nishantr/Authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

deploy code

Browse Source
This commit is contained in:
NishantRajputRN
2026-05-19 18:08:06 +05:30
parent e886bddfd1
commit 44d3f015fe
45 changed files with 5072 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
frontend/src/App.css
+106
View File
@@ -0,0 +1,106 @@
.app {
max-width: 640px;
margin: 0 auto;
padding: 2rem 1.5rem;
font-family: system-ui, -apple-system, sans-serif;
}
header {
display: flex;
align-items: center;
justify-content: space-between;
gap: 1rem;
margin-bottom: 2rem;
}
h1 {
font-size: 1.5rem;
margin: 0;
}
h2 {
font-size: 1.1rem;
margin: 0 0 0.75rem;
}
.card {
background: #1a1a1a;
border: 1px solid #333;
border-radius: 8px;
padding: 1.25rem;
margin-bottom: 1rem;
}
.hint {
color: #888;
font-size: 0.875rem;
margin: 0 0 1rem;
}
dl {
display: grid;
grid-template-columns: auto 1fr;
gap: 0.5rem 1rem;
margin: 0;
}
dt {
color: #888;
font-size: 0.875rem;
}
dd {
margin: 0;
word-break: break-all;
}
button {
background: #646cff;
color: #fff;
border: none;
border-radius: 6px;
padding: 0.6rem 1.2rem;
font-size: 1rem;
cursor: pointer;
}
button:hover {
background: #535bf2;
}
button:disabled {
opacity: 0.6;
cursor: not-allowed;
}
button.secondary {
background: transparent;
border: 1px solid #555;
color: inherit;
}
button.secondary:hover {
border-color: #888;
background: #222;
}
.error {
color: #f66;
margin-top: 0.75rem;
}
pre {
margin-top: 1rem;
padding: 1rem;
background: #0d0d0d;
border-radius: 6px;
overflow-x: auto;
font-size: 0.8rem;
}
.setup-error code {
font-size: 0.85rem;
background: #0d0d0d;
padding: 0.1rem 0.35rem;
border-radius: 4px;
}
frontend/src/App.tsx
+105
View File
@@ -0,0 +1,105 @@
import { useAuth } from 'react-oidc-context';
import { useState } from 'react';
import { fetchProtected } from './api/client';
import './App.css';
function App() {
const auth = useAuth();
const [apiData, setApiData] = useState<unknown>(null);
const [apiError, setApiError] = useState<string | null>(null);
const [loading, setLoading] = useState(false);
if (auth.isLoading) {
return <div className="app">Loading session</div>;
}
if (auth.error) {
const hint =
auth.error.message === 'Failed to fetch'
? 'The browser could not reach Authentik. Check that it is running, VITE_AUTHENTIK_URL is correct, and the discovery URL opens in a new tab.'
: auth.error.message;
return (
<div className="app">
<p className="error">Auth error: {hint}</p>
<button type="button" onClick={() => auth.signinRedirect()}>
Try again
</button>
</div>
);
}
if (!auth.isAuthenticated || !auth.user) {
return (
<div className="app">
<h1>OIDC Auth Demo</h1>
<p>Sign in with Authentik to continue.</p>
<button type="button" onClick={() => auth.signinRedirect()}>
Sign in
</button>
</div>
);
}
const idClaims = auth.user.profile;
const accessToken = auth.user.access_token;
async function callApi() {
if (!accessToken) {
setApiError('No access token in session');
return;
}
setLoading(true);
setApiError(null);
try {
const data = await fetchProtected('/api/me', accessToken);
setApiData(data);
} catch (err) {
setApiData(null);
setApiError(err instanceof Error ? err.message : 'API request failed');
} finally {
setLoading(false);
}
}
return (
<div className="app">
<header>
<h1>OIDC Auth Demo</h1>
<button type="button" className="secondary" onClick={() => auth.signoutRedirect()}>
Sign out
</button>
</header>
<section className="card">
<h2>Login (ID Token)</h2>
<p className="hint">
User identity comes from the ID token claims below.
</p>
<dl>
<dt>Subject</dt>
<dd>{idClaims.sub}</dd>
<dt>Email</dt>
<dd>{String(idClaims.email ?? '—')}</dd>
<dt>Name</dt>
<dd>{String(idClaims.name ?? idClaims.preferred_username ?? '—')}</dd>
</dl>
</section>
<section className="card">
<h2>API (Access Token)</h2>
<p className="hint">
Protected routes use the access token in the Authorization header.
</p>
<button type="button" onClick={callApi} disabled={loading}>
{loading ? 'Calling API…' : 'GET /api/me'}
</button>
{apiError && <p className="error">{apiError}</p>}
{apiData != null && (
<pre>{JSON.stringify(apiData, null, 2)}</pre>
)}
</section>
</div>
);
}
export default App;
frontend/src/api/client.ts
+19
View File
@@ -0,0 +1,19 @@
const API_URL = import.meta.env.VITE_API_URL ?? 'http://localhost:3001';
export async function fetchProtected(
path: string,
accessToken: string,
): Promise<unknown> {
const response = await fetch(`${API_URL}${path}`, {
headers: {
Authorization: `Bearer ${accessToken}`,
},
});
if (!response.ok) {
const body = await response.text();
throw new Error(body || `Request failed (${response.status})`);
}
return response.json();
}
frontend/src/assets/hero.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

frontend/src/assets/react.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="35.93" height="32" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 228"><path fill="#00D8FF" d="M210.483 73.824a171.49 171.49 0 0 0-8.24-2.597c.465-1.9.893-3.777 1.273-5.621c6.238-30.281 2.16-54.676-11.769-62.708c-13.355-7.7-35.196.329-57.254 19.526a171.23 171.23 0 0 0-6.375 5.848a155.866 155.866 0 0 0-4.241-3.917C100.759 3.829 77.587-4.822 63.673 3.233C50.33 10.957 46.379 33.89 51.995 62.588a170.974 170.974 0 0 0 1.892 8.48c-3.28.932-6.445 1.924-9.474 2.98C17.309 83.498 0 98.307 0 113.668c0 15.865 18.582 31.778 46.812 41.427a145.52 145.52 0 0 0 6.921 2.165a167.467 167.467 0 0 0-2.01 9.138c-5.354 28.2-1.173 50.591 12.134 58.266c13.744 7.926 36.812-.22 59.273-19.855a145.567 145.567 0 0 0 5.342-4.923a168.064 168.064 0 0 0 6.92 6.314c21.758 18.722 43.246 26.282 56.54 18.586c13.731-7.949 18.194-32.003 12.4-61.268a145.016 145.016 0 0 0-1.535-6.842c1.62-.48 3.21-.974 4.76-1.488c29.348-9.723 48.443-25.443 48.443-41.52c0-15.417-17.868-30.326-45.517-39.844Zm-6.365 70.984c-1.4.463-2.836.91-4.3 1.345c-3.24-10.257-7.612-21.163-12.963-32.432c5.106-11 9.31-21.767 12.459-31.957c2.619.758 5.16 1.557 7.61 2.4c23.69 8.156 38.14 20.213 38.14 29.504c0 9.896-15.606 22.743-40.946 31.14Zm-10.514 20.834c2.562 12.94 2.927 24.64 1.23 33.787c-1.524 8.219-4.59 13.698-8.382 15.893c-8.067 4.67-25.32-1.4-43.927-17.412a156.726 156.726 0 0 1-6.437-5.87c7.214-7.889 14.423-17.06 21.459-27.246c12.376-1.098 24.068-2.894 34.671-5.345a134.17 134.17 0 0 1 1.386 6.193ZM87.276 214.515c-7.882 2.783-14.16 2.863-17.955.675c-8.075-4.657-11.432-22.636-6.853-46.752a156.923 156.923 0 0 1 1.869-8.499c10.486 2.32 22.093 3.988 34.498 4.994c7.084 9.967 14.501 19.128 21.976 27.15a134.668 134.668 0 0 1-4.877 4.492c-9.933 8.682-19.886 14.842-28.658 17.94ZM50.35 144.747c-12.483-4.267-22.792-9.812-29.858-15.863c-6.35-5.437-9.555-10.836-9.555-15.216c0-9.322 13.897-21.212 37.076-29.293c2.813-.98 5.757-1.905 8.812-2.773c3.204 10.42 7.406 21.315 12.477 32.332c-5.137 11.18-9.399 22.249-12.634 32.792a134.718 134.718 0 0 1-6.318-1.979Zm12.378-84.26c-4.811-24.587-1.616-43.134 6.425-47.789c8.564-4.958 27.502 2.111 47.463 19.835a144.318 144.318 0 0 1 3.841 3.545c-7.438 7.987-14.787 17.08-21.808 26.988c-12.04 1.116-23.565 2.908-34.161 5.309a160.342 160.342 0 0 1-1.76-7.887Zm110.427 27.268a347.8 347.8 0 0 0-7.785-12.803c8.168 1.033 15.994 2.404 23.343 4.08c-2.206 7.072-4.956 14.465-8.193 22.045a381.151 381.151 0 0 0-7.365-13.322Zm-45.032-43.861c5.044 5.465 10.096 11.566 15.065 18.186a322.04 322.04 0 0 0-30.257-.006c4.974-6.559 10.069-12.652 15.192-18.18ZM82.802 87.83a323.167 323.167 0 0 0-7.227 13.238c-3.184-7.553-5.909-14.98-8.134-22.152c7.304-1.634 15.093-2.97 23.209-3.984a321.524 321.524 0 0 0-7.848 12.897Zm8.081 65.352c-8.385-.936-16.291-2.203-23.593-3.793c2.26-7.3 5.045-14.885 8.298-22.6a321.187 321.187 0 0 0 7.257 13.246c2.594 4.48 5.28 8.868 8.038 13.147Zm37.542 31.03c-5.184-5.592-10.354-11.779-15.403-18.433c4.902.192 9.899.29 14.978.29c5.218 0 10.376-.117 15.453-.343c-4.985 6.774-10.018 12.97-15.028 18.486Zm52.198-57.817c3.422 7.8 6.306 15.345 8.596 22.52c-7.422 1.694-15.436 3.058-23.88 4.071a382.417 382.417 0 0 0 7.859-13.026a347.403 347.403 0 0 0 7.425-13.565Zm-16.898 8.101a358.557 358.557 0 0 1-12.281 19.815a329.4 329.4 0 0 1-23.444.823c-7.967 0-15.716-.248-23.178-.732a310.202 310.202 0 0 1-12.513-19.846h.001a307.41 307.41 0 0 1-10.923-20.627a310.278 310.278 0 0 1 10.89-20.637l-.001.001a307.318 307.318 0 0 1 12.413-19.761c7.613-.576 15.42-.876 23.31-.876H128c7.926 0 15.743.303 23.354.883a329.357 329.357 0 0 1 12.335 19.695a358.489 358.489 0 0 1 11.036 20.54a329.472 329.472 0 0 1-11 20.722Zm22.56-122.124c8.572 4.944 11.906 24.881 6.52 51.026c-.344 1.668-.73 3.367-1.15 5.09c-10.622-2.452-22.155-4.275-34.23-5.408c-7.034-10.017-14.323-19.124-21.64-27.008a160.789 160.789 0 0 1 5.888-5.4c18.9-16.447 36.564-22.941 44.612-18.3ZM128 90.808c12.625 0 22.86 10.235 22.86 22.86s-10.235 22.86-22.86 22.86s-22.86-10.235-22.86-22.86s10.235-22.86 22.86-22.86Z"></path></svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.0 KiB

frontend/src/assets/vite.svg
+1
View File
File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 8.5 KiB

frontend/src/auth/AuthShell.tsx
+93
View File
@@ -0,0 +1,93 @@
import { AuthProvider } from 'react-oidc-context';
import { useEffect, useState } from 'react';
import { oidcConfig } from './config';
import {
getDiscoveryUrl,
getOidcAuthority,
getOidcClientId,
isPlaceholderConfig,
} from './env';
type Props = { children: React.ReactNode };
export function AuthShell({ children }: Props) {
const [ready, setReady] = useState(false);
const [error, setError] = useState<string | null>(null);
const authority = getOidcAuthority();
const clientId = getOidcClientId();
const discoveryUrl = getDiscoveryUrl();
useEffect(() => {
if (isPlaceholderConfig()) {
setError(
'OIDC is still using placeholder values in frontend/.env. ' +
'Point VITE_AUTHENTIK_URL at your running Authentik instance and set VITE_OIDC_CLIENT_ID from the provider.',
);
return;
}
let cancelled = false;
(async () => {
try {
const response = await fetch(discoveryUrl);
if (!response.ok) {
throw new Error(`HTTP ${response.status} from ${discoveryUrl}`);
}
if (!cancelled) {
setError(null);
setReady(true);
}
} catch (err) {
if (!cancelled) {
const message =
err instanceof Error ? err.message : 'Could not reach Authentik';
setError(
`Cannot reach Authentik OIDC discovery (${message}). ` +
'Start Authentik (see deploy/README.md) or fix VITE_AUTHENTIK_URL / VITE_OIDC_APP_SLUG in frontend/.env.',
);
}
}
})();
return () => {
cancelled = true;
};
}, [discoveryUrl]);
if (error) {
return (
<div className="app setup-error">
<h1>OIDC configuration</h1>
<p className="error">{error}</p>
<section className="card">
<h2>Current settings</h2>
<dl>
<dt>Issuer</dt>
<dd>{authority}</dd>
<dt>Client ID</dt>
<dd>{clientId}</dd>
<dt>Discovery</dt>
<dd>
<a href={discoveryUrl} target="_blank" rel="noreferrer">
{discoveryUrl}
</a>
</dd>
</dl>
</section>
<p className="hint">
After Authentik is running, create an OAuth2/OpenID provider (public,
redirect URI <code>http://localhost:5173</code>) and copy its slug and
client ID into <code>frontend/.env</code> and <code>backend/.env</code>.
</p>
</div>
);
}
if (!ready) {
return <div className="app">Connecting to Authentik</div>;
}
return <AuthProvider {...oidcConfig}>{children}</AuthProvider>;
}
frontend/src/auth/config.ts
+16
View File
@@ -0,0 +1,16 @@
import { WebStorageStateStore } from 'oidc-client-ts';
import type { AuthProviderProps } from 'react-oidc-context';
import { getOidcAuthority, getOidcClientId } from './env';
export const oidcConfig: AuthProviderProps = {
authority: getOidcAuthority(),
client_id: getOidcClientId(),
redirect_uri: window.location.origin,
post_logout_redirect_uri: window.location.origin,
response_type: 'code',
scope: 'openid profile email',
userStore: new WebStorageStateStore({ store: window.localStorage }),
onSigninCallback: () => {
window.history.replaceState({}, document.title, window.location.pathname);
},
};
frontend/src/auth/env.ts
+48
View File
@@ -0,0 +1,48 @@
function trimSlash(url: string) {
return url.replace(/\/+$/, '');
}
const authentikUrl = import.meta.env.VITE_AUTHENTIK_URL?.trim();
const appSlug = import.meta.env.VITE_OIDC_APP_SLUG?.trim() || 'oidc-demo';
const clientId = import.meta.env.VITE_OIDC_CLIENT_ID?.trim();
/** Full OIDC issuer URL (must match Authentik provider + token `iss`). */
export function getOidcAuthority(): string {
if (import.meta.env.VITE_OIDC_AUTHORITY?.trim()) {
const authority = import.meta.env.VITE_OIDC_AUTHORITY.trim();
return authority.endsWith('/') ? authority : `${authority}/`;
}
if (!authentikUrl) {
throw new Error(
'Set VITE_AUTHENTIK_URL (or VITE_OIDC_AUTHORITY) in frontend/.env',
);
}
return `${trimSlash(authentikUrl)}/application/o/${appSlug}/`;
}
export function getOidcClientId(): string {
if (!clientId) {
throw new Error('Set VITE_OIDC_CLIENT_ID in frontend/.env');
}
return clientId;
}
export function getDiscoveryUrl(): string {
return `${getOidcAuthority()}.well-known/openid-configuration`;
}
const PLACEHOLDER_HOSTS = [
'authentik.example.com',
'example.com',
'your-client-id',
];
export function isPlaceholderConfig(): boolean {
const authority = getOidcAuthority();
const id = getOidcClientId();
return (
PLACEHOLDER_HOSTS.some((h) => authority.includes(h)) ||
id === 'your-client-id' ||
id.startsWith('your-')
);
}
frontend/src/index.css
+111
View File
@@ -0,0 +1,111 @@
:root {
--text: #6b6375;
--text-h: #08060d;
--bg: #fff;
--border: #e5e4e7;
--code-bg: #f4f3ec;
--accent: #aa3bff;
--accent-bg: rgba(170, 59, 255, 0.1);
--accent-border: rgba(170, 59, 255, 0.5);
--social-bg: rgba(244, 243, 236, 0.5);
--shadow:
rgba(0, 0, 0, 0.1) 0 10px 15px -3px, rgba(0, 0, 0, 0.05) 0 4px 6px -2px;
--sans: system-ui, 'Segoe UI', Roboto, sans-serif;
--heading: system-ui, 'Segoe UI', Roboto, sans-serif;
--mono: ui-monospace, Consolas, monospace;
font: 18px/145% var(--sans);
letter-spacing: 0.18px;
color-scheme: light dark;
color: var(--text);
background: var(--bg);
font-synthesis: none;
text-rendering: optimizeLegibility;
-webkit-font-smoothing: antialiased;
-moz-osx-font-smoothing: grayscale;
@media (max-width: 1024px) {
font-size: 16px;
}
}
@media (prefers-color-scheme: dark) {
:root {
--text: #9ca3af;
--text-h: #f3f4f6;
--bg: #16171d;
--border: #2e303a;
--code-bg: #1f2028;
--accent: #c084fc;
--accent-bg: rgba(192, 132, 252, 0.15);
--accent-border: rgba(192, 132, 252, 0.5);
--social-bg: rgba(47, 48, 58, 0.5);
--shadow:
rgba(0, 0, 0, 0.4) 0 10px 15px -3px, rgba(0, 0, 0, 0.25) 0 4px 6px -2px;
}
#social .button-icon {
filter: invert(1) brightness(2);
}
}
#root {
width: 1126px;
max-width: 100%;
margin: 0 auto;
text-align: center;
border-inline: 1px solid var(--border);
min-height: 100svh;
display: flex;
flex-direction: column;
box-sizing: border-box;
}
body {
margin: 0;
}
h1,
h2 {
font-family: var(--heading);
font-weight: 500;
color: var(--text-h);
}
h1 {
font-size: 56px;
letter-spacing: -1.68px;
margin: 32px 0;
@media (max-width: 1024px) {
font-size: 36px;
margin: 20px 0;
}
}
h2 {
font-size: 24px;
line-height: 118%;
letter-spacing: -0.24px;
margin: 0 0 8px;
@media (max-width: 1024px) {
font-size: 20px;
}
}
p {
margin: 0;
}
code,
.counter {
font-family: var(--mono);
display: inline-flex;
border-radius: 4px;
color: var(--text-h);
}
code {
font-size: 15px;
line-height: 135%;
padding: 4px 8px;
background: var(--code-bg);
}
frontend/src/main.tsx
+13
View File
@@ -0,0 +1,13 @@
import { StrictMode } from 'react';
import { createRoot } from 'react-dom/client';
import { AuthShell } from './auth/AuthShell';
import App from './App.tsx';
import './index.css';
createRoot(document.getElementById('root')!).render(
<StrictMode>
<AuthShell>
<App />
</AuthShell>
</StrictMode>,
);