feat(sso): issue one-time tokens for iframe apps
CI / build (push) Has been skipped
CI / deploy (push) Successful in 1m24s

Generate short-lived SSO tokens in the site iframe route and add an exchange API to let child apps bootstrap their PocketBase session.
This commit is contained in:
eewing
2026-02-19 09:35:58 -06:00
parent 5c68a42703
commit 121a6b5844
5 changed files with 89 additions and 4 deletions
+8 -2
View File
@@ -2,8 +2,14 @@
import { Button } from '$lib/components/ui/button';
let { data }: {
data: { slug: string; url: string; title: string };
data: { slug: string; url: string; title: string; ssoToken?: string };
} = $props();
const iframeSrc = $derived(
data.ssoToken
? `${data.url}${data.url.includes('?') ? '&' : '?'}sso=${data.ssoToken}`
: data.url
);
</script>
<svelte:head>
@@ -14,7 +20,7 @@
<iframe
id="app-iframe"
title={data.title}
src={data.url}
src={iframeSrc}
class="absolute inset-0 w-full h-full border-0 rounded-none"
/>
<div