Skip to content

feat: enable multiple auth methods #963

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 37 commits into
base: main
Choose a base branch
from
Open

feat: enable multiple auth methods #963

wants to merge 37 commits into from

Conversation

jescalada
Copy link
Contributor

Fixes #962.

This PR builds on top of #961 and adds support for multiple auth methods. Now, it's possible to enable different methods simultaneously without erroring out (local, AD, OIDC).

I'm happy to add tests to improve coverage if needed. 🙂

Changelog

  • Add support for multiple auth methods in src/service/passport
    • Update src/service/routes/auth.js routes accordingly
  • Rename /userLoggedIn to more standard /me

@jescalada
feat(auth): add NotAuthorized and NotFound pages
f2c1182
@jescalada
feat(auth): add AuthProvider and PrivateRoute wrapper
256523f
@jescalada
chore(auth): rename userLoggedIn endpoint
516ed7f
@jescalada
chore(auth): refactor routes to use PrivateRoute guard
47e95d4
@jescalada
fix(auth): temporary fix for username edit redirect
893e0b1
@jescalada
fix(auth): access user admin status correctly
d049463
@jescalada
chore(auth): refactor /admin routes into /dashboard
db04af6
@jescalada
chore(auth): rename Admin files into Dashboard
9736801
@jescalada
test(auth): Add default login redirect E2E test
e7ec1f0
@jescalada
fix(auth): fix redirect on local login
3702acd
@jescalada
fix(auth): improve error handling on repos page
f2560ab
@jescalada
test(auth): fix failing test (login before accessing page)
24ca06f
@jescalada
test(auth): fix login command and simplify login flow
2146bc0
@jescalada
feat(auth): refactor and improve existing auth methods
884f0a6
@jescalada
feat(auth): configure passport with all enabled auth methods
ce6023b
@jescalada
test(auth): fix tests for multiple auth methods
68fa115
@jescalada
Merge branch 'oidc-implementation' into enable-multiple-auth-methods
0a74501
@jescalada
fix(auth): refactor how auth strategies are loaded into API route mid…
627c0ea 
…dleware
@jescalada
Merge branch 'oidc-implementation' into layout-auth-decoupling
6b96db0
@jescalada
chore(auth): fix linter issues
050ba17
@jescalada
Merge branch 'layout-auth-decoupling' into enable-multiple-auth-methods
db30bef
@jescalada
fix(auth): fix OIDC login e2e test
b58d3a8
@jescalada
fix(auth): fix linter issues
291c179
@jescalada
fix(auth): try to fix ESM issue on openid-client import
2f19f82
@netlify Netlify
Copy link

netlify bot commented Mar 28, 2025
edited
Loading

Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name Link
🔨 Latest commit 304a2ec
🔍 Latest deploy log https://app.netlify.com/projects/endearing-brigadeiros-63f9d0/deploys/682d7452685e790008c15b35

@codecov Codecov
Copy link

codecov bot commented Apr 2, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 64.70588% with 30 lines in your changes missing coverage. Please review.

Project coverage is 49.16%. Comparing base (fc6f166) to head (304a2ec).

Files with missing lines Patch % Lines
src/service/passport/activeDirectory.js 15.38% 22 Missing ⚠️
src/service/passport/oidc.js 33.33% 4 Missing ⚠️
src/service/passport/local.js 92.85% 2 Missing ⚠️
src/service/routes/auth.js 66.66% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #963      +/-   ##
==========================================
+ Coverage   48.51%   49.16%   +0.64%     
==========================================
  Files          51       52       +1     
  Lines        2092     2103      +11     
  Branches      241      240       -1     
==========================================
+ Hits         1015     1034      +19     
+ Misses       1040     1032       -8     
  Partials       37       37

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@jescalada jescalada linked an issue Apr 2, 2025 that may be closed by this pull request
Refactor Auth module to allow multiple auth strategies G-Research/git-proxy#6
Closed
@jescalada jescalada mentioned this pull request Apr 7, 2025
Open
sam-holmes2
sam-holmes2 reviewed May 19, 2025
View reviewed changes
Copy link

@sam-holmes2 sam-holmes2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Main concern is the hardcoded default admin user credentials

This was referenced May 21, 2025
Open
Open
@jescalada jescalada requested a review from sam-holmes2 May 21, 2025 06:41
@jescalada
Copy link
Contributor Author

jescalada commented May 21, 2025
edited
Loading

@sam-holmes2 Thanks for the review! I addressed most of the problems, and made extra issues for the things we should probably set aside for now.

I think we could look into improving test coverage after the service logic is refactored into TS. That will let us write better tests since it'll fix some of the type issues and error handling.

Important: #961 should be merged first as it makes these auth changes optional and configurable through proxy.config.json.

@jescalada jescalada mentioned this pull request May 21, 2025
Open
sam-holmes2
sam-holmes2 approved these changes May 22, 2025
View reviewed changes
Copy link

@sam-holmes2 sam-holmes2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - thanks for your contribution!
Understood, #961 should be merged first (I've also approved this PR)

@jescalada jescalada mentioned this pull request May 23, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sam-holmes2 sam-holmes2 sam-holmes2 approved these changes

Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Enable multiple strategies for UI login/passport auth Refactor Auth module to allow multiple auth strategies
2 participants
@jescalada @sam-holmes2