halluc

2026-03-18 03:04:10 +00:00 · 2025-03-11 18:17:23 -04:00 · 2025-03-11 18:17:23 -04:00 · 24d8a3e8f1
commit 24d8a3e8f1
parent fc07185ecd
2 changed files with 67 additions and 9 deletions
--- a/src/app/api/auth/[...nextauth]/route.ts
+++ b/src/app/api/auth/[...nextauth]/route.ts
@ -33,7 +33,7 @@ if (!process.env.NEXTAUTH_URL && process.env.NODE_ENV === 'production') {
  console.log("Warning: NEXTAUTH_URL not explicitly set in production, Next.js will use the Host header");
 }

-// Define auth options - using a minimal configuration to isolate the issue
+// Define auth options with necessary callbacks
 const authOptions = {
  providers: [
    GoogleProvider({
@ -41,9 +41,44 @@ const authOptions = {
      clientSecret: googleClientSecret,
    }),
  ],
-  // Only essential configuration
+  // Configuration
  secret: nextAuthSecret,
  debug: true,
+  pages: {
+    signIn: '/auth/signin',
+    signOut: '/auth/signout',
+    error: '/auth/error',
+  },
+  callbacks: {
+    // JWT callback to persist data from the OAuth provider to the JWT
+    async jwt({ token, user, account, profile, trigger }) {
+      console.log("JWT Callback:", { tokenSub: token.sub, profile, trigger });
+      
+      // Initial sign-in - add data from the OAuth provider to the token
+      if (account && profile) {
+        token.userId = token.sub; // Use sub as the primary userId
+        token.email = profile.email;
+      }
+      
+      return token;
+    },
+    
+    // Session callback to make data from JWT available to client
+    async session({ session, token, user }) {
+      console.log("Session Callback:", { 
+        sessionUserId: session?.user?.id,
+        tokenUserId: token?.userId,
+        tokenSub: token?.sub 
+      });
+      
+      // Ensure user ID is available in the session
+      if (session.user) {
+        session.user.id = token.userId || token.sub;
+      }
+      
+      return session;
+    }
+  }
 };

 // Create detailed error response with full information
--- a/src/lib/auth.ts
+++ b/src/lib/auth.ts
@ -41,14 +41,37 @@ export async function getSessionFromCookie(req: NextRequest) {
      });
    }
    
-    // IMPORTANT: The logs show x-user-email headers are present, so we should use them
+    // Try both header and cookie-based authentication
+    // Headers take precedence if both are available
+    const userId = req.headers.get('x-user-id');
+    const userEmail = req.headers.get('x-user-email');
+    
+    // If we have both headers, use them
+    if (userId && userEmail) {
+      console.log('Using header-based authentication:', { userId, userEmail });
+      return { 
+        isAuthenticated: true,
+        user: {
+          id: userId,
+          email: userEmail
+        }
+      };
+    }
+    
+    // If we have a session cookie but no headers, we need to persist the session user ID
+    if (sessionCookie) {
+      // For production, we'll just indicate authentication is present
+      // The JWT session data is handled by NextAuth in the client
+      console.log('Session cookie authentication is present, relying on client-side session data');
+      return { 
+        isAuthenticated: true,
+        sessionPresent: true
+      };
+    }
+    
+    // Fallback - this shouldn't happen often
    return { 
-      isAuthenticated: true,
-      user: {
-        // Extract user info from headers if available
-        id: req.headers.get('x-user-id') || 'unknown-id',
-        email: req.headers.get('x-user-email') || 'unknown@example.com'
-      }
+      isAuthenticated: true
    };
  } catch (error) {
    console.error('Error getting session from cookie:', error);