alma/Neah
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

auth flow

Browse Source
This commit is contained in:
alma 2025-05-02 10:45:52 +02:00
parent dde98bb598
commit ef4f73ad9e
1 changed files with 54 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
app/api/proxy/[...path]/route.ts
View File

@ -15,6 +15,11 @@ const SERVICE_URLS: Record<string, string> = {
'qg': process.env.NEXT_PUBLIC_IFRAME_MISSIONVIEW_URL || '' 'qg': process.env.NEXT_PUBLIC_IFRAME_MISSIONVIEW_URL || ''
}; };
// Check if a service is Rocket.Chat (they require special authentication)
function isRocketChat(serviceName: string): boolean {
return serviceName === 'parole'; // Assuming 'parole' is your Rocket.Chat service
}
export async function GET( export async function GET(
request: NextRequest, request: NextRequest,
{ params }: { params: { path: string[] } } { params }: { params: { path: string[] } }
@ -35,24 +40,39 @@ export async function GET(
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }); return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
} }
// Get authentication token from session
const accessToken = session.accessToken;
if (!accessToken) {
return NextResponse.json({ error: 'No access token available' }, { status: 401 });
}
try { try {
// Extract search parameters // Extract search parameters
const searchParams = new URL(request.url).searchParams.toString(); const searchParams = new URL(request.url).searchParams.toString();
const targetUrl = `${baseUrl}/${restOfPath}${searchParams ? `?${searchParams}` : ''}`; const targetUrl = `${baseUrl}/${restOfPath}${searchParams ? `?${searchParams}` : ''}`;
// Forward the request to the target service with the authentication token // Prepare headers based on the service type
const response = await fetch(targetUrl, { const headers: Record<string, string> = {};
headers: {
'Authorization': `Bearer ${accessToken}`, if (isRocketChat(serviceName)) {
// Add other headers as needed by your services // For Rocket.Chat, use their specific authentication headers
if (session.rocketChatToken && session.rocketChatUserId) {
console.log('Using Rocket.Chat specific authentication');
headers['X-Auth-Token'] = session.rocketChatToken;
headers['X-User-Id'] = session.rocketChatUserId;
} else {
console.warn('Rocket.Chat tokens not available in session');
// Still try with standard authorization if available
if (session.accessToken) {
headers['Authorization'] = `Bearer ${session.accessToken}`;
}
} }
}); } else {
// Standard OAuth Bearer token for other services
if (session.accessToken) {
headers['Authorization'] = `Bearer ${session.accessToken}`;
}
}
// Add other common headers
headers['Accept'] = 'application/json, text/html, */*';
// Forward the request to the target service with the authentication headers
const response = await fetch(targetUrl, { headers });
// Get response data // Get response data
const data = await response.arrayBuffer(); const data = await response.arrayBuffer();
@ -63,7 +83,6 @@ export async function GET(
statusText: response.statusText, statusText: response.statusText,
headers: { headers: {
'Content-Type': response.headers.get('Content-Type') || 'application/octet-stream', 'Content-Type': response.headers.get('Content-Type') || 'application/octet-stream',
// Add other headers as needed
} }
}); });
@ -78,9 +97,6 @@ export async function POST(
request: NextRequest, request: NextRequest,
{ params }: { params: { path: string[] } } { params }: { params: { path: string[] } }
) { ) {
// Similar implementation as GET but for POST requests
// This is a simplified version - you'd need to handle the request body
const serviceName = params.path[0]; const serviceName = params.path[0];
const restOfPath = params.path.slice(1).join('/'); const restOfPath = params.path.slice(1).join('/');
@ -90,7 +106,7 @@ export async function POST(
} }
const session = await getServerSession(authOptions); const session = await getServerSession(authOptions);
if (!session || !session.accessToken) { if (!session) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 }); return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
} }
@ -101,12 +117,29 @@ export async function POST(
// Get the request body // Get the request body
const body = await request.arrayBuffer(); const body = await request.arrayBuffer();
// Prepare headers based on the service type
const headers: Record<string, string> = {
'Content-Type': request.headers.get('Content-Type') || 'application/json',
};
if (isRocketChat(serviceName)) {
// For Rocket.Chat, use their specific authentication headers
if (session.rocketChatToken && session.rocketChatUserId) {
headers['X-Auth-Token'] = session.rocketChatToken;
headers['X-User-Id'] = session.rocketChatUserId;
} else if (session.accessToken) {
headers['Authorization'] = `Bearer ${session.accessToken}`;
}
} else {
// Standard OAuth Bearer token for other services
if (session.accessToken) {
headers['Authorization'] = `Bearer ${session.accessToken}`;
}
}
const response = await fetch(targetUrl, { const response = await fetch(targetUrl, {
method: 'POST', method: 'POST',
headers: { headers,
'Authorization': `Bearer ${session.accessToken}`,
'Content-Type': request.headers.get('Content-Type') || 'application/json',
},
body: body body: body
}); });