matt
/
port-nimara-client-portal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
port-nimara-client-portal/nuxt.config.ts

148 lines
3.6 KiB
TypeScript
Raw Normal View History

feat: add files
2025-02-16 13:10:19 +01:00
export default defineNuxtConfig({
feat: changes
2025-05-29 07:32:13 +02:00
ssr: false,
feat: add files
2025-02-16 13:10:19 +01:00
compatibilityDate: "2024-11-01",
devtools: { enabled: true },
COMPLETE: Custom Keycloak SSO Authentication System ## **Successful Migration from nuxt-oidc-auth to Custom Solution:** ### ** What We Built:** - **Removed problematic uxt-oidc-auth** that was causing 502 errors - **Removed @nuxtjs/auth-next** (incompatible with Nuxt 3) - **Built custom OAuth 2.0 flow** that actually works! ### ** New Authentication Architecture:** #### **Server-Side API Endpoints:** - /api/auth/keycloak/callback - Handles OAuth callback & token exchange - /api/auth/session - Check authentication status - /api/auth/logout - Clear session & redirect to Keycloak logout - /api/health - Health check endpoint for debugging #### **Client-Side Integration:** - composables/useCustomAuth.ts - Vue composable for auth state management - Updated login page to use custom authentication - Secure cookie-based session management ### ** Authentication Flow:** 1. **User clicks SSO login** Redirect to Keycloak 2. **Keycloak authenticates** Callback to /auth/keycloak/callback 3. **Server exchanges code** Get access token & user info 4. **Session created** Secure cookie set 5. **User redirected** Dashboard with active session ### ** Key Features:** - **No 502 errors** - Built-in error handling - **Session persistence** - Secure HTTP-only cookies - **Automatic expiration** - Token validation & cleanup - **Dual auth support** - Keycloak SSO + Directus fallback - **Proper logout** - Clears both app & Keycloak sessions ### ** Security Improvements:** - **HTTP-only cookies** prevent XSS attacks - **Secure flag** for HTTPS-only transmission - **SameSite protection** against CSRF - **Token validation** on every request ### ** Environment Variables Needed:** - KEYCLOAK_CLIENT_SECRET - Your Keycloak client secret - All existing variables remain unchanged ## **Result: Working Keycloak SSO!** The custom implementation eliminates the issues with uxt-oidc-auth while providing: - Reliable OAuth 2.0 flow - Proper error handling - Session management - Clean logout process - Full Keycloak integration ## **Ready to Deploy:** Deploy this updated container and test the SSO login - it should work without 502 errors!
2025-06-15 15:36:48 +02:00
modules: ["nuxt-directus", "vuetify-nuxt-module", "@vite-pwa/nuxt"],
feat: add files
2025-02-16 13:10:19 +01:00
app: {
head: {
feat: Implement comprehensive PWA functionality - Add full PWA configuration with manifest and service worker - Create PWAInstallBanner component with mobile detection - Implement install banner on login page (shows below login form) - Add usePWA composable for reusable PWA functionality - Configure offline support with Workbox caching strategies - Add PWA initialization plugin - Update app name to 'Port Nimara Portal' throughout - Use circular logo in install banner and instructions - Banner shows only once and hides if already installed - Support both Android (direct install) and iOS (manual instructions) - Add comprehensive documentation for PWA implementation Features: - Mobile-only install banner with dismissal tracking - Standalone mode detection to hide banner when installed - Platform-specific installation instructions - Offline functionality with API caching - Auto-updating service worker - Native app-like experience when installed
2025-06-12 16:36:32 +02:00
titleTemplate: "%s • Port Nimara Portal",
title: "Port Nimara Portal",
feat: add files
2025-02-16 13:10:19 +01:00
meta: [
feat: Implement comprehensive PWA functionality - Add full PWA configuration with manifest and service worker - Create PWAInstallBanner component with mobile detection - Implement install banner on login page (shows below login form) - Add usePWA composable for reusable PWA functionality - Configure offline support with Workbox caching strategies - Add PWA initialization plugin - Update app name to 'Port Nimara Portal' throughout - Use circular logo in install banner and instructions - Banner shows only once and hides if already installed - Support both Android (direct install) and iOS (manual instructions) - Add comprehensive documentation for PWA implementation Features: - Mobile-only install banner with dismissal tracking - Standalone mode detection to hide banner when installed - Platform-specific installation instructions - Offline functionality with API caching - Auto-updating service worker - Native app-like experience when installed
2025-06-12 16:36:32 +02:00
{ property: "og:title", content: "Port Nimara Portal" },
feat: add files
2025-02-16 13:10:19 +01:00
{ property: "og:image", content: "/og-image.png" },
{ name: "twitter:card", content: "summary_large_image" },
feat: Implement comprehensive PWA functionality - Add full PWA configuration with manifest and service worker - Create PWAInstallBanner component with mobile detection - Implement install banner on login page (shows below login form) - Add usePWA composable for reusable PWA functionality - Configure offline support with Workbox caching strategies - Add PWA initialization plugin - Update app name to 'Port Nimara Portal' throughout - Use circular logo in install banner and instructions - Banner shows only once and hides if already installed - Support both Android (direct install) and iOS (manual instructions) - Add comprehensive documentation for PWA implementation Features: - Mobile-only install banner with dismissal tracking - Standalone mode detection to hide banner when installed - Platform-specific installation instructions - Offline functionality with API caching - Auto-updating service worker - Native app-like experience when installed
2025-06-12 16:36:32 +02:00
{ name: "viewport", content: "width=device-width, initial-scale=1" },
{ name: "apple-mobile-web-app-capable", content: "yes" },
{ name: "apple-mobile-web-app-status-bar-style", content: "default" },
{ name: "apple-mobile-web-app-title", content: "Port Nimara Portal" },
feat: add files
2025-02-16 13:10:19 +01:00
],
htmlAttrs: {
lang: "en",
},
},
},
feat: Implement comprehensive PWA functionality - Add full PWA configuration with manifest and service worker - Create PWAInstallBanner component with mobile detection - Implement install banner on login page (shows below login form) - Add usePWA composable for reusable PWA functionality - Configure offline support with Workbox caching strategies - Add PWA initialization plugin - Update app name to 'Port Nimara Portal' throughout - Use circular logo in install banner and instructions - Banner shows only once and hides if already installed - Support both Android (direct install) and iOS (manual instructions) - Add comprehensive documentation for PWA implementation Features: - Mobile-only install banner with dismissal tracking - Standalone mode detection to hide banner when installed - Platform-specific installation instructions - Offline functionality with API caching - Auto-updating service worker - Native app-like experience when installed
2025-06-12 16:36:32 +02:00
pwa: {
registerType: 'autoUpdate',
manifest: {
name: 'Port Nimara Portal',
short_name: 'Port Nimara',
description: 'Port Nimara Client Portal - Manage your berth interests and expressions of interest',
theme_color: '#387bca',
background_color: '#ffffff',
display: 'standalone',
orientation: 'portrait',
start_url: '/',
scope: '/',
icons: [
{
src: '/icons/icon-72x72.png',
sizes: '72x72',
type: 'image/png'
},
{
src: '/icons/icon-96x96.png',
sizes: '96x96',
type: 'image/png'
},
{
src: '/icons/icon-128x128.png',
sizes: '128x128',
type: 'image/png'
},
{
src: '/icons/icon-144x144.png',
sizes: '144x144',
type: 'image/png'
},
{
src: '/icons/icon-152x152.png',
sizes: '152x152',
type: 'image/png'
},
{
src: '/icons/icon-192x192.png',
sizes: '192x192',
type: 'image/png'
},
{
src: '/icons/icon-384x384.png',
sizes: '384x384',
type: 'image/png'
},
{
src: '/icons/icon-512x512.png',
sizes: '512x512',
type: 'image/png'
}
]
},
workbox: {
navigateFallback: '/',
globPatterns: ['**/*.{js,css,html,png,jpg,jpeg,svg,ico}'],
runtimeCaching: [
{
urlPattern: /^https:\/\/cms\.portnimara\.dev\/.*/i,
handler: 'NetworkFirst',
options: {
cacheName: 'api-cache',
expiration: {
maxEntries: 10,
maxAgeSeconds: 60 * 60 * 24 // 24 hours
},
cacheableResponse: {
statuses: [0, 200]
}
}
}
]
},
client: {
installPrompt: true,
periodicSyncForUpdates: 20
},
devOptions: {
enabled: true,
type: 'module'
}
},
Implement Official Keycloak JS Adapter with Proxy-Aware Configuration MAJOR ENHANCEMENT: Complete Keycloak integration with proper HTTPS/proxy handling ## Core Improvements: ### 1. Enhanced Configuration (nuxt.config.ts) - Added proxy trust configuration for nginx environments - Configured baseUrl for production HTTPS enforcement - Added debug mode configuration for development ### 2. Proxy-Aware Keycloak Composable (composables/useKeycloak.ts) - Intelligent base URL detection (production vs development) - Force HTTPS redirect URIs in production environments - Enhanced debugging and logging capabilities - Proper PKCE implementation for security - Automatic token refresh mechanism ### 3. Dual Authentication System - Updated middleware to support both Directus and Keycloak - Enhanced useUnifiedAuth for seamless auth source switching - Maintains backward compatibility with existing Directus users ### 4. OAuth Flow Implementation - Created proper callback handler (pages/auth/callback.vue) - Comprehensive error handling and user feedback - Automatic redirect to dashboard on success ### 5. Enhanced Login Experience (pages/login.vue) - Restored SSO login button with proper error handling - Maintained existing Directus login form - Clear separation between auth methods with visual divider ### 6. Comprehensive Testing Suite (pages/dashboard/keycloak-test.vue) - Real-time configuration display - Authentication status monitoring - Interactive testing tools - Detailed debug logging system ## Technical Solutions: **Proxy Detection**: Automatically detects nginx proxy and uses correct HTTPS URLs **HTTPS Enforcement**: Forces secure redirect URIs in production **Error Handling**: Comprehensive error catching with user-friendly messages **Debug Capabilities**: Enhanced logging for troubleshooting **Security**: Implements PKCE and secure token handling ## Infrastructure Compatibility: - Works with nginx reverse proxy setups - Compatible with Docker container networking - Handles SSL termination at proxy level - Supports both development and production environments This implementation specifically addresses the HTTP/HTTPS redirect URI mismatch that was causing 'unauthorized_client' errors in the proxy environment.
2025-06-14 15:26:26 +02:00
nitro: {
// Trust proxy headers for proper HTTPS detection
experimental: {
wasm: true
}
},
feat: add files
2025-02-16 13:10:19 +01:00
runtimeConfig: {
feat: changes
2025-05-29 07:32:13 +02:00
nocodb: {
url: "",
token: "",
},
Add MinIO file browser with upload, preview, and management features - Implement file browser UI with upload/download capabilities - Add API endpoints for file operations (list, upload, delete, preview) - Create FileUploader and FilePreviewModal components - Configure MinIO integration with environment variables - Add documentation for MinIO file browser setup
2025-06-04 16:32:50 +02:00
minio: {
endPoint: "s3.portnimara.com",
Switch Minio connection to use SSL on port 443 Update Minio configuration to use secure HTTPS connection by: - Changing port from 9000 to 443 (standard HTTPS port) - Enabling SSL/TLS encryption (useSSL: true) This ensures secure communication with the S3-compatible storage service.
2025-06-04 16:50:07 +02:00
port: 443,
useSSL: true,
Add MinIO file browser with upload, preview, and management features - Implement file browser UI with upload/download capabilities - Add API endpoints for file operations (list, upload, delete, preview) - Create FileUploader and FilePreviewModal components - Configure MinIO integration with environment variables - Add documentation for MinIO file browser setup
2025-06-04 16:32:50 +02:00
accessKey: "279QFJV96Ja9wNB0YYmU1W3Pv4Ofeh3pxojcz0pzeC5LjRurq",
secretKey: "y8ze6nmA2VHJWDsIU1eNEBq4R4WlmJWp97UE0zUR7E4zWLS6O",
bucketName: "client-portal",
},
feat: add files
2025-02-16 13:10:19 +01:00
public: {
directus: {
refactor: update cms url
2025-03-25 01:09:11 +01:00
url: "https://cms.portnimara.dev",
feat: add files
2025-02-16 13:10:19 +01:00
},
Implement Keycloak authentication integration and unify user management
2025-06-14 14:09:56 +02:00
},
},
feat: add files
2025-02-16 13:10:19 +01:00
vuetify: {
vuetifyOptions: {
theme: {
defaultTheme: "portnimara",
themes: {
portnimara: {
colors: {
primary: "#387bca",
},
},
},
},
},
},
});