Fix PocketBase auth and note submission
- Replace popup OAuth with SDK authWithOAuth2 realtime channel (urlCallback) so login works in Edge app mode without navigating the main window - Remove manual redirect/sessionStorage OAuth flow that broke in Edge app mode - Serve PocketBase config (URL, collection, provider) from server endpoint backed by env vars instead of hardcoded localhost - Fix /api/submit: target Notes collection with correct field mapping (body_plain, body_html, title, type, email, Username, userId, job_note, Job_Number) instead of Job_Info_Prod with wrong field names - Remove localhost fallbacks from auth-module backend and frontend
This commit is contained in:
@@ -34,14 +34,18 @@ app.use('/*', cors({ origin: '*', credentials: true }));
|
||||
// ---------------------------------------------------------------------------
|
||||
// PocketBase
|
||||
// ---------------------------------------------------------------------------
|
||||
const pb = new PocketBase(process.env.PB_DB || 'http://127.0.0.1:8090');
|
||||
const PB_BASE_URL = process.env.PB_URL || process.env.PB_DB || '';
|
||||
const PB_AUTH_COLLECTION = process.env.PB_AUTH_COLLECTION || 'Users';
|
||||
const PB_OAUTH_PROVIDER = 'microsoft';
|
||||
|
||||
const pb = new PocketBase(PB_BASE_URL);
|
||||
|
||||
function setPbToken(token: string) { pb.authStore.save(token, null); }
|
||||
function clearPbToken() { pb.authStore.clear(); }
|
||||
|
||||
async function validatePbToken(token: string): Promise<void> {
|
||||
setPbToken(token);
|
||||
await pb.collection(process.env.PB_AUTH_COLLECTION || 'Users').authRefresh();
|
||||
await pb.collection(PB_AUTH_COLLECTION).authRefresh();
|
||||
}
|
||||
|
||||
// ---------------------------------------------------------------------------
|
||||
@@ -110,7 +114,19 @@ async function resolveSiteId(delegatedToken: string): Promise<string> {
|
||||
// Routes
|
||||
// ---------------------------------------------------------------------------
|
||||
|
||||
app.get('/health', (c) => c.json({ ok: true, pbDB: process.env.PB_DB }));
|
||||
app.get('/health', (c) => c.json({ ok: true, pbDB: PB_BASE_URL }));
|
||||
|
||||
app.get('/api/auth/pocketbase-config', (c) => {
|
||||
if (!PB_BASE_URL) {
|
||||
return c.json({ success: false, message: 'Missing PB_URL or PB_DB' }, 500);
|
||||
}
|
||||
return c.json({
|
||||
success: true,
|
||||
pbUrl: PB_BASE_URL,
|
||||
collection: PB_AUTH_COLLECTION,
|
||||
provider: PB_OAUTH_PROVIDER,
|
||||
});
|
||||
});
|
||||
|
||||
app.get('/api/auth/msal-config', (c) => {
|
||||
const clientId = process.env.CLIENT_ID || '';
|
||||
@@ -275,8 +291,10 @@ app.post('/api/onenote/append', async (c) => {
|
||||
});
|
||||
|
||||
// ---------------------------------------------------------------------------
|
||||
// POST /api/submit — save a record to PocketBase
|
||||
// POST /api/submit — save a note record to PocketBase Notes collection
|
||||
// ---------------------------------------------------------------------------
|
||||
const PB_NOTES_COLLECTION = process.env.PB_NOTES_COLLECTION || 'Notes';
|
||||
|
||||
app.post('/api/submit', async (c) => {
|
||||
try {
|
||||
const body = await c.req.json();
|
||||
@@ -288,19 +306,42 @@ app.post('/api/submit', async (c) => {
|
||||
return c.json({ success: false, message: 'Invalid token' }, 401);
|
||||
}
|
||||
|
||||
const record = await pb
|
||||
.collection(process.env.PB_COLLECTION || 'Job_Info_TestEnv')
|
||||
.create({
|
||||
...body,
|
||||
submittedBy: pb.authStore.model?.email || 'unknown',
|
||||
submittedAt: new Date().toISOString(),
|
||||
});
|
||||
const user = pb.authStore.model;
|
||||
const bodyPlain = String(body.bodyPlain || '').trim();
|
||||
const title = String(body.title || 'Untitled').trim();
|
||||
const noteType = String(body.noteType || 'personal').trim();
|
||||
const jobNumber = String(body.jobNumber || '').trim();
|
||||
|
||||
// Convert plain text to simple HTML (matches what the main app stores)
|
||||
const bodyHtml = bodyPlain
|
||||
.split(/\r\n|\r|\n/)
|
||||
.map((line) => `<p>${line || ' '}</p>`)
|
||||
.join('');
|
||||
|
||||
const payload: Record<string, unknown> = {
|
||||
body_plain: bodyPlain,
|
||||
body_html: bodyHtml,
|
||||
title,
|
||||
type: noteType,
|
||||
email: user?.email || body.userEmail || '',
|
||||
Username: user?.name || user?.username || user?.email || '',
|
||||
userId: user?.id || '',
|
||||
job_note: noteType === 'job' || !!jobNumber,
|
||||
shared: false,
|
||||
shared_with: [],
|
||||
};
|
||||
|
||||
if (jobNumber) {
|
||||
payload['Job_Number'] = jobNumber;
|
||||
}
|
||||
|
||||
const record = await pb.collection(PB_NOTES_COLLECTION).create(payload);
|
||||
|
||||
console.log('submission_success', { recordId: record.id });
|
||||
return c.json({ success: true, recordId: record.id });
|
||||
} catch (err) {
|
||||
console.error('submit_error', { message: (err as Error)?.message });
|
||||
return c.json({ success: false, message: 'Internal error' }, 500);
|
||||
return c.json({ success: false, message: (err as Error)?.message || 'Internal error' }, 500);
|
||||
} finally {
|
||||
clearPbToken();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user