studio/people
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

♻️(frontend) switch to Authorization Code flow

Browse Source 
Instead of interacting with Keycloak, the frontend navigate to the
/authenticate endpoint, which starts the Authorization code flow.

When the flow is done, the backend redirect back to the SPA,
passing a session cookie and a csrf cookie.

Done:
- Query GET user/me to determine if user is authenticated yet
- Remove Keycloak js dependency, as all the OIDC logic is handled by the backend
- Store user's data instead of the JWT token
This commit is contained in:
Lebaud Antoine
2024-02-14 23:47:43 +01:00
committed by aleb_the_flash
parent 38c4d33791
commit 4cacfd3a45
13 changed files with 87 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/frontend/apps/desk/.env.development
View File

@@ -1,5 +1 @@
NEXT_PUBLIC_API_URL=http://localhost:8071/api/v1.0/
NEXT_PUBLIC_KEYCLOAK_URL=http://localhost:8080/
NEXT_PUBLIC_KEYCLOAK_REALM=people
NEXT_PUBLIC_KEYCLOAK_CLIENT_ID=people-front
NEXT_PUBLIC_KEYCLOAK_LOGIN=true