Skip to content

Commit

Permalink
feat(auth): switch to redis for adapter
Browse files Browse the repository at this point in the history
  • Loading branch information
lsagetlethias committed Dec 31, 2024
1 parent c0c8aa7 commit e19a733
Showing 10 changed files with 358 additions and 96 deletions.
7 changes: 7 additions & 0 deletions .env.development
Original file line number Diff line number Diff line change
@@ -32,6 +32,13 @@ TEMPLATES_TMPDIR="./templates_tmp"
TEMPLATES_GITHUB_TOKEN=""
# TEMPLATES_ADMINS=""

## Redis
REDIS_BASE="legal-site"
REDIS_HOST="localhost"
REDIS_PORT=6379
REDIS_TLS=false
REDIS_PASSWORD=""

## test only
NEXT_PUBLIC_MATOMO_SITE_ID=1
NEXT_PUBLIC_MATOMO_URL="http://localhost"
7 changes: 7 additions & 0 deletions .env.production
Original file line number Diff line number Diff line change
@@ -31,3 +31,10 @@ SECURITY_JWT_ALGORITHM="HS256"
# TEMPLATES_TMPDIR="./templates_tmp"
# TEMPLATES_GITHUB_TOKEN=""
# TEMPLATES_ADMINS=""

## Redis
# REDIS_BASE="legal-site"
# REDIS_HOST="localhost"
# REDIS_PORT=6379
# REDIS_TLS=false
# REDIS_PASSWORD=""
29 changes: 8 additions & 21 deletions docker-compose.yml
Original file line number Diff line number Diff line change
@@ -9,29 +9,16 @@ services:
MAILDEV_WEB_PORT: 1080
MAILDEV_SMTP_PORT: 1025
restart: always
postgres:
image: postgres:17

redis:
image: redis:alpine
ports:
- "5432:5432"
- "6379:6379"
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: legal_site
REDIS_PORT: 6379
REDIS_DATABASES: 1
volumes:
- pgdata:/var/lib/postgresql/data
- cache:/data
restart: always
pgadmin:
image: dcagatay/pwless-pgadmin4
ports:
- 5050:80
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_HOST: postgres
POSTGRES_PORT: 5432
volumes:
- pgadmin:/var/lib/pgadmin

volumes:
pgdata:
pgadmin:
cache:
90 changes: 90 additions & 0 deletions env.d.ts
Original file line number Diff line number Diff line change
@@ -17,6 +17,11 @@ declare namespace NodeJS {
* {@link [Local Env Dist](.env.development)}
*/
APP_SUPER_ADMIN?: string;
/**
* Dist: `development`
* {@link [Local Env Dist](.env.development)}
*/
NODE_ENV?: string;
/**
* No dist value.
* {@link [Local Env Dist](.env.development)}
@@ -72,6 +77,76 @@ declare namespace NodeJS {
* {@link [Local Env Dist](.env.development)}
*/
SECURITY_JWT_ALGORITHM?: string;
/**
* Dist: `../local-site-templates-test`
* {@link [Local Env Dist](.env.development)}
*/
TEMPLATES_GIT_URL?: string;
/**
* No dist value.
* {@link [Local Env Dist](.env.development)}
*/
TEMPLATES_GIT_GPG_PRIVATE_KEY?: string;
/**
* No dist value.
* {@link [Local Env Dist](.env.development)}
*/
TEMPLATES_GIT_GPG_PASSPHRASE?: string;
/**
* Dist: `bot@email.com`
* {@link [Local Env Dist](.env.development)}
*/
TEMPLATES_GIT_AUTHOR_EMAIL?: string;
/**
* Dist: `Bot`
* {@link [Local Env Dist](.env.development)}
*/
TEMPLATES_GIT_AUTHOR_NAME?: string;
/**
* Dist: `bot@email.com`
* {@link [Local Env Dist](.env.development)}
*/
TEMPLATES_GIT_COMMITTER_EMAIL?: string;
/**
* Dist: `Bot`
* {@link [Local Env Dist](.env.development)}
*/
TEMPLATES_GIT_COMMITTER_NAME?: string;
/**
* Dist: `./templates_tmp`
* {@link [Local Env Dist](.env.development)}
*/
TEMPLATES_TMPDIR?: string;
/**
* No dist value.
* {@link [Local Env Dist](.env.development)}
*/
TEMPLATES_GITHUB_TOKEN?: string;
/**
* Dist: `legal-site`
* {@link [Local Env Dist](.env.development)}
*/
REDIS_BASE?: string;
/**
* Dist: `localhost`
* {@link [Local Env Dist](.env.development)}
*/
REDIS_HOST?: string;
/**
* Dist: `6379`
* {@link [Local Env Dist](.env.development)}
*/
REDIS_PORT?: string;
/**
* Dist: `false`
* {@link [Local Env Dist](.env.development)}
*/
REDIS_TLS?: string;
/**
* No dist value.
* {@link [Local Env Dist](.env.development)}
*/
REDIS_PASSWORD?: string;
/**
* Dist: `1`
* {@link [Local Env Dist](.env.development)}
@@ -108,6 +183,7 @@ declare type ProcessEnvCustomKeys =
| 'APP_ENV'
| 'MAINTENANCE_MODE'
| 'APP_SUPER_ADMIN'
| 'NODE_ENV'
| 'ESPACE_MEMBRE_API_KEY'
| 'ESPACE_MEMBRE_URL'
| 'MAILER_ENABLE'
@@ -119,6 +195,20 @@ declare type ProcessEnvCustomKeys =
| 'MAILER_FROM_EMAIL'
| 'SECURITY_JWT_SECRET'
| 'SECURITY_JWT_ALGORITHM'
| 'TEMPLATES_GIT_URL'
| 'TEMPLATES_GIT_GPG_PRIVATE_KEY'
| 'TEMPLATES_GIT_GPG_PASSPHRASE'
| 'TEMPLATES_GIT_AUTHOR_EMAIL'
| 'TEMPLATES_GIT_AUTHOR_NAME'
| 'TEMPLATES_GIT_COMMITTER_EMAIL'
| 'TEMPLATES_GIT_COMMITTER_NAME'
| 'TEMPLATES_TMPDIR'
| 'TEMPLATES_GITHUB_TOKEN'
| 'REDIS_BASE'
| 'REDIS_HOST'
| 'REDIS_PORT'
| 'REDIS_TLS'
| 'REDIS_PASSWORD'
| 'NEXT_PUBLIC_MATOMO_SITE_ID'
| 'NEXT_PUBLIC_MATOMO_URL'
| 'NEXT_PUBLIC_APP_VERSION'
7 changes: 7 additions & 0 deletions legal_site.json
Original file line number Diff line number Diff line change
@@ -36,5 +36,12 @@
},
"github": {
"token": ""
},
"redis": {
"base": "legal_site",
"host": "",
"port": 6379,
"tls": false,
"password": ""
}
}
6 changes: 4 additions & 2 deletions package.json
Original file line number Diff line number Diff line change
@@ -20,17 +20,19 @@
"generateEnvDeclaration": "yarn run-script scripts/generateEnvDeclaration.ts"
},
"dependencies": {
"@auth/unstorage-adapter": "^2.7.4",
"@codegouvfr/react-dsfr": "^1.16.5-rc.0",
"@formkit/auto-animate": "^0.8.2",
"@hookform/resolvers": "^3.9.1",
"@incubateur-ademe/next-auth-espace-membre-provider": "^0.0.6",
"@incubateur-ademe/next-auth-espace-membre-provider": "^0.0.7",
"@mdx-js/react": "^3.1.0",
"@monaco-editor/react": "^4.7.0-rc.0",
"@next/mdx": "^15.1.0",
"@socialgouv/matomo-next": "^1.9.2",
"@types/mdx": "^2.0.13",
"gray-matter": "^4.0.3",
"immer": "^10.1.1",
"ioredis": "^5.4.2",
"lodash": "^4.17.21",
"lru-cache": "^11.0.2",
"monaco-editor": "^0.52.2",
@@ -50,6 +52,7 @@
"remark-mdx-frontmatter": "^5.0.0",
"sharp": "^0.33.5",
"simple-git": "^3.27.0",
"unstorage": "^1.14.4",
"zod": "^3.23.8",
"zustand": "^4.5.5"
},
@@ -79,7 +82,6 @@
"monaco-editor-webpack-plugin": "^7.1.0",
"postcss": "^8.4.49",
"prettier": "^3.4.1",
"prisma": "^6.0.1",
"sass": "^1.80.7",
"tailwindcss": "^3.4.14",
"ts-node": "^10.9.2",
14 changes: 0 additions & 14 deletions prisma/schema.prisma

This file was deleted.

7 changes: 7 additions & 0 deletions src/config.ts
Original file line number Diff line number Diff line change
@@ -79,5 +79,12 @@ export const config = {
github: {
token: ensureApiEnvVar(process.env.TEMPLATES_GITHUB_TOKEN, ""),
},
redis: {
base: ensureApiEnvVar(process.env.REDIS_BASE, "legal-site"),
host: ensureApiEnvVar(process.env.REDIS_HOST, "localhost"),
port: ensureApiEnvVar(process.env.REDIS_PORT, Number, 6379),
tls: ensureApiEnvVar(process.env.REDIS_TLS, isTruthy, false),
password: ensureApiEnvVar(process.env.REDIS_PASSWORD, ""),
},
},
} as const;
22 changes: 17 additions & 5 deletions src/lib/next-auth/auth.ts
Original file line number Diff line number Diff line change
@@ -1,11 +1,23 @@
import { UnstorageAdapter } from "@auth/unstorage-adapter";
import { EspaceMembreProvider } from "@incubateur-ademe/next-auth-espace-membre-provider";
import NextAuth from "next-auth";
import { type AdapterUser } from "next-auth/adapters";
import { type Adapter, type AdapterUser } from "next-auth/adapters";
import Nodemailer from "next-auth/providers/nodemailer";
import { type ConnectionOptions } from "tls";
import { createStorage } from "unstorage";
import unstorageRedisDriver from "unstorage/drivers/redis";

import { config } from "@/config";

import { LRUCacheAdapater } from "./LRUCacheAdapter";
const redis = createStorage({
driver: unstorageRedisDriver({
base: config.api.redis.base,
host: config.api.redis.host,
port: config.api.redis.port,
tls: config.api.redis.tls as unknown as ConnectionOptions, // https://unstorage.unjs.io/drivers/redis
password: config.api.redis.password,
}),
});

declare module "next-auth" {
interface Account {
@@ -47,8 +59,7 @@ export const {
session: {
strategy: "jwt",
},
adapter: espaceMembreProvider.AdapterWrapper(LRUCacheAdapater),
// adapter: AirtableAdapter(),
adapter: espaceMembreProvider.AdapterWrapper(UnstorageAdapter(redis) as Adapter),
// experimental: {
// enableWebAuthn: true,
// },
@@ -78,10 +89,11 @@ export const {
token = {
...token,
user: {
id: token.sub || espaceMembreMember.username,
email: espaceMembreMember.primary_email,
name: espaceMembreMember.fullname,
emailVerified: new Date(),
id: espaceMembreMember.username,
username: espaceMembreMember.username,
image: espaceMembreMember.avatar,
isAdmin: config.api.templates.admins.includes(espaceMembreMember.username),
},
Loading

0 comments on commit e19a733

Please sign in to comment.