fix: Traefik 路由範本加入 /login OIDC redirect
- manager 和一般租戶都加入 {code}-login 路由 (priority 300)
- 加入 {code}-oidc-redirect middleware 自動導向 user_oidc/login/1
- 修正 NC 無法透過 /login 觸發 SSO 的問題
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
VMIS Developer
@@ -209,10 +209,24 @@ def _generate_tenant_route_yaml(tenant, is_active: bool) -> str:
|
||||
" vmis-strip-admin:",
|
||||
" stripPrefix:",
|
||||
' prefixes: ["/admin"]',
|
||||
f" {code}-oidc-redirect:",
|
||||
" redirectRegex:",
|
||||
' regex: ".*"',
|
||||
f' replacement: "https://{domain}/apps/user_oidc/login/1"',
|
||||
" permanent: false",
|
||||
"",
|
||||
]
|
||||
lines += [
|
||||
" routers:",
|
||||
f" {code}-login:",
|
||||
f' rule: "Host(`{domain}`) && Path(`/login`)"',
|
||||
f" service: {code}-drive",
|
||||
" entryPoints: [websecure]",
|
||||
f" middlewares: [{code}-oidc-redirect]",
|
||||
" tls:",
|
||||
" certResolver: letsencrypt",
|
||||
" priority: 300",
|
||||
"",
|
||||
f" {code}-admin:",
|
||||
f' rule: "Host(`{domain}`) && PathPrefix(`/admin`)"',
|
||||
f" service: {code}-vmis",
|
||||
@@ -255,7 +269,23 @@ def _generate_tenant_route_yaml(tenant, is_active: bool) -> str:
|
||||
]
|
||||
else:
|
||||
lines += [
|
||||
" middlewares:",
|
||||
f" {code}-oidc-redirect:",
|
||||
" redirectRegex:",
|
||||
' regex: ".*"',
|
||||
f' replacement: "https://{domain}/apps/user_oidc/login/1"',
|
||||
" permanent: false",
|
||||
"",
|
||||
" routers:",
|
||||
f" {code}-login:",
|
||||
f' rule: "Host(`{domain}`) && Path(`/login`)"',
|
||||
f" service: {code}-drive",
|
||||
" entryPoints: [websecure]",
|
||||
f" middlewares: [{code}-oidc-redirect]",
|
||||
" tls:",
|
||||
" certResolver: letsencrypt",
|
||||
" priority: 300",
|
||||
"",
|
||||
f" {code}-drive:",
|
||||
f' rule: "Host(`{domain}`)"',
|
||||
f" service: {code}-drive",
|
||||
|
||||
Reference in New Issue
Block a user