextAuth, cfaccess } = config;
|
|
|
|
|
const adapter = MetamigoAdapter(config);
|
|
|
|
|
const providers = [];
|
|
|
|
|
|
|
|
|
|
const { audience, domain } = cfaccess;
|
|
|
|
|
const cloudflareAccessEnabled = audience && domain;
|
|
|
|
|
if (cloudflareAccessEnabled)
|
2023-06-28 12:55:24 +00:00
|
|
|
providers.push(CloudflareAccessProvider(audience, domain, adapter, req as any));
|
2023-02-13 12:41:30 +00:00
|
|
|
else {
|
|
|
|
|
if (nextAuth.google?.id)
|
|
|
|
|
providers.push(
|
|
|
|
|
Google({
|
|
|
|
|
clientId: nextAuth.google.id,
|
|
|
|
|
clientSecret: nextAuth.google.secret,
|
|
|
|
|
})
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (nextAuth.github?.id)
|
|
|
|
|
providers.push(
|
|
|
|
|
GitHub({
|
|
|
|
|
clientId: nextAuth.github.id,
|
|
|
|
|
clientSecret: nextAuth.github.secret,
|
|
|
|
|
})
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (nextAuth.gitlab?.id)
|
|
|
|
|
providers.push(
|
|
|
|
|
GitLab({
|
|
|
|
|
clientId: nextAuth.gitlab.id,
|
|
|
|
|
clientSecret: nextAuth.gitlab.secret,
|
|
|
|
|
})
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (nextAuth.cognito?.id)
|
|
|
|
|
providers.push(
|
|
|
|
|
Cognito({
|
|
|
|
|
clientId: nextAuth.cognito.id,
|
|
|
|
|
clientSecret: nextAuth.cognito.secret,
|
|
|
|
|
// domain: nextAuth.cognito.domain,
|
|
|
|
|
})
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (providers.length === 0)
|
|
|
|
|
throw new Error(
|
|
|
|
|
"No next-auth providers configured. See Metamigo configuration docs."
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
secret: nextAuth.secret,
|
|
|
|
|
session: {
|
2023-06-06 11:46:35 +00:00
|
|
|
strategy: "database",
|
2023-02-13 12:41:30 +00:00
|
|
|
maxAge: 8 * 60 * 60, // 8 hours
|
|
|
|
|
},
|
|
|
|
|
jwt: {
|
|
|
|
|
secret: nextAuth.secret,
|
|
|
|
|
},
|
|
|
|
|
providers,
|
|
|
|
|
adapter,
|
|
|
|
|
callbacks: {
|
2023-06-14 06:02:11 +00:00
|
|
|
async session({ session, user }: any) {
|
|
|
|
|
session.user.id = user.id;
|
2023-06-07 11:28:18 +00:00
|
|
|
session.user.userRole = user.userRole;
|
2023-02-13 12:41:30 +00:00
|
|
|
return session;
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2023-06-28 15:19:23 +00:00
|
|
|
const handler = async (req: NextRequest, context: any) => {
|
2023-06-28 12:55:24 +00:00
|
|
|
const config = await loadConfig();
|
|
|
|
|
const authOptions = nextAuthOptions(config, req);
|
|
|
|
|
// @ts-expect-error: non-existent property
|
2023-06-28 15:19:23 +00:00
|
|
|
return NextAuth(req, context, authOptions);
|
2023-06-28 12:55:24 +00:00
|
|
|
};
|
2023-02-13 12:41:30 +00:00
|
|
|
|
2023-06-28 12:55:24 +00:00
|
|
|
export { handler as GET, handler as POST };
|
