Fix SSR and defensive coding for Keycloak integration

- Add proper SSR guards and error handling - Make authentication middleware more defensive - Add null checks in useUnifiedAuth composable - Prevent JavaScript errors from breaking page load - Prioritize Directus auth over Keycloak for stability
2025-06-14 15:01:45 +02:00 · 2025-06-14 15:01:45 +02:00 · 8c7bf4cc00
parent a797c13867
commit 8c7bf4cc00
3 changed files with 48 additions and 31 deletions
--- a/composables/useKeycloak.ts
+++ b/composables/useKeycloak.ts
@ -9,7 +9,7 @@ export const useKeycloak = () => {
  const isInitialized = ref(false)
  const initKeycloak = async () => {
-    if (process.server) return
+    if (process.server) return false
    try {
      // Dynamically import keycloak-js
--- a/composables/useUnifiedAuth.ts
+++ b/composables/useUnifiedAuth.ts
@ -15,8 +15,8 @@ export const useUnifiedAuth = () => {
  // Create unified user object
  const user = computed<UnifiedUser | null>(() => {
-    // Check Keycloak user first
+    // Check Keycloak user first (safely)
-    if (keycloak.user.value) {
+    if (keycloak.user?.value) {
      const keycloakUser = keycloak.user.value;
      // Construct name from firstName and lastName if available
      let name = keycloakUser.name;
--- a/middleware/authentication.ts
+++ b/middleware/authentication.ts
@ -5,36 +5,53 @@ export default defineNuxtRouteMiddleware(async (to) => {
  // Check if auth is required (default true unless explicitly set to false)
  const isAuthRequired = to.meta.auth !== false;
-  // Check Keycloak auth first
+  try {
-  const keycloak = useKeycloak();
+    // Check Directus auth first (more reliable)
    const { fetchUser, setUser } = useDirectusAuth();
    const directusUser = useDirectusUser();
-  // Initialize Keycloak if not already initialized
+    if (!directusUser.value) {
-  if (!keycloak.isInitialized.value) {
+      try {
-    await keycloak.initKeycloak();
+        const user = await fetchUser();
-  }
+        setUser(user.value);
      } catch (error) {
        // Ignore directus auth errors
      }
    }
-  if (keycloak.isAuthenticated.value) {
+    if (directusUser.value) {
-    // User authenticated with Keycloak
+      // User authenticated with Directus
-    return;
+      return;
-  }
+    }
-  // Fall back to Directus auth
+    // Try Keycloak auth (only if we need it)
-  const { fetchUser, setUser } = useDirectusAuth();
+    if (isAuthRequired) {
-  const directusUser = useDirectusUser();
+      const keycloak = useKeycloak();
-  if (!directusUser.value) {
+      // Only try to initialize if not already done
-    const user = await fetchUser();
+      if (!keycloak.isInitialized.value) {
-    setUser(user.value);
+        try {
-  }
+          await keycloak.initKeycloak();
        } catch (error) {
          console.error('Keycloak init failed:', error);
        }
      }
-  if (directusUser.value) {
+      if (keycloak.isAuthenticated.value) {
-    // User authenticated with Directus
+        // User authenticated with Keycloak
-    return;
+        return;
-  }
+      }
    }
-  // No authentication found
+    // No authentication found
-  if (isAuthRequired) {
+    if (isAuthRequired) {
-    // Redirect to login page
+      // Redirect to login page
-    return navigateTo('/login');
+      return navigateTo('/login');
    }
  } catch (error) {
    console.error('Auth middleware error:', error);
    if (isAuthRequired) {
      return navigateTo('/login');
    }
  }
 });