From 2ba32493ee226e6e5b333d01af6d8d6a2529e4ea Mon Sep 17 00:00:00 2001 From: bkellam Date: Wed, 12 Feb 2025 16:36:37 -0800 Subject: [PATCH] teak --- entrypoint.sh | 19 ++++++++++++++++++- packages/web/src/auth.ts | 21 +++++++++++++-------- 2 files changed, 31 insertions(+), 9 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index fda2cbaf..da402f74 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -27,7 +27,7 @@ if [ ! -d "$DB_DATA_DIR" ]; then fi if [ -z "$SOURCEBOT_ENCRYPTION_KEY" ]; then - echo -e "\e[31m[Error] SOURCEBOT_ENCRYPTION_KEY is not set.\e[0m" + echo -e "\e[33m[Warning] SOURCEBOT_ENCRYPTION_KEY is not set.\e[0m" if [ -f "$DATA_CACHE_DIR/.secret" ]; then echo -e "\e[34m[Info] Loading environment variables from $DATA_CACHE_DIR/.secret\e[0m" @@ -42,6 +42,23 @@ if [ -z "$SOURCEBOT_ENCRYPTION_KEY" ]; then set +a fi +# @see : https://authjs.dev/getting-started/deployment#auth_secret +if [ -z "$AUTH_SECRET" ]; then + echo -e "\e[33m[Warning] AUTH_SECRET is not set.\e[0m" + + if [ -f "$DATA_CACHE_DIR/.authjs-secret" ]; then + echo -e "\e[34m[Info] Loading environment variables from $DATA_CACHE_DIR/.authjs-secret\e[0m" + else + echo -e "\e[34m[Info] Generating a new encryption key...\e[0m" + AUTH_SECRET=$(openssl rand -base64 33) + echo "AUTH_SECRET=\"$AUTH_SECRET\"" >> "$DATA_CACHE_DIR/.authjs-secret" + fi + + set -a + . "$DATA_CACHE_DIR/.authjs-secret" + set +a +fi + # In order to detect if this is the first run, we create a `.installed` file in # the cache directory. FIRST_RUN_FILE="$DATA_CACHE_DIR/.installedv2" diff --git a/packages/web/src/auth.ts b/packages/web/src/auth.ts index febd2a21..250b83b0 100644 --- a/packages/web/src/auth.ts +++ b/packages/web/src/auth.ts @@ -24,14 +24,18 @@ declare module 'next-auth/jwt' { } const providers: Provider[] = [ - GitHub({ - clientId: AUTH_GITHUB_CLIENT_ID, - clientSecret: AUTH_GITHUB_CLIENT_SECRET, - }), - Google({ - clientId: AUTH_GOOGLE_CLIENT_ID!, - clientSecret: AUTH_GOOGLE_CLIENT_SECRET!, - }) + ...(AUTH_GITHUB_CLIENT_ID && AUTH_GITHUB_CLIENT_SECRET ? [ + GitHub({ + clientId: AUTH_GITHUB_CLIENT_ID, + clientSecret: AUTH_GITHUB_CLIENT_SECRET, + }), + ] : []), + ...(AUTH_GOOGLE_CLIENT_ID && AUTH_GOOGLE_CLIENT_SECRET ? [ + Google({ + clientId: AUTH_GOOGLE_CLIENT_ID, + clientSecret: AUTH_GOOGLE_CLIENT_SECRET, + }), + ] : []), ]; // @see: https://authjs.dev/guides/pages/signin @@ -56,6 +60,7 @@ export const { handlers, signIn, signOut, auth } = NextAuth({ session: { strategy: "jwt", }, + trustHost: true, callbacks: { async jwt({ token, user: _user }) { const user = _user as User | undefined;