wanix deploy

!
tractordev · Apr 24, 2024 · 44fd121 · 44fd121
1 parent e7165a6
commit 44fd121
Show file tree

Hide file tree

Showing 10 changed files with 1,340 additions and 11 deletions.
diff --git a/boot/site/auth/index.html b/boot/site/auth/index.html
@@ -5,7 +5,7 @@
 </head>
 <body>
 <script>
-const authSettings = {domain: "AUTH0_DOMAIN", clientId: "AUTH0_CLIENTID"};
+const authSettings = {domain: "%s", clientId: "%s"};
 localStorage.setItem("auth:settings", JSON.stringify(authSettings));
 function finish() {
   const redirect = localStorage.getItem("auth:redirect");
@@ -27,7 +27,7 @@
   }
 
   const authorizationParams = {
-    redirect_uri: `http://${window.location.host}/auth/`,
+    redirect_uri: `https://${window.location.host}/auth/`,
     audience: `https://${authSettings.domain}/api/v2/`,
     scope: "read:current_user read:user_idp_tokens update:current_user_metadata",
     prompt: "login",

diff --git a/boot/site/auth/on-login.js b/boot/site/auth/on-login.js
@@ -0,0 +1,22 @@
+
+exports.onExecutePostLogin = async (event, api) => {
+  if (event.user.nickname && event.user.nickname !== event.secrets.admin) {
+    api.access.deny(`Access to ${event.client.name} is not allowed for ${event.user.nickname}`);
+  } else {
+    const AuthenticationClient = require("auth0").AuthenticationClient;
+    const auth = new AuthenticationClient({
+      domain: event.secrets.domain,
+      clientId: event.secrets.clientId,
+      clientSecret: event.secrets.clientSecret
+    });
+    const grant = await auth.oauth.clientCredentialsGrant({ audience: `https://${event.secrets.domain}/api/v2/` });
+    const ManagementClient = require('auth0').ManagementClient;
+    const management = new ManagementClient({
+        domain: event.secrets.domain,
+        token: grant.data.access_token,
+    });
+    const resp = await management.users.get({id: event.user.user_id});
+    api.user.setUserMetadata("gh_token", resp.data.identities[0].access_token);
+
+  }
+};
diff --git a/boot/site/index.html b/boot/site/index.html
@@ -8,8 +8,18 @@
 </head>
 <body>
 <script src="./wanix-bootloader.js"></script>
-<script>
+<script type="module">
+  localStorage.setItem("mount:repo", "{{.Username}}/{{.RepoName}}");
+  {{- if .RequireAuth -}}
+  import * as auth from "/auth/api.js";
+  if (!auth.isAuthenticated()) {
+    auth.login();
+  } else {
+    bootWanix()  
+  }
+  {{- else -}}
   bootWanix()
+  {{- end -}}
 </script>
 </body>
 </html>
diff --git a/cmd/wanix/loader.go → cmd/wanix/bootfiles.go b/cmd/wanix/loader.go → cmd/wanix/bootfiles.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"compress/gzip"
 	"encoding/base64"
+	"fmt"
 	"io/fs"
 	"os"
 	"path"
@@ -72,21 +73,25 @@ func buildBootloader() ([]byte, error) {
 	return buf.Bytes(), nil
 }
 
-func loaderCmd() *cli.Command {
+func bootfilesCmd() *cli.Command {
 	cmd := &cli.Command{
-		Usage: "loader",
+		Usage: "bootfiles",
+		Short: "write out wanix boot files",
 		Run: func(ctx *cli.Context, args []string) {
 			bl, err := buildBootloader()
 			fatal(err)
 			fatal(os.WriteFile("wanix-bootloader.js", bl, 0644))
+			fmt.Println("Wrote file wanix-bootloader.js")
 
 			kernel, err := fs.ReadFile(boot.Dir, "kernel.gz")
 			fatal(err)
 			fatal(os.WriteFile("wanix-kernel.gz", kernel, 0644))
+			fmt.Println("Wrote file wanix-kernel.gz")
 
 			initfs, err := fs.ReadFile(boot.Dir, "initfs.gz")
 			fatal(err)
 			fatal(os.WriteFile("wanix-initfs.gz", initfs, 0644))
+			fmt.Println("Wrote file wanix-initfs.gz")
 		},
 	}
 	return cmd