Is your feature request related to a problem? Please describe.
The current front-end authorization pipeline is very hard to debug.
The auth0 integration is several versions out of date, and the code is spread across multiple files.
Describe the solution you'd like
I want to upgrade the Auth0 integration to the latest version.
I want to rebuild the front-end authorization pipeline so it looks like the one in use in the Internal Data Portal project.
Describe alternatives you've considered
Keep trying to debug the current system.
Additional context
Files that use authorization that I've found so far:
web/src/main.js
web/src/api/http-client.js
web/src/auth/axiosAPIConfig.js
web/src/layouts/Layout.vue
web/src/pages/AuthLoadingOverlay.vue
web/src/router/index.js
web/src/auth/index.js
web/src/store/index.js
web/src/store/jwt.js
web/src/modules/authentication/views/SignIn.vue
web/src/auth/authGuard.js
Patterns that will need replacing:
$auth
secureXYZ - all request should be secure by default, this can be replaced by the http-client code.
Implementation
Now authorization occurs in these places only:
web/src/App.vue - via useAuth0 from web/src/plugins/auth0-plugin.js and useCurrentUser from web/src/use/use-current-user.js
web/src/plugins/auth0-plugin.js - on app load
web/src/router.js - via web/src/utils/auth-guard.js
web/src/api/http-client.js via web/src/plugins/auth0-plugin.js
Fixes https://github.com/icefoganalytics/travel-authorization/issues/195
Relates to:
Context
Is your feature request related to a problem? Please describe. The current front-end authorization pipeline is very hard to debug. The auth0 integration is several versions out of date, and the code is spread across multiple files.
Describe the solution you'd like I want to upgrade the Auth0 integration to the latest version. I want to rebuild the front-end authorization pipeline so it looks like the one in use in the Internal Data Portal project.
Describe alternatives you've considered Keep trying to debug the current system.
Additional context Files that use authorization that I've found so far:
web/src/main.js
web/src/api/http-client.js
web/src/auth/axiosAPIConfig.js
web/src/layouts/Layout.vue
web/src/pages/AuthLoadingOverlay.vue
web/src/router/index.js
web/src/auth/index.js
web/src/store/index.js
web/src/store/jwt.js
web/src/modules/authentication/views/SignIn.vue
web/src/auth/authGuard.js
Patterns that will need replacing:
$auth
secureXYZ
- all request should be secure by default, this can be replaced by the http-client code.Implementation
Now authorization occurs in these places only:
web/src/App.vue
- viauseAuth0
fromweb/src/plugins/auth0-plugin.js
anduseCurrentUser
fromweb/src/use/use-current-user.js
web/src/plugins/auth0-plugin.js
- on app loadweb/src/router.js
- viaweb/src/utils/auth-guard.js
web/src/api/http-client.js
viaweb/src/plugins/auth0-plugin.js
Rework auth0 plugin with code from https://github.com/auth0/auth0-vue/blob/efe1d39a0244fd072a527df97f87ab355501851d/src/plugin.ts Add authGuard from https://github.com/auth0/auth0-vue/blob/efe1d39a0244fd072a527df97f87ab355501851d/src/guard.ts#L16
Front-end routing is now "Secure by Default"(tm). To disable security on a route set
meta: { requiresAuth: false }
Screenshots
Screencast from 2024-06-13 16-44-56.webm
Testing Instructions
dev test
(ordev test_api
)dev up
http://localhost:8080/my-travel-requests
url into the URL bar to simulate direct navigation.