fix(operator,portal): env-driven sign-out URLs + host labels (no more .local in prod)
Operator sign-out hardcoded the dev Authentik end-session URL, so prod logout landed on auth.dezky.local. Mirror the portal's env-driven pattern (NUXT_PUBLIC_AUTH_URL/NUXT_PUBLIC_OPERATOR_URL with .local fallbacks). Expose authUrl/operatorUrl via public runtimeConfig and use them for the Authentik admin links and the cosmetic host labels (sidebar, eyebrows, auth-page hints). Portal: signed-out + webmail copy now derive their hosts from runtime config (new public.mailUrl, NUXT_PUBLIC_MAIL_URL in prod).
This commit is contained in:
Ronni Baslund
@@ -1,4 +1,5 @@
|
||||
<script setup lang="ts">
|
||||
const operatorHost = new URL(useRuntimeConfig().public.operatorUrl).host
|
||||
// O.3 scaffolding login. Real visual treatment lands in O.4 with the full
|
||||
// design system port. For now: minimal dark-themed bounce to Authentik.
|
||||
|
||||
@@ -18,7 +19,7 @@ async function signIn() {
|
||||
Authentik-issued tokens · platform-admin group required · MFA when enrolled.
|
||||
</p>
|
||||
<button class="primary" @click="signIn">Sign in</button>
|
||||
<p class="hint">operator.dezky.local</p>
|
||||
<p class="hint">{{ operatorHost }}</p>
|
||||
</div>
|
||||
</div>
|
||||
</template>
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<script setup lang="ts">
|
||||
const operatorHost = new URL(useRuntimeConfig().public.operatorUrl).host
|
||||
import type { Tenant } from '~/types/tenant'
|
||||
import type { Partner } from '~/types/partner'
|
||||
import type { PlatformUser } from '~/types/user'
|
||||
@@ -65,7 +66,7 @@ function fmtDate(d: string) {
|
||||
<template>
|
||||
<div>
|
||||
<PageHeader
|
||||
eyebrow="Operator · operator.dezky.local"
|
||||
:eyebrow="`Operator · ${operatorHost}`"
|
||||
title="Platform overview"
|
||||
:subtitle="`${stats.tenants} tenants · ${stats.partners} partners · ${stats.users} platform users`"
|
||||
>
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<script setup lang="ts">
|
||||
const operatorHost = new URL(useRuntimeConfig().public.operatorUrl).host
|
||||
// Shown when an authenticated-but-non-operator session reaches the operator
|
||||
// portal (see middleware/require-platform-admin.global.ts). The account is
|
||||
// valid in Authentik but lacks platformAdmin — e.g. a partner or tenant user
|
||||
@@ -42,7 +43,7 @@ onMounted(() => {
|
||||
continue.
|
||||
</p>
|
||||
<button class="primary" type="button" @click="signOut">Sign out now</button>
|
||||
<p class="hint">operator.dezky.local</p>
|
||||
<p class="hint">{{ operatorHost }}</p>
|
||||
</div>
|
||||
</div>
|
||||
</template>
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<script setup lang="ts">
|
||||
const authUrl = useRuntimeConfig().public.authUrl
|
||||
import type { PlatformUser } from '~/types/user'
|
||||
|
||||
const { data: users, pending, refresh } = await useFetch<PlatformUser[]>('/api/users', {
|
||||
@@ -41,7 +42,7 @@ async function onInvited() {
|
||||
<template #leading><UiIcon name="refresh" :size="13" /></template>
|
||||
Refresh
|
||||
</UiButton>
|
||||
<a href="https://auth.dezky.local/if/admin/" target="_blank" rel="noopener" class="link">
|
||||
<a :href="`${authUrl}/if/admin/`" target="_blank" rel="noopener" class="link">
|
||||
<UiButton variant="secondary">
|
||||
<template #leading><UiIcon name="external" :size="13" /></template>
|
||||
Manage in Authentik
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<script setup lang="ts">
|
||||
const operatorHost = new URL(useRuntimeConfig().public.operatorUrl).host
|
||||
// Pricing catalog editor. Operator-only. Each (plan, cycle) is a single row
|
||||
// with three independent per-currency amounts (DKK / EUR / USD). Operator
|
||||
// types clean round numbers in each currency — no FX derivation. Empty cells
|
||||
@@ -233,7 +234,7 @@ const sortedPrices = computed<PriceRow[]>(() =>
|
||||
<template>
|
||||
<div>
|
||||
<PageHeader
|
||||
eyebrow="Operator · operator.dezky.local"
|
||||
:eyebrow="`Operator · ${operatorHost}`"
|
||||
title="Pricing catalog"
|
||||
subtitle="One row per plan + cycle, with independent prices per currency. Editing an amount re-prices live customers on that currency at their next billing cycle (no mid-cycle charge) and applies to all new subscriptions."
|
||||
>
|
||||
|
||||
@@ -45,7 +45,7 @@ const lastSignIn = computed(() => {
|
||||
return new Date(iat * 1000)
|
||||
})
|
||||
|
||||
const AUTHENTIK = 'https://auth.dezky.local'
|
||||
const AUTHENTIK = useRuntimeConfig().public.authUrl
|
||||
const links = [
|
||||
{
|
||||
icon: 'key' as const,
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<script setup lang="ts">
|
||||
const operatorHost = new URL(useRuntimeConfig().public.operatorUrl).host
|
||||
// Sign-out landing for the operator portal. /api/auth/sign-out cleared the
|
||||
// local session and bounced through Authentik's end-session endpoint, which
|
||||
// ended the IdP session. By the time we render here the user has no
|
||||
@@ -24,7 +25,7 @@ function signInAgain() {
|
||||
ready — Authentik will ask for fresh credentials.
|
||||
</p>
|
||||
<button class="primary" type="button" @click="signInAgain">Sign in again</button>
|
||||
<p class="hint">operator.dezky.local</p>
|
||||
<p class="hint">{{ operatorHost }}</p>
|
||||
</div>
|
||||
</div>
|
||||
</template>
|
||||
|
||||
Reference in New Issue
Block a user