This repository has been archived by the owner on Oct 8, 2023. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathkeystone.ts
82 lines (77 loc) · 2.3 KB
/
keystone.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
import 'dotenv/config';
import * as Path from 'path';
import { config } from '@keystone-6/core';
import { statelessSessions } from '@keystone-6/core/session';
import Auth0 from '@opensaas/keystone-nextjs-auth/providers/auth0';
import { createAuth } from '@opensaas/keystone-nextjs-auth';
import { lists } from './schemas';
import { permissionsList } from './schemas/permissionFields';
let sessionSecret = process.env.SESSION_SECRET;
if (!sessionSecret) {
if (process.env.NODE_ENV === 'production') {
throw new Error('The SESSION_SECRET environment variable must be set in production');
} else {
sessionSecret = '-- DEV COOKIE SECRET; CHANGE ME --';
}
}
const sessionMaxAge = 60 * 60 * 24 * 30; // 30 days
const auth = createAuth({
listKey: 'User',
identityField: 'subjectId',
sessionData: `id name email role {${permissionsList.join(' ')}}`,
autoCreate: true,
resolver: async ({ user, profile }: { user: any; profile: any }) => {
const name = user.name as string;
const email = profile.email as string;
return { email, name };
},
pages: {
signIn: '/admin/auth/signin',
},
keystonePath: '/admin',
sessionSecret,
providers: [
Auth0({
clientId: process.env.AUTH0_CLIENT_ID || 'Auth0ClientID',
clientSecret: process.env.AUTH0_CLIENT_SECRET || 'Auth0ClientSecret',
issuer: process.env.AUTH0_ISSUER_BASE_URL || 'https://opensaas.au.auth0.com',
}),
],
});
export default auth.withAuth(
config({
server: {
cors: {
origin: [process.env.FRONTEND || 'http://localhost:7777'],
credentials: true,
},
},
db: {
provider: 'sqlite',
url: process.env.DATABASE_URL || 'file:./dev.db',
},
ui: {
isAccessAllowed: context => !!context.session,
publicPages: ['/admin/auth/signin', '/admin/auth/error'],
getAdditionalFiles: [
async () => [
{
mode: 'copy',
inputPath: Path.resolve('./customPages/signin.js'),
outputPath: 'pages/auth/signin.js',
},
{
mode: 'copy',
inputPath: Path.resolve('./customPages/error.js'),
outputPath: 'pages/auth/error.js',
},
],
],
},
lists,
session: statelessSessions({
maxAge: sessionMaxAge,
secret: sessionSecret,
}),
})
);