Implemented actual authentication guards, began implementing main login user flows

api/src/routes/auth.js

@@ -21,12 +21,12 @@ passport.use(new OpenIDConnectStrategy({
     scope: ['openid', 'profile']
 }, async function verify(issuer, sub, profile, jwtClaims, accessToken, refreshToken, params, cb) {
 
-    console.log('--- OIDC verify() called ---');
-    console.log('issuer:', issuer);
-    console.log('sub:', sub);
-    console.log('profile:', JSON.stringify(profile, null, 2));
-    console.log('id_token claims:', JSON.stringify(jwtClaims, null, 2));
-    console.log('preferred_username:', jwtClaims?.preferred_username);
+    // console.log('--- OIDC verify() called ---');
+    // console.log('issuer:', issuer);
+    // console.log('sub:', sub);
+    // console.log('profile:', JSON.stringify(profile, null, 2));
+    // console.log('id_token claims:', JSON.stringify(jwtClaims, null, 2));
+    // console.log('preferred_username:', jwtClaims?.preferred_username);
 
     const con = await pool.getConnection();
     try {
@@ -34,14 +34,11 @@ passport.use(new OpenIDConnectStrategy({
 
         //lookup existing user
         const existing = await con.query(`SELECT id FROM members WHERE authentik_issuer = ? AND authentik_sub = ? LIMIT 1;`, [issuer, sub]);
-        console.log(existing)
         let memberId;
         //if member exists
         if (existing.length > 0) {
-            console.log('member exists');
             memberId = existing[0].id;
         } else {
-            console.log("creating member")
             //otherwise: create account
             const username = sub.username;
 
@@ -52,7 +49,6 @@ passport.use(new OpenIDConnectStrategy({
             memberId = result.insertId;
         }
 
-        console.log("hello world" + memberId);
         await con.commit();
         return cb(null, { memberId });
     } catch (error) {
@@ -63,11 +59,36 @@ passport.use(new OpenIDConnectStrategy({
     }
 }));
 
-router.get('/login', passport.authenticate('openidconnect'))
-router.get('/callback', passport.authenticate('openidconnect', {
-    successRedirect: 'https://aj17thdev.nexuszone.net/',
-    failureRedirect: 'https://aj17thdev.nexuszone.net/'
-}));
+router.get('/login', (req, res, next) => {
+    // Store redirect target in session if provided
+    req.session.redirectTo = req.query.redirect || '/';
+
+    next();
+}, passport.authenticate('openidconnect'));
+
+// router.get('/callback', (req, res, next) => {
+//     passport.authenticate('openidconnect', {
+//         successRedirect: req.session.redirectTo,
+//         failureRedirect: 'https://aj17thdev.nexuszone.net/'
+//     })
+// });
+
+router.get('/callback', (req, res, next) => {
+    const redirectURI = req.session.redirectTo;
+    passport.authenticate('openidconnect', (err, user) => {
+        if (err) return next(err);
+        if (!user) return res.redirect('https://aj17thdev.nexuszone.net/');
+
+        req.logIn(user, err => {
+            if (err) return next(err);
+
+            // Use redirect saved from session
+            const redirectTo = redirectURI || 'https://aj17thdev.nexuszone.net/';
+            delete req.session.redirectTo;
+            return res.redirect(redirectTo);
+        });
+    })(req, res, next);
+});
 
 router.post('/logout', function (req, res, next) {
     req.logout(function (err) {
@@ -75,14 +96,13 @@ router.post('/logout', function (req, res, next) {
         var params = {
             client_id: process.env.AUTH_CLIENT_ID,
             returnTo: 'https://aj17thdev.nexuszone.net/'
-        }; 
+        };
         res.redirect(process.env.AUTH_DOMAIN + '/v2/logout?' + querystring.stringify(params));
     });
 });
 
 passport.serializeUser(function (user, cb) {
     process.nextTick(function () {
-        console.log(`serialize: ${user.memberId}`);
         cb(null, user);
     });
 });
@@ -95,8 +115,7 @@ passport.deserializeUser(function (user, cb) {
 
         var userData;
         try {
-            userResults = await con.query(`SELECT id, name FROM members WHERE id = ?;`, [memberID])
-            console.log(userResults)
+            let userResults = await con.query(`SELECT id, name FROM members WHERE id = ?;`, [memberID])
             userData = userResults[0];
 
         } catch (error) {

api/src/routes/members.js

@@ -2,11 +2,13 @@ const express = require('express');
 const router = express.Router();
 
 import pool from '../db';
+import { getUserRoles } from '../services/rolesService';
 
-//create a new user?
-router.post('/', async (req, res) => {
-
-});
+router.use((req, res, next) => {
+    console.log(req.user);
+    console.log('Time:', Date.now())
+    next()
+})
 
 //get all users
 router.get('/', async (req, res) => {
@@ -42,12 +44,18 @@ router.get('/me', async (req, res) => {
             FROM leave_of_absences
             WHERE member_id = ?
             AND deleted = 0 
-            AND UTC_TIMESTAMP() BETWEEN start_date AND end_date;`, req.user.id)
-        const userWithLOA = {
+            AND UTC_TIMESTAMP() BETWEEN start_date AND end_date;`, req.user.id);
+        
+        const roleData = await getUserRoles(req.user.id);
+            
+        const userDataFull = {
             ...req.user,
-            loa: LOAData
+            loa: LOAData,
+            roles: roleData
         };
-        res.json(userWithLOA);
+
+        console.log(userDataFull);
+        res.status(200).json(userDataFull);
     } catch (error) {
         console.error('Error fetching LOA data:', error);
         return res.status(500).json({ error: 'Failed to fetch user data' });

api/src/routes/roles.js

@@ -3,14 +3,14 @@ const r = express.Router();
 const ur = express.Router();
 
 import pool from '../db';
+import { assignUserGroup, createGroup } from '../services/rolesService';
 
-//assign a member to a role
+//manually assign a member to a group
 ur.post('/', async (req, res) => {
     try {
         const body = req.body;
-        const sql = `INSERT INTO members_roles (member_id, role_id) VALUES (?, ?);`;
 
-        await pool.query(sql, [body.member_id, body.role_id]);
+        assignUserGroup(body.member_id, body.role_id);
 
         res.sendStatus(201);
     } catch (err) {
@@ -19,6 +19,7 @@ ur.post('/', async (req, res) => {
     }
 });
 
+//manually remove member from group
 ur.delete('/', async (req, res) => {
     try {
         const body = req.body;
@@ -89,12 +90,9 @@ r.post('/', async (req, res) => {
             return res.status(400).json({ error: 'Color must be a valid hex color (#ffffff)' });
         }
 
-        const sql = `INSERT INTO roles (name, color, description) VALUES (?, ?, ?);`;
-        const params = [name, color, description || null];
+        await createGroup(name, color, description);
 
-        const result = await pool.query(sql, params);
-
-        res.status(201).json({ id: result.insertId, name, color, description });
+        res.sendStatus(201);
     } catch (err) {
         console.error('Insert failed:', err);
         res.status(500).json({ error: 'Failed to create role' });

api/src/services/calendarService.ts

@@ -1,4 +1,3 @@
-// const pool = require('../db');
 import pool from '../db';
 
 export interface CalendarEvent {

api/src/services/rolesService.ts

@@ -0,0 +1,26 @@
+import pool from '../db';
+
+export async function assignUserGroup(userID: number, roleID: number) {
+
+    const sql = `INSERT INTO members_roles (member_id, role_id) VALUES (?, ?);`;
+    const params = [userID, roleID];
+
+    return await pool.query(sql, params);
+}
+
+export async function createGroup(name: string, color: string, description: string) {
+    const sql = `INSERT INTO roles (name, color, description) VALUES (?, ?, ?)`;
+    const params = [name, color, description];
+
+    const result = await pool.query(sql, params);
+    return { id: result.insertId, name, color, description };
+}
+
+export async function getUserRoles(userID: number) {
+    const sql = `SELECT r.id, r.name
+        FROM members_roles mr
+        INNER JOIN roles r ON mr.role_id = r.id
+        WHERE mr.member_id = 190;`;
+
+    return await pool.query(sql, [userID]);
+}