@blakearoberts/visage 0.0.1-rc.15 → 0.0.1-rc.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +12 -2
- package/dist/index.js +4 -4
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -21,12 +21,22 @@ export default defineConfig({
|
|
|
21
21
|
});
|
|
22
22
|
```
|
|
23
23
|
|
|
24
|
-
|
|
24
|
+
Start Vite normally:
|
|
25
25
|
|
|
26
26
|
```console
|
|
27
27
|
vite
|
|
28
28
|
```
|
|
29
29
|
|
|
30
|
+
By default, you can reach the app at [https://localhost:9001/](https://localhost:9001/). You will be redirected to Dex to sign in. The default username and password is `user@example.com` and `pass`.
|
|
31
|
+
|
|
32
|
+
## Why Visage
|
|
33
|
+
|
|
34
|
+
Visage is a local development harness for web apps that run behind an auth-protected edge, where browser sessions are represented by secure cookies backed by OIDC tokens.
|
|
35
|
+
|
|
36
|
+
Visage narrows the gap between local development, automated tests, and production by bringing production-like session lifecycle semantics to local Vite development without giving up HMR. That makes it practical to iterate on SSR identity injection, session timeout recovery, lock screens, and authenticated API calls.
|
|
37
|
+
|
|
38
|
+
Visage can also use a hosted IdP, so local frontend code can call hosted backend APIs with real credentials. That avoids frontend-only auth mocks or backend-only local bypasses: code can be written for production and still work locally.
|
|
39
|
+
|
|
30
40
|
## Configuration
|
|
31
41
|
|
|
32
42
|
Visage is configured through `visage(options?)` in `vite.config.ts`.
|
|
@@ -150,7 +160,7 @@ Do not treat the managed Dex and OAuth2 Proxy defaults as production auth infras
|
|
|
150
160
|
|
|
151
161
|
## TO-DO
|
|
152
162
|
|
|
153
|
-
- [ ] Support
|
|
163
|
+
- [ ] Support OIDC auto-discovery with external IdP configuration.
|
|
154
164
|
- [ ] Support configuring [Dex connectors](https://dexidp.io/docs/connectors/).
|
|
155
165
|
- [ ] Support configuring Dex on a distinct subdomain, such as `auth.localhost`.
|
|
156
166
|
- [ ] Support optional [HTTP mode without local TLS](docs/tls-http-mode.md).
|
package/dist/index.js
CHANGED
|
@@ -723,14 +723,15 @@ function renderOauth2ProxyConfig(config) {
|
|
|
723
723
|
cookie_csrf_per_request: true,
|
|
724
724
|
cookie_csrf_per_request_limit: 16,
|
|
725
725
|
email_domains: config.oauth2.emailDomains,
|
|
726
|
+
whitelist_domains: [config.host, `${config.host}:${config.port}`],
|
|
726
727
|
scope: config.oauth2.scopes.join(' '),
|
|
727
|
-
...LogFormats,
|
|
728
728
|
reverse_proxy: true,
|
|
729
729
|
set_xauthrequest: true,
|
|
730
730
|
set_authorization_header: true,
|
|
731
731
|
pass_access_token: true,
|
|
732
732
|
skip_provider_button: true,
|
|
733
|
-
|
|
733
|
+
approval_prompt: 'auto',
|
|
734
|
+
...LogFormats,
|
|
734
735
|
};
|
|
735
736
|
return `${Object.entries(data)
|
|
736
737
|
.map(([key, value]) => {
|
|
@@ -738,9 +739,8 @@ function renderOauth2ProxyConfig(config) {
|
|
|
738
739
|
const values = value.map((item) => JSON.stringify(item)).join(', ');
|
|
739
740
|
return `${key} = [${values}]`;
|
|
740
741
|
}
|
|
741
|
-
if (typeof value === 'string')
|
|
742
|
+
if (typeof value === 'string')
|
|
742
743
|
return `${key} = ${JSON.stringify(value)}`;
|
|
743
|
-
}
|
|
744
744
|
return `${key} = ${String(value)}`;
|
|
745
745
|
})
|
|
746
746
|
.join('\n')}\n`;
|
package/package.json
CHANGED