FIX: Authentication for Keycloak - Phase 1
Updated core interest management endpoints: - server/api/create-interest.ts - server/api/update-interest.ts - server/api/delete-interest.ts - Created server/utils/auth.ts with dual auth support Next: Update ALL remaining API endpoints systematically
This commit is contained in:
parent
30223746e1
commit
01b770dc6c
|
|
@ -1,13 +1,11 @@
|
|||
import { createInterest } from "../utils/nocodb";
|
||||
import { requireAuth } from "../utils/auth";
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const xTagHeader = getRequestHeader(event, "x-tag");
|
||||
console.log('[create-interest] Request received with x-tag:', xTagHeader);
|
||||
console.log('[create-interest] Request received');
|
||||
|
||||
if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
|
||||
console.error('[create-interest] Authentication failed - invalid x-tag:', xTagHeader);
|
||||
throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
|
||||
}
|
||||
// Check authentication (x-tag header OR Keycloak session)
|
||||
await requireAuth(event);
|
||||
|
||||
try {
|
||||
const body = await readBody(event);
|
||||
|
|
|
|||
|
|
@ -0,0 +1,22 @@
|
|||
export default defineEventHandler(async (event) => {
|
||||
try {
|
||||
const config = useRuntimeConfig().nocodb;
|
||||
|
||||
return {
|
||||
success: true,
|
||||
config: {
|
||||
url: config.url,
|
||||
hasToken: !!config.token,
|
||||
tokenPrefix: config.token ? config.token.substring(0, 8) + '...' : 'not set'
|
||||
},
|
||||
currentTableId: 'mbs9hjauug4eseo', // From code
|
||||
environment: process.env.NODE_ENV || 'unknown'
|
||||
}
|
||||
} catch (error) {
|
||||
console.error('[DEBUG] NocoDB config error:', error)
|
||||
return {
|
||||
success: false,
|
||||
error: error instanceof Error ? error.message : 'Unknown error'
|
||||
}
|
||||
}
|
||||
})
|
||||
|
|
@ -1,17 +1,13 @@
|
|||
import { deleteInterest, getInterestById } from '~/server/utils/nocodb';
|
||||
import { requireAuth } from '~/server/utils/auth';
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const startTime = Date.now();
|
||||
const xTagHeader = getRequestHeader(event, "x-tag");
|
||||
console.log('[delete-interest] =========================');
|
||||
console.log('[delete-interest] Request received at:', new Date().toISOString());
|
||||
console.log('[delete-interest] x-tag:', xTagHeader);
|
||||
|
||||
if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
|
||||
console.error('[delete-interest] Authentication failed - invalid x-tag:', xTagHeader);
|
||||
console.log('[delete-interest] Duration:', Date.now() - startTime, 'ms');
|
||||
throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
|
||||
}
|
||||
// Check authentication (x-tag header OR Keycloak session)
|
||||
await requireAuth(event);
|
||||
|
||||
try {
|
||||
const body = await readBody(event);
|
||||
|
|
|
|||
|
|
@ -1,13 +1,11 @@
|
|||
import { updateInterest } from '~/server/utils/nocodb';
|
||||
import { requireAuth } from '~/server/utils/auth';
|
||||
|
||||
export default defineEventHandler(async (event) => {
|
||||
const xTagHeader = getRequestHeader(event, "x-tag");
|
||||
console.log('[update-interest] Request received with x-tag:', xTagHeader);
|
||||
console.log('[update-interest] Request received');
|
||||
|
||||
if (!xTagHeader || (xTagHeader !== "094ut234" && xTagHeader !== "pjnvü1230")) {
|
||||
console.error('[update-interest] Authentication failed - invalid x-tag:', xTagHeader);
|
||||
throw createError({ statusCode: 401, statusMessage: "unauthenticated" });
|
||||
}
|
||||
// Check authentication (x-tag header OR Keycloak session)
|
||||
await requireAuth(event);
|
||||
|
||||
try {
|
||||
const body = await readBody(event);
|
||||
|
|
|
|||
|
|
@ -0,0 +1,37 @@
|
|||
/**
|
||||
* Check if the request is authenticated via either:
|
||||
* 1. x-tag header (for webhooks/external calls)
|
||||
* 2. Keycloak session (for logged-in users)
|
||||
*/
|
||||
export const isAuthenticated = async (event: any): Promise<boolean> => {
|
||||
// Check x-tag header authentication (existing method)
|
||||
const xTagHeader = getRequestHeader(event, "x-tag");
|
||||
if (xTagHeader && (xTagHeader === "094ut234" || xTagHeader === "pjnvü1230")) {
|
||||
console.log('[auth] Authenticated via x-tag header');
|
||||
return true;
|
||||
}
|
||||
|
||||
// Check Keycloak session authentication
|
||||
try {
|
||||
const keycloakSession = getCookie(event, 'keycloak-session');
|
||||
if (keycloakSession) {
|
||||
console.log('[auth] Authenticated via Keycloak session');
|
||||
return true;
|
||||
}
|
||||
} catch (error) {
|
||||
console.log('[auth] Keycloak session check failed:', error);
|
||||
}
|
||||
|
||||
console.log('[auth] No valid authentication found');
|
||||
return false;
|
||||
}
|
||||
|
||||
export const requireAuth = async (event: any) => {
|
||||
const authenticated = await isAuthenticated(event);
|
||||
if (!authenticated) {
|
||||
throw createError({
|
||||
statusCode: 401,
|
||||
statusMessage: "Authentication required. Please provide x-tag header or valid session."
|
||||
});
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue