feat: Enable UGA SSO with Microsoft Entra
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
import { useState, useEffect } from 'react'
|
||||
import { supabase } from './lib/supabase'
|
||||
import { supabase, userManagement } from './lib/supabase'
|
||||
import { Login } from './components/Login'
|
||||
import { Dashboard } from './components/Dashboard'
|
||||
import { CameraRoute } from './components/CameraRoute'
|
||||
@@ -19,6 +19,13 @@ function App() {
|
||||
setIsAuthenticated(!!session)
|
||||
setLoading(false)
|
||||
|
||||
// Sync OAuth user on successful sign in (creates user profile if needed)
|
||||
if ((event === 'SIGNED_IN' || event === 'INITIAL_SESSION') && session) {
|
||||
userManagement.syncOAuthUser().catch((err) => {
|
||||
console.error('Failed to sync OAuth user:', err)
|
||||
})
|
||||
}
|
||||
|
||||
// Handle signout route
|
||||
if (event === 'SIGNED_OUT') {
|
||||
setCurrentRoute('/')
|
||||
|
||||
@@ -557,6 +557,60 @@ export const userManagement = {
|
||||
|
||||
if (error) throw error
|
||||
return data
|
||||
},
|
||||
|
||||
// Sync OAuth user - ensures user profile exists for OAuth-authenticated users
|
||||
async syncOAuthUser(): Promise<void> {
|
||||
try {
|
||||
const { data: { user: authUser }, error: authError } = await supabase.auth.getUser()
|
||||
|
||||
if (authError || !authUser) {
|
||||
console.warn('No authenticated user found for OAuth sync')
|
||||
return
|
||||
}
|
||||
|
||||
// Check if user profile already exists
|
||||
const { data: existingProfile, error: checkError } = await supabase
|
||||
.from('user_profiles')
|
||||
.select('id')
|
||||
.eq('id', authUser.id)
|
||||
.single()
|
||||
|
||||
// If profile already exists, no need to create it
|
||||
if (existingProfile && !checkError) {
|
||||
console.log('User profile already exists for user:', authUser.id)
|
||||
return
|
||||
}
|
||||
|
||||
// If error is not "no rows returned", it's a real error
|
||||
if (checkError && checkError.code !== 'PGRST116') {
|
||||
console.error('Error checking for existing profile:', checkError)
|
||||
return
|
||||
}
|
||||
|
||||
// Create user profile for new OAuth user
|
||||
const { error: insertError } = await supabase
|
||||
.from('user_profiles')
|
||||
.insert({
|
||||
id: authUser.id,
|
||||
email: authUser.email || '',
|
||||
status: 'active'
|
||||
})
|
||||
|
||||
if (insertError) {
|
||||
// Ignore "duplicate key value" errors in case of race condition
|
||||
if (insertError.code === '23505') {
|
||||
console.log('User profile was already created (race condition handled)')
|
||||
return
|
||||
}
|
||||
console.error('Error creating user profile for OAuth user:', insertError)
|
||||
return
|
||||
}
|
||||
|
||||
console.log('Successfully created user profile for OAuth user:', authUser.id)
|
||||
} catch (error) {
|
||||
console.error('Unexpected error in syncOAuthUser:', error)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -0,0 +1,46 @@
|
||||
-- OAuth User Synchronization
|
||||
-- This migration adds functionality to automatically create user profiles when users sign up via OAuth
|
||||
|
||||
-- =============================================
|
||||
-- 1. CREATE FUNCTION FOR OAUTH USER AUTO-PROFILE CREATION
|
||||
-- =============================================
|
||||
|
||||
CREATE OR REPLACE FUNCTION public.handle_new_oauth_user()
|
||||
RETURNS TRIGGER AS $$
|
||||
BEGIN
|
||||
-- Check if user profile already exists
|
||||
IF NOT EXISTS (
|
||||
SELECT 1 FROM public.user_profiles WHERE id = NEW.id
|
||||
) THEN
|
||||
-- Create user profile with default active status
|
||||
INSERT INTO public.user_profiles (id, email, status)
|
||||
VALUES (
|
||||
NEW.id,
|
||||
NEW.email,
|
||||
'active'
|
||||
)
|
||||
ON CONFLICT (id) DO NOTHING;
|
||||
END IF;
|
||||
|
||||
RETURN NEW;
|
||||
END;
|
||||
$$ LANGUAGE plpgsql SECURITY DEFINER;
|
||||
|
||||
-- =============================================
|
||||
-- 2. CREATE TRIGGER FOR NEW AUTH USERS
|
||||
-- =============================================
|
||||
|
||||
-- Drop the trigger if it exists to avoid conflicts
|
||||
DROP TRIGGER IF EXISTS on_auth_user_created ON auth.users;
|
||||
|
||||
-- Create trigger that fires after a new user is created in auth.users
|
||||
CREATE TRIGGER on_auth_user_created
|
||||
AFTER INSERT ON auth.users
|
||||
FOR EACH ROW EXECUTE FUNCTION public.handle_new_oauth_user();
|
||||
|
||||
-- =============================================
|
||||
-- 3. COMMENT FOR DOCUMENTATION
|
||||
-- =============================================
|
||||
|
||||
COMMENT ON FUNCTION public.handle_new_oauth_user() IS
|
||||
'Automatically creates a user profile in public.user_profiles when a new user is created via OAuth in auth.users. This ensures OAuth users are immediately accessible in the application without manual provisioning.';
|
||||
Reference in New Issue
Block a user