virtus/reader
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
690a2fbd51a2b04edad004120356802497a7ed10
reader/lib/auth.ts
T
virtus d9a6629d31
Build and Push Reader Image / docker (push) Successful in 38s
Details
Add NODE_OPTIONS for IPv4-first DNS resolution and set timeout for Google provider in auth options
2026-04-24 01:16:09 +07:00

86 lines
3.4 KiB
TypeScript
Raw Blame History

import { NextAuthOptions } from "next-auth"
import GoogleProvider from "next-auth/providers/google"
const readerApiOrigin = process.env.READER_API_ORIGIN?.replace(/\/+$/, "")
const googleClientId = process.env.GOOGLE_CLIENT_ID
const googleClientSecret = process.env.GOOGLE_CLIENT_SECRET
type MobileLoginResponse = {
accessToken: string
user: {
id: string
email?: string | null
name?: string | null
image?: string | null
role?: string | null
}
}
export const authOptions: NextAuthOptions = {
providers: [
GoogleProvider({
clientId: googleClientId || "",
clientSecret: googleClientSecret || "",
httpOptions: {
timeout: 10000,
},
}),
],
session: {
strategy: "jwt",
},
callbacks: {
async jwt({ token, account }) {
if (account?.provider === "google" && account.id_token) {
if (!readerApiOrigin) {
console.warn("READER_API_ORIGIN is not configured, skipping reader-api sync after Google login")
return token
}
try {
const response = await fetch(`${readerApiOrigin}/api/auth/mobile-login`, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ googleIdToken: account.id_token }),
signal: AbortSignal.timeout(5000),
})
if (!response.ok) {
console.error("reader-api sync failed", {
status: response.status,
statusText: response.statusText,
})
return token
}
const data = (await response.json()) as MobileLoginResponse
token.sub = data.user.id
;(token as any).id = data.user.id
;(token as any).role = data.user.role || "USER"
;(token as any).name = data.user.name || token.name || null
;(token as any).email = data.user.email || token.email || null
;(token as any).picture = data.user.image || (token as any).picture || null
;(token as any).accessToken = data.accessToken
} catch (error) {
console.error("Failed to sync Google login with reader-api", error)
}
}
return token
},
async session({ session, token }) {
if (session.user) {
session.user.id = String((token as any).id || token.sub || "")
session.user.role = String((token as any).role || "USER")
session.user.name = ((token as any).name ?? token.name ?? session.user.name ?? null) as string | null
session.user.email = ((token as any).email ?? token.email ?? session.user.email ?? null) as string | null
session.user.image = ((token as any).picture ?? (token as any).image ?? session.user.image ?? null) as string | null
;(session as any).accessToken = (token as any).accessToken || null
}
return session
},
},
secret: process.env.NEXTAUTH_SECRET,
debug: process.env.NEXTAUTH_DEBUG === "true",
}
Reference in New Issue View Git Blame Copy Permalink