Initial commit

lib/auth.ts

@@ -0,0 +1,97 @@
+// lib/auth.ts
+
+import { PrismaAdapter } from "@auth/prisma-adapter";
+import { prisma } from "./database";
+import GoogleProvider from "next-auth/providers/google";
+import CredentialsProvider from "next-auth/providers/credentials";
+import { UserService } from "./services/user.service";
+import { AuthOptions } from "next-auth";
+
+export const authOptions: AuthOptions = {
+  adapter: PrismaAdapter(prisma),
+
+  providers: [
+    GoogleProvider({
+      clientId: process.env.GOOGLE_CLIENT_ID!,
+      clientSecret: process.env.GOOGLE_CLIENT_SECRET!,
+    }),
+
+    CredentialsProvider({
+      name: "Credentials",
+      credentials: {
+        email: { label: "Email", type: "text" },
+        password: { label: "Password", type: "password" },
+      },
+      async authorize(credentials) {
+        if (!credentials?.email || !credentials?.password) {
+          throw new Error("请输入邮箱和密码");
+        }
+
+        try {
+          const user = await UserService.getUserByEmail(credentials.email);
+
+          if (!user || !user.hashedPassword) {
+            throw new Error("用户不存在或未设置密码");
+          }
+
+          const isPasswordValid = await UserService.verifyPassword(
+            user,
+            credentials.password
+          );
+
+          if (!isPasswordValid) {
+            throw new Error("密码错误");
+          }
+
+          return user;
+        } catch (error) {
+          throw error;
+        }
+      },
+    }),
+  ],
+
+  session: {
+    strategy: "jwt",
+  },
+
+  callbacks: {
+    async jwt({ token, user, account }) {
+      if (user) {
+        token.id = user.id;
+        token.email = user.email;
+        token.name = user.name;
+      }
+      return token;
+    },
+
+    async session({ session, token }) {
+      if (token?.id && session.user) {
+        session.user.id = token.id as string;
+        session.user.email = token.email as string;
+        session.user.name = token.name as string;
+      }
+      return session;
+    },
+
+    async signIn({ user, account, profile }) {
+      // 允许所有用户登录
+      return true;
+    },
+
+    async redirect({ url, baseUrl }) {
+      // 确保重定向到正确的页面
+      if (url.startsWith("/")) return `${baseUrl}${url}`;
+      else if (new URL(url).origin === baseUrl) return url;
+      return `${baseUrl}/dashboard`;
+    },
+  },
+
+  pages: {
+    signIn: "/login",
+  },
+
+  secret: process.env.NEXTAUTH_SECRET,
+
+  debug: process.env.NODE_ENV === "development",
+};