byte/imprink
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Inject roles on token validation

Browse Source
This commit is contained in:
lumijiez
2025-06-08 00:17:01 +03:00
parent 87c4f27de5
commit ab9b80b74f
12 changed files with 137 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
webui/package-lock.json generated
View File

@@ -8,7 +8,7 @@
"name": "webui",
"version": "0.1.0",
"dependencies": {
"@auth0/nextjs-auth0": "^4.6.0",
"@auth0/nextjs-auth0": "^4.6.1",
"next": "15.3.3",
"react": "^19.0.0",
"react-dom": "^19.0.0"
@@ -46,9 +46,9 @@
}
},
"node_modules/@auth0/nextjs-auth0": {
"version": "4.6.0",
"resolved": "https://registry.npmjs.org/@auth0/nextjs-auth0/-/nextjs-auth0-4.6.0.tgz",
"integrity": "sha512-HK+fcUW6P8/qUDQfOfntftMg6yzeZLtyfTxL/lyeOub1o/xTL9SZ2fF39nH0H6w1loB5SCAbyN1vD8xxBwINqQ==",
"version": "4.6.1",
"resolved": "https://registry.npmjs.org/@auth0/nextjs-auth0/-/nextjs-auth0-4.6.1.tgz",
"integrity": "sha512-eSYLCPBzROheJL0gdI0hHCbV468yqyz/sBcuag7cm3dx6LMhRzzFmComPs8p+Y7OCblzblGfk/Hju8A1BkjZxw==",
"license": "MIT",
"dependencies": {
"@edge-runtime/cookies": "^5.0.1",

2
webui/package.json
View File

@@ -9,7 +9,7 @@
"lint": "next lint"
},
"dependencies": {
"@auth0/nextjs-auth0": "^4.6.0",
"@auth0/nextjs-auth0": "^4.6.1",
"next": "15.3.3",
"react": "^19.0.0",
"react-dom": "^19.0.0"

46
webui/src/app/page.js
View File

@@ -5,9 +5,31 @@ import {useEffect, useState} from "react";
export default function Home() {
const { user, error, isLoading } = useUser();
const [accessToken, setAccessToken] = useState(null);
useEffect(() => {
const fetchAccessToken = async () => {
if (user) {
try {
const response = await fetch('/auth/access-token');
const v = await fetch('/token');
if (response.ok) {
const tokenData = await response.text();
setAccessToken(tokenData);
} else {
setAccessToken('Token not available');
}
} catch (error) {
setAccessToken('Error fetching token');
}
}
};
fetchAccessToken().then(r => console.log(r));
}, [user]);
async function checkValidity() {
const check = await fetch('https://impr.ink/auth/sync', {method: 'POST'});
const check = await fetch('https://impr.ink/api/api/User', {method: 'POST'});
}
if (isLoading) {
@@ -39,6 +61,16 @@ export default function Home() {
Sign In
</span>
</a>
<a
onClick={() => checkValidity()}
className="group relative px-6 py-3 bg-gradient-to-r from-red-500 to-pink-500 rounded-xl font-bold text-white shadow-2xl hover:shadow-red-500/25 transition-all duration-300 hover:scale-105 active:scale-95"
>
<div
className="absolute inset-0 bg-gradient-to-r from-red-600 to-pink-600 rounded-xl opacity-0 group-hover:opacity-100 transition-opacity duration-300"></div>
<span className="relative flex items-center gap-2">
Check
</span>
</a>
</div>
</div>
</div>
@@ -52,7 +84,8 @@ export default function Home() {
{user ? (
<div className="w-full max-w-5xl">
<div className="text-center mb-6">
<div className="inline-flex items-center justify-center w-16 h-16 bg-gradient-to-r from-purple-500 to-blue-500 rounded-full mb-3 shadow-2xl">
<div
className="inline-flex items-center justify-center w-16 h-16 bg-gradient-to-r from-purple-500 to-blue-500 rounded-full mb-3 shadow-2xl">
{user.picture ? (
<img
src={user.picture}
@@ -114,6 +147,15 @@ export default function Home() {
</div>
</div>
)}
<div>
<label
className="text-purple-300 text-xs font-semibold uppercase tracking-wider">Access
Token</label>
<div
className="text-white/80 text-xs mt-1 p-2 bg-black/30 rounded-lg border border-white/10 font-mono break-all max-h-24 overflow-auto">
{accessToken}
</div>
</div>
</div>
<div>

34
webui/src/app/token/route.js Normal file
View File

@@ -0,0 +1,34 @@
import { cookies } from 'next/headers';
import { NextResponse } from 'next/server';
import {auth0} from "@/lib/auth0";
export async function GET() {
try {
const session = await auth0.getSession();
const accessToken = session.tokenSet.accessToken;
if (!accessToken) {
return NextResponse.json({ error: 'No access token found' }, { status: 401 });
}
const response = NextResponse.json({ message: 'Access token set in cookie' });
const cookieDomain = process.env.COOKIE_DOMAIN || undefined;
const cookieStore = await cookies();
cookieStore.set({
name: 'access_token',
value: accessToken,
httpOnly: true,
secure: true,
sameSite: 'strict',
path: '/',
domain: cookieDomain,
maxAge: 3600,
});
return response;
} catch (error) {
console.error('Error in /api/set-token:', error);
return NextResponse.json({ error: 'Internal Server Error' }, { status: 500 });
}
}