如何在 Next.js 中使用 next-auth 实现凭据授权？

Question

我尝试使用next-auth 获取凭据身份验证，但我没有使用它的经验，无论我做什么，我都会收到以下消息：

[next-auth][error][callback_credentials_jwt_error] 仅当启用 JSON Web 令牌时才支持使用凭据登录 https://next-auth.js.org/errors#callback_credentials_jwt_error

这是我的src/pages/api/auth/[...nextauth].js 文件。

import NextAuth from 'next-auth'
import Providers from 'next-auth/providers'
import User from "@models/User"

const options = {
    NEXTAUTH_URL:process.env.NEXTAUTH_URL,
    providers: [
        Providers.Credentials({
            // The name to display on the sign in form (e.g. 'Sign in with...')
            name: 'Avista',
            // The credentials is used to generate a suitable form on the sign in page.
            // You can specify whatever fields you are expecting to be submitted.
            // e.g. domain, username, password, 2FA token, etc.

            credentials: {
                email: {label: "Email", type: "text"},
                password: {label: "Password", type: "password"}
            },

            authorize: async (credentials) => {
                // Add logic here to look up the user from the credentials supplied
                // const user = {id: 1, name: 'J Smith', email: 'jsmith@example.com'}
                const user = await User.findOne()
                console.log("Данные входа", credentials)

                if (user) {
                    // Any object returned will be saved in `user` property of the JWT
                    return Promise.resolve(user)
                } else {
                    // If you return null or false then the credentials will be rejected
                    return Promise.resolve(null)
                    // You can also Reject this callback with an Error or with a URL:
                    // return Promise.reject(new Error('error message')) // Redirect to error page
                    // return Promise.reject('/path/to/redirect')        // Redirect to a URL
                }
            }
        }),
        Providers.Email({
            server: {
                host: process.env.EMAIL_SERVER_HOST,
                port: process.env.EMAIL_SERVER_PORT,
                auth: {
                    user: process.env.EMAIL_SERVER_USER,
                    pass: process.env.EMAIL_SERVER_PASSWORD
                }
            },
            from: process.env.EMAIL_FROM
        }),
    ],

    // A database is optional, but required to persist accounts in a database
    database: process.env.MONGO_URI,
    secret: process.env.JWT_SIGNING_PRIVATE_KEY,
    },
}

我不知道我做错了什么。

Answer 1

尝试将此添加到您的 [...nextauth].js 页面

  session: {
    jwt: true, 
    // Seconds - How long until an idle session expires and is no longer valid.
    maxAge: 30 * 24 * 60 * 60, // 30 days
  },

在此处阅读有关选项的更多信息：https://next-auth.js.org/configuration/options#jwt

Answer 2

在providers: []之后添加这个

callbacks: {
    jwt: async ({ token, user }) => {
        user && (token.user = user)
        return token;
    },
    session: async ({ session, token }) => {
        session.user = token.user
        return session;
    }

},
secret: "secret",
jwt: {
    secret: "ksdkfsldferSDFSDFSDf",
    encryption: true,
},