munawwirul_jamal/simrsx-fe
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
806cfad6a8e9ee90bb2df5dd30a12be1ea940bb3
simrsx-fe/server/api/v1/authentication/login-fes.post.ts
T
kusuma_ari 806cfad6a8 update
2025-11-18 11:31:57 +07:00

123 lines
3.7 KiB
TypeScript
Raw Blame History

import { getRequestURL, readBody, setCookie } from 'h3'
// Function to verify JWT token with the userinfo endpoint
export default defineEventHandler(async (event) => {
console.log("=================== MASUK FE SSO! ===================")
const body = await readBody(event)
const url = getRequestURL(event)
const config = useRuntimeConfig()
console.log("body: " + JSON.stringify(body))
// const apiSSOConfirm = 'https://auth.rssa.top/realms/sandbox/protocol/openid-connect/userinfo'
const apiSSOConfirm = config.public.SSO_CONFIRM_URL
const jwt = body.jwt
// const nip = body.nip
// const role = body.role
// const roleid = body.roleid
// const shift = body.shift
// const loginStatus = body.status_login
const token = 'Bearer ' + jwt
const res_sso = await fetch(apiSSOConfirm,
{
method: 'GET',
headers: {
'Content-Type': 'application/json',
'Authorization': token,
}
})
console.log(res_sso)
if (res_sso.status === 200) {
const parts = jwt.split('.')
if (parts.count != 3) {
// return ['error' => 'Invalid JWT format'];
}
const header = Buffer.from(strtr(parts[0], '-_', '+/'), 'base64').toString('utf8')
const payload = Buffer.from(strtr(parts[1], '-_', '+/'), 'base64').toString('utf8')
// const textDecoder = new TextDecoder('utf-8');
// // Decode the header and payload
// const decodedBinaryHead = atob(parts[0]);
// const decodedBinaryPayload = atob(parts[0]);
// const header = textDecoder.decode(Uint8Array.from(decodedBinaryHead, char => char.charCodeAt(0)));
// const payload = textDecoder.decode(Uint8Array.from(decodedBinaryPayload, char => char.charCodeAt(0)));
const result = {
'header': header,
'payload': payload
};
const apiOrigin = config.public.API_ORIGIN
const cleanOrigin = apiOrigin.replace(/\/+$/, '')
const cleanPath = url.pathname.replace(/^\/api\//, '').replace(/^\/+/, '')
const externalUrl = `${cleanOrigin}/${cleanPath}${url.search}`
console.log("external url: " + externalUrl)
console.log("body: " + JSON.stringify(body))
const resp = await fetch(externalUrl,
{
method: 'POST',
body: JSON.stringify({
name: JSON.parse(payload).name,
}),
headers: {
'Content-Type': 'application/json',
'X-AuthPartner-Code': config.public.X_AP_CODE,
'X-AuthPartner-SecretKey': config.public.X_AP_SECRET_KEY,
},
})
console.log(resp)
// if (resp.status === 200) {
// const data = await resp.json()
// if (data?.data?.accessToken) {
// setCookie(event, 'authentication', data.data.accessToken, {
// path: '/',
// httpOnly: true,
// sameSite: 'strict',
// maxAge: 60 * 60 * 24,
// })
// delete data.data.accessToken
// // return data
// const { login } = useUserStore()
// await login(resp.text())
// await navigateTo('/')
// }
// }
return new Response(await resp.text(), {
status: resp.status,
headers: {
'Content-Type': resp.headers.get('content-type') || 'text/plain',
},
})
}
return new Response(await res_sso.text(), {
status: res_sso.status,
headers: {
'Content-Type': res_sso.headers.get('content-type') || 'text/plain',
},
})
})
function strtr(str: string, fromChars: string, toChars: string) {
let result = str;
for (let i = 0; i < fromChars.length; i++) {
const fromChar = fromChars[i] || '_-';
// const toChar = toChars[i];
// Use a global regex to replace all occurrences of the character
result = result.replace(new RegExp(fromChar.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'), 'g'), toChars);
}
return result;
}
Reference in New Issue View Git Blame Copy Permalink