akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
copilot/check-user-skill-or-software-functionality
caddy-proxy-manager/app/(dashboard)/groups/actions.ts
fuomag9 03c8f40417 Add forward auth portal — CPM as built-in IdP replacing Authentik 
CPM can now act as its own forward auth provider for proxied sites.
Users authenticate at a login portal (credentials or OAuth) and Caddy
gates access via a verify subrequest, eliminating the need for external
IdPs like Authentik.

Key components:
- Forward auth flow: verify endpoint, exchange code callback, login portal
- User groups with membership management
- Per-proxy-host access control (users and/or groups)
- Caddy config generation for forward_auth handler + callback route
- OAuth and credential login on the portal page
- Admin UI: groups page, inline user/group assignment in proxy host form
- REST API: /api/v1/groups, /api/v1/forward-auth-sessions, per-host access
- Integration tests for groups and forward auth schema

Also fixes mTLS E2E test selectors broken by the RBAC refactor.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-05 22:32:17 +02:00

64 lines
1.6 KiB
TypeScript
Raw Permalink Blame History

"use server";
import { revalidatePath } from "next/cache";
import { requireAdmin } from "@/src/lib/auth";
import {
createGroup,
updateGroup,
deleteGroup,
addGroupMember,
removeGroupMember
} from "@/src/lib/models/groups";
export async function createGroupAction(formData: FormData) {
const session = await requireAdmin();
const userId = Number(session.user.id);
await createGroup(
{
name: String(formData.get("name") ?? ""),
description: formData.get("description") ? String(formData.get("description")) : null,
},
userId
);
revalidatePath("/groups");
}
export async function updateGroupAction(id: number, formData: FormData) {
const session = await requireAdmin();
const userId = Number(session.user.id);
await updateGroup(
id,
{
name: String(formData.get("name") ?? ""),
description: formData.get("description") ? String(formData.get("description")) : null,
},
userId
);
revalidatePath("/groups");
}
export async function deleteGroupAction(id: number) {
const session = await requireAdmin();
const userId = Number(session.user.id);
await deleteGroup(id, userId);
revalidatePath("/groups");
}
export async function addGroupMemberAction(groupId: number, memberId: number) {
const session = await requireAdmin();
const userId = Number(session.user.id);
await addGroupMember(groupId, memberId, userId);
revalidatePath("/groups");
}
export async function removeGroupMemberAction(groupId: number, memberId: number) {
const session = await requireAdmin();
const userId = Number(session.user.id);
await removeGroupMember(groupId, memberId, userId);
revalidatePath("/groups");
}
Reference in New Issue View Git Blame Copy Permalink