57 lines
1.4 KiB
TypeScript
57 lines
1.4 KiB
TypeScript
|
|
import Keycloak from 'keycloak-connect';
|
|
import session from 'express-session';
|
|
import { type Express } from 'express';
|
|
|
|
interface KeycloakConfig {
|
|
realm: string;
|
|
'auth-server-url': string;
|
|
'ssl-required': string;
|
|
resource: string;
|
|
'public-client': boolean;
|
|
'confidential-port': number;
|
|
}
|
|
|
|
// Keycloak Konfiguration aus Umgebungsvariablen oder Standard
|
|
const keycloakConfig: KeycloakConfig = {
|
|
realm: process.env.KEYCLOAK_REALM || 'rplace',
|
|
'auth-server-url': process.env.KEYCLOAK_AUTH_URL || 'http://localhost:8080/auth',
|
|
'ssl-required': 'external',
|
|
resource: process.env.KEYCLOAK_CLIENT_ID || 'rplace-client',
|
|
'public-client': true,
|
|
'confidential-port': 0,
|
|
};
|
|
|
|
// Session Store für Keycloak
|
|
const memoryStore = session.MemoryStore ? new session.MemoryStore() : undefined;
|
|
|
|
export function setupKeycloak(app: Express) {
|
|
// Session Middleware
|
|
const sessionConfig = {
|
|
secret: process.env.SESSION_SECRET || 'rplace-secret-key',
|
|
resave: false,
|
|
saveUninitialized: true,
|
|
store: memoryStore,
|
|
cookie: {
|
|
secure: process.env.NODE_ENV === 'production',
|
|
httpOnly: true,
|
|
maxAge: 24 * 60 * 60 * 1000, // 24 Stunden
|
|
},
|
|
};
|
|
|
|
app.use(session(sessionConfig));
|
|
|
|
// Keycloak initialisieren
|
|
const keycloak = new Keycloak({ store: memoryStore }, keycloakConfig);
|
|
|
|
// Keycloak Middleware
|
|
app.use(keycloak.middleware({
|
|
logout: '/logout',
|
|
admin: '/',
|
|
}));
|
|
|
|
return keycloak;
|
|
}
|
|
|
|
export { keycloakConfig };
|