matt
/
port-nimara-client-portal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
166 Commits 1 Branch 0 Tags 2.5 MiB
TypeScript 51.5%
Vue 48.5%
Go to file
Matt c094fdd25b CRITICAL FIX: Enhanced OIDC session configuration for Keycloak authentication 
##  **Session Management Improvements:**

### **OIDC Configuration (nuxt.config.ts):**
-  Added proper session configuration with automatic refresh
-  Configured secure cookies for HTTPS production environment
-  Added OAuth scopes: ['openid', 'profile', 'email']
-  Set proper response type and grant type for Keycloak
-  Added session expiration checking and automatic refresh

### **Session Cookie Settings:**
- sameSite: 'lax' - Required for cross-domain OAuth redirects
- secure: true - Required for HTTPS in production
- expirationThreshold: 60 - Refresh tokens 60 seconds before expiry

### **Debug Tools:**
-  Added /api/debug/oidc-session endpoint to monitor session state
- Tracks cookie presence and session establishment
- Safe debugging without exposing sensitive tokens

##  **Problem Being Solved:**
User authentication succeeds with Keycloak but session expires immediately,
causing redirect back to login page instead of dashboard access.

##  **Root Cause Analysis:**
- Sessions were not being established properly after OAuth callback
- Cookie configuration was not optimized for HTTPS/production
- Missing proper OAuth scopes and session refresh configuration

##  **Expected Results:**
 Successful Keycloak authentication should now persist session
 Users should be redirected to dashboard after login
 Sessions should automatically refresh before expiry
 No more immediate redirects back to login page

##  **Next Steps:**
1. Rebuild container in Portainer with these session fixes
2. Test authentication flow end-to-end
3. Use debug endpoint to verify session establishment
4. Monitor container logs for OIDC session activity
 		2025-06-14 16:17:58 +02:00
.gitea/workflows build: add workflow 2025-02-16 20:32:34 +02:00
components Update logo references and email logo URL in configuration 2025-06-13 13:36:14 +02:00
composables MAJOR: Replace keycloak-js with nuxt-oidc-auth for seamless SSO integration 2025-06-14 15:58:03 +02:00
docs Implement Keycloak authentication integration and unify user management 2025-06-14 14:09:56 +02:00
middleware MAJOR: Replace keycloak-js with nuxt-oidc-auth for seamless SSO integration 2025-06-14 15:58:03 +02:00
pages 🔧 FIX: Disable OIDC global middleware to prevent redirect loops 2025-06-14 16:07:01 +02:00
plugins feat: Implement comprehensive PWA functionality 2025-06-12 16:36:32 +02:00
public Feat: Complete EOI improvements and PWA implementation 2025-06-12 16:16:30 +02:00
server CRITICAL FIX: Enhanced OIDC session configuration for Keycloak authentication 2025-06-14 16:17:58 +02:00
static feat: add files 2025-02-16 14:10:19 +02:00
utils fixes 2025-06-12 16:26:10 +02:00
.dockerignore feat: add files 2025-02-16 14:10:19 +02:00
.env.example MAJOR: Replace keycloak-js with nuxt-oidc-auth for seamless SSO integration 2025-06-14 15:58:03 +02:00
.gitignore feat: add files 2025-02-16 14:10:19 +02:00
Dockerfile REVERT Network Updates 2025-06-12 21:54:47 +02:00
README.md feat: add files 2025-02-16 14:10:19 +02:00
app.vue feat: add interest button 2025-06-03 22:04:22 +03:00
nuxt.config.ts CRITICAL FIX: Enhanced OIDC session configuration for Keycloak authentication 2025-06-14 16:17:58 +02:00
package-lock.json MAJOR: Replace keycloak-js with nuxt-oidc-auth for seamless SSO integration 2025-06-14 15:58:03 +02:00
package.json MAJOR: Replace keycloak-js with nuxt-oidc-auth for seamless SSO integration 2025-06-14 15:58:03 +02:00
tsconfig.json feat: add files 2025-02-16 14:10:19 +02:00

README.md

Client Portal

Commands

  • npm run dev to start development

Tech Stack

  • Node.js
  • Nuxt
  • Directus
  • Vuetify