deploy code

2026-05-19 18:08:06 +05:30
parent e886bddfd1
commit 44d3f015fe
45 changed files with 5072 additions and 0 deletions
@@ -0,0 +1,59 @@
+import 'dotenv/config';
+import cors from 'cors';
+import express from 'express';
+import { initAuth, requireAccessToken } from './middleware/auth.js';
+
+function resolveIssuer() {
+  if (process.env.OIDC_ISSUER?.trim()) {
+    const issuer = process.env.OIDC_ISSUER.trim();
+    return issuer.endsWith('/') ? issuer : `${issuer}/`;
+  }
+  const base = process.env.AUTHENTIK_URL?.trim();
+  const slug = process.env.OIDC_APP_SLUG?.trim() || 'oidc-demo';
+  if (!base) return null;
+  return `${base.replace(/\/+$/, '')}/application/o/${slug}/`;
+}
+
+const port = Number(process.env.PORT) || 3001;
+const oidcIssuer = resolveIssuer();
+const corsOrigin = process.env.CORS_ORIGIN ?? 'http://localhost:5173';
+
+if (!oidcIssuer) {
+  console.error(
+    'Set OIDC_ISSUER or AUTHENTIK_URL + OIDC_APP_SLUG in backend/.env',
+  );
+  process.exit(1);
+}
+
+initAuth({
+  oidcIssuer,
+  oidcAudience: process.env.OIDC_AUDIENCE,
+});
+
+const app = express();
+
+app.use(
+  cors({
+    origin: corsOrigin,
+    credentials: true,
+  }),
+);
+
+app.get('/health', (_req, res) => {
+  res.json({ status: 'ok', issuer: oidcIssuer });
+});
+
+app.get('/api/me', requireAccessToken, (req, res) => {
+  res.json({
+    message: 'Authorized via access token',
+    sub: req.auth.sub,
+    email: req.auth.email,
+    name: req.auth.name,
+    scopes: req.auth.scope,
+  });
+});
+
+app.listen(port, () => {
+  console.log(`API listening on http://localhost:${port}`);
+  console.log(`OIDC issuer: ${oidcIssuer}`);
+});