MasterMito/work-club-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Rework Admin UI #6

Merged
MasterMito merged 18 commits from epic/admin_rework_second_try into main 2026-03-20 11:55:38 +01:00
Conversation 0 Commits 18 Files Changed 37
+15 -5
2 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit d295c9123e - Show all commits
docker-compose.yml
+6 -4
View File
@@ -42,8 +42,9 @@ services:
KC_HOSTNAME: "http://localhost:8080" KC_HOSTNAME: "http://localhost:8080"
KC_HOSTNAME_STRICT: "false" KC_HOSTNAME_STRICT: "false"
KC_PROXY: "edge" KC_PROXY: "edge"
KC_HTTP_PORT: "8081"
ports: ports:
- "8080:8080" - "8080:8081"
volumes: volumes:
- ./infra/keycloak:/opt/keycloak/data/import - ./infra/keycloak:/opt/keycloak/data/import
depends_on: depends_on:
@@ -62,20 +63,21 @@ services:
container_name: workclub_api container_name: workclub_api
environment: environment:
ASPNETCORE_ENVIRONMENT: Development ASPNETCORE_ENVIRONMENT: Development
ASPNETCORE_URLS: "http://+:8080"
ConnectionStrings__DefaultConnection: "Host=postgres;Port=5432;Database=workclub;Username=workclub;Password=dev_password_change_in_production" ConnectionStrings__DefaultConnection: "Host=postgres;Port=5432;Database=workclub;Username=workclub;Password=dev_password_change_in_production"
Keycloak__Authority: "http://keycloak:8080/realms/workclub" Keycloak__Authority: "http://192.168.65.254:8080/realms/workclub"
Keycloak__Audience: "workclub-api" Keycloak__Audience: "workclub-api"
Keycloak__TokenValidationParameters__ValidateIssuer: "false" Keycloak__TokenValidationParameters__ValidateIssuer: "false"
ports: ports:
- "5001:8080" - "5001:8080"
extra_hosts: extra_hosts:
- "localhost:host-gateway" - "localhost:host-gateway"
working_dir: /app
volumes: volumes:
- ./backend:/app:cached - ./backend:/app:cached
depends_on: depends_on:
postgres: postgres:
condition: service_healthy condition: service_healthy
command: watch run WorkClub.Api/WorkClub.Api.csproj
networks: networks:
- app-network - app-network
@@ -95,7 +97,7 @@ services:
KEYCLOAK_CLIENT_ID: "workclub-app" KEYCLOAK_CLIENT_ID: "workclub-app"
KEYCLOAK_CLIENT_SECRET: "dev-secret-workclub-api-change-in-production" KEYCLOAK_CLIENT_SECRET: "dev-secret-workclub-api-change-in-production"
KEYCLOAK_ISSUER: "http://localhost:8080/realms/workclub" KEYCLOAK_ISSUER: "http://localhost:8080/realms/workclub"
KEYCLOAK_ISSUER_INTERNAL: "http://keycloak:8080/realms/workclub" KEYCLOAK_ISSUER_INTERNAL: "http://keycloak:8081/realms/workclub"
NEXT_PUBLIC_KEYCLOAK_ISSUER: "http://localhost:8080/realms/workclub" NEXT_PUBLIC_KEYCLOAK_ISSUER: "http://localhost:8080/realms/workclub"
ports: ports:
- "3000:3000" - "3000:3000"
frontend/src/auth/auth.ts
+9 -1
View File
@@ -27,15 +27,23 @@ declare module "next-auth" {
const issuerPublic = process.env.KEYCLOAK_ISSUER! const issuerPublic = process.env.KEYCLOAK_ISSUER!
const issuerInternal = process.env.KEYCLOAK_ISSUER_INTERNAL || issuerPublic const issuerInternal = process.env.KEYCLOAK_ISSUER_INTERNAL || issuerPublic
const oidcPublic = `${issuerPublic}/protocol/openid-connect` const oidcPublic = `${issuerPublic}/protocol/openid-connect`
const oidcInternal = `${issuerInternal}/protocol/openid-connect` const oidcInternal = `${issuerInternal.replace(':8080', ':8081')}/protocol/openid-connect`
export const { handlers, signIn, signOut, auth } = NextAuth({ export const { handlers, signIn, signOut, auth } = NextAuth({
providers: [ providers: [
KeycloakProvider({ KeycloakProvider({
clientId: process.env.KEYCLOAK_CLIENT_ID!, clientId: process.env.KEYCLOAK_CLIENT_ID!,
issuer: issuerPublic, issuer: issuerPublic,
authorization: {
url: `${oidcPublic}/auth`,
params: { scope: "openid email profile" },
},
token: `${oidcInternal}/token`,
userinfo: `${oidcInternal}/userinfo`,
jwks_endpoint: `${oidcInternal}/certs`,
}) })
], ],
trustHost: true,
cookies: { cookies: {
pkceCodeVerifier: { pkceCodeVerifier: {
name: "authjs.pkce.code_verifier", name: "authjs.pkce.code_verifier",