Skip to content

feat: auth multi tenancy support #1521

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
JRaams wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat: auth multi tenancy support #1521

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
5e8f5fc
feat: basic multi tenancy support with extra token decode
JRaams Apr 14, 2024
37a1f12
feat: browser tests for tenant based auth; add tenants to playground
JRaams Apr 16, 2024
a4391e7
fix: multi tenant auth should include tenantId in user/accesstoken du…
JRaams Apr 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
feat: basic multi tenancy support with extra token decode
  • Loading branch information
@JRaams
JRaams committed Apr 14, 2024
commit 5e8f5fc34b47e9f60ad7dc2aebfe9e5699c44c1e
1 change: 1 addition & 0 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@
],
"license": "MIT",
"dependencies": {
"jwt-decode": "^4.0.0",
"vue-demi": "latest"
},
"peerDependencies": {
Expand Down
8 changes: 7 additions & 1 deletion packages/nuxt/src/runtime/auth/api.session-verification.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import {
import { ensureAdminApp } from 'vuefire/server'
import { logger } from '../logging'
import { useRuntimeConfig } from '#imports'
import { parseTenantFromFirebaseJwt } from 'vuefire'

/**
* Setups an API endpoint to be used by the client to mint a cookie based auth session.
Expand All @@ -27,7 +28,12 @@ export default defineEventHandler(async (event) => {
},
'session-verification'
)
const adminAuth = getAdminAuth(adminApp)

const tenant = parseTenantFromFirebaseJwt(token)

const adminAuth = tenant
? getAdminAuth(adminApp).tenantManager().authForTenant(tenant)
: getAdminAuth(adminApp)

logger.debug(token ? 'Verifying the token' : 'Deleting the session cookie')
const verifiedIdToken = token ? await adminAuth.verifyIdToken(token) : null
Expand Down
7 changes: 6 additions & 1 deletion packages/nuxt/src/runtime/auth/plugin-authenticate-user.server.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ export default defineNuxtPlugin(async (nuxtApp) => {
const event = useRequestEvent()
const firebaseApp = nuxtApp.$firebaseApp as FirebaseApp
const firebaseAdminApp = nuxtApp.$firebaseAdminApp as AdminApp
const adminAuth = getAdminAuth(firebaseAdminApp)
const auth = nuxtApp.$firebaseAuth as Auth

const decodedToken = nuxtApp[
Expand All @@ -27,6 +26,12 @@ export default defineNuxtPlugin(async (nuxtApp) => {

const uid = decodedToken?.uid

const tenant = decodedToken?.firebase?.tenant

const adminAuth = tenant
? getAdminAuth(firebaseAdminApp).tenantManager().authForTenant(tenant)
: getAdminAuth(firebaseAdminApp)

// this is also undefined if the user hasn't enabled the session cookie option
if (uid) {
// reauthenticate if the user is not the same (e.g. invalidated)
Expand Down
2 changes: 1 addition & 1 deletion packages/nuxt/src/runtime/auth/plugin-user-token.server.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ export default defineNuxtPlugin(async (nuxtApp) => {
const adminApp = nuxtApp.$firebaseAdminApp as AdminApp

const decodedToken = await decodeSessionCookie(
getCookie(event, AUTH_COOKIE_NAME),
event && getCookie(event, AUTH_COOKIE_NAME),
adminApp
)

Expand Down
Loading