alma/Neah
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cleaning hard 2

Browse Source
This commit is contained in:
alma 2025-05-03 12:53:23 +02:00
parent d7bde65cd0
commit f3fa441d28
3 changed files with 53 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
app/api/auth/[...nextauth]/route.ts
View File

@ -60,6 +60,8 @@ export const authOptions: NextAuthOptions = {
clientSecret: process.env.KEYCLOAK_CLIENT_SECRET || "", clientSecret: process.env.KEYCLOAK_CLIENT_SECRET || "",
issuer: process.env.KEYCLOAK_ISSUER || "", issuer: process.env.KEYCLOAK_ISSUER || "",
profile(profile: any) { profile(profile: any) {
console.log("Raw Keycloak profile:", profile);
// Just return a simple profile with required fields // Just return a simple profile with required fields
return { return {
id: profile.sub, id: profile.sub,
@ -69,7 +71,7 @@ export const authOptions: NextAuthOptions = {
username: profile.preferred_username || profile.email?.split('@')[0] || '', username: profile.preferred_username || profile.email?.split('@')[0] || '',
first_name: profile.given_name || '', first_name: profile.given_name || '',
last_name: profile.family_name || '', last_name: profile.family_name || '',
role: ['user'], role: profile.realm_access?.roles || ['user'],
// Store raw profile data for later processing // Store raw profile data for later processing
raw_profile: profile raw_profile: profile
}; };
@ -97,6 +99,7 @@ export const authOptions: NextAuthOptions = {
// Get roles from realm_access // Get roles from realm_access
if (rawProfile.realm_access && Array.isArray(rawProfile.realm_access.roles)) { if (rawProfile.realm_access && Array.isArray(rawProfile.realm_access.roles)) {
roles = roles.concat(rawProfile.realm_access.roles); roles = roles.concat(rawProfile.realm_access.roles);
console.log("Roles from realm_access:", rawProfile.realm_access.roles);
} }
// Get roles from resource_access // Get roles from resource_access
@ -106,12 +109,14 @@ export const authOptions: NextAuthOptions = {
rawProfile.resource_access[clientId] && rawProfile.resource_access[clientId] &&
Array.isArray(rawProfile.resource_access[clientId].roles)) { Array.isArray(rawProfile.resource_access[clientId].roles)) {
roles = roles.concat(rawProfile.resource_access[clientId].roles); roles = roles.concat(rawProfile.resource_access[clientId].roles);
console.log("Roles from resource_access[clientId]:", rawProfile.resource_access[clientId].roles);
} }
// Also check resource_access roles under 'account' // Also check resource_access roles under 'account'
if (rawProfile.resource_access.account && if (rawProfile.resource_access.account &&
Array.isArray(rawProfile.resource_access.account.roles)) { Array.isArray(rawProfile.resource_access.account.roles)) {
roles = roles.concat(rawProfile.resource_access.account.roles); roles = roles.concat(rawProfile.resource_access.account.roles);
console.log("Roles from resource_access.account:", rawProfile.resource_access.account.roles);
} }
} }
@ -120,16 +125,21 @@ export const authOptions: NextAuthOptions = {
.filter(Boolean) .filter(Boolean)
.map(role => role.toLowerCase()); .map(role => role.toLowerCase());
console.log("Cleaned raw Keycloak roles:", cleanedRoles);
// Always ensure user has basic user role // Always ensure user has basic user role
const finalRoles = [...new Set([...cleanedRoles, 'user'])]; const finalRoles = [...new Set([...cleanedRoles, 'user'])];
// Map Keycloak roles to application roles // Map Keycloak roles to application roles
token.role = mapToApplicationRoles(finalRoles); token.role = mapToApplicationRoles(finalRoles);
console.log("Mapped application roles:", token.role);
} else if (user && user.role) { } else if (user && user.role) {
token.role = Array.isArray(user.role) ? user.role : [user.role]; token.role = Array.isArray(user.role) ? user.role : [user.role];
console.log("Using user.role directly:", token.role);
} else { } else {
// Default roles if no profile data available // Default roles if no profile data available
token.role = ['user']; token.role = ['user'];
console.log("Using default 'user' role only");
} }
// Store user information // Store user information
@ -142,6 +152,7 @@ export const authOptions: NextAuthOptions = {
// Token exists but no roles, add default user role // Token exists but no roles, add default user role
else if (token && !token.role) { else if (token && !token.role) {
token.role = ['user']; token.role = ['user'];
console.log("Adding default 'user' role to existing token");
} }
return token; return token;
@ -158,12 +169,14 @@ export const authOptions: NextAuthOptions = {
session.user.username = token.username || ''; session.user.username = token.username || '';
session.user.first_name = token.first_name || ''; session.user.first_name = token.first_name || '';
session.user.last_name = token.last_name || ''; session.user.last_name = token.last_name || '';
console.log("Session updated with roles from token:", token.role);
} else { } else {
// Fallback roles // Fallback roles
session.user.role = ["user"]; session.user.role = ["user"];
session.user.username = ''; session.user.username = '';
session.user.first_name = ''; session.user.first_name = '';
session.user.last_name = ''; session.user.last_name = '';
console.log("Session using fallback 'user' role only");
} }
} }
return session; return session;

20
components/main-nav.tsx
View File

@ -52,8 +52,12 @@ export function MainNav() {
const { data: session, status } = useSession(); const { data: session, status } = useSession();
const [userStatus, setUserStatus] = useState<'online' | 'busy' | 'away'>('online'); const [userStatus, setUserStatus] = useState<'online' | 'busy' | 'away'>('online');
console.log("Session:", session); console.log("Session:", {
console.log("Status:", status); authenticated: status === "authenticated",
status,
user: session?.user,
roles: session?.user?.role
});
// Updated function to get user initials // Updated function to get user initials
const getUserInitials = () => { const getUserInitials = () => {
@ -191,26 +195,30 @@ export function MainNav() {
title: "ShowCase", title: "ShowCase",
icon: Lightbulb, icon: Lightbulb,
href: '/showcase', href: '/showcase',
requiredRoles: ["Expression"], requiredRoles: ["expression"],
}, },
{ {
title: "Equipes", title: "Equipes",
icon: UserCog, icon: UserCog,
href: '/equipes', href: '/equipes',
requiredRoles: ["Admin", "Entrepreneurship"], requiredRoles: ["admin", "entrepreneurship"],
}, },
{ {
title: "TheMessage", title: "TheMessage",
icon: Mail, icon: Mail,
href: '/the-message', href: '/the-message',
requiredRoles: ["Mediation", "Expression"], requiredRoles: ["mediation", "expression"],
}, },
]; ];
// Get visible menu items based on user roles // Get visible menu items based on user roles
const visibleMenuItems = [ const visibleMenuItems = [
...baseMenuItems, ...baseMenuItems,
...roleSpecificItems.filter(item => hasRole(item.requiredRoles)) ...roleSpecificItems.filter(item => {
const result = hasRole(item.requiredRoles);
console.log(`Menu item '${item.title}' with required roles [${item.requiredRoles.join(', ')}] is ${result ? 'visible' : 'hidden'}`);
return result;
})
]; ];
// Format current date and time // Format current date and time

29
components/sidebar.tsx
View File

@ -1,7 +1,7 @@
"use client"; "use client";
import type React from "react"; import type React from "react";
import { useState } from "react"; import { useState, useEffect } from "react";
import { cn } from "@/lib/utils"; import { cn } from "@/lib/utils";
import { import {
@ -45,9 +45,19 @@ interface MenuItem {
} }
export function Sidebar({ isOpen, onClose }: SidebarProps) { export function Sidebar({ isOpen, onClose }: SidebarProps) {
const { data: session, status } = useSession();
const router = useRouter(); const router = useRouter();
const pathname = usePathname(); const pathname = usePathname();
const { data: session, status } = useSession();
// Log session status whenever it changes
useEffect(() => {
console.log("Sidebar Session:", {
authenticated: status === "authenticated",
status,
user: session?.user,
roles: session?.user?.role
});
}, [session, status]);
// Debug session data // Debug session data
console.log('Session state:', { console.log('Session state:', {
@ -80,7 +90,12 @@ export function Sidebar({ isOpen, onClose }: SidebarProps) {
} }
const userRoles = Array.isArray(session.user.role) ? session.user.role : [session.user.role]; const userRoles = Array.isArray(session.user.role) ? session.user.role : [session.user.role];
const cleanUserRoles = userRoles.map(role => role.toLowerCase()); // Clean up user roles by removing prefixes and converting to lowercase
const cleanUserRoles = userRoles.map(role =>
role.replace(/^[\/]/, '') // Remove leading slash
.replace(/^ROLE_/, '') // Remove ROLE_ prefix
.toLowerCase()
);
console.log('Debug roles:', { console.log('Debug roles:', {
rawUserRoles: session.user.role, rawUserRoles: session.user.role,
@ -199,7 +214,13 @@ export function Sidebar({ isOpen, onClose }: SidebarProps) {
// Combine base items with role-specific items based on user roles // Combine base items with role-specific items based on user roles
const visibleMenuItems = [ const visibleMenuItems = [
...baseMenuItems, ...baseMenuItems,
...roleSpecificItems.filter(item => hasRole(item.requiredRole)) ...roleSpecificItems.filter(item => {
const result = hasRole(item.requiredRole);
console.log(`Sidebar item '${item.title}' with required role ${Array.isArray(item.requiredRole) ?
'[' + item.requiredRole.join(', ') + ']' :
item.requiredRole} is ${result ? 'visible' : 'hidden'}`);
return result;
})
]; ];
const handleNavigation = (href: string, external?: boolean) => { const handleNavigation = (href: string, external?: boolean) => {