Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

answered 2023-05-12 13:45:02 +0000

pufferfish gravatar image

Here is an example of an authorize function in Typescript for NextAuthJS:

import { NextApiRequest, NextApiResponse } from "next";
import { Session } from "next-auth";
import { Provider } from "next-auth/providers";

type AuthorizeOptions = {
  provider: Provider;
  session: Session;
  req: NextApiRequest;
  res: NextApiResponse;
};

export default async function authorize(
  options: AuthorizeOptions
): Promise<boolean> {
  // Check if user is authenticated with the given provider
  const { provider, session } = options;
  const { accessToken } = session.user as { accessToken?: string };
  if (provider.id === "google" && accessToken) {
    // Use Google's OAuth2 API to validate the user's access token
    const url = `https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=${accessToken}`;
    const res = await fetch(url);
    const data = await res.json();
    if (data.audience === "1234567890.apps.googleusercontent.com") {
      // User is authenticated and authorized
      return true;
    }
  }
  // User is not authorized
  return false;
}

This function checks if the user is authenticated with the given provider (in this case, Google) and if their access token is valid. If the user is authorized, the function returns true. Otherwise, it returns false. This function can be used in the callbacks object when configuring NextAuthJS.


Copyright QStack.ai, 2010-2023. Content on this site is licensed under the Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service | contact