ilia/mirror_match
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add auth, groups, and invite scaffolding

Browse Source
This commit is contained in:
ilia 2025-12-28 23:14:28 -05:00
parent 341bb08858
commit 2be3eacefd
18 changed files with 719 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
eslint.config.mjs
View File

@ -12,6 +12,8 @@ const eslintConfig = defineConfig([
"out/**",
"build/**",
"next-env.d.ts",
// Local docker volumes (often root-owned, can break eslint file walking):
"docker/**",
]),
]);

80
package-lock.json generated
View File

@ -8,9 +8,9 @@
"name": "mirrormatch",
"version": "0.1.0",
"dependencies": {
"@auth/prisma-adapter": "^2.11.1",
"@aws-sdk/client-s3": "^3.958.0",
"@aws-sdk/s3-request-presigner": "^3.958.0",
"@next-auth/prisma-adapter": "^1.0.7",
"@prisma/client": "^7.2.0",
"next": "16.1.1",
"next-auth": "^4.24.13",
@ -125,74 +125,6 @@
"preact": ">=10"
}
},
"node_modules/@auth/prisma-adapter": {
"version": "2.11.1",
"resolved": "https://registry.npmjs.org/@auth/prisma-adapter/-/prisma-adapter-2.11.1.tgz",
"integrity": "sha512-Ke7DXP0Fy0Mlmjz/ZJLXwQash2UkA4621xCM0rMtEczr1kppLc/njCbUkHkIQ/PnmILjqSPEKeTjDPsYruvkug==",
"license": "ISC",
"dependencies": {
"@auth/core": "0.41.1"
},
"peerDependencies": {
"@prisma/client": ">=2.26.0 || >=3 || >=4 || >=5 || >=6"
}
},
"node_modules/@auth/prisma-adapter/node_modules/@auth/core": {
"version": "0.41.1",
"resolved": "https://registry.npmjs.org/@auth/core/-/core-0.41.1.tgz",
"integrity": "sha512-t9cJ2zNYAdWMacGRMT6+r4xr1uybIdmYa49calBPeTqwgAFPV/88ac9TEvCR85pvATiSPt8VaNf+Gt24JIT/uw==",
"license": "ISC",
"dependencies": {
"@panva/hkdf": "^1.2.1",
"jose": "^6.0.6",
"oauth4webapi": "^3.3.0",
"preact": "10.24.3",
"preact-render-to-string": "6.5.11"
},
"peerDependencies": {
"@simplewebauthn/browser": "^9.0.1",
"@simplewebauthn/server": "^9.0.2",
"nodemailer": "^7.0.7"
},
"peerDependenciesMeta": {
"@simplewebauthn/browser": {
"optional": true
},
"@simplewebauthn/server": {
"optional": true
},
"nodemailer": {
"optional": true
}
}
},
"node_modules/@auth/prisma-adapter/node_modules/jose": {
"version": "6.1.3",
"resolved": "https://registry.npmjs.org/jose/-/jose-6.1.3.tgz",
"integrity": "sha512-0TpaTfihd4QMNwrz/ob2Bp7X04yuxJkjRGi4aKmOqwhov54i6u79oCv7T+C7lo70MKH6BesI3vscD1yb/yzKXQ==",
"license": "MIT",
"funding": {
"url": "https://github.com/sponsors/panva"
}
},
"node_modules/@auth/prisma-adapter/node_modules/oauth4webapi": {
"version": "3.8.3",
"resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.8.3.tgz",
"integrity": "sha512-pQ5BsX3QRTgnt5HxgHwgunIRaDXBdkT23tf8dfzmtTIL2LTpdmxgbpbBm0VgFWAIDlezQvQCTgnVIUmHupXHxw==",
"license": "MIT",
"funding": {
"url": "https://github.com/sponsors/panva"
}
},
"node_modules/@auth/prisma-adapter/node_modules/preact-render-to-string": {
"version": "6.5.11",
"resolved": "https://registry.npmjs.org/preact-render-to-string/-/preact-render-to-string-6.5.11.tgz",
"integrity": "sha512-ubnauqoGczeGISiOh6RjX0/cdaF8v/oDXIjO85XALCQjwQP+SB4RDXXtvZ6yTYSjG+PC1QRP2AhPgCEsM2EvUw==",
"license": "MIT",
"peerDependencies": {
"preact": ">=10"
}
},
"node_modules/@aws-crypto/crc32": {
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/@aws-crypto/crc32/-/crc32-5.2.0.tgz",
@ -2217,6 +2149,16 @@
"@tybys/wasm-util": "^0.10.0"
}
},
"node_modules/@next-auth/prisma-adapter": {
"version": "1.0.7",
"resolved": "https://registry.npmjs.org/@next-auth/prisma-adapter/-/prisma-adapter-1.0.7.tgz",
"integrity": "sha512-Cdko4KfcmKjsyHFrWwZ//lfLUbcLqlyFqjd/nYE2m3aZ7tjMNUjpks47iw7NTCnXf+5UWz5Ypyt1dSs1EP5QJw==",
"license": "ISC",
"peerDependencies": {
"@prisma/client": ">=2.26.0 || >=3",
"next-auth": "^4"
}
},
"node_modules/@next/env": {
"version": "16.1.1",
"resolved": "https://registry.npmjs.org/@next/env/-/env-16.1.1.tgz",

2
package.json
View File

@ -9,9 +9,9 @@
"lint": "eslint"
},
"dependencies": {
"@auth/prisma-adapter": "^2.11.1",
"@aws-sdk/client-s3": "^3.958.0",
"@aws-sdk/s3-request-presigner": "^3.958.0",
"@next-auth/prisma-adapter": "^1.0.7",
"@prisma/client": "^7.2.0",
"next": "16.1.1",
"next-auth": "^4.24.13",

5
src/app/api/auth/[...nextauth]/route.ts Normal file
View File

@ -0,0 +1,5 @@
import { nextAuthHandler } from "@/server/auth";
export { nextAuthHandler as GET, nextAuthHandler as POST };

118
src/app/g/[slug]/admin/invites/page.tsx Normal file
View File

@ -0,0 +1,118 @@
import { redirect } from "next/navigation";
import { auth } from "@/server/auth";
import { prisma } from "@/server/db";
import { createInvite } from "@/server/actions/invites";
export default async function GroupInvitesAdminPage({
params,
}: {
params: Promise<{ slug: string }>;
}) {
const session = await auth();
if (!session?.user?.id) redirect("/login");
const { slug } = await params;
const membership = await prisma.groupMember.findFirst({
where: { userId: session.user.id, group: { slug } },
include: { group: true },
});
if (!membership || membership.role !== "ADMIN") {
return (
<div className="min-h-screen bg-zinc-50 px-6 py-16 text-zinc-900">
<div className="mx-auto max-w-lg">
<h1 className="text-2xl font-semibold">Admins only</h1>
</div>
</div>
);
}
const invites = await prisma.invite.findMany({
where: { groupId: membership.groupId },
orderBy: { createdAt: "desc" },
take: 50,
});
return (
<div className="min-h-screen bg-zinc-50 text-zinc-900">
<div className="mx-auto max-w-3xl px-6 py-12">
<h1 className="text-3xl font-semibold tracking-tight">Invites</h1>
<p className="mt-1 text-sm text-zinc-600">{membership.group.name}</p>
<form
action={async (formData) => {
"use server";
await createInvite(formData);
}}
className="mt-8 grid gap-3 rounded-2xl border border-zinc-200 bg-white p-6 shadow-sm sm:grid-cols-4"
>
<input type="hidden" name="groupSlug" value={slug} />
<div className="sm:col-span-2">
<label className="block text-xs font-medium text-zinc-700">Email</label>
<input
name="email"
type="email"
required
className="mt-2 w-full rounded-xl border border-zinc-300 px-3 py-2 outline-none focus:border-zinc-900"
placeholder="person@example.com"
/>
</div>
<div>
<label className="block text-xs font-medium text-zinc-700">Role</label>
<select
name="role"
defaultValue="MEMBER"
className="mt-2 w-full rounded-xl border border-zinc-300 px-3 py-2 outline-none focus:border-zinc-900"
>
<option value="MEMBER">Member</option>
<option value="ADMIN">Admin</option>
</select>
</div>
<div className="flex items-end">
<button
type="submit"
className="w-full rounded-xl bg-zinc-900 px-4 py-2 text-sm font-medium text-white hover:bg-zinc-800"
>
Send invite
</button>
</div>
</form>
<div className="mt-8 rounded-2xl border border-zinc-200 bg-white">
<div className="border-b border-zinc-200 px-6 py-3 text-sm font-medium">
Recent invites
</div>
<ul className="divide-y divide-zinc-200">
{invites.length === 0 ? (
<li className="px-6 py-4 text-sm text-zinc-600">No invites yet.</li>
) : (
invites.map((i) => (
<li key={i.id} className="px-6 py-4">
<div className="flex flex-wrap items-center justify-between gap-2">
<div className="text-sm">
<div className="font-medium">{i.email}</div>
<div className="text-xs text-zinc-500">
{i.role.toLowerCase()} {" "}
{i.usedAt ? "used" : i.expiresAt < new Date() ? "expired" : "pending"}
</div>
</div>
<div className="text-xs text-zinc-500">
{i.createdAt.toISOString().slice(0, 10)}
</div>
</div>
</li>
))
)}
</ul>
</div>
</div>
</div>
);
}

66
src/app/g/[slug]/page.tsx Normal file
View File

@ -0,0 +1,66 @@
import Link from "next/link";
import { redirect } from "next/navigation";
import { auth } from "@/server/auth";
import { prisma } from "@/server/db";
export default async function GroupPage({
params,
}: {
params: Promise<{ slug: string }>;
}) {
const session = await auth();
if (!session?.user?.id) redirect("/login");
const { slug } = await params;
const membership = await prisma.groupMember.findFirst({
where: { userId: session.user.id, group: { slug } },
include: { group: true },
});
if (!membership) {
return (
<div className="min-h-screen bg-zinc-50 px-6 py-16 text-zinc-900">
<div className="mx-auto max-w-lg">
<h1 className="text-2xl font-semibold">Not a member</h1>
<p className="mt-2 text-sm text-zinc-600">
You need an invite link to join this group.
</p>
<Link className="mt-6 inline-block text-sm font-medium underline" href="/groups">
Back to groups
</Link>
</div>
</div>
);
}
const isAdmin = membership.role === "ADMIN";
return (
<div className="min-h-screen bg-zinc-50 text-zinc-900">
<div className="mx-auto max-w-3xl px-6 py-12">
<div className="flex items-start justify-between gap-6">
<div>
<h1 className="text-3xl font-semibold tracking-tight">{membership.group.name}</h1>
<p className="mt-1 text-sm text-zinc-600">/g/{membership.group.slug}</p>
</div>
{isAdmin ? (
<Link
href={`/g/${membership.group.slug}/admin/invites`}
className="rounded-xl bg-zinc-900 px-4 py-2 text-sm font-medium text-white hover:bg-zinc-800"
>
Admin
</Link>
) : null}
</div>
<div className="mt-10 rounded-2xl border border-zinc-200 bg-white p-6 text-sm text-zinc-600">
Next: sets + upload + guessing UI.
</div>
</div>
</div>
);
}

60
src/app/groups/new/page.tsx Normal file
View File

@ -0,0 +1,60 @@
import { auth } from "@/server/auth";
import { redirect } from "next/navigation";
import { createGroup } from "@/server/actions/groups";
export default async function NewGroupPage() {
const session = await auth();
if (!session?.user?.id) redirect("/login");
return (
<div className="min-h-screen bg-zinc-50 text-zinc-900">
<div className="mx-auto max-w-lg px-6 py-16">
<h1 className="text-2xl font-semibold tracking-tight">Create a group</h1>
<p className="mt-2 text-sm text-zinc-600">
Example: Family, Brothers friends, Cousins.
</p>
<form
action={async (formData) => {
"use server";
await createGroup(formData);
}}
className="mt-8 space-y-4 rounded-2xl border border-zinc-200 bg-white p-6 shadow-sm"
>
<div>
<label className="block text-sm font-medium">Group name</label>
<input
name="name"
required
className="mt-2 w-full rounded-xl border border-zinc-300 px-3 py-2 outline-none focus:border-zinc-900"
placeholder="Family"
/>
</div>
<div>
<label className="block text-sm font-medium">Slug</label>
<input
name="slug"
required
pattern="^[a-z0-9-]+$"
className="mt-2 w-full rounded-xl border border-zinc-300 px-3 py-2 outline-none focus:border-zinc-900"
placeholder="family"
/>
<p className="mt-2 text-xs text-zinc-500">
Lowercase letters, numbers, and dashes only.
</p>
</div>
<button
type="submit"
className="w-full rounded-xl bg-zinc-900 px-4 py-2 text-sm font-medium text-white hover:bg-zinc-800"
>
Create group
</button>
</form>
</div>
</div>
);
}

63
src/app/groups/page.tsx Normal file
View File

@ -0,0 +1,63 @@
import Link from "next/link";
import { auth } from "@/server/auth";
import { prisma } from "@/server/db";
import { redirect } from "next/navigation";
export default async function GroupsPage() {
const session = await auth();
if (!session?.user?.id) redirect("/login");
const memberships = await prisma.groupMember.findMany({
where: { userId: session.user.id },
include: { group: true },
orderBy: { joinedAt: "desc" },
});
return (
<div className="min-h-screen bg-zinc-50 text-zinc-900">
<div className="mx-auto max-w-3xl px-6 py-12">
<div className="flex items-center justify-between gap-4">
<div>
<h1 className="text-3xl font-semibold tracking-tight">Your groups</h1>
<p className="mt-1 text-sm text-zinc-600">
Invite-only spaces for sets, guesses, and leaderboards.
</p>
</div>
<Link
href="/groups/new"
className="rounded-xl bg-zinc-900 px-4 py-2 text-sm font-medium text-white hover:bg-zinc-800"
>
Create group
</Link>
</div>
<div className="mt-8 grid gap-3">
{memberships.length === 0 ? (
<div className="rounded-2xl border border-zinc-200 bg-white p-6 text-sm text-zinc-600">
No groups yet. Create one, then invite family/friends.
</div>
) : (
memberships.map((m) => (
<Link
key={m.id}
href={`/g/${m.group.slug}`}
className="rounded-2xl border border-zinc-200 bg-white p-5 hover:border-zinc-300"
>
<div className="flex items-center justify-between gap-4">
<div className="min-w-0">
<div className="truncate text-base font-semibold">{m.group.name}</div>
<div className="truncate text-xs text-zinc-500">
/g/{m.group.slug} {m.role.toLowerCase()}
</div>
</div>
</div>
</Link>
))
)}
</div>
</div>
</div>
);
}

79
src/app/invite/[token]/page.tsx Normal file
View File

@ -0,0 +1,79 @@
import { auth } from "@/server/auth";
import { prisma } from "@/server/db";
import crypto from "crypto";
import { redirect } from "next/navigation";
function hashToken(token: string) {
return crypto.createHash("sha256").update(token).digest("hex");
}
export default async function InviteRedeemPage({
params,
}: {
params: Promise<{ token: string }>;
}) {
const session = await auth();
if (!session?.user?.id) {
// After login, come back and redeem.
const { token } = await params;
redirect(`/login?callbackUrl=${encodeURIComponent(`/invite/${token}`)}`);
}
const { token } = await params;
const tokenHash = hashToken(token);
const invite = await prisma.invite.findUnique({
where: { tokenHash },
});
if (!invite) {
return (
<div className="min-h-screen bg-zinc-50 px-6 py-16 text-zinc-900">
<div className="mx-auto max-w-lg">
<h1 className="text-2xl font-semibold">Invite not found</h1>
<p className="mt-2 text-sm text-zinc-600">
This invite link is invalid or was already used.
</p>
</div>
</div>
);
}
const now = new Date();
if (invite.usedAt || invite.expiresAt <= now) {
return (
<div className="min-h-screen bg-zinc-50 px-6 py-16 text-zinc-900">
<div className="mx-auto max-w-lg">
<h1 className="text-2xl font-semibold">Invite expired</h1>
<p className="mt-2 text-sm text-zinc-600">
Ask an admin to send you a new invite.
</p>
</div>
</div>
);
}
// Redeem: create membership and mark invite used. If already a member, just mark used.
const userId = session.user.id;
await prisma.$transaction(async (tx) => {
await tx.groupMember.upsert({
where: { groupId_userId: { groupId: invite.groupId, userId } },
update: {},
create: { groupId: invite.groupId, userId, role: invite.role },
});
await tx.invite.update({
where: { id: invite.id },
data: {
usedAt: now,
usedById: userId,
},
});
});
const group = await prisma.group.findUnique({ where: { id: invite.groupId } });
redirect(group ? `/g/${group.slug}` : "/groups");
}

57
src/app/login/page.tsx Normal file
View File

@ -0,0 +1,57 @@
import { auth } from "@/server/auth";
import { redirect } from "next/navigation";
export default async function LoginPage({
searchParams,
}: {
searchParams: Promise<Record<string, string | string[] | undefined>>;
}) {
const session = await auth();
if (session?.user) redirect("/groups");
const params = await searchParams;
const check = params.check === "1";
return (
<div className="min-h-screen bg-zinc-50 text-zinc-900">
<div className="mx-auto max-w-md px-6 py-16">
<h1 className="text-3xl font-semibold tracking-tight">MirrorMatch</h1>
<p className="mt-2 text-sm text-zinc-600">
Invite-only. Sign in to view your groups and play.
</p>
<div className="mt-10 rounded-2xl border border-zinc-200 bg-white p-6 shadow-sm">
{check ? (
<div className="mb-4 rounded-xl border border-emerald-200 bg-emerald-50 px-4 py-3 text-sm text-emerald-900">
Check your email for a magic link.
</div>
) : null}
<form action="/api/auth/signin/email" method="post" className="space-y-3">
<label className="block text-sm font-medium">Email</label>
<input
type="email"
name="email"
required
autoComplete="email"
className="w-full rounded-xl border border-zinc-300 px-3 py-2 outline-none focus:border-zinc-900"
placeholder="you@example.com"
/>
<button
type="submit"
className="w-full rounded-xl bg-zinc-900 px-4 py-2 text-sm font-medium text-white hover:bg-zinc-800"
>
Send magic link
</button>
</form>
<p className="mt-4 text-xs text-zinc-500">
Youll need an invite to join a group.
</p>
</div>
</div>
</div>
);
}

85
src/app/page.tsx
View File

@ -1,65 +1,44 @@
import Image from "next/image";
import Link from "next/link";
import { auth } from "@/server/auth";
export default function Home() {
export default async function Home() {
const session = await auth();
return (
<div className="flex min-h-screen items-center justify-center bg-zinc-50 font-sans dark:bg-black">
<main className="flex min-h-screen w-full max-w-3xl flex-col items-center justify-between py-32 px-16 bg-white dark:bg-black sm:items-start">
<Image
className="dark:invert"
src="/next.svg"
alt="Next.js logo"
width={100}
height={20}
priority
/>
<div className="flex flex-col items-center gap-6 text-center sm:items-start sm:text-left">
<h1 className="max-w-xs text-3xl font-semibold leading-10 tracking-tight text-black dark:text-zinc-50">
To get started, edit the page.tsx file.
</h1>
<p className="max-w-md text-lg leading-8 text-zinc-600 dark:text-zinc-400">
Looking for a starting point or more instructions? Head over to{" "}
<a
href="https://vercel.com/templates?framework=next.js&utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
className="font-medium text-zinc-950 dark:text-zinc-50"
<div className="min-h-screen bg-zinc-50 text-zinc-900">
<div className="mx-auto max-w-3xl px-6 py-16">
<h1 className="text-4xl font-semibold tracking-tight">MirrorMatch</h1>
<p className="mt-3 max-w-xl text-sm text-zinc-600">
Invite-only photo guessing game. Create a set, upload photos, and see who can match the
names best once you reveal.
</p>
<div className="mt-10 flex flex-wrap gap-3">
{session?.user ? (
<Link
href="/groups"
className="rounded-xl bg-zinc-900 px-4 py-2 text-sm font-medium text-white hover:bg-zinc-800"
>
Templates
</a>{" "}
or the{" "}
<a
href="https://nextjs.org/learn?utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
className="font-medium text-zinc-950 dark:text-zinc-50"
Go to groups
</Link>
) : (
<Link
href="/login"
className="rounded-xl bg-zinc-900 px-4 py-2 text-sm font-medium text-white hover:bg-zinc-800"
>
Learning
</a>{" "}
center.
</p>
</div>
<div className="flex flex-col gap-4 text-base font-medium sm:flex-row">
Sign in
</Link>
)}
<a
className="flex h-12 w-full items-center justify-center gap-2 rounded-full bg-foreground px-5 text-background transition-colors hover:bg-[#383838] dark:hover:bg-[#ccc] md:w-[158px]"
href="https://vercel.com/new?utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
href="http://localhost:8025"
className="rounded-xl border border-zinc-300 bg-white px-4 py-2 text-sm font-medium hover:border-zinc-400"
target="_blank"
rel="noopener noreferrer"
rel="noreferrer"
>
<Image
className="dark:invert"
src="/vercel.svg"
alt="Vercel logomark"
width={16}
height={16}
/>
Deploy Now
</a>
<a
className="flex h-12 w-full items-center justify-center rounded-full border border-solid border-black/[.08] px-5 transition-colors hover:border-transparent hover:bg-black/[.04] dark:border-white/[.145] dark:hover:bg-[#1a1a1a] md:w-[158px]"
href="https://nextjs.org/docs?utm_source=create-next-app&utm_medium=appdir-template-tw&utm_campaign=create-next-app"
target="_blank"
rel="noopener noreferrer"
>
Documentation
Mailpit (dev)
</a>
</div>
</main>
</div>
</div>
);
}

43
src/server/actions/groups.ts Normal file
View File

@ -0,0 +1,43 @@
"use server";
import { z } from "zod";
import { redirect } from "next/navigation";
import { auth } from "@/server/auth";
import { prisma } from "@/server/db";
const createGroupSchema = z.object({
name: z.string().trim().min(1).max(80),
slug: z
.string()
.trim()
.toLowerCase()
.regex(/^[a-z0-9-]+$/)
.min(2)
.max(40),
});
export async function createGroup(formData: FormData) {
const session = await auth();
if (!session?.user?.id) redirect("/login");
const data = createGroupSchema.parse({
name: formData.get("name"),
slug: formData.get("slug"),
});
const group = await prisma.group.create({
data: {
name: data.name,
slug: data.slug,
createdById: session.user.id,
members: {
create: { userId: session.user.id, role: "ADMIN" },
},
},
});
redirect(`/g/${group.slug}`);
}

61
src/server/actions/invites.ts Normal file
View File

@ -0,0 +1,61 @@
"use server";
import { z } from "zod";
import { redirect } from "next/navigation";
import { auth } from "@/server/auth";
import { prisma } from "@/server/db";
import { newInviteToken } from "@/server/invites";
import { sendInviteEmail } from "@/server/email";
const createInviteSchema = z.object({
groupSlug: z.string().min(1),
email: z.string().trim().toLowerCase().email(),
role: z.enum(["ADMIN", "MEMBER"]).default("MEMBER"),
});
export async function createInvite(formData: FormData) {
const session = await auth();
if (!session?.user?.id) redirect("/login");
const data = createInviteSchema.parse({
groupSlug: formData.get("groupSlug"),
email: formData.get("email"),
role: formData.get("role") ?? "MEMBER",
});
const membership = await prisma.groupMember.findFirst({
where: { userId: session.user.id, group: { slug: data.groupSlug } },
include: { group: true },
});
if (!membership || membership.role !== "ADMIN") {
throw new Error("Not authorized");
}
const { token, tokenHash } = newInviteToken();
const expiresAt = new Date(Date.now() + 1000 * 60 * 60 * 24 * 7); // 7 days
const invite = await prisma.invite.create({
data: {
groupId: membership.groupId,
email: data.email,
role: data.role,
tokenHash,
createdById: session.user.id,
expiresAt,
},
});
const baseUrl = process.env.AUTH_URL ?? "http://localhost:3000";
const inviteUrl = `${baseUrl}/invite/${token}`;
await sendInviteEmail({
to: data.email,
groupName: membership.group.name,
inviteUrl,
});
return { inviteId: invite.id, inviteUrl };
}

45
src/server/auth.ts Normal file
View File

@ -0,0 +1,45 @@
import type { NextAuthOptions } from "next-auth";
import NextAuth from "next-auth";
import { getServerSession } from "next-auth";
import EmailProvider from "next-auth/providers/email";
import { PrismaAdapter } from "@next-auth/prisma-adapter";
import { prisma } from "@/server/db";
export const authOptions: NextAuthOptions = {
adapter: PrismaAdapter(prisma),
secret: process.env.AUTH_SECRET ?? process.env.NEXTAUTH_SECRET,
providers: [
EmailProvider({
from: process.env.EMAIL_FROM,
server: {
host: process.env.EMAIL_SERVER_HOST,
port: Number(process.env.EMAIL_SERVER_PORT ?? 587),
auth: process.env.EMAIL_SERVER_USER
? {
user: process.env.EMAIL_SERVER_USER,
pass: process.env.EMAIL_SERVER_PASSWORD,
}
: undefined,
},
}),
],
pages: {
signIn: "/login",
verifyRequest: "/login?check=1",
},
callbacks: {
async session({ session, user }) {
if (session.user) session.user.id = user.id;
return session;
},
},
};
export const nextAuthHandler = NextAuth(authOptions);
export function auth() {
return getServerSession(authOptions);
}

13
src/server/db.ts Normal file
View File

@ -0,0 +1,13 @@
import { PrismaClient } from "@/generated/prisma";
const globalForPrisma = globalThis as unknown as { prisma?: PrismaClient };
export const prisma =
globalForPrisma.prisma ??
new PrismaClient({
log: process.env.NODE_ENV === "development" ? ["warn", "error"] : ["error"],
});
if (process.env.NODE_ENV !== "production") globalForPrisma.prisma = prisma;

39
src/server/email.ts Normal file
View File

@ -0,0 +1,39 @@
import nodemailer from "nodemailer";
export function getSmtpTransport() {
const host = process.env.EMAIL_SERVER_HOST;
const port = Number(process.env.EMAIL_SERVER_PORT ?? 587);
const user = process.env.EMAIL_SERVER_USER;
const pass = process.env.EMAIL_SERVER_PASSWORD;
if (!host) throw new Error("Missing EMAIL_SERVER_HOST");
return nodemailer.createTransport({
host,
port,
auth: user ? { user, pass } : undefined,
});
}
export async function sendInviteEmail(args: {
to: string;
groupName: string;
inviteUrl: string;
}) {
const from = process.env.EMAIL_FROM;
if (!from) throw new Error("Missing EMAIL_FROM");
const transport = getSmtpTransport();
const subject = `MirrorMatch invite: ${args.groupName}`;
const text = `You were invited to join "${args.groupName}" on MirrorMatch.\n\nJoin: ${args.inviteUrl}\n\nIf you didn't expect this, you can ignore this email.\n`;
await transport.sendMail({
from,
to: args.to,
subject,
text,
});
}

10
src/server/invites.ts Normal file
View File

@ -0,0 +1,10 @@
import crypto from "crypto";
export function newInviteToken() {
// URL-safe token
const token = crypto.randomBytes(32).toString("base64url");
const tokenHash = crypto.createHash("sha256").update(token).digest("hex");
return { token, tokenHash };
}

14
src/types/next-auth.d.ts vendored Normal file
View File

@ -0,0 +1,14 @@
import "next-auth";
declare module "next-auth" {
interface Session {
user?: {
id: string;
name?: string | null;
email?: string | null;
image?: string | null;
};
}
}