Add @somaiya.edu email domain restriction for authentication and pop up error if non somaiya email ID used for sign in #5
@@ -9,4 +9,5 @@ STUDENT_URL="http://localhost:9000"
|
||||
ADMIN_URL="http://localhost:9000"
|
||||
ADMIN_DOMAIN="http://localhost:9001"
|
||||
|
||||
ALLOWED_EMAIL_DOMAIN="@somaiya.edu"
|
||||
AUTH_TRUST_HOST=TRUE
|
||||
@@ -1,4 +1,6 @@
|
||||
import { Button } from '@workspace/ui/components/button';
|
||||
import { Alert, AlertDescription, AlertTitle } from '@workspace/ui/components/alert';
|
||||
import { AlertCircle } from 'lucide-react';
|
||||
import { signIn } from '@/auth';
|
||||
|
||||
async function logIn() {
|
||||
@@ -6,7 +8,9 @@ async function logIn() {
|
||||
await signIn('google', { redirectTo: '/' });
|
||||
}
|
||||
|
||||
export default async function Page() {
|
||||
export default async function Page(props: { searchParams: Promise<{ error?: string }> }) {
|
||||
const searchParams = await props.searchParams;
|
||||
const error = searchParams?.error;
|
||||
return (
|
||||
<div className="relative min-h-svh flex items-center justify-center overflow-hidden bg-gradient-to-br from-blue-100 via-red-100 to-pink-100 transition-colors duration-500">
|
||||
{/* Animated floating shapes */}
|
||||
@@ -18,11 +22,22 @@ export default async function Page() {
|
||||
<div className="relative z-10 backdrop-blur-md bg-white/70 rounded-2xl shadow-2xl p-10 flex flex-col items-center gap-8 border border-white/30 max-w-sm w-full transition-all duration-300 hover:shadow-[0_0_32px_4px_rgba(239,68,68,0.25)] hover:border-red-400/60">
|
||||
<div className="flex flex-col items-center gap-2">
|
||||
{/* Animated logo */}
|
||||
<img src="favicon.ico" alt="Logo" className="w-14 h-14 mb-2 drop-shadow-lg animate-bounce-slow" />
|
||||
<img src="/favicon.ico" alt="Logo" className="w-14 h-14 mb-2 drop-shadow-lg animate-bounce-slow" />
|
||||
<h1 className="text-2xl font-bold text-gray-800 tracking-tight">Placement Portal Admin</h1>
|
||||
<p className="text-gray-500 text-sm text-center">Sign in to manage placements and students</p>
|
||||
<p className="text-xs text-red-500 font-semibold italic mt-1 animate-fade-in">Empower your journey. Shape the future.</p>
|
||||
</div>
|
||||
|
||||
{error === 'AccessDenied' && (
|
||||
<Alert variant="destructive" className="animate-in fade-in slide-in-from-top-4 duration-300">
|
||||
<AlertCircle className="h-4 w-4" />
|
||||
<AlertTitle>Access Denied</AlertTitle>
|
||||
<AlertDescription>
|
||||
Please sign in with your somaiya email ID.
|
||||
</AlertDescription>
|
||||
</Alert>
|
||||
)}
|
||||
|
||||
<form action={logIn} className="w-full">
|
||||
<Button type="submit" variant="outline" className="w-full h-12 relative overflow-hidden group rounded-lg shadow-md hover:shadow-lg transition-all focus:ring-2 focus:ring-red-400">
|
||||
<span className="absolute inset-0 bg-gradient-to-r from-red-200/0 via-red-200/20 to-red-200/0 translate-x-[-100%] group-hover:translate-x-[100%] transition-transform duration-700 ease-out pointer-events-none" />
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import NextAuth, { type DefaultSession } from 'next-auth';
|
||||
import type { NextAuthConfig } from 'next-auth';
|
||||
import Google from "next-auth/providers/google";
|
||||
import Google from 'next-auth/providers/google';
|
||||
import { db, admins, students } from '@workspace/db';
|
||||
import { eq } from '@workspace/db/drizzle';
|
||||
|
||||
@@ -12,7 +12,7 @@ declare module 'next-auth' {
|
||||
studentId?: number;
|
||||
completedProfile?: boolean;
|
||||
[key: string]: any;
|
||||
} & DefaultSession["user"];
|
||||
} & DefaultSession['user'];
|
||||
}
|
||||
|
||||
interface JWT {
|
||||
@@ -32,6 +32,13 @@ declare module 'next/server' {
|
||||
const authConfig: NextAuthConfig = {
|
||||
providers: [Google],
|
||||
callbacks: {
|
||||
async signIn({ user }) {
|
||||
const allowedDomain = process.env.ALLOWED_EMAIL_DOMAIN;
|
||||
if (allowedDomain && user.email && !user.email.endsWith(allowedDomain)) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
},
|
||||
async jwt({ token, account, user }) {
|
||||
// Only check DB on first sign in
|
||||
if (account && user && user.email) {
|
||||
|
||||
@@ -1,4 +1,6 @@
|
||||
import { Button } from '@workspace/ui/components/button';
|
||||
import { Alert, AlertDescription, AlertTitle } from '@workspace/ui/components/alert';
|
||||
import { AlertCircle } from 'lucide-react';
|
||||
import { signIn } from '@/auth';
|
||||
|
||||
async function logIn() {
|
||||
@@ -6,7 +8,10 @@ async function logIn() {
|
||||
await signIn('google', { redirectTo: '/' });
|
||||
}
|
||||
|
||||
export default async function Page() {
|
||||
// export default async function Page() {
|
||||
export default async function Page(props: { searchParams: Promise<{ error?: string }> }) {
|
||||
const searchParams = await props.searchParams;
|
||||
const error = searchParams?.error;
|
||||
return (
|
||||
<div className="relative min-h-svh flex items-center justify-center overflow-hidden bg-gradient-to-br from-blue-100 via-red-100 to-pink-100 transition-colors duration-500">
|
||||
{/* Animated floating shapes */}
|
||||
@@ -23,6 +28,17 @@ export default async function Page() {
|
||||
<p className="text-gray-500 text-sm text-center">Sign in to manage your placements</p>
|
||||
<p className="text-xs text-red-500 font-semibold italic mt-1 animate-fade-in">Empower your journey. Shape the future.</p>
|
||||
</div>
|
||||
|
||||
{error === 'AccessDenied' && (
|
||||
<Alert variant="destructive" className="animate-in fade-in slide-in-from-top-4 duration-300">
|
||||
<AlertCircle className="h-4 w-4" />
|
||||
<AlertTitle>Access Denied</AlertTitle>
|
||||
<AlertDescription>
|
||||
Please sign in with your somaiya email ID.
|
||||
</AlertDescription>
|
||||
</Alert>
|
||||
)}
|
||||
|
||||
<form action={logIn} className="w-full">
|
||||
<Button type="submit" variant="outline" className="w-full h-12 relative overflow-hidden group rounded-lg shadow-md hover:shadow-lg transition-all focus:ring-2 focus:ring-red-400">
|
||||
<span className="absolute inset-0 bg-gradient-to-r from-red-200/0 via-red-200/20 to-red-200/0 translate-x-[-100%] group-hover:translate-x-[100%] transition-transform duration-700 ease-out pointer-events-none" />
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import NextAuth, { type DefaultSession } from 'next-auth';
|
||||
import type { NextAuthConfig } from 'next-auth';
|
||||
import Google from "next-auth/providers/google";
|
||||
import Google from 'next-auth/providers/google';
|
||||
import { db, admins, students } from '@workspace/db';
|
||||
import { eq } from '@workspace/db/drizzle';
|
||||
|
||||
@@ -12,7 +12,7 @@ declare module 'next-auth' {
|
||||
studentId?: number;
|
||||
completedProfile?: boolean;
|
||||
[key: string]: any;
|
||||
} & DefaultSession["user"];
|
||||
} & DefaultSession['user'];
|
||||
}
|
||||
|
||||
interface JWT {
|
||||
@@ -32,6 +32,13 @@ declare module 'next/server' {
|
||||
const authConfig: NextAuthConfig = {
|
||||
providers: [Google],
|
||||
callbacks: {
|
||||
async signIn({ user }) {
|
||||
const allowedDomain = process.env.ALLOWED_EMAIL_DOMAIN;
|
||||
if (allowedDomain && user.email && !user.email.endsWith(allowedDomain)) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
},
|
||||
async jwt({ token, account, user }) {
|
||||
// Only set role, adminId, studentId, and email in JWT
|
||||
const email = user?.email || token?.email;
|
||||
@@ -94,6 +101,9 @@ const authConfig: NextAuthConfig = {
|
||||
return session;
|
||||
},
|
||||
},
|
||||
pages: {
|
||||
error: '/login',
|
||||
},
|
||||
};
|
||||
|
||||
// Note: TypeScript warnings about inferred types are expected with NextAuth v5 beta
|
||||
|
||||
Reference in New Issue
Block a user