Michael
Michael
PostsComments
TTCTheo's Typesafe Cult
Created by Michael on 1/11/2024 in #questions
NextAuth and role based access control
Here is my full repo if anyone else is struggling to figure this out: https://github.com/DocMDC/RoleBasedAccessControlT3NextAuth
6 replies
TTCTheo's Typesafe Cult
Created by Michael on 1/11/2024 in #questions
NextAuth and role based access control
export const authOptions: NextAuthOptions = {
  adapter: PrismaAdapter(db),
  providers: [
    GitHubProvider({
      profile(profile: GithubProfile) {
        return {
          //this will populate the user schema based on information pulled from the auth provider
          name: profile.login,
          email: profile.email,
          role: profile.role ?? "user",
          id: profile.id.toString(),
          image: profile.avatar_url,
        }
      },
      clientId: process.env.GITHUB_ID as string,
      clientSecret: process.env.GITHUB_SECRET as string,
    }),
  ],
  callbacks: {
    session: ({ session, user }) => ({
      ...session,
      user: {
        ...session.user,
        id: user.id,
        name: user.name,
        role: user.role,
        email: user.email
      },
    }),
    async redirect({url, baseUrl}) {
      return baseUrl
    }
  },

};

/**
 * Wrapper for `getServerSession` so that you don't need to import the `authOptions` in every file.
 *
 * @see https://next-auth.js.org/configuration/nextjs
 */
export const getServerAuthSession = () => getServerSession(authOptions);
export const authOptions: NextAuthOptions = {
  adapter: PrismaAdapter(db),
  providers: [
    GitHubProvider({
      profile(profile: GithubProfile) {
        return {
          //this will populate the user schema based on information pulled from the auth provider
          name: profile.login,
          email: profile.email,
          role: profile.role ?? "user",
          id: profile.id.toString(),
          image: profile.avatar_url,
        }
      },
      clientId: process.env.GITHUB_ID as string,
      clientSecret: process.env.GITHUB_SECRET as string,
    }),
  ],
  callbacks: {
    session: ({ session, user }) => ({
      ...session,
      user: {
        ...session.user,
        id: user.id,
        name: user.name,
        role: user.role,
        email: user.email
      },
    }),
    async redirect({url, baseUrl}) {
      return baseUrl
    }
  },

};

/**
 * Wrapper for `getServerSession` so that you don't need to import the `authOptions` in every file.
 *
 * @see https://next-auth.js.org/configuration/nextjs
 */
export const getServerAuthSession = () => getServerSession(authOptions);
6 replies
TTCTheo's Typesafe Cult
Created by Michael on 1/11/2024 in #questions
NextAuth and role based access control
declare module "next-auth" {
  interface Session extends DefaultSession {
    user: {
      id: string;
      name: string;
      login: string;
      // ...other properties
      role: string;
    } & DefaultSession["user"];
  }

  //Must include this interface to allow sesssion access to user.role and user.name
  interface User {
    role: string;
    name: string;
  }
}
declare module "next-auth" {
  interface Session extends DefaultSession {
    user: {
      id: string;
      name: string;
      login: string;
      // ...other properties
      role: string;
    } & DefaultSession["user"];
  }

  //Must include this interface to allow sesssion access to user.role and user.name
  interface User {
    role: string;
    name: string;
  }
}
6 replies
TTCTheo's Typesafe Cult
Created by Michael on 1/11/2024 in #questions
NextAuth and role based access control
I think I figured this out. The User interface needs to be in the next-auth module that's declared. I also was spreading in the profile object from the GitHubProvider which I think was not compatible with the prisma User Schema. Instead, I just grabbed the values I wanted.
6 replies