NishantRajputRN
60 lines
1.4 KiB
JavaScript
60 lines
1.4 KiB
JavaScript
import 'dotenv/config';
|
|
import cors from 'cors';
|
|
import express from 'express';
|
|
import { initAuth, requireAccessToken } from './middleware/auth.js';
|
|
|
|
function resolveIssuer() {
|
|
if (process.env.OIDC_ISSUER?.trim()) {
|
|
const issuer = process.env.OIDC_ISSUER.trim();
|
|
return issuer.endsWith('/') ? issuer : `${issuer}/`;
|
|
}
|
|
const base = process.env.AUTHENTIK_URL?.trim();
|
|
const slug = process.env.OIDC_APP_SLUG?.trim() || 'oidc-demo';
|
|
if (!base) return null;
|
|
return `${base.replace(/\/+$/, '')}/application/o/${slug}/`;
|
|
}
|
|
|
|
const port = Number(process.env.PORT) || 3001;
|
|
const oidcIssuer = resolveIssuer();
|
|
const corsOrigin = process.env.CORS_ORIGIN ?? 'http://localhost:5173';
|
|
|
|
if (!oidcIssuer) {
|
|
console.error(
|
|
'Set OIDC_ISSUER or AUTHENTIK_URL + OIDC_APP_SLUG in backend/.env',
|
|
);
|
|
process.exit(1);
|
|
}
|
|
|
|
initAuth({
|
|
oidcIssuer,
|
|
oidcAudience: process.env.OIDC_AUDIENCE,
|
|
});
|
|
|
|
const app = express();
|
|
|
|
app.use(
|
|
cors({
|
|
origin: corsOrigin,
|
|
credentials: true,
|
|
}),
|
|
);
|
|
|
|
app.get('/health', (_req, res) => {
|
|
res.json({ status: 'ok', issuer: oidcIssuer });
|
|
});
|
|
|
|
app.get('/api/me', requireAccessToken, (req, res) => {
|
|
res.json({
|
|
message: 'Authorized via access token',
|
|
sub: req.auth.sub,
|
|
email: req.auth.email,
|
|
name: req.auth.name,
|
|
scopes: req.auth.scope,
|
|
});
|
|
});
|
|
|
|
app.listen(port, () => {
|
|
console.log(`API listening on http://localhost:${port}`);
|
|
console.log(`OIDC issuer: ${oidcIssuer}`);
|
|
});
|