diff --git a/backend/src/gps/gps.service.ts b/backend/src/gps/gps.service.ts index 43b5caf..d6f8bc2 100644 --- a/backend/src/gps/gps.service.ts +++ b/backend/src/gps/gps.service.ts @@ -685,8 +685,7 @@ Note: GPS tracking is only active during shift hours (${settings.shiftStartHour} } /** - * Get Traccar admin URL (Auth0 SSO handles authentication) - * User's Auth0 role determines admin status in Traccar + * Get auto-login URL for Traccar (for admin users) */ async getTraccarAutoLoginUrl(user: User): Promise<{ url: string; @@ -696,29 +695,36 @@ Note: GPS tracking is only active during shift hours (${settings.shiftStartHour} throw new BadRequestException('Only administrators can access Traccar admin'); } - // Just return the Traccar URL - Auth0 SSO handles authentication - // User must have ADMINISTRATOR role in Auth0 to get admin access in Traccar + // Ensure user is synced to Traccar (this also sets up their token) + await this.syncUserToTraccar(user); + + // Get the token for auto-login + const token = this.generateTraccarToken(user.id); const baseUrl = this.traccarClient.getTraccarUrl(); + // Return URL with token parameter for auto-login + // Traccar supports ?token=xxx for direct authentication return { - url: baseUrl, + url: `${baseUrl}?token=${token}`, directAccess: true, }; } /** * Get Traccar session cookie for a user (for proxy/iframe auth) - * Note: With Auth0 SSO (openid.force=true), this won't work. - * Use getTraccarAutoLoginUrl() instead for direct redirect. */ async getTraccarSessionForUser(user: User): Promise { if (user.role !== 'ADMINISTRATOR') { return null; } - // With Auth0 SSO, session creation via password is disabled - // Return null to indicate direct access via URL is needed - return null; + // Ensure user is synced + await this.syncUserToTraccar(user); + + const password = this.generateTraccarPassword(user.id); + const session = await this.traccarClient.createUserSession(user.email, password); + + return session?.cookie || null; } /**