From 5e2a42a58b2cf4d1b94d5568e7c74373a4759bc3 Mon Sep 17 00:00:00 2001
From: Fabian Mastenbroek <mail.fabianm@gmail.com>
Date: Thu, 27 Oct 2022 15:03:45 +0200
Subject: fix(web/ui): Default to anonymous auth domain

This change updates the auth code in the OpenDC web UI to default to
the anonymous auth domain if no configuration is provided.
---
 opendc-web/opendc-web-ui/src/auth.js | 39 ++++++++++++++++++++++++------------
 1 file changed, 26 insertions(+), 13 deletions(-)

(limited to 'opendc-web/opendc-web-ui')

diff --git a/opendc-web/opendc-web-ui/src/auth.js b/opendc-web/opendc-web-ui/src/auth.js
index 3d6cf87c..8c88f526 100644
--- a/opendc-web/opendc-web-ui/src/auth.js
+++ b/opendc-web/opendc-web-ui/src/auth.js
@@ -27,10 +27,11 @@ import { auth } from './config'
 
 /**
  * Helper function to provide the authentication context in case Auth0 is not
- * configured.
+ * configured and the user is anonymous.
  */
-function useAuthDev() {
+function useAnonymousAuth() {
     return {
+        isAnonymous: true,
         isAuthenticated: false,
         isLoading: false,
         logout: () => {},
@@ -39,15 +40,17 @@ function useAuthDev() {
 }
 
 /**
- * Obtain the authentication context.
+ * Determine whether the auth domain is anonymous.
  */
-export const useAuth = auth.domain ? useAuth0 : useAuthDev
+function isAnonymousDomain(config) {
+    return !config.domain || config.domain === '%%NEXT_PUBLIC_AUTH0_DOMAIN%%'
+}
 
 /**
  * Force the user to be authenticated or redirect to the homepage.
  */
-export function useRequireAuth() {
-    const auth = useAuth()
+function useRequireAuth0() {
+    const auth = useAuth0()
     const { loginWithRedirect, isLoading, isAuthenticated } = auth
 
     useEffect(() => {
@@ -55,21 +58,31 @@ export function useRequireAuth() {
             loginWithRedirect()
         }
     }, [loginWithRedirect, isLoading, isAuthenticated])
-
-    return auth
 }
 
+/**
+ * Obtain the authentication context.
+ */
+export const useAuth = isAnonymousDomain(auth) ? useAnonymousAuth : useAuth0
+
+/**
+ * Force the user to be authenticated or redirect to the homepage.
+ */
+export const useRequireAuth = isAnonymousDomain(auth) ? () => {} : useRequireAuth0
+
 /**
  * AuthProvider which provides an authentication context.
  */
 export function AuthProvider({ children }) {
-    if (auth.domain) {
+    const authConfig = auth
+
+    if (!isAnonymousDomain(authConfig)) {
         return (
             <Auth0Provider
-                domain={auth.domain}
-                clientId={auth.clientId}
-                redirectUri={auth.redirectUri}
-                audience={auth.audience}
+                domain={authConfig.domain}
+                clientId={authConfig.clientId}
+                redirectUri={authConfig.redirectUri}
+                audience={authConfig.audience}
             >
                 {children}
             </Auth0Provider>
-- 
cgit v1.2.3