import type { NextAuthOptions } from "next-auth"; import DiscordProvider from "next-auth/providers/discord"; const ALLOWED_USER_IDS = (process.env.ALLOWED_DISCORD_IDS || "").split(",").map(id => id.trim()).filter(Boolean); export const authOptions: NextAuthOptions = { providers: [ DiscordProvider({ clientId: process.env.DISCORD_CLIENT_ID!, clientSecret: process.env.DISCORD_CLIENT_SECRET!, authorization: { params: { scope: "identify guilds", }, }, }), ], callbacks: { async signIn({ user, account, profile }) { // Se ALLOWED_DISCORD_IDS estiver configurado, só permite esses usuários if (ALLOWED_USER_IDS.length > 0) { const discordId = (profile as { id?: string })?.id || account?.providerAccountId; if (!discordId || !ALLOWED_USER_IDS.includes(discordId)) { return false; // Bloqueia login } } return true; }, async jwt({ token, account, profile }) { if (account && profile) { const discordProfile = profile as { id: string; username: string; discriminator: string; avatar: string; global_name?: string; }; token.discordId = discordProfile.id; token.username = discordProfile.username; token.discriminator = discordProfile.discriminator; token.avatar = discordProfile.avatar; token.globalName = discordProfile.global_name; token.accessToken = account.access_token; } return token; }, async session({ session, token }) { if (session.user) { (session.user as Record).discordId = token.discordId; (session.user as Record).username = token.username; (session.user as Record).discriminator = token.discriminator; (session.user as Record).avatar = token.avatar; (session.user as Record).globalName = token.globalName; } return session; }, }, pages: { signIn: "/login", error: "/login", }, session: { strategy: "jwt", maxAge: 7 * 24 * 60 * 60, // 7 dias }, secret: process.env.NEXTAUTH_SECRET, };