Fix all runtime code for usage with built Nuxt projects

package.json

@@ -1,6 +1,6 @@
 {
   "name": "gc-shared-resources",
-  "version": "1.0.6",
+  "version": "1.1.0",
   "description": "Shared resources for Guardian Connector Nuxt.js applications",
   "type": "module",
   "scripts": {

src/imports.d.ts

@@ -0,0 +1,7 @@
+import * as Imports from "#imports";
+
+declare module "#imports" {
+  export * from "#imports";
+  export function useUserSession(): { loggedIn: { value: boolean } };
+  export function useLocalePath(): (path: string) => string;
+}

src/module.ts

@@ -19,7 +19,7 @@ export default defineNuxtModule<ModuleOptions>({
     const { resolve } = createResolver(import.meta.url);
 
     // Add composables directory
-    addImportsDir(resolve("./composables"));
+    addImportsDir(resolve("./runtime/composables"));
 
     // Add components directory
     addComponentsDir({

src/runtime/composables/useAuth.ts

@@ -0,0 +1,36 @@
+import { ref } from "vue";
+import { useRouter, useLocalePath } from "#imports";
+
+export const useAuth = (loggedIn: { value: boolean }) => {
+  let errorMessage;
+  const redirectPath = ref("");
+
+  const router = useRouter();
+  // @ts-ignore to avoid type error on useLocalePath, which will be available at runtime in the app
+  const localePath = useLocalePath();
+
+  const redirect = router.currentRoute.value.query.redirect;
+  redirectPath.value = redirect
+    ? decodeURIComponent(redirect as string)
+    : localePath("/");
+
+  const urlParams = new URLSearchParams(window.location.search);
+  const code = urlParams.get("code");
+
+  if (code) {
+    window.location.href = `/auth/auth0?code=${code}`;
+  }
+
+  const error = urlParams.get("error");
+  const errorDescription = urlParams.get("error_description");
+
+  if (error === "access_denied") {
+    errorMessage = decodeURIComponent(errorDescription || "");
+  }
+
+  if (loggedIn.value) {
+    router.push(redirectPath.value);
+  }
+
+  return errorMessage;
+};

src/runtime/middleware/oauth.global.ts

@@ -1,6 +1,7 @@
 import {
   defineNuxtRouteMiddleware,
   useRuntimeConfig,
+  useUserSession,
   navigateTo,
 } from "#imports";
 

src/runtime/server/middleware/apiAuth.ts

@@ -1,31 +1,26 @@
-import { defineEventHandler, H3Event, createError, eventHandler } from "h3";
+import { H3Event, createError, eventHandler } from "h3";
+import { useRuntimeConfig } from "#imports";
 
-export default (appApiKey: string) =>
-  defineEventHandler(
-    eventHandler((event: H3Event) => {
-      const url = event.node.req.url;
-      if (!url) {
-        return;
-      }
+export default eventHandler((event) => {
+  const {
+    public: { appApiKey },
+  } = useRuntimeConfig();
+  const url = event.node.req.url;
 
-      // Only apply middleware to API routes
-      if (!url.startsWith("/api/")) {
-        return;
-      }
-
-      // Bypass middleware for specific paths
-      if (url.startsWith("/api/map") || url.startsWith("/api/_auth/")) {
-        return;
-      }
-
-      // Match the API key from the request with the app's API key
-      const requestApiKey = event.node.req.headers["x-api-key"];
-
-      if (requestApiKey !== appApiKey) {
-        throw createError({
-          status: 403,
-          message: "Forbidden",
-        });
-      }
-    }),
-  );
+  if (!url) {
+    return;
+  }
+  if (!url.startsWith("/api/")) {
+    return;
+  }
+  if (url.startsWith("/api/map") || url.startsWith("/api/_auth/")) {
+    return;
+  }
+  const requestApiKey = event.node.req.headers["x-api-key"];
+  if (requestApiKey !== appApiKey) {
+    throw createError({
+      status: 403,
+      message: "Forbidden",
+    });
+  }
+});