Refactor authentication options to improve environment variable handling and add error logging for API sync failures

2026-04-24 01:05:29 +07:00
parent 73c607fee7
commit 0be9b5d577
1 changed files with 27 additions and 12 deletions
@@ -1,7 +1,9 @@
 import { NextAuthOptions } from "next-auth"
 import GoogleProvider from "next-auth/providers/google"

-const readerApiOrigin = (process.env.READER_API_ORIGIN || "http://localhost:8000").replace(/\/+$/, "")
+const readerApiOrigin = process.env.READER_API_ORIGIN?.replace(/\/+$/, "")
+const googleClientId = process.env.GOOGLE_CLIENT_ID
+const googleClientSecret = process.env.GOOGLE_CLIENT_SECRET

 type MobileLoginResponse = {
    accessToken: string
@@ -17,8 +19,8 @@ type MobileLoginResponse = {
 export const authOptions: NextAuthOptions = {
    providers: [
        GoogleProvider({
-            clientId: process.env.GOOGLE_CLIENT_ID || "demo-id",
-            clientSecret: process.env.GOOGLE_CLIENT_SECRET || "demo-secret",
+            clientId: googleClientId || "",
+            clientSecret: googleClientSecret || "",
        }),
    ],
    session: {
@@ -27,23 +29,35 @@ export const authOptions: NextAuthOptions = {
    callbacks: {
        async jwt({ token, account }) {
            if (account?.provider === "google" && account.id_token) {
+                if (!readerApiOrigin) {
+                    console.warn("READER_API_ORIGIN is not configured, skipping reader-api sync after Google login")
+                    return token
+                }
+
                try {
                    const response = await fetch(`${readerApiOrigin}/api/auth/mobile-login`, {
                        method: "POST",
                        headers: { "Content-Type": "application/json" },
                        body: JSON.stringify({ googleIdToken: account.id_token }),
+                        signal: AbortSignal.timeout(5000),
                    })

-                    if (response.ok) {
-                        const data = (await response.json()) as MobileLoginResponse
-                        token.sub = data.user.id
-                        ;(token as any).id = data.user.id
-                        ;(token as any).role = data.user.role || "USER"
-                        ;(token as any).name = data.user.name || token.name || null
-                        ;(token as any).email = data.user.email || token.email || null
-                        ;(token as any).picture = data.user.image || (token as any).picture || null
-                        ;(token as any).accessToken = data.accessToken
+                    if (!response.ok) {
+                        console.error("reader-api sync failed", {
+                            status: response.status,
+                            statusText: response.statusText,
+                        })
+                        return token
                    }
+
+                    const data = (await response.json()) as MobileLoginResponse
+                    token.sub = data.user.id
+                    ;(token as any).id = data.user.id
+                    ;(token as any).role = data.user.role || "USER"
+                    ;(token as any).name = data.user.name || token.name || null
+                    ;(token as any).email = data.user.email || token.email || null
+                    ;(token as any).picture = data.user.image || (token as any).picture || null
+                    ;(token as any).accessToken = data.accessToken
                } catch (error) {
                    console.error("Failed to sync Google login with reader-api", error)
                }
@@ -64,4 +78,5 @@ export const authOptions: NextAuthOptions = {
        },
    },
    secret: process.env.NEXTAUTH_SECRET,
+    debug: process.env.NEXTAUTH_DEBUG === "true",
 }