0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2025-01-13 21:30:30 -05:00

refactor: move admin console app to database (#3185)

This commit is contained in:
Gao Sun 2023-02-22 22:35:17 +08:00 committed by GitHub
parent 5c7e20bfd4
commit 09d2dac1ea
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 167 additions and 72 deletions

View file

@ -10,6 +10,7 @@ import {
createMeApiInAdminTenant, createMeApiInAdminTenant,
createDefaultSignInExperience, createDefaultSignInExperience,
createAdminTenantSignInExperience, createAdminTenantSignInExperience,
createDefaultAdminConsoleApplication,
} from '@logto/schemas'; } from '@logto/schemas';
import { Hooks, Tenants } from '@logto/schemas/models'; import { Hooks, Tenants } from '@logto/schemas/models';
import type { DatabaseTransactionConnection } from 'slonik'; import type { DatabaseTransactionConnection } from 'slonik';
@ -128,6 +129,7 @@ export const seedTables = async (
insertInto(createDefaultSignInExperience(defaultTenantId), 'sign_in_experiences') insertInto(createDefaultSignInExperience(defaultTenantId), 'sign_in_experiences')
), ),
connection.query(insertInto(createAdminTenantSignInExperience(), 'sign_in_experiences')), connection.query(insertInto(createAdminTenantSignInExperience(), 'sign_in_experiences')),
connection.query(insertInto(createDefaultAdminConsoleApplication(), 'applications')),
updateDatabaseTimestamp(connection, latestTimestamp), updateDatabaseTimestamp(connection, latestTimestamp),
]); ]);
}; };

View file

@ -13,7 +13,7 @@ import './scss/overlayscrollbars.scss';
import '@fontsource/roboto-mono'; import '@fontsource/roboto-mono';
import AppLoading from '@/components/AppLoading'; import AppLoading from '@/components/AppLoading';
import Toast from '@/components/Toast'; import Toast from '@/components/Toast';
import { managementApi, meApi } from '@/consts/management-api'; import { getManagementApi, meApi } from '@/consts/management-api';
import AppBoundary from '@/containers/AppBoundary'; import AppBoundary from '@/containers/AppBoundary';
import AppLayout from '@/containers/AppLayout'; import AppLayout from '@/containers/AppLayout';
import ErrorBoundary from '@/containers/ErrorBoundary'; import ErrorBoundary from '@/containers/ErrorBoundary';
@ -48,6 +48,7 @@ import {
UserDetailsTabs, UserDetailsTabs,
adminTenantEndpoint, adminTenantEndpoint,
getUserTenantId, getUserTenantId,
getBasename,
} from './consts'; } from './consts';
import { isCloud } from './consts/cloud'; import { isCloud } from './consts/cloud';
import AppContent from './containers/AppContent'; import AppContent from './containers/AppContent';
@ -161,8 +162,11 @@ const Main = () => {
); );
}; };
const App = () => ( const App = () => {
<BrowserRouter basename={`/${getUserTenantId() ?? ''}`}> const managementApi = getManagementApi(getUserTenantId());
return (
<BrowserRouter basename={getBasename()}>
<AppEndpointsProvider> <AppEndpointsProvider>
<LogtoProvider <LogtoProvider
config={{ config={{
@ -181,6 +185,6 @@ const App = () => (
</LogtoProvider> </LogtoProvider>
</AppEndpointsProvider> </AppEndpointsProvider>
</BrowserRouter> </BrowserRouter>
); );
};
export default App; export default App;

View file

@ -1,14 +1,10 @@
import { import { adminTenantId, getManagementApiResourceIndicator, PredefinedScope } from '@logto/schemas';
adminTenantId,
defaultTenantId,
getManagementApiResourceIndicator,
PredefinedScope,
} from '@logto/schemas';
export const managementApi = Object.freeze({ export const getManagementApi = (tenantId: string) =>
indicator: getManagementApiResourceIndicator(defaultTenantId), Object.freeze({
indicator: getManagementApiResourceIndicator(tenantId),
scopeAll: PredefinedScope.All, scopeAll: PredefinedScope.All,
}); });
export const meApi = Object.freeze({ export const meApi = Object.freeze({
indicator: getManagementApiResourceIndicator(adminTenantId, 'me'), indicator: getManagementApiResourceIndicator(adminTenantId, 'me'),

View file

@ -1,6 +1,19 @@
import { defaultTenantId, ossConsolePath } from '@logto/schemas';
import { isCloud } from './cloud';
const isProduction = process.env.NODE_ENV === 'production'; const isProduction = process.env.NODE_ENV === 'production';
export const adminTenantEndpoint = export const adminTenantEndpoint =
process.env.ADMIN_TENANT_ENDPOINT ?? process.env.ADMIN_TENANT_ENDPOINT ??
(isProduction ? window.location.origin : 'http://localhost:3002'); (isProduction ? window.location.origin : 'http://localhost:3002');
export const getUserTenantId = () => window.location.pathname.split('/')[1];
export const getUserTenantId = () => {
if (isCloud) {
return window.location.pathname.split('/')[1] ?? '';
}
return defaultTenantId;
};
export const getBasename = () => (isCloud ? '/' + getUserTenantId() : ossConsolePath);

View file

@ -5,7 +5,7 @@ import { useCallback, useContext, useMemo } from 'react';
import { toast } from 'react-hot-toast'; import { toast } from 'react-hot-toast';
import { useTranslation } from 'react-i18next'; import { useTranslation } from 'react-i18next';
import { managementApi, requestTimeout } from '@/consts'; import { getManagementApi, getUserTenantId, requestTimeout } from '@/consts';
import { AppEndpointsContext } from '@/containers/AppEndpointsProvider'; import { AppEndpointsContext } from '@/containers/AppEndpointsProvider';
export class RequestError extends Error { export class RequestError extends Error {
@ -28,7 +28,7 @@ type StaticApiProps = {
export const useStaticApi = ({ export const useStaticApi = ({
prefixUrl, prefixUrl,
hideErrorToast, hideErrorToast,
resourceIndicator = managementApi.indicator, resourceIndicator = getManagementApi(getUserTenantId()).indicator,
}: StaticApiProps) => { }: StaticApiProps) => {
const { isAuthenticated, getAccessToken } = useLogto(); const { isAuthenticated, getAccessToken } = useLogto();
const { t, i18n } = useTranslation(undefined, { keyPrefix: 'admin_console' }); const { t, i18n } = useTranslation(undefined, { keyPrefix: 'admin_console' });

View file

@ -1,3 +1,6 @@
import path from 'path';
import { ossConsolePath } from '@logto/schemas';
import type { MiddlewareType } from 'koa'; import type { MiddlewareType } from 'koa';
import type { IRouterParamContext } from 'koa-router'; import type { IRouterParamContext } from 'koa-router';
@ -13,14 +16,14 @@ export default function koaConsoleRedirectProxy<
return async (ctx, next) => { return async (ctx, next) => {
const hasUser = await hasActiveUsers(); const hasUser = await hasActiveUsers();
if ((ctx.path === '/' || ctx.path === '/console') && !hasUser) { if ((ctx.path === '/' || ctx.path === ossConsolePath) && !hasUser) {
ctx.redirect('/console/welcome'); ctx.redirect(path.join(ossConsolePath, '/welcome'));
return; return;
} }
if ((ctx.path === '/' || ctx.path === '/console/welcome') && hasUser) { if ((ctx.path === '/' || ctx.path === path.join(ossConsolePath, '/welcome')) && hasUser) {
ctx.redirect('/console'); ctx.redirect(ossConsolePath);
return; return;
} }

View file

@ -13,21 +13,26 @@ import { appendPath } from '#src/utils/url.js';
import { getConstantClientMetadata } from './utils.js'; import { getConstantClientMetadata } from './utils.js';
const buildAdminConsoleClientMetadata = (envSet: EnvSet): AllClientMetadata => { /**
const { adminUrlSet, cloudUrlSet } = EnvSet.values; * Append `redirect_uris` and `post_logout_redirect_uris` for Admin Console
const urls = [ * as Admin Console is attached to the admin tenant in OSS and its endpoints are dynamic (from env variable).
...adminUrlSet.deduplicated().map((url) => appendPath(url, '/console').toString()), */
// Logto Cloud uses `https://some.cloud.endpoint/[tenantId]` to serve Admin Console for specific Tenant ID const transpileMetadata = (clientId: string, data: AllClientMetadata): AllClientMetadata => {
...cloudUrlSet.deduplicated().map((url) => appendPath(url, '/' + envSet.tenantId).toString()), const { adminUrlSet } = EnvSet.values;
]; const urls = adminUrlSet.deduplicated().map((url) => appendPath(url, '/console').toString());
if (clientId === adminConsoleApplicationId) {
return { return {
...getConstantClientMetadata(envSet, ApplicationType.SPA), ...data,
client_id: adminConsoleApplicationId, redirect_uris: [
client_name: 'Admin Console', ...(data.redirect_uris ?? []),
redirect_uris: urls.map((url) => appendPath(url, '/callback').toString()), ...urls.map((url) => appendPath(url, '/callback').toString()),
post_logout_redirect_uris: urls, ],
post_logout_redirect_uris: [...(data.post_logout_redirect_uris ?? []), ...urls],
}; };
}
return data;
}; };
const buildDemoAppClientMetadata = (envSet: EnvSet): AllClientMetadata => { const buildDemoAppClientMetadata = (envSet: EnvSet): AllClientMetadata => {
@ -77,7 +82,7 @@ export default function postgresAdapter(
client_secret, client_secret,
client_name, client_name,
...getConstantClientMetadata(envSet, type), ...getConstantClientMetadata(envSet, type),
...snakecaseKeys(oidcClientMetadata), ...transpileMetadata(client_id, snakecaseKeys(oidcClientMetadata)),
// `node-oidc-provider` won't camelCase custom parameter keys, so we need to keep the keys camelCased // `node-oidc-provider` won't camelCase custom parameter keys, so we need to keep the keys camelCased
...customClientMetadata, ...customClientMetadata,
}); });
@ -85,11 +90,6 @@ export default function postgresAdapter(
return { return {
upsert: reject, upsert: reject,
find: async (id) => { find: async (id) => {
// Directly return client metadata since Admin Console does not belong to any tenant in the OSS version.
if (id === adminConsoleApplicationId) {
return buildAdminConsoleClientMetadata(envSet);
}
if (id === demoAppApplicationId) { if (id === demoAppApplicationId) {
return buildDemoAppClientMetadata(envSet); return buildDemoAppClientMetadata(envSet);
} }

View file

@ -83,7 +83,9 @@ export default class Tenant implements TenantContext {
// Mount `/me` APIs for admin tenant // Mount `/me` APIs for admin tenant
app.use(mount('/me', initMeApis(tenantContext))); app.use(mount('/me', initMeApis(tenantContext)));
// Mount Admin Console // Mount Admin Console when needed
// Skip in domain-based multi-tenancy since Logto Cloud serves Admin Console in this case
if (!EnvSet.values.isDomainBasedMultiTenancy) {
app.use(koaConsoleRedirectProxy(queries)); app.use(koaConsoleRedirectProxy(queries));
app.use( app.use(
mount( mount(
@ -91,6 +93,7 @@ export default class Tenant implements TenantContext {
koaSpaProxy(mountedApps, AdminApps.Console, 5002, AdminApps.Console) koaSpaProxy(mountedApps, AdminApps.Console, 5002, AdminApps.Console)
) )
); );
}
} else { } else {
// Mount demo app // Mount demo app
app.use( app.use(

View file

@ -40,12 +40,17 @@ const data = {
], ],
}, },
socialSignInConnectorTargets: [], socialSignInConnectorTargets: [],
signInMode: 'Register',
customCss: null, customCss: null,
}; } as const;
const alteration: AlterationScript = { const alteration: AlterationScript = {
up: async (pool) => { up: async (pool) => {
const hasActiveUsers = await pool.exists(sql`
select id
from users
where tenant_id = 'default'
limit 1
`);
await pool.query(sql` await pool.query(sql`
insert into sign_in_experiences ( insert into sign_in_experiences (
tenant_id, tenant_id,
@ -69,7 +74,7 @@ const alteration: AlterationScript = {
${sql.jsonb(data.signUp)}, ${sql.jsonb(data.signUp)},
${sql.jsonb(data.signIn)}, ${sql.jsonb(data.signIn)},
${sql.jsonb(data.socialSignInConnectorTargets)}, ${sql.jsonb(data.socialSignInConnectorTargets)},
${data.signInMode}, ${hasActiveUsers ? 'SignIn' : 'Register'},
${data.customCss} ${data.customCss}
); );
`); `);

View file

@ -0,0 +1,37 @@
import { generateStandardId } from '@logto/core-kit';
import { sql } from 'slonik';
import type { AlterationScript } from '../lib/types/alteration.js';
const alteration: AlterationScript = {
up: async (pool) => {
await pool.query(sql`
insert into applications (
tenant_id,
id,
name,
secret,
description,
type,
oidc_client_metadata
) values (
'admin',
'admin-console',
'Admin Console',
${generateStandardId()},
'Logto Admin Console.',
'SPA',
'{ "redirectUris": [], "postLogoutRedirectUris": [] }'::jsonb
);
`);
},
down: async (pool) => {
await pool.query(sql`
delete from applications
where tenant_id = 'admin'
and id = 'admin-console';
`);
},
};
export default alteration;

View file

@ -1 +0,0 @@
export const cloudApiIndicator = 'https://cloud.logto.io/api';

View file

@ -1 +1,2 @@
export * from './cloud.js'; export * from './system.js';
export * from './oidc.js';

View file

@ -0,0 +1 @@
export const tenantIdKey = 'tenant_id';

View file

@ -0,0 +1,14 @@
/** The API Resource Indicator for Logto Cloud. It's only useful when domain-based multi-tenancy is enabled. */
export const cloudApiIndicator = 'https://cloud.logto.io/api';
/**
* In OSS:
*
* - Only one single user tenant (`default`) is available.
* - Admin tenant and Admin Console share one endpoint (`ADMIN_ENDPOINT`).
*
* There's no need to parse tenant ID from the first path segment in OSS, and the segment should be a fixed value.
*
* If we use `/default`, the URL will look ugly; thus we keep the old fashion `/console`.
*/
export const ossConsolePath = '/console';

View file

@ -1,3 +1,9 @@
import { generateStandardId } from '@logto/core-kit';
import type { CreateApplication } from '../db-entries/index.js';
import { ApplicationType } from '../db-entries/index.js';
import { adminTenantId } from './tenant.js';
/** /**
* The fixed application ID for Admin Console. * The fixed application ID for Admin Console.
* *
@ -6,3 +12,14 @@
export const adminConsoleApplicationId = 'admin-console'; export const adminConsoleApplicationId = 'admin-console';
export const demoAppApplicationId = 'demo-app'; export const demoAppApplicationId = 'demo-app';
export const createDefaultAdminConsoleApplication = (): Readonly<CreateApplication> =>
Object.freeze({
tenantId: adminTenantId,
id: adminConsoleApplicationId,
name: 'Admin Console',
secret: generateStandardId(),
description: 'Logto Admin Console.',
type: ApplicationType.SPA,
oidcClientMetadata: { redirectUris: [], postLogoutRedirectUris: [] },
});