88 lines
2.5 KiB
TypeScript
88 lines
2.5 KiB
TypeScript
export interface UnifiedUser {
|
|
id: string;
|
|
email: string;
|
|
name: string;
|
|
tier?: string;
|
|
authSource: 'keycloak' | 'directus';
|
|
raw: any;
|
|
}
|
|
|
|
export const useUnifiedAuth = () => {
|
|
// Get both auth systems
|
|
const directusAuth = useDirectusAuth();
|
|
const directusUser = useDirectusUser();
|
|
const oidc = useOidcAuth();
|
|
|
|
// Create unified user object
|
|
const user = computed<UnifiedUser | null>(() => {
|
|
// Check OIDC (Keycloak) user first
|
|
if (oidc.loggedIn?.value && oidc.user?.value) {
|
|
const oidcUser = oidc.user.value as any; // Type cast for flexibility
|
|
|
|
// Construct name from available fields
|
|
let name = oidcUser.name || oidcUser.preferred_username || oidcUser.email || 'User';
|
|
if (!name && (oidcUser.given_name || oidcUser.family_name)) {
|
|
name = `${oidcUser.given_name || ''} ${oidcUser.family_name || ''}`.trim();
|
|
}
|
|
|
|
return {
|
|
id: oidcUser.sub || oidcUser.id || 'unknown',
|
|
email: oidcUser.email || '',
|
|
name: name,
|
|
tier: 'basic', // Could be enhanced with Keycloak attributes
|
|
authSource: 'keycloak',
|
|
raw: oidcUser
|
|
};
|
|
}
|
|
|
|
// Fall back to Directus user
|
|
if (directusUser.value && directusUser.value.email) {
|
|
return {
|
|
id: directusUser.value.id,
|
|
email: directusUser.value.email,
|
|
name: `${directusUser.value.first_name || ''} ${directusUser.value.last_name || ''}`.trim() || directusUser.value.email,
|
|
tier: directusUser.value.tier || 'basic',
|
|
authSource: 'directus',
|
|
raw: directusUser.value
|
|
};
|
|
}
|
|
|
|
return null;
|
|
});
|
|
|
|
// Unified logout function
|
|
const logout = async () => {
|
|
if (user.value?.authSource === 'keycloak') {
|
|
// OIDC logout
|
|
await oidc.logout();
|
|
} else if (user.value?.authSource === 'directus') {
|
|
// Directus logout
|
|
await directusAuth.logout();
|
|
await navigateTo('/login');
|
|
}
|
|
};
|
|
|
|
// Check if user is authenticated
|
|
const isAuthenticated = computed(() => !!user.value);
|
|
|
|
// Get auth source
|
|
const authSource = computed(() => user.value?.authSource);
|
|
|
|
// Check if user has specific tier
|
|
const hasTier = (tier: string) => {
|
|
return user.value?.tier === tier;
|
|
};
|
|
|
|
// Check if user is admin
|
|
const isAdmin = computed(() => hasTier('admin'));
|
|
|
|
return {
|
|
user: readonly(user),
|
|
logout,
|
|
isAuthenticated: readonly(isAuthenticated),
|
|
authSource: readonly(authSource),
|
|
hasTier,
|
|
isAdmin: readonly(isAdmin),
|
|
};
|
|
};
|