xwx.moe/el.xwx.moe
xwx.moe/ el.xwx.moe
1
0
Disbranĉigi 0
Fontkodo Issues Tirpetoj Actions Packages Projects Eldonoj Wiki Activity

Merge pull request #321 from Jacq/main 

Added Authentik provider and option to disable standard login
This commit is contained in:
Daniel 2023-12-07 09:15:41 +03:30 committed by GitHub
parent 9cd165f2ce 8ba2cecf06
commit 5b44bbcf59
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 63 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.env.sample
View File

@ -12,6 +12,7 @@ PAGINATION_TAKE_COUNT=
STORAGE_FOLDER= STORAGE_FOLDER=
AUTOSCROLL_TIMEOUT= AUTOSCROLL_TIMEOUT=
NEXT_PUBLIC_DISABLE_REGISTRATION= NEXT_PUBLIC_DISABLE_REGISTRATION=
NEXT_PUBLIC_DISABLE_LOGIN=
RE_ARCHIVE_LIMIT= RE_ARCHIVE_LIMIT=
NEXT_PUBLIC_MAX_UPLOAD_SIZE= NEXT_PUBLIC_MAX_UPLOAD_SIZE=
@ -33,3 +34,9 @@ NEXT_PUBLIC_KEYCLOAK_ENABLED=
KEYCLOAK_ISSUER= KEYCLOAK_ISSUER=
KEYCLOAK_CLIENT_ID= KEYCLOAK_CLIENT_ID=
KEYCLOAK_CLIENT_SECRET= KEYCLOAK_CLIENT_SECRET=
# Authentik
NEXT_PUBLIC_AUTHENTIK_ENABLED=
AUTHENTIK_ISSUER=
AUTHENTIK_CLIENT_ID=
AUTHENTIK_CLIENT_SECRET=

30
pages/api/v1/auth/[...nextauth].ts
View File

@ -10,11 +10,13 @@ import sendVerificationRequest from "@/lib/api/sendVerificationRequest";
import { Provider } from "next-auth/providers"; import { Provider } from "next-auth/providers";
import verifySubscription from "@/lib/api/verifySubscription"; import verifySubscription from "@/lib/api/verifySubscription";
import KeycloakProvider from "next-auth/providers/keycloak"; import KeycloakProvider from "next-auth/providers/keycloak";
import AuthentikProvider from "next-auth/providers/authentik";
const emailEnabled = const emailEnabled =
process.env.EMAIL_FROM && process.env.EMAIL_SERVER ? true : false; process.env.EMAIL_FROM && process.env.EMAIL_SERVER ? true : false;
const keycloakEnabled = process.env.NEXT_PUBLIC_KEYCLOAK_ENABLED === "true"; const keycloakEnabled = process.env.NEXT_PUBLIC_KEYCLOAK_ENABLED === "true";
const authentikEnabled = process.env.NEXT_PUBLIC_AUTHENTIK_ENABLED === "true";
const adapter = PrismaAdapter(prisma); const adapter = PrismaAdapter(prisma);
@ -103,6 +105,34 @@ if (keycloakEnabled) {
}; };
} }
if (authentikEnabled) {
console.log(authentikEnabled)
providers.push(
AuthentikProvider({
id: "authentik",
name: "Authentik",
clientId: process.env.AUTHENTIK_CLIENT_ID!,
clientSecret: process.env.AUTHENTIK_CLIENT_SECRET!,
issuer: process.env.AUTHENTIK_ISSUER,
profile: (profile) => {
console.log(profile)
return {
id: profile.sub,
username: profile.preferred_username,
name: profile.name ?? profile.preferred_username,
email: profile.email,
image: profile.picture,
};
},
})
);
const _linkAccount = adapter.linkAccount;
adapter.linkAccount = (account) => {
const { "not-before-policy": _, refresh_expires_in, ...data } = account;
return _linkAccount ? _linkAccount(data) : undefined;
};
}
export const authOptions: AuthOptions = { export const authOptions: AuthOptions = {
adapter: adapter as Adapter, adapter: adapter as Adapter,
session: { session: {

26
pages/login.tsx
View File

@ -13,6 +13,7 @@ interface FormData {
const emailEnabled = process.env.NEXT_PUBLIC_EMAIL_PROVIDER; const emailEnabled = process.env.NEXT_PUBLIC_EMAIL_PROVIDER;
const keycloakEnabled = process.env.NEXT_PUBLIC_KEYCLOAK_ENABLED; const keycloakEnabled = process.env.NEXT_PUBLIC_KEYCLOAK_ENABLED;
const authentikEnabled = process.env.NEXT_PUBLIC_AUTHENTIK_ENABLED;
export default function Login() { export default function Login() {
const [submitLoader, setSubmitLoader] = useState(false); const [submitLoader, setSubmitLoader] = useState(false);
@ -60,10 +61,24 @@ export default function Login() {
setSubmitLoader(false); setSubmitLoader(false);
} }
async function loginUserAuthentik() {
setSubmitLoader(true);
const load = toast.loading("Authenticating...");
const res = await signIn("authentik", {});
toast.dismiss(load);
setSubmitLoader(false);
}
return ( return (
<CenteredForm text="Sign in to your account"> <CenteredForm text="Sign in to your account">
<form onSubmit={loginUser}> <form onSubmit={loginUser}>
<div className="p-4 mx-auto flex flex-col gap-3 justify-between max-w-[30rem] min-w-80 w-full bg-base-200 rounded-2xl shadow-md border border-neutral-content"> <div className="p-4 mx-auto flex flex-col gap-3 justify-between max-w-[30rem] min-w-80 w-full bg-base-200 rounded-2xl shadow-md border border-neutral-content">
{process.env.NEXT_PUBLIC_DISABLE_LOGIN !== "true" ? (
<div>
<p className="text-3xl text-center font-extralight"> <p className="text-3xl text-center font-extralight">
Enter your credentials Enter your credentials
</p> </p>
@ -110,6 +125,8 @@ export default function Login() {
className=" w-full text-center" className=" w-full text-center"
loading={submitLoader} loading={submitLoader}
/> />
</div>
) : undefined}
{process.env.NEXT_PUBLIC_KEYCLOAK_ENABLED === "true" ? ( {process.env.NEXT_PUBLIC_KEYCLOAK_ENABLED === "true" ? (
<SubmitButton <SubmitButton
type="button" type="button"
@ -119,6 +136,15 @@ export default function Login() {
loading={submitLoader} loading={submitLoader}
/> />
) : undefined} ) : undefined}
{process.env.NEXT_PUBLIC_AUTHENTIK_ENABLED === "true" ? (
<SubmitButton
type="button"
onClick={loginUserAuthentik}
label="Sign in with Authentiks"
className=" w-full text-center"
loading={submitLoader}
/>
) : undefined}
{process.env.NEXT_PUBLIC_DISABLE_REGISTRATION === {process.env.NEXT_PUBLIC_DISABLE_REGISTRATION ===
"true" ? undefined : ( "true" ? undefined : (
<div className="flex items-baseline gap-1 justify-center"> <div className="flex items-baseline gap-1 justify-center">