soroushdes/flatrender
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
62ea110605bd2f0135c73b0abb6c09e9b56b05e9
flatrender/backend/db/migrations/22_identity_oauth_config.sql
T
soroush.asadi 675b60d858
Build backend images / build content-svc (push) Failing after 1m2s
Details
Build backend images / build file-svc (push) Failing after 3m11s
Details
Build backend images / build gateway (push) Failing after 5m39s
Details
Build backend images / build identity-svc (push) Failing after 38s
Details
Build backend images / build notification-svc (push) Failing after 2m0s
Details
Build backend images / build render-svc (push) Failing after 58s
Details
Build backend images / build studio-svc (push) Failing after 58s
Details
feat(auth+admin): Sign in with Google (OAuth) + Integrations config panel 
Backend (identity-svc):
- oauth_config table (mig 22) + OAuthConfig entity
- OAuthService: admin config CRUD + Google authorization-code flow (build consent
  URL, exchange code, fetch userinfo, find/create RegisterMode.Google user, issue
  session via AuthService.IssueOAuthSessionAsync)
- AuthController: GET /v1/auth/google/{start,callback} (public); tokens handed to
  frontend via URL fragment
- AdminController: GET/PUT /v1/admin/oauth/{provider} (admin, secret masked)

Frontend:
- "ورود با گوگل" button on /auth → identity start endpoint
- /auth/callback reads fragment tokens → /api/auth/oauth-session sets httpOnly cookies
- /admin/integrations: Google client_id/secret/redirect_uri + enable, with setup guide
- nav + fa/en labels

Client ID/Secret are configured entirely in the admin panel — no redeploy needed.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-03 00:08:21 +03:30

20 lines
870 B
SQL
Raw Blame History

-- =====================================================================
-- IDENTITY SCHEMA — Part 22: external OAuth provider config (Google, …)
-- Admin-editable client credentials for social login. Read by identity at
-- login time; secrets never leave the server (masked in the admin API).
-- =====================================================================
SET search_path TO identity, public;
CREATE TABLE IF NOT EXISTS oauth_config (
provider TEXT PRIMARY KEY, -- 'google' (extensible: 'github', …)
client_id TEXT,
client_secret TEXT,
redirect_uri TEXT, -- must match the provider console
enabled BOOLEAN NOT NULL DEFAULT FALSE,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);
INSERT INTO oauth_config (provider) VALUES ('google')
ON CONFLICT (provider) DO NOTHING;
Reference in New Issue View Git Blame Copy Permalink