17th-Ranger-Battalion-ORG/milsim-site-v4
8
1
Fork 0
Code Issues 22 Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity

Implemented actual authentication guards, began implementing main login user flows

Browse Source
This commit is contained in:
ajdj100
2025-10-19 19:27:48 -04:00
parent e6016a19bb
commit 5d7ebd2136
12 changed files with 237 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
api/src/routes/auth.js
View File

@@ -21,12 +21,12 @@ passport.use(new OpenIDConnectStrategy({
scope: ['openid', 'profile']
}, async function verify(issuer, sub, profile, jwtClaims, accessToken, refreshToken, params, cb) {
console.log('--- OIDC verify() called ---');
console.log('issuer:', issuer);
console.log('sub:', sub);
console.log('profile:', JSON.stringify(profile, null, 2));
console.log('id_token claims:', JSON.stringify(jwtClaims, null, 2));
console.log('preferred_username:', jwtClaims?.preferred_username);
// console.log('--- OIDC verify() called ---');
// console.log('issuer:', issuer);
// console.log('sub:', sub);
// console.log('profile:', JSON.stringify(profile, null, 2));
// console.log('id_token claims:', JSON.stringify(jwtClaims, null, 2));
// console.log('preferred_username:', jwtClaims?.preferred_username);
const con = await pool.getConnection();
try {
@@ -34,14 +34,11 @@ passport.use(new OpenIDConnectStrategy({
//lookup existing user
const existing = await con.query(`SELECT id FROM members WHERE authentik_issuer = ? AND authentik_sub = ? LIMIT 1;`, [issuer, sub]);
console.log(existing)
let memberId;
//if member exists
if (existing.length > 0) {
console.log('member exists');
memberId = existing[0].id;
} else {
console.log("creating member")
//otherwise: create account
const username = sub.username;
@@ -52,7 +49,6 @@ passport.use(new OpenIDConnectStrategy({
memberId = result.insertId;
}
console.log("hello world" + memberId);
await con.commit();
return cb(null, { memberId });
} catch (error) {
@@ -63,11 +59,36 @@ passport.use(new OpenIDConnectStrategy({
}
}));
router.get('/login', passport.authenticate('openidconnect'))
router.get('/callback', passport.authenticate('openidconnect', {
successRedirect: 'https://aj17thdev.nexuszone.net/',
failureRedirect: 'https://aj17thdev.nexuszone.net/'
}));
router.get('/login', (req, res, next) => {
// Store redirect target in session if provided
req.session.redirectTo = req.query.redirect || '/';
next();
}, passport.authenticate('openidconnect'));
// router.get('/callback', (req, res, next) => {
// passport.authenticate('openidconnect', {
// successRedirect: req.session.redirectTo,
// failureRedirect: 'https://aj17thdev.nexuszone.net/'
// })
// });
router.get('/callback', (req, res, next) => {
const redirectURI = req.session.redirectTo;
passport.authenticate('openidconnect', (err, user) => {
if (err) return next(err);
if (!user) return res.redirect('https://aj17thdev.nexuszone.net/');
req.logIn(user, err => {
if (err) return next(err);
// Use redirect saved from session
const redirectTo = redirectURI || 'https://aj17thdev.nexuszone.net/';
delete req.session.redirectTo;
return res.redirect(redirectTo);
});
})(req, res, next);
});
router.post('/logout', function (req, res, next) {
req.logout(function (err) {
@@ -75,14 +96,13 @@ router.post('/logout', function (req, res, next) {
var params = {
client_id: process.env.AUTH_CLIENT_ID,
returnTo: 'https://aj17thdev.nexuszone.net/'
};
};
res.redirect(process.env.AUTH_DOMAIN + '/v2/logout?' + querystring.stringify(params));
});
});
passport.serializeUser(function (user, cb) {
process.nextTick(function () {
console.log(`serialize: ${user.memberId}`);
cb(null, user);
});
});
@@ -95,8 +115,7 @@ passport.deserializeUser(function (user, cb) {
var userData;
try {
userResults = await con.query(`SELECT id, name FROM members WHERE id = ?;`, [memberID])
console.log(userResults)
let userResults = await con.query(`SELECT id, name FROM members WHERE id = ?;`, [memberID])
userData = userResults[0];
} catch (error) {