diff --git a/src/services/misc/auth.js b/src/services/misc/auth.js index 574bab2..884b93d 100644 --- a/src/services/misc/auth.js +++ b/src/services/misc/auth.js @@ -32,6 +32,7 @@ const lookupUserByToken = async (token) => { // Check cache first const cachedUser = tokenUserCache.get(token); if (cachedUser) { + console.log(cachedUser); logger.debug(`User found in token cache for token: ${token.substring(0, 20)}...`); return cachedUser; } @@ -79,14 +80,14 @@ const removeUserFromTokenCache = (token) => { }; // Login handler -export const loginRouteHandler = (req, res, isApp = false) => { +export const loginRouteHandler = (req, res, redirectType = 'web') => { // Get the redirect URL from form data or default to production overview const redirectUrl = req.query.redirect_uri || '/production/overview'; // Store the original URL to redirect after login const authUrl = `${process.env.KEYCLOAK_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/auth`; - const callBackState = isApp ? '/auth/app/callback' : '/auth/callback'; - const callbackUrl = encodeURIComponent(`${process.env.APP_URL_API}${callBackState}`); + const callBackState = `/auth/${redirectType}/callback`; + const callbackUrl = `${process.env.APP_URL_API}${callBackState}`; const state = encodeURIComponent(redirectUrl); logger.warn(req.query.redirect_uri); @@ -138,7 +139,7 @@ const fetchAndStoreUser = async (req, token) => { }; // Function to exchange authorization code for tokens, fetch user, and set session -export const loginTokenRouteHandler = async (req, res, isApp = false) => { +export const loginTokenRouteHandler = async (req, res, redirectType = 'web') => { const code = req.query.code; if (!code) { return res.status(400).json({ error: 'Authorization code missing' }); @@ -153,7 +154,7 @@ export const loginTokenRouteHandler = async (req, res, isApp = false) => { // Otherwise, start the request and store the promise const tokenPromise = (async () => { - const callBackState = isApp ? '/auth/app/callback' : '/auth/callback'; + const callBackState = `/auth/${redirectType}/callback`; const callbackUrl = `${process.env.APP_URL_API}${callBackState}`; const tokenUrl = `${process.env.KEYCLOAK_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`; @@ -191,12 +192,13 @@ export const loginTokenRouteHandler = async (req, res, isApp = false) => { const userAndTokenData = await tokenPromise; res.status(200).json(userAndTokenData); } catch (err) { - res.status(500).json({ error: err.message }); + var error = err?.response?.data?.error_description || err.message; + res.status(err?.status || 500).json({ error: error }); } }; // Login callback handler -export const loginCallbackRouteHandler = async (req, res, isApp = false) => { +export const loginCallbackRouteHandler = async (req, res, redirectType = 'web') => { // Don't use keycloak.protect() here as it expects an already authenticated session // Extract the code and state from the query parameters @@ -207,9 +209,21 @@ export const loginCallbackRouteHandler = async (req, res, isApp = false) => { return res.status(400).send('Authorization code missing'); } - const appUrl = isApp - ? 'farmcontrol://app' - : process.env.APP_URL_CLIENT || 'http://localhost:3000'; + var appUrl; + switch (redirectType) { + case 'web': + appUrl = process.env.APP_URL_CLIENT || 'http://localhost:3000'; + break; + case 'app-scheme': + appUrl = 'farmcontrol://app'; + break; + case 'app-localhost': + appUrl = process.env.APP_DEV_AUTH_CLIENT || 'http://localhost:3500'; + break; + default: + appUrl = process.env.APP_URL_CLIENT || 'http://localhost:3000'; + break; + } const redirectUriRaw = `${appUrl}${state}`; let redirectUri; try { @@ -227,7 +241,7 @@ export const loginCallbackRouteHandler = async (req, res, isApp = false) => { } // Save session and redirect to the original URL req.session.save(async () => { - if (isApp) { + if (redirectType == 'app-scheme') { // Read HTML template and inject redirectUri const templatePath = resolve(process.cwd(), 'src/services/misc/applaunch.html'); let html = readFileSync(templatePath, 'utf8');