cdupont
commented
5 years ago - Solution 1: create a DNS subdomain
login.waziup.ioand direct it to Keycloak server. - Solution 2: create new login pages under
dashboard.waziup.io/login
Solution 1 is easy to implement with small changes to the proxy and SSL certificates. The dashboard will redirect to an address such as:
https://login.waziup.io/auth/realms/waziup/protocol/openid-connect/auth?client_id=api-server&redirect_uri=http%3A%2F%2Fdashboard.waziup.io%2F&state=34ae8143-0589-410f-abcc-5530d244a1a5&response_mode=fragment&response_type=code&scope=openid&nonce=bd003fa3-8498-4b8b-8b4a-34ce50315b42
Instead of: https://keycloak.waziup.io/auth/realms/waziup/protocol/openid-connect/auth?client_id=api-server&redirect_uri=http%3A%2F%2Fdashboard.waziup.io%2F&state=34ae8143-0589-410f-abcc-5530d244a1a5&response_mode=fragment&response_type=code&scope=openid&nonce=bd003fa3-8498-4b8b-8b4a-34ce50315b42
It is still not ideal since if you try login.keycloak.io, you will land on the Keycloak admin login page, not the Waziup login page. Plus the URLs displayed are quite big.
Solution 2 require that we create a new login page with React and host it in the dashboard itself. Now the login page is served by Keycloak. I think this is needed at some point, but require more work. Also a redesign of the Profile pages in React is necessary, as it doesn't look too nice and homogeneous with the rest of the Dashboard. However, we need to wait for Keycloak new Account management API to be finished. https://issues.jboss.org/secure/attachment/12455038/12455038_New+Account+Management+Console.pdf
Currently, the dashboard redirects to
keycloak.waziup.iowhen logging in. This would be better to have a dedicated URL for login, such aslogin.waziup.ioordashboard.waziup.io/login.