import NextAuth from 'next-auth'; import { authConfig } from './auth.config'; import Credentials from 'next-auth/providers/credentials'; import { z } from 'zod'; import prisma from '@/lib/prisma'; import bcrypt from 'bcryptjs'; import { rateLimit } from '@/lib/rate-limit'; export const { auth, signIn, signOut, handlers } = NextAuth({ ...authConfig, providers: [ Credentials({ async authorize(credentials) { try { const parsedCredentials = z .object({ email: z.string().email(), password: z.string().min(6) }) .safeParse(credentials); if (!parsedCredentials.success) { return null; } const { email, password } = parsedCredentials.data; const { allowed } = rateLimit(`login:${email.toLowerCase()}`) if (!allowed) { return null; } const user = await prisma.user.findUnique({ where: { email: email.toLowerCase() } }); if (!user || !user.password) { return null; } const passwordsMatch = await bcrypt.compare(password, user.password); if (passwordsMatch) { return { id: user.id, email: user.email, name: user.name, role: user.role, }; } return null; } catch { return null; } }, }), ], });