17th-Ranger-Battalion-ORG/milsim-site-v4
8
1
Fork 0
Code Issues 36 Pull Requests 2 Actions Packages Projects 1 Releases 16 Wiki Activity

overhauled mock auth solution

Browse Source
This commit is contained in:
ajdj100
2026-01-26 01:14:19 -05:00
parent b4fcb1a366
commit 083ddc345b
3 changed files with 133 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
api/package-lock.json generated
View File

@@ -20,6 +20,7 @@
"morgan": "^1.10.1", "morgan": "^1.10.1",
"mysql2": "^3.14.3", "mysql2": "^3.14.3",
"passport": "^0.7.0", "passport": "^0.7.0",
"passport-custom": "^1.1.1",
"passport-openidconnect": "^0.1.2" "passport-openidconnect": "^0.1.2"
}, },
"devDependencies": { "devDependencies": {
@@ -3037,6 +3038,18 @@
"url": "https://github.com/sponsors/jaredhanson" "url": "https://github.com/sponsors/jaredhanson"
} }
}, },
"node_modules/passport-custom": {
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/passport-custom/-/passport-custom-1.1.1.tgz",
"integrity": "sha512-/2m7jUGxmCYvoqenLB9UrmkCgPt64h8ZtV+UtuQklZ/Tn1NpKBeOorCYkB/8lMRoiZ5hUrCoMmDtxCS/d38mlg==",
"license": "MIT",
"dependencies": {
"passport-strategy": "1.x.x"
},
"engines": {
"node": ">= 0.10.0"
}
},
"node_modules/passport-openidconnect": { "node_modules/passport-openidconnect": {
"version": "0.1.2", "version": "0.1.2",
"resolved": "https://registry.npmjs.org/passport-openidconnect/-/passport-openidconnect-0.1.2.tgz", "resolved": "https://registry.npmjs.org/passport-openidconnect/-/passport-openidconnect-0.1.2.tgz",

3
api/package.json
View File

@@ -11,13 +11,11 @@
"dev": "tsc && tsc-alias && node ./built/api/src/index.js", "dev": "tsc && tsc-alias && node ./built/api/src/index.js",
"prod": "tsc && tsc-alias && node ./built/api/src/index.js", "prod": "tsc && tsc-alias && node ./built/api/src/index.js",
"build": "tsc && tsc-alias", "build": "tsc && tsc-alias",
"migrate": "node ./scripts/migrate.js", "migrate": "node ./scripts/migrate.js",
"migrate:create": "npm run migrate -- create -ext sql -dir /migrations", "migrate:create": "npm run migrate -- create -ext sql -dir /migrations",
"migrate:seed": "node ./scripts/seed.js", "migrate:seed": "node ./scripts/seed.js",
"migrate:up": "npm run migrate -- up", "migrate:up": "npm run migrate -- up",
"migrate:down": "npm run migrate -- down 1" "migrate:down": "npm run migrate -- down 1"
}, },
"dependencies": { "dependencies": {
"@sentry/node": "^10.27.0", "@sentry/node": "^10.27.0",
@@ -31,6 +29,7 @@
"morgan": "^1.10.1", "morgan": "^1.10.1",
"mysql2": "^3.14.3", "mysql2": "^3.14.3",
"passport": "^0.7.0", "passport": "^0.7.0",
"passport-custom": "^1.1.1",
"passport-openidconnect": "^0.1.2" "passport-openidconnect": "^0.1.2"
}, },
"devDependencies": { "devDependencies": {

46
api/src/routes/auth.ts
View File

@@ -15,6 +15,7 @@ import { logger } from '../services/logging/logger';
const querystring = require('querystring'); const querystring = require('querystring');
import { performance } from 'perf_hooks'; import { performance } from 'perf_hooks';
import { CacheService } from '../services/cache/cache'; import { CacheService } from '../services/cache/cache';
import { Strategy as CustomStrategy } from 'passport-custom';
function parseJwt(token) { function parseJwt(token) {
@@ -33,7 +34,13 @@ const devLogin = (req: any, res: any, next: any) => {
}); });
}; };
passport.use(new OpenIDConnectStrategy({ if (process.env.AUTH_MODE === "mock") {
passport.use('mock', new CustomStrategy(async (req, done) => {
const mockUser = { memberId: 1 };
return done(null, mockUser);
}))
} else {
passport.use('oidc', new OpenIDConnectStrategy({
issuer: process.env.AUTH_ISSUER, issuer: process.env.AUTH_ISSUER,
authorizationURL: process.env.AUTH_DOMAIN + '/authorize/', authorizationURL: process.env.AUTH_DOMAIN + '/authorize/',
tokenURL: process.env.AUTH_DOMAIN + '/token/', tokenURL: process.env.AUTH_DOMAIN + '/token/',
@@ -136,22 +143,28 @@ passport.use(new OpenIDConnectStrategy({
if (con) con.release(); if (con) con.release();
} }
})); }));
router.get('/login', (req, res, next) => {
// Store redirect target in session if provided
req.session.redirectTo = req.query.redirect;
if (process.env.AUTH_MODE === 'mock') {
return devLogin(req, res, next);
} }
next(); router.get('/login', (req, res, next) => {
}, passport.authenticate('openidconnect')); req.session.redirectTo = req.query.redirect as string;
const strategy = process.env.AUTH_MODE === 'mock' ? 'mock' : 'oidc';
passport.authenticate(strategy, {
successRedirect: (req.session.redirectTo || process.env.CLIENT_URL),
failureRedirect: '/login'
})(req, res, next);
});
router.get('/callback', (req, res, next) => { router.get('/callback', (req, res, next) => {
//escape if mocked
if (process.env.AUTH_MODE === 'mock') {
return res.redirect(process.env.CLIENT_URL || '/');
}
const redirectURI = req.session.redirectTo; const redirectURI = req.session.redirectTo;
passport.authenticate('openidconnect', (err, user) => { passport.authenticate('oidc', (err, user) => {
if (err) return next(err); if (err) return next(err);
if (!user) return res.redirect(process.env.CLIENT_URL); if (!user) return res.redirect(process.env.CLIENT_URL);
@@ -181,12 +194,21 @@ router.get('/logout', [requireLogin], function (req, res, next) {
sameSite: 'lax' sameSite: 'lax'
}); });
if (process.env.AUTH_MODE === 'mock') {
return res.redirect(process.env.CLIENT_URL || '/');
}
var params = { var params = {
client_id: process.env.AUTH_CLIENT_ID, client_id: process.env.AUTH_CLIENT_ID,
returnTo: process.env.CLIENT_URL returnTo: process.env.CLIENT_URL
}; };
res.redirect(process.env.AUTH_END_SESSION_URI + '?' + querystring.stringify(params)); const endSessionUri = process.env.AUTH_END_SESSION_URI;
if (endSessionUri) {
return res.redirect(endSessionUri + '?' + querystring.stringify(params));
} else {
return res.redirect(process.env.CLIENT_URL || '/');
}
}) })
}); });
}); });