Move packages/apps back

2023-03-10 08:26:51 +00:00 · 2023-03-10 08:26:51 +00:00 · 5535d6b575
commit 5535d6b575
parent 6eaaf8e9be
348 changed files with 0 additions and 0 deletions
--- a/apps/metamigo-frontend/pages/api/auth/[...nextauth].ts
+++ b/apps/metamigo-frontend/pages/api/auth/[...nextauth].ts
@ -0,0 +1,106 @@
+import { NextApiRequest, NextApiResponse } from "next";
+import NextAuth from "next-auth";
+import Google from "next-auth/providers/google";
+import GitHub from "next-auth/providers/github";
+import GitLab from "next-auth/providers/gitlab";
+import Cognito from "next-auth/providers/cognito";
+import { loadConfig, IAppConfig } from "config";
+import { MetamigoAdapter } from "../../../lib/nextauth-adapter";
+import { CloudflareAccessProvider } from "../../../lib/cloudflare";
+
+const nextAuthOptions = (config: IAppConfig, req: NextApiRequest) => {
+  const { nextAuth, cfaccess } = config;
+  const adapter = MetamigoAdapter(config);
+  const providers = [];
+
+  const { audience, domain } = cfaccess;
+  const cloudflareAccessEnabled = audience && domain;
+  if (cloudflareAccessEnabled)
+    providers.push(CloudflareAccessProvider(audience, domain, adapter, req));
+  else {
+    if (nextAuth.google?.id)
+      providers.push(
+        Google({
+          clientId: nextAuth.google.id,
+          clientSecret: nextAuth.google.secret,
+        })
+      );
+
+    if (nextAuth.github?.id)
+      providers.push(
+        GitHub({
+          clientId: nextAuth.github.id,
+          clientSecret: nextAuth.github.secret,
+        })
+      );
+
+    if (nextAuth.gitlab?.id)
+      providers.push(
+        GitLab({
+          clientId: nextAuth.gitlab.id,
+          clientSecret: nextAuth.gitlab.secret,
+        })
+      );
+
+    if (nextAuth.cognito?.id)
+      providers.push(
+        Cognito({
+          clientId: nextAuth.cognito.id,
+          clientSecret: nextAuth.cognito.secret,
+          // domain: nextAuth.cognito.domain,
+        })
+      );
+  }
+
+  if (providers.length === 0)
+    throw new Error(
+      "No next-auth providers configured. See Metamigo configuration docs."
+    );
+
+  return {
+    secret: nextAuth.secret,
+    session: {
+      jwt: true,
+      maxAge: 8 * 60 * 60, // 8 hours
+    },
+    jwt: {
+      secret: nextAuth.secret,
+      encryption: false,
+      signingKey: nextAuth.signingKey,
+      encryptionKey: nextAuth.encryptionKey,
+    },
+    providers,
+    adapter,
+    callbacks: {
+      session: async (session: any, token: any) => {
+        // make the user id available in the react client
+        session.user.id = token.userId;
+        return session;
+      },
+      jwt: async (token: any, user: any) => {
+        const isSignIn = Boolean(user);
+        // Add auth_time to token on signin in
+        if (isSignIn) {
+          // not sure what this does
+          // if (!token.aud) token.aud;
+
+          token.aud = nextAuth.audience;
+          token.picture = user.avatar;
+          token.userId = user.id;
+          token.role = user.userRole ? `app_${user.userRole}` : "app_anonymous";
+        }
+
+        return token;
+      },
+    },
+  };
+};
+
+const nextAuth = async (
+  req: NextApiRequest,
+  res: NextApiResponse
+): Promise<void> =>
+  // @ts-expect-error: Type mismatch
+  NextAuth(req, res, nextAuthOptions(await loadConfig(), req));
+
+export default nextAuth;