mocode-software/meldestelle
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix(auth, web-app): update Keycloak config secrets and improve SW cache handling
Build and Publish Docker Images / build-and-push (., backend/infrastructure/gateway/Dockerfile, api-gateway, api-gateway) (push) Successful in 7m17s
Details
Build and Publish Docker Images / build-and-push (., backend/services/ping/Dockerfile, ping-service, ping-service) (push) Successful in 6m42s
Details
Build and Publish Docker Images / build-and-push (., config/docker/caddy/web-app/Dockerfile, web-app, web-app) (push) Successful in 1m58s
Details
Build and Publish Docker Images / build-and-push (., config/docker/keycloak/Dockerfile, keycloak, keycloak) (push) Successful in 1m44s
Details

Browse Source 
- Updated `keycloak/meldestelle-realm.json` to replace dynamic secrets with static values for local testing.
- Incremented service worker cache version to `v4` and added bypass rules for API requests and app bundles to prevent outdated data.

Signed-off-by: Stefan Mogeritsch <stefan.mo.co@gmail.com>
This commit is contained in:
Stefan Mogeritsch
2026-03-17 10:41:32 +01:00
parent 28cd5d8afa
commit 119af6fd6b
2 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config/docker/keycloak/meldestelle-realm.json
+3 -3
View File
@@ -209,7 +209,7 @@
"protocol": "openid-connect", "protocol": "openid-connect",
"attributes": { "attributes": {
"pkce.code.challenge.method": "S256", "pkce.code.challenge.method": "S256",
"post.logout.redirect.uris": "http://localhost:8080/*##http://localhost:4000/*##http://localhost:3000/*##https://app.meldestelle.at/*##https://app.mo-code.at/*" "post.logout.redirect.uris": "http://localhost:8080/##http://localhost:4000/##http://localhost:3000/##https://app.meldestelle.at/*##https://app.mo-code.at/*"
} }
}, },
{ {
@@ -218,7 +218,7 @@
"description": "Confidential client for backend testing via Postman", "description": "Confidential client for backend testing via Postman",
"enabled": true, "enabled": true,
"clientAuthenticatorType": "client-secret", "clientAuthenticatorType": "client-secret",
"secret": "${KC_POSTMAN_CLIENT_SECRET}", "secret": "postman-secret-123",
"redirectUris": [ "redirectUris": [
"https://oauth.pstmn.io/v1/callback" "https://oauth.pstmn.io/v1/callback"
], ],
@@ -287,7 +287,7 @@
"credentials": [ "credentials": [
{ {
"type": "password", "type": "password",
"value": "${KC_BOOTSTRAP_ADMIN_PASSWORD}", "value": "Admin#1234",
"temporary": false "temporary": false
} }
], ],
frontend/shells/meldestelle-portal/src/jsMain/resources/sw.js
+7 -1
View File
@@ -1,6 +1,6 @@
const IS_DEV = self.location.hostname === 'localhost' || self.location.hostname === '127.0.0.1' || self.location.hostname === '::1'; const IS_DEV = self.location.hostname === 'localhost' || self.location.hostname === '127.0.0.1' || self.location.hostname === '::1';
const CACHE_NAME = 'meldestelle-cache-v3'; const CACHE_NAME = 'meldestelle-cache-v4';
const PRECACHE_URLS = [ const PRECACHE_URLS = [
'/', '/',
'/index.html', '/index.html',
@@ -75,6 +75,12 @@ self.addEventListener('fetch', (event) => {
return; return;
} }
// API-Requests immer direkt vom Netzwerk niemals aus dem Cache (Auth-Header müssen erhalten bleiben)
if (url.pathname.startsWith('/api/')) {
event.respondWith(fetch(req));
return;
}
// App-Bundle immer vom Netzwerk niemals aus dem Cache (verhindert veraltete JS-Versionen) // App-Bundle immer vom Netzwerk niemals aus dem Cache (verhindert veraltete JS-Versionen)
if (url.pathname.endsWith('web-app.js') || url.pathname.endsWith('web-app.js.map')) { if (url.pathname.endsWith('web-app.js') || url.pathname.endsWith('web-app.js.map')) {
event.respondWith(fetch(req)); event.respondWith(fetch(req));