1 | initial version |
Here is an example of an authorize function in Typescript for NextAuthJS:
import { NextApiRequest, NextApiResponse } from "next";
import { Session } from "next-auth";
import { Provider } from "next-auth/providers";
type AuthorizeOptions = {
provider: Provider;
session: Session;
req: NextApiRequest;
res: NextApiResponse;
};
export default async function authorize(
options: AuthorizeOptions
): Promise<boolean> {
// Check if user is authenticated with the given provider
const { provider, session } = options;
const { accessToken } = session.user as { accessToken?: string };
if (provider.id === "google" && accessToken) {
// Use Google's OAuth2 API to validate the user's access token
const url = `https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=${accessToken}`;
const res = await fetch(url);
const data = await res.json();
if (data.audience === "1234567890.apps.googleusercontent.com") {
// User is authenticated and authorized
return true;
}
}
// User is not authorized
return false;
}
This function checks if the user is authenticated with the given provider (in this case, Google) and if their access token is valid. If the user is authorized, the function returns true
. Otherwise, it returns false
. This function can be used in the callbacks
object when configuring NextAuthJS.