optovia/webapp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit from monorepo

Browse Source
This commit is contained in:
Ruslan Bakiev
2026-01-07 09:10:35 +07:00
commit 3db50d9637
371 changed files with 43223 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

152
server/middleware/00-logto.ts Normal file
View File

@@ -0,0 +1,152 @@
import LogtoClient, { CookieStorage } from '@logto/node'
import { getRequestURL, getCookie, setCookie, sendRedirect, type H3Event } from 'h3'
import { randomUUID } from 'crypto'
const SESSION_COOKIE_NAME = 'logtoSession'
const LEGACY_COOKIE_NAME = 'logtoCookies'
const SCOPES = [
'openid',
'profile',
'email',
'offline_access',
'urn:logto:scope:organizations',
'urn:logto:scope:organization_token',
'teams:member'
]
const RESOURCES = [
'https://teams.optovia.ru',
'https://orders.optovia.ru',
'https://kyc.optovia.ru',
'https://exchange.optovia.ru',
'https://billing.optovia.ru'
]
const createSessionWrapper = (event: H3Event) => {
const storage = useStorage('logto')
let currentSessionId = ''
return {
wrap: async (data: Record<string, unknown>) => {
if (!data || Object.keys(data).length === 0) {
if (currentSessionId) {
await storage.removeItem(`session:${currentSessionId}`)
}
currentSessionId = ''
return ''
}
if (!currentSessionId) {
currentSessionId = randomUUID()
}
await storage.setItem(`session:${currentSessionId}`, data)
return currentSessionId
},
unwrap: async (value: string) => {
currentSessionId = value || ''
if (!currentSessionId) return {}
const stored = await storage.getItem<Record<string, unknown>>(`session:${currentSessionId}`)
if (!stored) {
// Session ID exists in cookie but data not found in storage - clear the stale cookie
setCookie(event, SESSION_COOKIE_NAME, '', { path: '/', maxAge: 0 })
currentSessionId = ''
return {}
}
return stored
}
}
}
export default defineEventHandler(async (event) => {
const endpoint = process.env.NUXT_LOGTO_ENDPOINT || 'https://auth.optovia.ru'
const appId = process.env.NUXT_LOGTO_APP_ID || ''
const appSecret = process.env.NUXT_LOGTO_APP_SECRET || ''
if (!appId || !appSecret) {
return
}
const url = getRequestURL(event)
if (getCookie(event, LEGACY_COOKIE_NAME)) {
setCookie(event, LEGACY_COOKIE_NAME, '', { path: '/', maxAge: 0 })
}
// Check for stale session cookie BEFORE initializing CookieStorage
const existingSessionId = getCookie(event, SESSION_COOKIE_NAME)
if (existingSessionId) {
const nitroStorage = useStorage('logto')
const sessionData = await nitroStorage.getItem(`session:${existingSessionId}`)
if (!sessionData) {
// Session cookie exists but no data in storage - clear it
setCookie(event, SESSION_COOKIE_NAME, '', { path: '/', maxAge: 0 })
}
}
const storage = new CookieStorage({
cookieKey: SESSION_COOKIE_NAME,
isSecure: process.env.NODE_ENV === 'production',
sessionWrapper: createSessionWrapper(event),
getCookie: async (name) => getCookie(event, name),
setCookie: async (name, value, options) => {
setCookie(event, name, value, options)
}
})
await storage.init()
const logto = new LogtoClient(
{
endpoint,
appId,
appSecret,
resources: RESOURCES,
scopes: SCOPES
},
{
navigate: async (target) => {
await sendRedirect(event, target, 302)
},
storage
}
)
if (url.pathname === '/sign-in') {
await logto.signIn({
redirectUri: new URL('/callback', url).href
})
return
}
if (url.pathname === '/sign-out') {
await logto.signOut(new URL('/', url).href)
return
}
if (url.pathname === '/callback') {
await logto.handleSignInCallback(url.href)
await sendRedirect(event, '/', 302)
return
}
event.context.logtoClient = logto
if (await logto.isAuthenticated()) {
try {
event.context.logtoUser = await logto.fetchUserInfo()
} catch {
try {
event.context.logtoUser = await logto.getIdTokenClaims()
} catch {
event.context.logtoUser = undefined
}
}
}
const orgId = (event.context.logtoUser as { organizations?: string[] } | undefined)?.organizations?.[0]
if (orgId) {
event.context.logtoOrgId = orgId
}
})