evan/evanpage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b0b85f4d3a46f63ed52f1979fbdaff718101bbf0
evanpage/frontend/auth.ts
evan b0b85f4d3a Initial fullstack project setup with Next.js 15, Gin, PostgreSQL and Docker Compose 
- Frontend: Next.js 15 (App Router), Auth.js v5, shadcn/ui, MagicUI
- Backend: Go + Gin + GORM with layered architecture
- Auth: Local credentials login with optional Keycloak OAuth binding
- Admin: RBAC user management for admin role
- Dev: Docker Compose with hot reload for both frontend and backend
- Docker: 3-service orchestration (frontend, backend, postgres)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-16 15:11:20 +00:00

105 lines
2.6 KiB
TypeScript
Raw Blame History

import NextAuth from "next-auth";
import Credentials from "next-auth/providers/credentials";
import Keycloak from "next-auth/providers/keycloak";
const SERVER_API_URL = process.env.SERVER_API_URL || "http://backend:8080";
const providers: any[] = [
Credentials({
name: "local",
credentials: {
username: { label: "Username", type: "text" },
password: { label: "Password", type: "password" },
},
async authorize(credentials) {
if (!credentials?.username || !credentials?.password) return null;
const res = await fetch(`${SERVER_API_URL}/api/auth/local-login`, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
username: credentials.username,
password: credentials.password,
}),
});
if (!res.ok) return null;
const user = await res.json();
return {
id: String(user.id),
name: user.username,
email: user.email,
role: user.role,
};
},
}),
];
if (process.env.AUTH_KEYCLOAK_ISSUER) {
providers.push(
Keycloak({
clientId: process.env.AUTH_KEYCLOAK_ID!,
clientSecret: process.env.AUTH_KEYCLOAK_SECRET!,
issuer: process.env.AUTH_KEYCLOAK_ISSUER!,
})
);
}
export const {
handlers: { GET, POST },
auth,
signIn,
signOut,
} = NextAuth({
providers,
callbacks: {
async signIn({ user, account, profile }) {
if (account?.provider === "keycloak" && profile) {
const keycloakId = profile.sub as string;
const email = (profile.email as string) || "";
const res = await fetch(`${SERVER_API_URL}/api/auth/lookup-binding`, {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ keycloakId, email }),
});
if (!res.ok) return false;
const data = await res.json();
if (data.bound) {
(user as any).id = String(data.user.id);
(user as any).role = data.user.role;
return true;
}
return `/bind-account?keycloakId=${encodeURIComponent(keycloakId)}&email=${encodeURIComponent(email)}`;
}
return true;
},
async jwt({ token, user }) {
if (user) {
token.id = user.id;
token.role = (user as any).role;
}
return token;
},
async session({ session, token }) {
if (session.user) {
(session.user as any).id = token.id;
(session.user as any).role = token.role;
}
return session;
},
},
pages: {
signIn: "/login",
error: "/login",
},
session: {
strategy: "jwt",
},
});
Reference in New Issue View Git Blame Copy Permalink