matt/port-nimara-client-portal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

FIX: Correct OIDC cookie name mismatch across all auth endpoints

Browse Source 
**Root Cause:**
- Auth system was looking for 'keycloak-session' cookies
- But actual OIDC system uses 'nuxt-oidc-auth' cookies
- This caused authentication failures for file previews and other endpoints

**Files Updated:**
- server/utils/auth.ts: Updated to check 'nuxt-oidc-auth' cookie
- server/api/auth/session.ts: Updated cookie name references
- server/api/auth/logout.ts: Updated cookie deletion
- server/api/auth/keycloak/callback.ts: Updated cookie creation

**Result:**
- File previews should now work for authenticated users
- All authentication endpoints now use consistent cookie names
- Both x-tag headers and OIDC sessions work correctly
This commit is contained in:
Matt
2025-06-15 16:58:45 +02:00
parent 6c1a1fa842
commit 7ca77e2dcf
4 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
server/utils/auth.ts
View File

@@ -11,15 +11,15 @@ export const isAuthenticated = async (event: any): Promise<boolean> => {
return true;
}
// Check Keycloak session authentication
// Check OIDC session authentication
try {
const keycloakSession = getCookie(event, 'keycloak-session');
if (keycloakSession) {
console.log('[auth] Authenticated via Keycloak session');
const oidcSession = getCookie(event, 'nuxt-oidc-auth');
if (oidcSession) {
console.log('[auth] Authenticated via OIDC session');
return true;
}
} catch (error) {
console.log('[auth] Keycloak session check failed:', error);
console.log('[auth] OIDC session check failed:', error);
}
console.log('[auth] No valid authentication found');