MasterMito/work-club-manager
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 1 Wiki Activity

fix(auth): resolve Keycloak OIDC issuer mismatch and API proxy routing
Some checks failed
CI Pipeline / Backend Build & Test (pull_request) Successful in 49s
Details
CI Pipeline / Frontend Lint, Test & Build (pull_request) Failing after 26s
Details
CI Pipeline / Infrastructure Validation (pull_request) Successful in 4s
Details

Browse Source 
- Bypass NextAuth OIDC discovery with explicit token/userinfo endpoints using internal Docker DNS, avoiding 'issuer string did not match' errors.
- Fix next.config.ts API route interception that incorrectly forwarded NextAuth routes to backend by using 'fallback' rewrites.
- Add 'Use different credentials' button to login page and AuthGuard for clearing stale sessions.
This commit is contained in:
WorkClub Automation
2026-03-09 14:21:03 +01:00
parent a8730245b2
commit 1322def2ea
5 changed files with 65 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docker-compose.yml
View File

@@ -89,6 +89,8 @@ services:
KEYCLOAK_CLIENT_ID: "workclub-app"
KEYCLOAK_CLIENT_SECRET: "dev-secret-workclub-api-change-in-production"
KEYCLOAK_ISSUER: "http://localhost:8080/realms/workclub"
KEYCLOAK_ISSUER_INTERNAL: "http://keycloak:8080/realms/workclub"
NEXT_PUBLIC_KEYCLOAK_ISSUER: "http://localhost:8080/realms/workclub"
ports:
- "3000:3000"
volumes: