added support for pin code auth

2026-03-05 18:26:40 +00:00 · 2024-11-23 20:08:56 -05:00
parent 78b23a8956
commit ad5ea3564b
14 changed files with 653 additions and 88 deletions
--- a/src/app/auth/resource/[resourceId]/page.tsx
+++ b/src/app/auth/resource/[resourceId]/page.tsx
@@ -0,0 +1,100 @@
+import {
+    GetResourceAuthInfoResponse,
+    GetResourceResponse,
+} from "@server/routers/resource";
+import ResourceAuthPortal from "./components/ResourceAuthPortal";
+import { internal } from "@app/api";
+import { AxiosResponse } from "axios";
+import { authCookieHeader } from "@app/api/cookies";
+import { cache } from "react";
+import { verifySession } from "@app/lib/auth/verifySession";
+import { redirect } from "next/navigation";
+import ResourceNotFound from "./components/ResourceNotFound";
+import ResourceAccessDenied from "./components/ResourceAccessDenied";
+
+export default async function ResourceAuthPage(props: {
+    params: Promise<{ resourceId: number }>;
+    searchParams: Promise<{ r: string }>;
+}) {
+    const params = await props.params;
+    const searchParams = await props.searchParams;
+
+    let authInfo: GetResourceAuthInfoResponse | undefined;
+    try {
+        const res = await internal.get<
+            AxiosResponse<GetResourceAuthInfoResponse>
+        >(`/resource/${params.resourceId}/auth`, await authCookieHeader());
+
+        if (res && res.status === 200) {
+            authInfo = res.data.data;
+        }
+    } catch (e) {}
+
+    const getUser = cache(verifySession);
+    const user = await getUser();
+
+    if (!authInfo) {
+        return (
+            <div className="w-full max-w-md">
+                <ResourceNotFound />
+            </div>
+        );
+    }
+
+    const hasAuth = authInfo.password || authInfo.pincode || authInfo.sso;
+    const isSSOOnly = authInfo.sso && !authInfo.password && !authInfo.pincode;
+
+    const redirectUrl = searchParams.r || authInfo.url;
+
+    if (!hasAuth) {
+        redirect(redirectUrl);
+    }
+
+    let userIsUnauthorized = false;
+    if (user && authInfo.sso) {
+        let doRedirect = false;
+        try {
+            const res = await internal.get<AxiosResponse<GetResourceResponse>>(
+                `/resource/${params.resourceId}`,
+                await authCookieHeader(),
+            );
+
+            console.log(res.data);
+            doRedirect = true;
+        } catch (e) {
+            console.error(e);
+            userIsUnauthorized = true;
+        }
+
+        if (doRedirect) {
+            redirect(redirectUrl);
+        }
+    }
+
+    if (userIsUnauthorized && isSSOOnly) {
+        return (
+            <div className="w-full max-w-md">
+                <ResourceAccessDenied />
+            </div>
+        );
+    }
+
+    return (
+        <>
+            <div className="w-full max-w-md">
+                <ResourceAuthPortal
+                    methods={{
+                        password: authInfo.password,
+                        pincode: authInfo.pincode,
+                        sso: authInfo.sso && !userIsUnauthorized,
+                    }}
+                    resource={{
+                        name: authInfo.resourceName,
+                        id: authInfo.resourceId,
+                    }}
+                    redirect={redirectUrl}
+                />
+            </div>
+        </>
+    );
+}