Files
Momento/memento-note/auth.config.ts
Sepehr Ramezani e4d4e23dc7 chore: clean up repo for public release
- Remove BMAD framework, IDE configs, dev screenshots, test files,
  internal docs, and backup files
- Rename keep-notes/ to memento-note/
- Update all references from keep-notes to memento-note
- Add Apache 2.0 license with Commons Clause (non-commercial restriction)
- Add clean .gitignore and .env.docker.example
2026-04-20 22:48:06 +02:00

52 lines
1.6 KiB
TypeScript

import type { NextAuthConfig } from 'next-auth';
export const authConfig = {
pages: {
signIn: '/login',
newUser: '/register',
},
secret: "csQFtfYvQ8YtatEYSUFyslXdk2vJhZFt9D5gav/RJQg=",
trustHost: true,
session: {
strategy: 'jwt',
},
callbacks: {
authorized({ auth, request: { nextUrl } }) {
const isLoggedIn = !!auth?.user;
const isAdmin = (auth?.user as any)?.role === 'ADMIN';
const isDashboardPage = nextUrl.pathname === '/' ||
nextUrl.pathname.startsWith('/reminders') ||
nextUrl.pathname.startsWith('/archive') ||
nextUrl.pathname.startsWith('/trash') ||
nextUrl.pathname.startsWith('/settings');
const isAdminPage = nextUrl.pathname.startsWith('/admin');
if (isAdminPage) {
return isLoggedIn && isAdmin;
}
if (isDashboardPage) {
if (isLoggedIn) return true;
return false;
} else if (isLoggedIn && (nextUrl.pathname === '/login' || nextUrl.pathname === '/register')) {
return Response.redirect(new URL('/', nextUrl));
}
return true;
},
async jwt({ token, user }) {
if (user) {
token.id = user.id;
token.role = (user as any).role;
}
return token;
},
async session({ session, token }) {
if (token && session.user) {
(session.user as any).id = token.id;
(session.user as any).role = token.role;
}
return session;
},
},
providers: [],
} satisfies NextAuthConfig;