Skip to content

Claude/fix dashbrew auth a qw4 p #1162

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
pedrobando wants to merge 30 commits into
base: main
Choose a base branch
from
Open

Claude/fix dashbrew auth a qw4 p #1162

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
e2917a8
feat: create production docker-compose with SSO config and backend fix
pedrobando Jan 6, 2026
607fca3
Default docker compose.
pedrobando Jan 6, 2026
5d7459f
Default docker compose.
pedrobando Jan 6, 2026
bd1dd64
Default docker compose.
pedrobando Jan 6, 2026
4394e1b
Default docker compose.
pedrobando Jan 6, 2026
182390b
Default docker compose.
pedrobando Jan 6, 2026
f80ba96
chore: Update Dependabot npm update interval from daily to weekly
pedrobando Jan 6, 2026
99a4fba
feat: Configure OAuth client ID and secret in docker-compose.
pedrobando Jan 6, 2026
619003d
fix: update OAuth endpoints to point to DashBrew
pedrobando Jan 6, 2026
19acd88
Default docker compose.
pedrobando Jan 6, 2026
1bc6c02
Default docker compose.
pedrobando Jan 6, 2026
aefe5d7
Default docker compose.
pedrobando Jan 6, 2026
e197ba2
feat: Update primary brand color to green and set default theme mode …
pedrobando Jan 6, 2026
42f1212
build: configure Docker Compose to build from source for custom changes
pedrobando Jan 7, 2026
b12011b
fix: rename Dockerfile.dev to Dockerfile for Coolify compatibility
pedrobando Jan 7, 2026
5bd2871
chore: force Coolify rebuild for Dashbrew menu and green branding
pedrobando Jan 7, 2026
f81255f
Default composer
pedrobando Jan 7, 2026
0aa1370
Configure docker-compose to build from local Dockerfile instead of pr…
pedrobando Jan 7, 2026
d530491
fix: add required build arguments for Next.js environment variables
pedrobando Jan 7, 2026
db0cd62
feat: Remove build arguments for public environment variables and add…
pedrobando Jan 7, 2026
f308223
fix: Add OAuth SSO callback handling to settings page
pedrobando Jan 9, 2026
7fb8c79
fix: Add missing toast dependency to useCallback hooks
pedrobando Jan 9, 2026
f952423
fix: Correct React hooks order to prevent build errors
pedrobando Jan 9, 2026
a7f9f69
revert: Temporarily revert OAuth changes to test build
pedrobando Jan 9, 2026
5cf1730
Deploy action.
pedrobando Jan 10, 2026
26a9b6f
Docker compose to be my own github image.
pedrobando Jan 10, 2026
fe3d98d
fix: Correct Dashbrew OAuth redirect URL and callback handling
claude Jan 10, 2026
b8f79ab
chore: Add node-compile-cache to gitignore
claude Jan 10, 2026
1731195
fix: Add support for direct JWT token login from Dashbrew SSO
claude Jan 11, 2026
7803a32
fix: Restore OAuth flow in settings page and fix CI workflow
claude Jan 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,4 @@ updates:
- package-ecosystem: "npm" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"
interval: "daily"
4 changes: 2 additions & 2 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,9 +41,9 @@ jobs:
path: |
${{ env.STORE_PATH }}
${{ github.workspace }}/.next/cache
key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}-${{ hashFiles('**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx') }}
key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}-
${{ runner.os }}-pnpm-

- name: Install dependencies
run: pnpm install
Expand Down
44 changes: 44 additions & 0 deletions .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
name: Build and Publish Docker Image

on:
push:
branches: [ "main" ] # Or "master", depending on your default branch

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}

jobs:
build-and-push:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write

steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=sha

- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,3 +58,4 @@ Thumbs.db
.secrets/
libraries/plugins/src/plugins.ts
i18n.cache
node-compile-cache/
47 changes: 47 additions & 0 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
FROM node:22.20-alpine

# Build-time arguments for Next.js environment variables
ARG NEXT_PUBLIC_VERSION
ARG NEXT_PUBLIC_BACKEND_URL
ARG NEXT_PUBLIC_SENTRY_DSN
ARG NEXT_PUBLIC_UPLOAD_STATIC_DIRECTORY
ARG NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL
ARG NEXT_PUBLIC_POSTIZ_OAUTH_DISPLAY_NAME
ARG NEXT_PUBLIC_POLOTNO
ARG NEXT_PUBLIC_DISCORD_SUPPORT
ARG NEXT_PUBLIC_FACEBOOK_PIXEL
ARG NEXT_PUBLIC_POSTHOG_KEY
ARG NEXT_PUBLIC_POSTHOG_HOST
ARG NEXT_PUBLIC_APP_VERSION

# Set environment variables from build arguments
ENV NEXT_PUBLIC_VERSION=$NEXT_PUBLIC_VERSION \
NEXT_PUBLIC_BACKEND_URL=$NEXT_PUBLIC_BACKEND_URL \
NEXT_PUBLIC_SENTRY_DSN=$NEXT_PUBLIC_SENTRY_DSN \
NEXT_PUBLIC_UPLOAD_STATIC_DIRECTORY=$NEXT_PUBLIC_UPLOAD_STATIC_DIRECTORY \
NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL=$NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL \
NEXT_PUBLIC_POSTIZ_OAUTH_DISPLAY_NAME=$NEXT_PUBLIC_POSTIZ_OAUTH_DISPLAY_NAME \
NEXT_PUBLIC_POLOTNO=$NEXT_PUBLIC_POLOTNO \
NEXT_PUBLIC_DISCORD_SUPPORT=$NEXT_PUBLIC_DISCORD_SUPPORT \
NEXT_PUBLIC_FACEBOOK_PIXEL=$NEXT_PUBLIC_FACEBOOK_PIXEL \
NEXT_PUBLIC_POSTHOG_KEY=$NEXT_PUBLIC_POSTHOG_KEY \
NEXT_PUBLIC_POSTHOG_HOST=$NEXT_PUBLIC_POSTHOG_HOST \
NEXT_PUBLIC_APP_VERSION=$NEXT_PUBLIC_APP_VERSION
RUN apk add --no-cache g++ make py3-pip bash nginx
RUN adduser -D -g 'www' www
RUN mkdir /www
RUN chown -R www:www /var/lib/nginx
RUN chown -R www:www /www


RUN npm --no-update-notifier --no-fund --global install [email protected] pm2

WORKDIR /app

COPY . /app
COPY var/docker/nginx.conf /etc/nginx/nginx.conf

RUN pnpm install
RUN NODE_OPTIONS="--max-old-space-size=4096" pnpm run build

CMD ["sh", "-c", "nginx && pnpm run pm2"]
21 changes: 0 additions & 21 deletions Dockerfile.dev
View file
Open in desktop

This file was deleted.

33 changes: 33 additions & 0 deletions apps/backend/src/api/routes/auth.controller.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -268,4 +268,37 @@ export class AuthController {
login: true,
});
}

@Post('/token')
async tokenLogin(
@Body('token') token: string,
@Res({ passthrough: false }) response: Response
) {
try {
const valid = await this._authService.validateAndRefreshToken(token);
if (!valid) {
return response.status(401).json({ error: 'Invalid token' });
}

response.cookie('auth', valid, {
domain: getCookieUrlFromDomain(process.env.FRONTEND_URL!),
...(!process.env.NOT_SECURED
? {
secure: true,
httpOnly: true,
sameSite: 'none',
}
: {}),
expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365),
});

if (process.env.NOT_SECURED) {
response.header('auth', valid);
}

response.status(200).json({ login: true });
} catch (e: any) {
response.status(401).json({ error: 'Invalid token' });
}
}
}
25 changes: 25 additions & 0 deletions apps/backend/src/services/auth/auth.service.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -245,6 +245,31 @@ export class AuthService {
return { token };
}

async validateAndRefreshToken(token: string): Promise<string | null> {
try {
const decoded = AuthChecker.verifyJWT(token) as {
id: string;
email: string;
activated: boolean;
};

if (!decoded || !decoded.id) {
return null;
}

// Get fresh user data from database
const user = await this._userService.getUserById(decoded.id);
if (!user || !user.activated) {
return null;
}

// Generate a fresh token
return this.jwt(user);
} catch (e) {
return null;
}
}

private async jwt(user: User) {
return AuthChecker.signJWT(user);
}
Expand Down
4 changes: 2 additions & 2 deletions apps/backend/src/services/auth/providers/oauth.provider.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ export class OauthProvider implements ProvidersInterface {
client_id: this.clientId,
scope: 'openid profile email',
response_type: 'code',
redirect_uri: `${this.frontendUrl}/settings`,
redirect_uri: `${this.frontendUrl}/auth?provider=generic`,
});

return `${this.authUrl}?${params.toString()}`;
Expand All @@ -71,7 +71,7 @@ export class OauthProvider implements ProvidersInterface {
client_id: this.clientId,
client_secret: this.clientSecret,
code,
redirect_uri: `${this.frontendUrl}/settings`,
redirect_uri: `${this.frontendUrl}/auth?provider=generic`,
}),
});

Expand Down
2 changes: 1 addition & 1 deletion apps/frontend/public/logo-text.svg
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Loading