implement azure ad auth, create dynamic navbar, route protection, populate db models

[steelesh]

features:

• azure ad integration to populate local user accounts:
  • creates OR updates local users from microsoft profiles
  • stores microsoft user data in our database
  • maps relevant azure fields to our local user model
• dynamic navbar that adapts to authentication status:
  • authenticated: avatar, dropdown menu, and mobile drawer
  • unauthenticated: sign in button
• route protection using middleware for secure routes
• dynamic callback urls (returns users to original destination after login)

authentication flow:

1. user clicks "sign in with uc credentials"
2. redirected to microsoft login
3. upon successful login, nextauth:
   • gets user data from azure ad
   • creates/updates local user record
   • creates jwt session with user details
   • redirects back to application
4. session is maintained via jwt token
5. protected routes validate jwt through middleware
6. session data can be accessed in two ways:
   • client-side: usesession() hook for reactive components
   • server-side: getserversideprops to fetch session before page load

---

allows for:

• server-side redirects if not authenticated (middleware OR getserversideprops)
• pre-fetching data based on user session (getserversideprops)
• secure data access on initial page load (getserversideprops)
• protected api routes (middleware)
• client-side navigation guards (usesession)