f60b7261b5
- Backend: Azure AD JWKS validator with 24h cache, new POST /api/v1/auth/sso/login endpoint, sso_login() in AuthService with auto-provisioning, password_hash made nullable, auth_provider column added, Alembic migration c1d2e3f4a5b6 - Frontend: @azure/msal-browser, msal.ts config singleton, ssoLogin() API function, login page updated with SSO button and redirect callback handling - Deploy: frontend Dockerfile and docker-compose.prod.yml updated to bake Azure AD vars into the image at build time; deploy.sh validates SSO config on init/deploy Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
32 lines
933 B
Docker
32 lines
933 B
Docker
FROM node:20-alpine AS builder
|
|
WORKDIR /app
|
|
|
|
# Accept build-time env vars
|
|
ARG NEXT_PUBLIC_API_URL=
|
|
ARG NEXT_PUBLIC_WS_URL=
|
|
ARG NEXT_PUBLIC_BASE_PATH=
|
|
ARG NEXT_PUBLIC_AZURE_AD_TENANT_ID=
|
|
ARG NEXT_PUBLIC_AZURE_AD_CLIENT_ID=
|
|
ARG NEXT_PUBLIC_AZURE_AD_SSO_ENABLED=false
|
|
ENV NEXT_PUBLIC_API_URL=$NEXT_PUBLIC_API_URL
|
|
ENV NEXT_PUBLIC_WS_URL=$NEXT_PUBLIC_WS_URL
|
|
ENV NEXT_PUBLIC_BASE_PATH=$NEXT_PUBLIC_BASE_PATH
|
|
ENV NEXT_PUBLIC_AZURE_AD_TENANT_ID=$NEXT_PUBLIC_AZURE_AD_TENANT_ID
|
|
ENV NEXT_PUBLIC_AZURE_AD_CLIENT_ID=$NEXT_PUBLIC_AZURE_AD_CLIENT_ID
|
|
ENV NEXT_PUBLIC_AZURE_AD_SSO_ENABLED=$NEXT_PUBLIC_AZURE_AD_SSO_ENABLED
|
|
|
|
COPY package.json package-lock.json* ./
|
|
RUN npm ci
|
|
COPY . .
|
|
RUN npm run build
|
|
|
|
FROM node:20-alpine AS runner
|
|
WORKDIR /app
|
|
ENV NODE_ENV=production
|
|
|
|
COPY --from=builder /app/public ./public
|
|
COPY --from=builder /app/.next/standalone ./
|
|
COPY --from=builder /app/.next/static ./.next/static
|
|
|
|
EXPOSE 3000
|
|
CMD ["node", "server.js"]
|