Closed hannavovk closed 4 months ago
@shon-button Would you mind adding some description to this ticket?
@shon-button Would you mind adding some description to this ticket?
@hannavovk could you please you give me write access to the ticket thanks
Note: blocking Giraffe ticket 194.
Description:
Our Figma design features a BCiers Dashboard - External & Internal which contains, for logged in users, the links to the registration, reporting, and COAM apps.
With our monorepo architecture, the registration, reporting, and COAM apps are separate micro front-ends allowing each app to operate autonomously rather than being part of a single monolithic application. Similarly the
BCiers Dashboard
could also be a separate micro front-end that manages common components of the other micro front-ends such as a landing page for all unauthenticated users and authentication configurations to manage Keycloak login.BCiers dashboard ├── registration ├── reporting └── COAM
Background
Sharing JWT session state across microfrontends using Auth.js and Next.js Multi-zones feature.
auth.js v5
Auth.js provides JWT-based user session strategy using JSON Web Tokens (JWT). When a user signs in, a JWT is created in a HttpOnly cookie. Making the cookie HttpOnly prevents JavaScript from accessing it client-side (via document.cookie, for example), which makes it harder for attackers to steal the value. In addition, the JWT is encrypted with a secret key only known to the server. So, even if an attacker were to steal the JWT from the cookie, they could not decrypt it. Combined with a short expiration time, this makes JWTs a secure way to create sessions. When a user signs out, Auth.js deletes the JWT from the cookies, destroying the session. This JWT session strategy allows logging in once, for the time the JWT is valid, so users do not have to log in every single time they visit the site.
Next.js multi zones A zone refers to a single Next.js app running on a server. Multiple Next.js apps can be combined together using the multi-zones feature so to appear as a unified application. For example, let’s say we have a Next.js application that consists of three different micro-frontends: a home app, a registration app, and a reporting app. You could define each of the separate micro-frontend app as a separate “zone”, and then, through configurations of
.env
,next.config.js
,package.json
, the user can navigate the apps as if it was a single, monolithic application allowing sharing of the authentication session between apps deployed on separate subdomains.Development Checklist
Auth 5
cd bciers && yarn add next@latest
cd bciers && yarn add next-auth@beta
Shared components
cd bciers && yarn nx g @nx/next:lib middlewares --directory=libs/shared/middlewares
cd bciers && yarn nx g @nx/next:lib actions --directory=libs/shared/actions
getToken
etc.cd bciers && yarn nx g @nx/next:lib types --directory=libs/shared/types
Index.ts\ContentItem
bciers/libs/shared/components/src/lib/layout/Footer.tsx
bciers/libs/shared/components/src/lib/layout/Header.tsx
bciers/libs/shared/components/src/lib/navigation/Bread.tsx
bciers/libs/shared/components/src/lib/navigation/Tiles.tsx
bciers/libs/shared/data/src/report_a_problem.json
Configurations
bciers/tsconfig.base.json
bciers/package.json\scripts\dev
bciers/.env
dashboard app
cd bciers && yarn nx g @nx/next:app dashboard --directory=apps/dashboard
bciers/apps/dashboard/src/app/auth/
folder/error/page.tsx
bciers/apps/dashboard/src/auth/
folderauthconfig.ts
index.ts
bciers/apps/dashboard/src/app/components/auth/
folderProfile.tsx
SessionProvider.tsx
bciers/apps/dashboard/src/app/layout.tsx
bciers/libs/shared/components/src/lib/layout/Header.tsx
bciers/libs/shared/components/src/lib/layout/Footer.tsx
bciers/apps/dashboard/src/app/components/auth/SessionProvider.tsx
<SessionProvider>
bciers/apps/dashboard/src/app/onboarding/page.tsx
bciers/apps/dashboard/src/app/dashboard/page.tsx
bciers/libs/shared/components/src/lib/navigation/Tiles.tsx
bciers/apps/dashboard/src/middlewares
folderwithAuthorizationDashboard.tsx
middleware.tsx
bciers/apps/dashboard/next.config.js
with rewrites@type {import('@nx/next/plugins/with-nx').WithNxOptions} */ const nextConfig = { async rewrites() { return [ { source: '/:path', destination:
/:path*
, }, { source: '/registration', destination:${HOST_REGISTRATION}/registration
, }, { source: '/registration/:path', destination: `${HOST_REGISTRATION}/registration/:path, }, { source: '/reporting', destination:
${HOST_REPORTING}/reporting, }, { source: '/reporting/:path*', destination:
${HOST_REPORTING}/reporting/:path*`, }, ]; },const nextConfig = { ...nextConfigBase, // To deploy a Next.js application under a sub-path of a domain you can use the basePath config option basePath: '/registration',
const nextConfig = { ...nextConfigBase, // To deploy a Next.js application under a sub-path of a domain you can use the basePath config option basePath: '/reporting',
Acceptance Criteria:
Given When Then
Development Checklist:
Definition of Ready (Note: If any of these points are not applicable, mark N/A)
·Definition of Done (Note: If any of these points are not applicable, mark N/A)
Notes:
Dependencies