kyle/vip-coordinator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: restore token-based Traccar auto-login

Browse Source 
Reverted Auth0-only approach since Traccar has openid.force=false
and the token-based login was working.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
kyle
2026-02-03 19:48:31 +01:00
parent e050f3841e
commit cbfb8c3f46
1 changed files with 16 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
backend/src/gps/gps.service.ts
View File

@@ -685,8 +685,7 @@ Note: GPS tracking is only active during shift hours (${settings.shiftStartHour}
}
/**
* Get Traccar admin URL (Auth0 SSO handles authentication)
* User's Auth0 role determines admin status in Traccar
* Get auto-login URL for Traccar (for admin users)
*/
async getTraccarAutoLoginUrl(user: User): Promise<{
url: string;
@@ -696,29 +695,36 @@ Note: GPS tracking is only active during shift hours (${settings.shiftStartHour}
throw new BadRequestException('Only administrators can access Traccar admin');
}
// Just return the Traccar URL - Auth0 SSO handles authentication
// User must have ADMINISTRATOR role in Auth0 to get admin access in Traccar
// Ensure user is synced to Traccar (this also sets up their token)
await this.syncUserToTraccar(user);
// Get the token for auto-login
const token = this.generateTraccarToken(user.id);
const baseUrl = this.traccarClient.getTraccarUrl();
// Return URL with token parameter for auto-login
// Traccar supports ?token=xxx for direct authentication
return {
url: baseUrl,
url: `${baseUrl}?token=${token}`,
directAccess: true,
};
}
/**
* Get Traccar session cookie for a user (for proxy/iframe auth)
* Note: With Auth0 SSO (openid.force=true), this won't work.
* Use getTraccarAutoLoginUrl() instead for direct redirect.
*/
async getTraccarSessionForUser(user: User): Promise<string | null> {
if (user.role !== 'ADMINISTRATOR') {
return null;
}
// With Auth0 SSO, session creation via password is disabled
// Return null to indicate direct access via URL is needed
return null;
// Ensure user is synced
await this.syncUserToTraccar(user);
const password = this.generateTraccarPassword(user.id);
const session = await this.traccarClient.createUserSession(user.email, password);
return session?.cookie || null;
}
/**