implement authentik auth

src/auth.ts

@@ -0,0 +1,56 @@
+import NextAuth, { NextAuthConfig } from "next-auth";
+import Authentik from "next-auth/providers/authentik";
+import type { Provider } from "next-auth/providers";
+
+const providers: Provider[] = [
+	Authentik({
+		clientId: process.env.AUTH_AUTHENTIK_CLIENT_ID,
+		clientSecret: process.env.AUTH_AUTHENTIK_CLIENT_SECRET,
+		issuer: process.env.AUTH_AUTHENTIK_ISSUER,
+		authorization: {
+			params: {
+				scope: "openid email profile",
+			},
+		},
+		profile(profile) {
+			return {
+				id: profile.sub,
+				name: profile.name,
+				email: profile.email,
+				image: profile.picture,
+			};
+		},
+	}),
+];
+
+export const providerMap = providers.map((provider) => {
+	if (typeof provider === "function") {
+		const providerData = provider();
+		return { id: providerData.id, name: providerData.name };
+	} else {
+		return { id: provider.id, name: provider.name };
+	}
+});
+
+const config = {
+	providers,
+	pages: {
+		signIn: "/signin",
+		signOut: "/signout",
+	},
+	// callbacks: {
+	// 	authorized({ auth, request: { nextUrl } }) {
+	// 		const isLoggedIn = !!auth?.user;
+	// 		const isOnProtectedRoute = nextUrl.pathname.startsWith("/api/ai-event");
+	//
+	// 		if (isOnProtectedRoute) {
+	// 			if (isLoggedIn) return true;
+	// 			return false;
+	// 		} else if (isLoggedIn) {
+	// 			return Response.redirect(new URL("/api/ai-event", nextUrl));
+	// 		}
+	// 		return true;
+	// 	},
+	// },
+} satisfies NextAuthConfig;
+export const { handlers, signIn, signOut, auth } = NextAuth(config);