You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hey! Great library 😃 , I wasn't aware of keycloak and it seems to be a good fit for my use case so I'm currently evaluating it. I was wondering if there are some pointers on how to get server-side auth with redirects working? Ideally I'd like to have some routes protected with the cookie/session set by Keycloak, and redirect to the login page if those are missing, without having to load the entire client-side library just for that redirect; however I wasn't sure if the library exposes this (couldn't find a "redirect-to-login" or something like it in the docs), or if it's even worth the trouble? Right now I'm using buddy-auth with http-kit, but not entirely set on that if yada would make these things easier
The text was updated successfully, but these errors were encountered:
Thanks. Sure you wouldn't want to load the js adapter just for redirect and the server side can handle that concern perfectly.
The general idea is to check the HTTP request with the token (either in cookie or header) and if the token is missing then redirecting towards Keycloak for login then get back with a token.
I would check the code of the Keycloak Servlet Adapter to see what are the different steps done with that adapter: KeycloakOIDCFilter.java
Feel free to submit a PR with a ring middleware that would just do that :)
Hey Jérémie, thank you for the pointers! I ended up hacking together a standard auth flow for use within ring that does redirects, however the code is really not production ready. But I've put what I have now in gist just for future reference! I may end up sending a pull request eventually if it seems like the code works as needed without obvious security mistakes 😉
Hey! Great library 😃 , I wasn't aware of keycloak and it seems to be a good fit for my use case so I'm currently evaluating it. I was wondering if there are some pointers on how to get server-side auth with redirects working? Ideally I'd like to have some routes protected with the cookie/session set by Keycloak, and redirect to the login page if those are missing, without having to load the entire client-side library just for that redirect; however I wasn't sure if the library exposes this (couldn't find a "redirect-to-login" or something like it in the docs), or if it's even worth the trouble? Right now I'm using buddy-auth with http-kit, but not entirely set on that if yada would make these things easier
The text was updated successfully, but these errors were encountered: