import NextAuth from 'next-auth'
import EmailProvider from 'next-auth/providers/email'
import GitHubProvider from 'next-auth/providers/github'

import { PrismaAdapter } from "@next-auth/prisma-adapter"

import { prisma } from '../../../db/client';

const ADMIN_EMAIL = process.env.ADMIN_EMAIL
const GITHUB_USERS_GRANTED = ['111471']

export default NextAuth({
  secret: process.env.NEXTAUTH_SECRET,
  adapter: PrismaAdapter(prisma),
  providers: [
    GitHubProvider({
      clientId: process.env.GITHUB_CLIENT_ID,
      clientSecret: process.env.GITHUB_CLIENT_SECRET,
    }),
    EmailProvider({
      server: {
        host: 'smtp.sendgrid.net',
        port: 587,
        auth: {
          user: 'apikey',
          pass: process.env.SENDGRID_API_KEY,
        },
      },
      from: process.env.FROM_EMAIL,
    }),
  ],
  callbacks: {
    async signIn({ account, email }) {
      // if user sigin requested magic link via EmailProvider
      if (account?.provider === 'email') {
        if (email?.verificationRequest) {
          // only allow admins by email entered
          return account.providerAccountId === ADMIN_EMAIL
        }

        // if user accesses with magic link, also only allow admin
        return account.providerAccountId === ADMIN_EMAIL
      } else if (account?.provider === 'github') {
        // only one and only one user
        return GITHUB_USERS_GRANTED.includes(account.providerAccountId)
      }
      return false
    },
  },
});