software-engineering/policy-ui
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix auth
Some checks failed
Build and Publish / build-release (push) Failing after 1m31s
Details

Browse Source
This commit is contained in:
HaimKortovich
2026-05-14 12:12:03 -05:00
parent f19a727ef0
commit 3a52768b97
17 changed files with 601 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
app/components/layout/AppTopBar.vue
View File

@@ -11,6 +11,7 @@ const emit = defineEmits<{
const route = useRoute()
const router = useRouter()
const { data: session, status, signOut } = useAuth()
const isHome = computed(() => route.path === '/')
const colorMode = useColorMode()
const isDark = computed({
@@ -25,10 +26,25 @@ const isDark = computed({
const userMenuOpen = ref(false)
const userMenuRoot = ref<HTMLElement | null>(null)
const user = computed(() => session.value?.user)
const userEmail = computed(() => user.value?.email || 'user@example.com')
const userName = computed(() => user.value?.name || 'User')
const isAuthenticated = computed(() => status.value === 'authenticated')
function closeUserMenu() {
userMenuOpen.value = false
}
async function handleLogout() {
try {
userMenuOpen.value = false
await signOut({ callbackUrl: '/login', redirect: true })
} catch (error) {
console.error('Logout failed:', error)
await navigateTo('/login')
}
}
function onDocClick(e: MouseEvent) {
const userEl = userMenuRoot.value
if (userEl && userMenuOpen.value && !userEl.contains(e.target as Node)) {
@@ -119,6 +135,8 @@ onUnmounted(() => document.removeEventListener('click', onDocClick))
</span>
</NuxtLink>
<LayoutOrgSelector />
<span class="mx-0.5 h-3 w-px" style="background: rgba(0,0,0,0.06);" />
<!-- User / Account -->
@@ -146,6 +164,10 @@ onUnmounted(() => document.removeEventListener('click', onDocClick))
v-show="userMenuOpen"
class="absolute right-0 top-[calc(100%+8px)] z-50 w-56 overflow-hidden rounded-xl border border-[var(--sidebar-border)] bg-[var(--surface)] py-1 shadow-xl ring-1 ring-black/5"
>
<div class="px-3 py-2 border-b border-[var(--sidebar-border)]">
<p class="text-sm font-medium text-[var(--text-primary)]">{{ userName }}</p>
<p class="text-xs text-[var(--text-muted)]">{{ userEmail }}</p>
</div>
<NuxtLink
to="/account"
class="flex items-center gap-2 px-3 py-2.5 text-sm text-[var(--text-primary)] transition hover:bg-[var(--brand-faint)]"
@@ -163,17 +185,13 @@ onUnmounted(() => document.removeEventListener('click', onDocClick))
Software settings
</NuxtLink>
<div class="my-1 border-t border-[var(--sidebar-border)]" />
<div class="px-3 py-1.5">
<p class="text-[12px] font-medium text-[var(--text-primary)]">Session (mock)</p>
<p class="text-[11px] text-[var(--text-muted)]">broker@demo.com</p>
</div>
<button
type="button"
class="flex w-full items-center gap-2 px-3 py-2 text-left text-sm text-[var(--text-muted)] opacity-50 cursor-not-allowed"
disabled
class="flex w-full items-center gap-2 px-3 py-2 text-left text-sm text-[var(--text-muted)] hover:bg-[var(--brand-faint)] hover:text-[var(--text-primary)] transition"
@click="handleLogout"
>
<UIcon name="i-heroicons-arrow-right-on-rectangle" class="h-4 w-4" />
Sign out (soon)
Sign out
</button>
</div>
</Transition>

146
app/components/layout/OrgSelector.vue Normal file
View File

@@ -0,0 +1,146 @@
<script setup lang="ts">
const { organizations, selectedOrg, selectOrg } = useOrganizationSelection()
const dropdownOpen = ref(false)
const dropdownRoot = ref<HTMLElement | null>(null)
function toggleDropdown() {
dropdownOpen.value = !dropdownOpen.value
}
function closeDropdown() {
dropdownOpen.value = false
}
function onDocClick(e: MouseEvent) {
const el = dropdownRoot.value
if (el && dropdownOpen.value && !el.contains(e.target as Node)) {
dropdownOpen.value = false
}
}
onMounted(() => document.addEventListener('click', onDocClick))
onUnmounted(() => document.removeEventListener('click', onDocClick))
</script>
<template>
<div v-if="organizations.length > 0" ref="dropdownRoot" class="org-selector-root">
<button
type="button"
class="org-selector-btn"
aria-label="Organization selector"
:aria-expanded="dropdownOpen"
@click.stop="toggleDropdown"
>
<UIcon name="i-heroicons-building-office" style="width: 13px; height: 13px; flex-shrink: 0;" />
<span class="org-selector-label">{{ selectedOrg?.orgSubDomain ?? 'Org' }}</span>
<UIcon name="i-heroicons-chevron-down" style="width: 8px; height: 8px; opacity: 0.4; flex-shrink: 0;" />
</button>
<div
v-show="dropdownOpen"
class="org-dropdown"
>
<button
v-for="org in organizations"
:key="org.orgId"
type="button"
class="org-option"
:class="{ 'org-option-active': org.orgId === selectedOrg?.orgId }"
@click="selectOrg(org.orgId); closeDropdown()"
>
<UIcon
name="i-heroicons-check"
class="shrink-0"
:class="org.orgId === selectedOrg?.orgId ? 'opacity-100' : 'opacity-0'"
style="width: 14px; height: 14px;"
/>
<span class="org-option-label">{{ org.orgSubDomain }}</span>
</button>
</div>
</div>
</template>
<style scoped>
.org-selector-root {
position: relative;
flex-shrink: 0;
}
.org-selector-btn {
display: inline-flex;
align-items: center;
gap: 4px;
padding: 2px 8px;
font-size: 11px;
font-weight: 500;
line-height: normal;
color: #8a8a86;
background: transparent;
border: 1px solid rgba(0, 0, 0, 0.06);
border-radius: 6px;
cursor: pointer;
transition: all 150ms ease;
white-space: nowrap;
box-sizing: content-box;
height: auto;
}
.org-selector-btn:hover {
color: var(--text-primary);
background: rgba(0, 0, 0, 0.03);
border-color: rgba(0, 0, 0, 0.1);
}
.org-selector-label {
max-width: 100px;
overflow: hidden;
text-overflow: ellipsis;
white-space: nowrap;
}
.org-dropdown {
position: absolute;
right: 0;
top: calc(100% + 6px);
z-index: 50;
min-width: 180px;
max-width: 280px;
overflow: hidden;
border-radius: 12px;
border: 1px solid var(--sidebar-border);
background: var(--surface);
padding: 4px 0;
box-shadow: 0 4px 12px rgba(0, 0, 0, 0.1), 0 0 0 1px rgba(0, 0, 0, 0.03);
}
.org-option {
display: flex;
align-items: center;
gap: 8px;
width: 100%;
padding: 6px 12px;
text-align: left;
font-size: 12px;
color: var(--text-secondary);
background: transparent;
border: none;
cursor: pointer;
border-radius: 4px;
transition: background 100ms ease;
}
.org-option:hover {
background: var(--brand-faint);
color: var(--text-primary);
}
.org-option-active {
color: var(--text-primary);
font-weight: 500;
}
.org-option-label {
max-width: 200px;
overflow: hidden;
text-overflow: ellipsis;
white-space: nowrap;
}
</style>

81
app/composables/useOrganizationSelection.ts Normal file
View File

@@ -0,0 +1,81 @@
export interface OrganizationInfo {
orgId: string
orgDomain: string
role: string
}
function extractSubdomain(domain: string): string {
const parts = domain.split('.')
return parts.length > 1 ? parts[0] : domain
}
const STORAGE_KEY = 'policy-ui.selected-org-id'
export function useOrganizationSelection() {
const { data: session } = useAuth()
const organizations = computed<OrganizationInfo[]>(() => {
const allOrgRoles = (session.value?.user as any)?.allOrgRoles as Record<string, Record<string, Record<string, string>>> | undefined
if (!allOrgRoles) {
return []
}
const result: OrganizationInfo[] = []
for (const roles of Object.values(allOrgRoles)) {
for (const [role, orgMap] of Object.entries(roles)) {
for (const [orgId, orgDomain] of Object.entries(orgMap)) {
if (!result.find(o => o.orgId === orgId)) {
result.push({ orgId, orgDomain: orgDomain as string, role, orgSubDomain: extractSubdomain(orgDomain) })
}
}
}
}
result.sort((a, b) => a.orgDomain.localeCompare(b.orgDomain))
return result
})
// All unique org IDs the user has access to
const orgIds = computed<string[]>(() => organizations.value.map(o => o.orgId))
// Persisted selected org
const selectedOrgId = ref<string | null>(null)
onMounted(() => {
const stored = localStorage.getItem(STORAGE_KEY)
if (stored && orgIds.value.includes(stored)) {
selectedOrgId.value = stored
} else if (organizations.value.length > 0 && !selectedOrgId.value) {
const defaultOrgId = organizations.value[0]!.orgId
selectedOrgId.value = defaultOrgId
localStorage.setItem(STORAGE_KEY, defaultOrgId)
}
})
watch(orgIds, (ids) => {
if (ids.length > 0) {
const firstId = ids[0]!
if (!ids.includes(selectedOrgId.value ?? '')) {
selectedOrgId.value = firstId
localStorage.setItem(STORAGE_KEY, firstId)
}
}
})
const selectOrg = (orgId: string) => {
selectedOrgId.value = orgId
localStorage.setItem(STORAGE_KEY, orgId)
}
const selectedOrg = computed<OrganizationInfo | undefined>(() => {
if (!selectedOrgId.value) return undefined
return organizations.value.find(o => o.orgId === selectedOrgId.value)
})
return {
organizations,
selectedOrgId,
selectedOrg,
selectOrg,
}
}

7
app/middleware/auth.ts Normal file
View File

@@ -0,0 +1,7 @@
export default defineNuxtRouteMiddleware((to) => {
const { status } = useAuth()
if (status.value === 'unauthenticated' && to.path !== '/login') {
return navigateTo('/login')
}
})

7
app/pages/index.vue
View File

@@ -1,5 +1,8 @@
<script setup lang="ts">
/* ── Time ── */
const { data: session } = useAuth()
const userName = computed(() => session.value?.user?.name || 'User')
const timeGreeting = computed(() => {
const h = new Date().getHours()
if (h < 12) return 'Good morning'
@@ -18,7 +21,7 @@ const currentDate = computed(() =>
<!-- Greeting -->
<div class="mb-12">
<h1 class="text-3xl font-semibold tracking-tight text-[var(--text-primary)]">
{{ timeGreeting }}, User
{{ timeGreeting }}, {{ userName }}
</h1>
<p class="mt-1 text-sm text-[var(--text-muted)]">{{ currentDate }}</p>
</div>

0
app/pages/providers/[provider_id].vue → app/pages/insurance-providers/[provider_id].vue
View File

0
app/pages/providers/index.vue → app/pages/insurance-providers/index.vue
View File

0
app/pages/providers/new.vue → app/pages/insurance-providers/new.vue
View File

57
app/pages/login.vue Normal file
View File

@@ -0,0 +1,57 @@
<script setup lang="ts">
definePageMeta({
auth: false
})
const { signIn, status } = useAuth()
const isLoading = ref(false)
const isAuthenticated = computed(() => status.value === 'authenticated')
watch(isAuthenticated, (authenticated) => {
if (authenticated) {
navigateTo('/')
}
})
async function loginWithZitadel() {
try {
isLoading.value = true
await signIn('zitadel', { callbackUrl: '/' })
} catch (error) {
console.error('Login failed:', error)
isLoading.value = false
}
}
</script>
<template>
<div class="min-h-screen flex items-center justify-center" style="background: var(--page-bg);">
<div class="w-full max-w-md p-8 rounded-xl border" style="background: var(--surface); border-color: var(--card-border);">
<div class="text-center mb-8">
<h1 class="text-2xl font-semibold" style="color: var(--text-primary);">
Welcome to Segur-OS
</h1>
<p class="mt-2 text-sm" style="color: var(--text-muted);">
Sign in to access your insurance management dashboard
</p>
</div>
<button
type="button"
:disabled="isLoading"
@click="loginWithZitadel"
class="w-full flex items-center justify-center gap-3 px-4 py-3 rounded-lg font-medium transition-colors disabled:opacity-50 disabled:cursor-not-allowed"
style="background: var(--brand); color: white;"
>
<UIcon v-if="isLoading" name="i-heroicons-arrow-path" class="h-5 w-5 animate-spin" />
<UIcon v-else name="i-heroicons-lock-closed" class="h-5 w-5" />
<span>{{ isLoading ? 'Signing in...' : 'Sign in with Zitadel' }}</span>
</button>
<div class="mt-6 text-center text-xs" style="color: var(--text-muted);">
<p>Secure authentication powered by Zitadel</p>
</div>
</div>
</div>
</template>

49
app/plugins/open-fetch-auth.ts Normal file
View File

@@ -0,0 +1,49 @@
const CLIENTS = ['customer', 'policy', 'providers', 'workload', 'document'] as const
const ORG_STORAGE_KEY = 'policy-ui.selected-org-id'
const setAuthHeader = (ctx: { options: { headers?: Headers | Record<string, string> | undefined } }, token: string) => {
const headers = ctx.options.headers
if (headers instanceof Headers) {
if (!headers.has('Authorization')) headers.set('Authorization', `Bearer ${token}`)
} else {
const h = (headers ?? {}) as Record<string, string>
if (!h.Authorization && !h.authorization) {
ctx.options.headers = { ...h, Authorization: `Bearer ${token}` }
}
}
}
const setOrgHeader = (ctx: { options: { headers?: Headers | Record<string, string> | undefined } }, orgId: string) => {
const headers = ctx.options.headers
if (headers instanceof Headers) {
if (!headers.has('x-organization-id')) headers.set('x-organization-id', orgId)
} else {
const h = (headers ?? {}) as Record<string, string>
if (!h['x-organization-id']) {
ctx.options.headers = { ...h, 'x-organization-id': orgId }
}
}
}
export default defineNuxtPlugin({
name: 'open-fetch-auth',
setup(nuxtApp) {
for (const client of CLIENTS) {
const hook = `openFetch:onRequest:${client}` as const
nuxtApp.hook(hook, (ctx) => {
const { data } = useAuth()
const token = data.value?.user?.accessToken as string | undefined
if (!token) return
setAuthHeader(ctx, token)
if (import.meta.client) {
const orgId = localStorage.getItem(ORG_STORAGE_KEY)
if (orgId) {
setOrgHeader(ctx, orgId)
}
}
})
}
}
})

20
app/plugins/open-fetch-policy-auth.ts
View File

@@ -1,20 +0,0 @@
export default defineNuxtPlugin({
name: 'open-fetch-policy-auth',
setup(nuxtApp) {
const { policyApiToken } = useRuntimeConfig().public
const token = typeof policyApiToken === 'string' ? policyApiToken : ''
if (!token) return
nuxtApp.hook('openFetch:onRequest:policy', (ctx) => {
const headers = ctx.options.headers
if (headers instanceof Headers) {
if (!headers.has('Authorization')) headers.set('Authorization', `Bearer ${token}`)
} else {
const h = (headers ?? {}) as Record<string, string>
if (!h.Authorization && !h.authorization) {
ctx.options.headers = { ...h, Authorization: `Bearer ${token}` }
}
}
})
}
})