Merge pull request 'refactor: auth flow, middleware and login page' (#55)

Reviewed-on: #55 Reviewed-by: Maximilian Liebmann <lima@noreply.git.dominikstahl.dev>
2025-05-13 18:34:58 +00:00 · 2025-05-13 18:34:58 +00:00 · 8fd93fa7bc
commit 8fd93fa7bc
parent dd6b82515e aca229b3d3
11 changed files with 135 additions and 58 deletions
--- a/.env.example
+++ b/.env.example
@ -7,5 +7,3 @@ AUTH_AUTHENTIK_SECRET=
 AUTH_AUTHENTIK_ISSUER=

 NEXT_PUBLIC_APP_URL=
-
-MEETUP_SKIP_LOGIN=
--- a/README.md
+++ b/README.md
@ -94,10 +94,6 @@ This project is built with a modern tech stack:

      # Base URL of your application
      NEXT_PUBLIC_APP_URL="http://localhost:3000"
-
-      # Development: Skip login flow (set to "true" to bypass authentication)
-      # Ensure this is NOT set to "true" in production.
-      MEETUP_SKIP_LOGIN="false"
      ```

 4.  **Apply database migrations (Prisma):**
@ -111,11 +107,20 @@ This project is built with a modern tech stack:
    - (Optional: If you need to generate Prisma Client without running migrations, use `npx prisma generate`)

 5.  **Run the development server:**
+
    ```bash
    yarn dev
    ```
+
    Open [http://localhost:3000](http://localhost:3000) in your browser to see the application.

+    The test user for the application is:
+
+    ```bash
+    email: test@example.com
+    password: password
+    ```
+
 **Self-Hosting with Docker (Planned):**

 - A Docker image and `docker-compose.yml` file will be provided in the future to allow for easy self-hosting of the MeetUP application. This setup will also include database services. Instructions will be updated here once available.
--- a/src/app/home/page.tsx
+++ b/src/app/home/page.tsx
@ -1,4 +1,3 @@
-import { Logout } from '@/components/user/sso-logout-button';
 import { RedirectButton } from '@/components/user/redirect-button';
 import { ThemePicker } from '@/components/user/theme-picker';

@ -8,7 +7,7 @@ export default function Home() {
      <div className='absolute top-4 right-4'>{<ThemePicker />}</div>
      <div>
        <h1>Home</h1>
-        <Logout />
+        <RedirectButton redirectUrl='/logout' buttonText='Logout' />
        <RedirectButton redirectUrl='/settings' buttonText='Settings' />
      </div>
    </div>
--- a/src/app/login/page.tsx
+++ b/src/app/login/page.tsx
@ -1,4 +1,4 @@
-import { auth } from '@/auth';
+import { auth, providerMap } from '@/auth';
 import SSOLogin from '@/components/user/sso-login-button';
 import LoginForm from '@/components/user/login-form';
 import { redirect } from 'next/navigation';
@ -35,11 +35,15 @@ export default async function LoginPage() {
            <CardContent className='gap-6 flex flex-col'>
              <LoginForm />

-              <hr />
+              {providerMap.length > 0 && <hr />}

-              {process.env.AUTH_AUTHENTIK_ISSUER && (
-                <SSOLogin provider='authentik' providerDisplayName='SSO' />
-              )}
+              {providerMap.map((provider) => (
+                <SSOLogin
+                  key={provider.id}
+                  provider={provider.id}
+                  providerDisplayName={provider.name}
+                />
+              ))}
            </CardContent>
          </Card>
        </div>
--- a/src/app/logout/page.tsx
+++ b/src/app/logout/page.tsx
@ -0,0 +1,40 @@
+import { signOut } from '@/auth';
+import { Button } from '@/components/ui/button';
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardHeader,
+  CardTitle,
+} from '@/components/ui/card';
+
+export default function SignOutPage() {
+  return (
+    <div className='flex flex-col items-center justify-center h-screen'>
+      <form
+        action={async () => {
+          'use server';
+          await signOut({ redirectTo: '/login' });
+        }}
+      >
+        <Card className='w-[350px] max-w-screen'>
+          <CardHeader>
+            <CardTitle className='text-lg text-center'>Logout</CardTitle>
+            <CardDescription className='text-center'>
+              Are you sure you want to log out?
+            </CardDescription>
+          </CardHeader>
+          <CardContent className='gap-6 flex flex-col'>
+            <Button
+              className='hover:bg-blue-600 hover:text-white'
+              type='submit'
+              variant='secondary'
+            >
+              Logout
+            </Button>
+          </CardContent>
+        </Card>
+      </form>
+    </div>
+  );
+}
--- a/src/app/page.tsx
+++ b/src/app/page.tsx
@ -1,3 +1,9 @@
-export default function Home() {
-  return <div></div>;
+import { auth } from '@/auth';
+import { redirect } from 'next/navigation';
+
+export default async function Home() {
+  const session = await auth();
+
+  if (!session?.user) redirect('/login');
+  else redirect('/home');
 }
--- a/src/auth.ts
+++ b/src/auth.ts
@ -1,13 +1,49 @@
 import NextAuth from 'next-auth';
+
+import type { Provider } from 'next-auth/providers';
+import Credentials from 'next-auth/providers/credentials';
+
 import Authentik from 'next-auth/providers/authentik';

+const providers: Provider[] = [
+  !process.env.DISABLE_PASSWORD_LOGIN &&
+    Credentials({
+      credentials: { password: { label: 'Password', type: 'password' } },
+      authorize(c) {
+        if (c.password !== 'password') return null;
+        return {
+          id: 'test',
+          name: 'Test User',
+          email: 'test@example.com',
+        };
+      },
+    }),
+  process.env.AUTH_AUTHENTIK_ID && Authentik,
+].filter(Boolean) as Provider[];
+
+export const providerMap = providers
+  .map((provider) => {
+    if (typeof provider === 'function') {
+      const providerData = provider();
+      return { id: providerData.id, name: providerData.name };
+    } else {
+      return { id: provider.id, name: provider.name };
+    }
+  })
+  .filter((provider) => provider.id !== 'credentials');
+
 export const { handlers, signIn, signOut, auth } = NextAuth({
-  providers: [process.env.AUTH_AUTHENTIK_ISSUER ? Authentik : null].filter(
-    (x) => x !== null,
-  ),
+  providers,
+  session: {
+    strategy: 'jwt',
+  },
+  pages: {
+    signIn: '/login',
+    signOut: '/logout',
+  },
  callbacks: {
-    authorized: async ({ auth }) => {
-      return !!auth;
+    authorized({ auth }) {
+      return !!auth?.user;
    },
  },
 });
--- a/src/components/labeled-input.tsx
+++ b/src/components/labeled-input.tsx
@ -6,23 +6,24 @@ export default function LabeledInput({
  label,
  placeholder,
  value,
+  name,
 }: {
  type: 'text' | 'email' | 'password';
  label: string;
  placeholder?: string;
  value?: string;
+  name?: string;
 }) {
-  const elementId = Math.random().toString(36).substring(2, 15);
-
  return (
    <div className='flex flex-col gap-1'>
-      <Label htmlFor={elementId}>{label}</Label>
+      <Label htmlFor={name}>{label}</Label>

      <Input
        type={type}
        placeholder={placeholder}
        defaultValue={value}
-        id={elementId}
+        id={name}
+        name={name}
      />
    </div>
  );
--- a/src/components/user/login-form.tsx
+++ b/src/components/user/login-form.tsx
@ -1,18 +1,38 @@
+import { signIn } from '@/auth';
 import LabeledInput from '@/components/labeled-input';
 import { Button } from '@/components/ui/button';
+import { AuthError } from 'next-auth';
+import { redirect } from 'next/navigation';
+
+const SIGNIN_ERROR_URL = '/error';

 export default function LoginForm() {
  return (
-    <form className='flex flex-col gap-5 w-full'>
+    <form
+      className='flex flex-col gap-5 w-full'
+      action={async (formData) => {
+        'use server';
+        try {
+          await signIn('credentials', formData);
+        } catch (error) {
+          if (error instanceof AuthError) {
+            return redirect(`${SIGNIN_ERROR_URL}?error=${error.type}`);
+          }
+          throw error;
+        }
+      }}
+    >
      <LabeledInput
        type='email'
        label='E-Mail'
        placeholder='Enter your E-Mail'
+        name='email'
      />
      <LabeledInput
        type='password'
        label='Password'
        placeholder='Enter your Password'
+        name='password'
      />
      <Button
        className='hover:bg-blue-600 hover:text-white'
--- a/src/components/user/sso-logout-button.tsx
+++ b/src/components/user/sso-logout-button.tsx
@ -1,18 +0,0 @@
-import { signOut } from '@/auth';
-import { IconButton } from '@/components/icon-button';
-import { faDoorOpen } from '@fortawesome/free-solid-svg-icons';
-
-export function Logout() {
-  return (
-    <form
-      action={async () => {
-        'use server';
-        await signOut({ redirectTo: '/login' });
-      }}
-    >
-      <IconButton type='submit' variant='destructive' icon={faDoorOpen}>
-        Sign Out
-      </IconButton>
-    </form>
-  );
-}
--- a/src/middleware.ts
+++ b/src/middleware.ts
@ -1,18 +1,4 @@
-import { auth } from '@/auth';
-
-export default auth((req) => {
-  if (
-    !req.auth &&
-    req.nextUrl.pathname !== '/login' &&
-    process.env.MEETUP_SKIP_LOGIN !== 'true'
-  ) {
-    const newUrl = new URL('/login', req.nextUrl.origin);
-    return Response.redirect(newUrl);
-  } else if (req.auth != null && req.nextUrl.pathname === '/') {
-    const newUrl = new URL('/home', req.nextUrl.origin);
-    return Response.redirect(newUrl);
-  }
-});
+export { auth as middleware } from '@/auth';

 export const config = {
  matcher: ['/((?!api|_next/static|_next/image|favicon.ico).*)'],