// lib/auth.ts import { PrismaAdapter } from "@auth/prisma-adapter"; import { prisma } from "./database"; import GoogleProvider from "next-auth/providers/google"; import CredentialsProvider from "next-auth/providers/credentials"; import { UserService } from "./services/user.service"; import { AuthOptions } from "next-auth"; export const authOptions: AuthOptions = { adapter: PrismaAdapter(prisma), providers: [ GoogleProvider({ clientId: process.env.GOOGLE_CLIENT_ID!, clientSecret: process.env.GOOGLE_CLIENT_SECRET!, }), CredentialsProvider({ name: "Credentials", credentials: { email: { label: "Email", type: "text" }, password: { label: "Password", type: "password" }, }, async authorize(credentials) { if (!credentials?.email || !credentials?.password) { throw new Error("请输入邮箱和密码"); } try { const user = await UserService.getUserByEmail(credentials.email); if (!user || !user.hashedPassword) { throw new Error("用户不存在或未设置密码"); } const isPasswordValid = await UserService.verifyPassword( user, credentials.password ); if (!isPasswordValid) { throw new Error("密码错误"); } return user; } catch (error) { throw error; } }, }), ], session: { strategy: "jwt", }, callbacks: { async jwt({ token, user, account }) { if (user) { token.id = user.id; token.email = user.email; token.name = user.name; } return token; }, async session({ session, token }) { if (token?.id && session.user) { session.user.id = token.id as string; session.user.email = token.email as string; session.user.name = token.name as string; } return session; }, async signIn({ user, account, profile }) { // 允许所有用户登录 return true; }, async redirect({ url, baseUrl }) { // 确保重定向到正确的页面 if (url.startsWith("/")) return `${baseUrl}${url}`; else if (new URL(url).origin === baseUrl) return url; return `${baseUrl}/dashboard`; }, }, pages: { signIn: "/login", }, secret: process.env.NEXTAUTH_SECRET, debug: process.env.NODE_ENV === "development", };