feat(#1): Add permission and role model

2025-10-31 09:26:37 +01:00
parent 36364a7977
commit 1997877168
12 changed files with 218 additions and 31 deletions
--- a/legalconsenthub/server/routes/auth/keycloak.get.ts
+++ b/legalconsenthub/server/routes/auth/keycloak.get.ts
@@ -13,12 +13,14 @@ export default defineOAuthKeycloakEventHandler({
    }

    const organizations = decodedJwt ? extractOrganizations(decodedJwt) : []
+    const roles = decodedJwt ? extractRoles(decodedJwt) : []

    await setUserSession(event, {
      user: {
        keycloakId: user.sub,
        name: user.preferred_username,
-        organizations
+        organizations,
+        roles
      },
      jwt: {
        accessToken: tokens.access_token,
@@ -54,3 +56,7 @@ function extractOrganizations(decoded: KeycloakTokenPayload): Organization[] {

  return organizations
 }
+
+function extractRoles(decoded: KeycloakTokenPayload): string[] {
+  return decoded?.resource_access?.legalconsenthub?.roles ?? []
+}