alma/Neah
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

session correction sidebar items 3

Browse Source
This commit is contained in:
alma 2025-04-18 14:37:57 +02:00
parent 211112d235
commit 932ee9f94c
2 changed files with 38 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
app/api/auth/[...nextauth]/route.ts
View File

@ -88,11 +88,18 @@ export const authOptions: NextAuthOptions = {
clientSecret: getRequiredEnvVar("KEYCLOAK_CLIENT_SECRET"),
issuer: getRequiredEnvVar("KEYCLOAK_ISSUER"),
profile(profile) {
console.log('Keycloak profile:', {
rawRoles: profile.roles,
profile
});
// Clean up roles by removing ROLE_ prefix and converting to lowercase
const cleanRoles = (profile.roles ?? []).map(role =>
role.replace(/^ROLE_/, '').toLowerCase()
);
console.log('Cleaned roles:', cleanRoles);
return {
id: profile.sub,
name: profile.name ?? profile.preferred_username,
@ -113,11 +120,18 @@ export const authOptions: NextAuthOptions = {
async jwt({ token, account, profile }) {
if (account && profile) {
const keycloakProfile = profile as KeycloakProfile;
console.log('JWT callback profile:', {
rawRoles: keycloakProfile.roles,
profile: keycloakProfile
});
// Clean up roles by removing ROLE_ prefix and converting to lowercase
const cleanRoles = (keycloakProfile.roles ?? []).map(role =>
role.replace(/^ROLE_/, '').toLowerCase()
);
console.log('JWT cleaned roles:', cleanRoles);
token.accessToken = account.access_token ?? '';
token.refreshToken = account.refresh_token ?? '';
token.accessTokenExpires = account.expires_at ?? 0;
@ -139,6 +153,11 @@ export const authOptions: NextAuthOptions = {
throw new Error(token.error);
}
console.log('Session callback:', {
tokenRoles: token.role,
session
});
session.user = {
id: token.sub ?? '',
email: token.email ?? null,

26
components/sidebar.tsx
View File

@ -71,12 +71,22 @@ export function Sidebar({ isOpen, onClose }: SidebarProps) {
// Function to check if user has a specific role
const hasRole = (requiredRole: string | string[] | undefined) => {
if (!requiredRole || !session?.user?.role) {
console.log('No required role or user roles found');
console.log('No required role or user roles found', {
requiredRole,
userRoles: session?.user?.role
});
return false;
}
const userRoles = Array.isArray(session.user.role) ? session.user.role : [session.user.role];
console.log('User roles:', userRoles);
const cleanUserRoles = userRoles.map(role => role.toLowerCase());
console.log('Debug roles:', {
rawUserRoles: session.user.role,
processedUserRoles: cleanUserRoles,
requiredRole,
pathname
});
// If requiredRole is an array, check if user has any of the roles
if (Array.isArray(requiredRole)) {
@ -84,10 +94,11 @@ export function Sidebar({ isOpen, onClose }: SidebarProps) {
console.log('Checking multiple roles:', {
requiredRoles: requiredRole,
cleanRequiredRoles,
hasAnyRole: cleanRequiredRoles.some(role => userRoles.includes(role)),
matchingRoles: cleanRequiredRoles.filter(role => userRoles.includes(role))
userRoles: cleanUserRoles,
hasAnyRole: cleanRequiredRoles.some(role => cleanUserRoles.includes(role)),
matchingRoles: cleanRequiredRoles.filter(role => cleanUserRoles.includes(role))
});
return cleanRequiredRoles.some(role => userRoles.includes(role));
return cleanRequiredRoles.some(role => cleanUserRoles.includes(role));
}
// For single role requirement
@ -95,9 +106,10 @@ export function Sidebar({ isOpen, onClose }: SidebarProps) {
console.log('Checking single role:', {
requiredRole,
cleanRequiredRole,
hasRole: userRoles.includes(cleanRequiredRole)
userRoles: cleanUserRoles,
hasRole: cleanUserRoles.includes(cleanRequiredRole)
});
return userRoles.includes(cleanRequiredRole);
return cleanUserRoles.includes(cleanRequiredRole);
};
// Base menu items (available for everyone)