louis/targo-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(debugging): temporary guard disable and comment for troubleshooting dockerization of the staging app. to be rolled-back before prod

Browse Source
This commit is contained in:
Matthieu Haineault 2025-12-19 09:24:26 -05:00
parent ecc8e2a9f6
commit a80dd357a3
4 changed files with 19 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/identity-and-account/authentication/controllers/auth.controller.ts
View File

@ -5,12 +5,12 @@ import { Request, Response } from 'express';
@Controller('auth') @Controller('auth')
export class AuthController { export class AuthController {
@UseGuards(OIDCLoginGuard) // @UseGuards(OIDCLoginGuard)
@Get('/v1/login') @Get('/v1/login')
login() { } login() { }
@Get('/callback') @Get('/callback')
@UseGuards(OIDCLoginGuard) // @UseGuards(OIDCLoginGuard)
loginCallback(@Req() req: Request, @Res() res: Response) { loginCallback(@Req() req: Request, @Res() res: Response) {
// res.redirect('http://10.100.251.2:9011/#/login-success'); // res.redirect('http://10.100.251.2:9011/#/login-success');
res.redirect('http://localhost:9000/#/login-success'); res.redirect('http://localhost:9000/#/login-success');

1
src/identity-and-account/authentication/guards/authentik-auth.guard.ts
View File

@ -6,6 +6,7 @@ export class OIDCLoginGuard extends AuthGuard('openidconnect') {
async canActivate(context: ExecutionContext) { async canActivate(context: ExecutionContext) {
const result = (await super.canActivate(context)) as boolean; const result = (await super.canActivate(context)) as boolean;
const request = context.switchToHttp().getRequest(); const request = context.switchToHttp().getRequest();
console.log('JWT HEADER:', request.headers.authorization);
await super.logIn(request); await super.logIn(request);
return result; return result;
} }

1
src/identity-and-account/authentication/strategies/authentik.strategy.ts
View File

@ -53,6 +53,7 @@ export class AuthentikStrategy extends PassportStrategy(OIDCStrategy, 'openidcon
const components = _idToken.split('.'); const components = _idToken.split('.');
const payload = Buffer.from(components[1], "base64").toString('utf-8'); const payload = Buffer.from(components[1], "base64").toString('utf-8');
console.log('JWT PAYLOAD:', payload);
const claims = JSON.parse(payload); const claims = JSON.parse(payload);
if (!claims.email) return cb(new Error('Missing email in OIDC profile'), false); if (!claims.email) return cb(new Error('Missing email in OIDC profile'), false);

21
src/main.ts
View File

@ -16,6 +16,7 @@ import * as session from 'express-session';
import * as passport from 'passport'; import * as passport from 'passport';
import { PrismaService } from 'src/prisma/prisma.service'; import { PrismaService } from 'src/prisma/prisma.service';
import { PrismaSessionStore } from '@quixo3/prisma-session-store'; import { PrismaSessionStore } from '@quixo3/prisma-session-store';
// import { extractOldShifts } from 'scripts/migrate-shifts'; // import { extractOldShifts } from 'scripts/migrate-shifts';
// import { extractOldTimesheets } from 'scripts/migrate-timesheets'; // import { extractOldTimesheets } from 'scripts/migrate-timesheets';
// import { extractOldExpenses } from 'scripts/migrate-expenses'; // import { extractOldExpenses } from 'scripts/migrate-expenses';
@ -23,11 +24,24 @@ import { PrismaSessionStore } from '@quixo3/prisma-session-store';
const SESSION_TOKEN_DURATION_MINUTES = 180 const SESSION_TOKEN_DURATION_MINUTES = 180
async function bootstrap() { async function bootstrap() {
const app = await NestFactory.create(AppModule); const app = await NestFactory.create(AppModule);
const prisma_service = app.get(PrismaService); const prisma_service = app.get(PrismaService);
const reflector = app.get(Reflector); const reflector = app.get(Reflector);
app.use((req, res, next) => {
console.log('--- INCOMING REQUEST ---');
console.log('METHOD:', req.method);
console.log('URL:', req.originalUrl);
console.log('HEADERS:', req.headers);
console.log('BODY:', req.body);
console.log('------------------------');
console.log(req.headers.authorization);
console.log(req.headers['x-authentik-signature']);
console.log(req.headers['content-type)']);
next();
});
app.useGlobalGuards( app.useGlobalGuards(
// new JwtAuthGuard(reflector), //Authentification JWT // new JwtAuthGuard(reflector), //Authentification JWT
new ModulesGuard(reflector), //deny-by-default and Module-based Access Control new ModulesGuard(reflector), //deny-by-default and Module-based Access Control
@ -89,11 +103,6 @@ async function bootstrap() {
SwaggerModule.setup('api/docs', app, document); SwaggerModule.setup('api/docs', app, document);
writeFileSync('./docs/swagger/swagger-spec.json', JSON.stringify(document, null, 2)); writeFileSync('./docs/swagger/swagger-spec.json', JSON.stringify(document, null, 2));
// logs to be removed post dev
console.log('[ENV.ATTACHMENTS_ROOT]', process.env.ATTACHMENTS_ROOT);
console.log('[resolveAttachmentsRoot()]', resolveAttachmentsRoot());
console.log('[ATT_TMP_DIR()]', ATT_TMP_DIR());
await ensureAttachmentsTmpDir(); await ensureAttachmentsTmpDir();
await app.listen(process.env.PORT ?? 3000); await app.listen(process.env.PORT ?? 3000);