matt
/
monacousa-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
monacousa-portal/server/api/auth/callback.get.ts

97 lines
3.0 KiB
TypeScript
Raw Normal View History

Initialize Nuxt.js project with Docker deployment setup - Add core Nuxt.js application structure with TypeScript - Include Docker configuration and deployment guide - Set up project scaffolding with pages, composables, and middleware - Add environment configuration and Git ignore rules
2025-08-06 14:31:16 +02:00
export default defineEventHandler(async (event) => {
Add debug logging and cookie domain configuration to auth flow - Add comprehensive logging to login and callback endpoints for debugging - Configure cookie domain from environment variable for cross-subdomain support - Update cookie security settings based on NODE_ENV - Add Keycloak configuration validation with detailed error logging
2025-08-07 03:17:25 +02:00
console.log('🔄 Callback endpoint called at:', new Date().toISOString());
Initialize Nuxt.js project with Docker deployment setup - Add core Nuxt.js application structure with TypeScript - Include Docker configuration and deployment guide - Set up project scaffolding with pages, composables, and middleware - Add environment configuration and Git ignore rules
2025-08-06 14:31:16 +02:00
const query = getQuery(event);
const { code, state } = query;
Add debug logging and cookie domain configuration to auth flow - Add comprehensive logging to login and callback endpoints for debugging - Configure cookie domain from environment variable for cross-subdomain support - Update cookie security settings based on NODE_ENV - Add Keycloak configuration validation with detailed error logging
2025-08-07 03:17:25 +02:00
console.log('📝 Callback query params:', {
hasCode: !!code,
hasState: !!state,
state: state ? 'present' : 'missing'
});
Initialize Nuxt.js project with Docker deployment setup - Add core Nuxt.js application structure with TypeScript - Include Docker configuration and deployment guide - Set up project scaffolding with pages, composables, and middleware - Add environment configuration and Git ignore rules
2025-08-06 14:31:16 +02:00
if (!code || !state) {
throw createError({
statusCode: 400,
statusMessage: 'Missing authorization code or state',
});
}
// Verify state
const storedState = getCookie(event, 'oauth-state');
if (state !== storedState) {
throw createError({
statusCode: 400,
statusMessage: 'Invalid state parameter',
});
}
try {
const keycloak = createKeycloakClient();
const sessionManager = createSessionManager();
// Exchange code for tokens
const tokens = await keycloak.exchangeCodeForTokens(code as string);
// Get user info
const userInfo = await keycloak.getUserInfo(tokens.access_token);
Replace all mock/placeholder data with real data systems - Added getUserCount() method to Keycloak admin for real user statistics - Replaced hardcoded userCount (25) with live Keycloak data in admin stats - Fixed board meeting API to query real events, removed Jan 15 2025 fallback - Updated board stats to count real events instead of hardcoded 3 - Created member-tiers service for proper tier determination - Created dues-calculator service for accurate dues tracking - Updated auth callback to use member-tiers service - Updated overdue-count API to use dues-calculator - Added data quality tracking with confidence levels - Added proper error handling - returns null/0 instead of fake data - Included source tracking for all data (live/calculated/fallback) 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-31 18:28:38 +02:00
// Use member-tiers service for proper tier determination
const { determineMemberTierByEmail, determineMemberTierFromKeycloak } = await import('~/server/utils/member-tiers');
// First try to determine tier by email (checks NocoDB and Keycloak)
const tierResult = await determineMemberTierByEmail(userInfo.email);
// Log tier determination for monitoring
console.log(`[auth-callback] Tier determination for ${userInfo.email}:`, {
tier: tierResult.tier,
source: tierResult.source,
confidence: tierResult.confidence,
reason: tierResult.reason
});
// Alert admin if tier confidence is low
if (tierResult.confidence === 'low') {
console.warn(`[auth-callback] Low confidence tier assignment for ${userInfo.email}. Manual review recommended.`);
}
Refactor authentication system with tier-based access control - Replace group-based auth with user/board/admin tier system - Add direct login functionality alongside OAuth - Implement role-based middleware for route protection - Create dashboard pages and admin API endpoints - Add error handling page and improved user management - Maintain backward compatibility with legacy role methods
2025-08-07 12:28:41 +02:00
Initialize Nuxt.js project with Docker deployment setup - Add core Nuxt.js application structure with TypeScript - Include Docker configuration and deployment guide - Set up project scaffolding with pages, composables, and middleware - Add environment configuration and Git ignore rules
2025-08-06 14:31:16 +02:00
// Create session
const sessionData = {
user: {
id: userInfo.sub,
email: userInfo.email,
Refactor authentication system with tier-based access control - Replace group-based auth with user/board/admin tier system - Add direct login functionality alongside OAuth - Implement role-based middleware for route protection - Create dashboard pages and admin API endpoints - Add error handling page and improved user management - Maintain backward compatibility with legacy role methods
2025-08-07 12:28:41 +02:00
name: userInfo.name || `${userInfo.given_name || ''} ${userInfo.family_name || ''}`.trim(),
firstName: userInfo.given_name,
lastName: userInfo.family_name,
username: userInfo.preferred_username,
Replace all mock/placeholder data with real data systems - Added getUserCount() method to Keycloak admin for real user statistics - Replaced hardcoded userCount (25) with live Keycloak data in admin stats - Fixed board meeting API to query real events, removed Jan 15 2025 fallback - Updated board stats to count real events instead of hardcoded 3 - Created member-tiers service for proper tier determination - Created dues-calculator service for accurate dues tracking - Updated auth callback to use member-tiers service - Updated overdue-count API to use dues-calculator - Added data quality tracking with confidence levels - Added proper error handling - returns null/0 instead of fake data - Included source tracking for all data (live/calculated/fallback) 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-31 18:28:38 +02:00
tier: tierResult.tier,
tierSource: tierResult.source, // Track where tier came from
Refactor authentication system with tier-based access control - Replace group-based auth with user/board/admin tier system - Add direct login functionality alongside OAuth - Implement role-based middleware for route protection - Create dashboard pages and admin API endpoints - Add error handling page and improved user management - Maintain backward compatibility with legacy role methods
2025-08-07 12:28:41 +02:00
groups: userInfo.groups || ['user'],
Initialize Nuxt.js project with Docker deployment setup - Add core Nuxt.js application structure with TypeScript - Include Docker configuration and deployment guide - Set up project scaffolding with pages, composables, and middleware - Add environment configuration and Git ignore rules
2025-08-06 14:31:16 +02:00
},
tokens: {
accessToken: tokens.access_token,
refreshToken: tokens.refresh_token,
expiresAt: Date.now() + (tokens.expires_in * 1000),
},
createdAt: Date.now(),
lastActivity: Date.now(),
};
const sessionCookie = sessionManager.createSession(sessionData);
// Set session cookie
setHeader(event, 'Set-Cookie', sessionCookie);
// Clear state cookie
deleteCookie(event, 'oauth-state');
return sendRedirect(event, '/dashboard');
} catch (error) {
console.error('Auth callback error:', error);
throw createError({
statusCode: 500,
statusMessage: 'Authentication failed',
});
}
});