kyle/vip-coordinator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: restore token-based Traccar auto-login

Browse Source 
Reverted Auth0-only approach since Traccar has openid.force=false
and the token-based login was working.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
kyle
2026-02-03 19:48:31 +01:00
parent e050f3841e
commit cbfb8c3f46
1 changed files with 16 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
backend/src/gps/gps.service.ts
View File

@@ -685,8 +685,7 @@ Note: GPS tracking is only active during shift hours (${settings.shiftStartHour}
} }
/** /**
* Get Traccar admin URL (Auth0 SSO handles authentication) * Get auto-login URL for Traccar (for admin users)
* User's Auth0 role determines admin status in Traccar
*/ */
async getTraccarAutoLoginUrl(user: User): Promise<{ async getTraccarAutoLoginUrl(user: User): Promise<{
url: string; url: string;
@@ -696,29 +695,36 @@ Note: GPS tracking is only active during shift hours (${settings.shiftStartHour}
throw new BadRequestException('Only administrators can access Traccar admin'); throw new BadRequestException('Only administrators can access Traccar admin');
} }
// Just return the Traccar URL - Auth0 SSO handles authentication // Ensure user is synced to Traccar (this also sets up their token)
// User must have ADMINISTRATOR role in Auth0 to get admin access in Traccar await this.syncUserToTraccar(user);
// Get the token for auto-login
const token = this.generateTraccarToken(user.id);
const baseUrl = this.traccarClient.getTraccarUrl(); const baseUrl = this.traccarClient.getTraccarUrl();
// Return URL with token parameter for auto-login
// Traccar supports ?token=xxx for direct authentication
return { return {
url: baseUrl, url: `${baseUrl}?token=${token}`,
directAccess: true, directAccess: true,
}; };
} }
/** /**
* Get Traccar session cookie for a user (for proxy/iframe auth) * Get Traccar session cookie for a user (for proxy/iframe auth)
* Note: With Auth0 SSO (openid.force=true), this won't work.
* Use getTraccarAutoLoginUrl() instead for direct redirect.
*/ */
async getTraccarSessionForUser(user: User): Promise<string | null> { async getTraccarSessionForUser(user: User): Promise<string | null> {
if (user.role !== 'ADMINISTRATOR') { if (user.role !== 'ADMINISTRATOR') {
return null; return null;
} }
// With Auth0 SSO, session creation via password is disabled // Ensure user is synced
// Return null to indicate direct access via URL is needed await this.syncUserToTraccar(user);
return null;
const password = this.generateTraccarPassword(user.id);
const session = await this.traccarClient.createUserSession(user.email, password);
return session?.cookie || null;
} }
/** /**