jbrueckner/GhostGrid
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Entra ID login + settings page for integrations

Browse Source 
- Add SQLite settings table with getSetting/setSetting/getAllSettings helpers
- Implement Azure OAuth2 authorization code flow via @azure/msal-node
- Add public GET /api/auth/config endpoint for frontend activation check
- Add admin-only GET/PUT /api/settings API with masked secret fields
- CheckMK sync reads credentials from DB settings (env vars as fallback)
- New Settings.tsx: Entra ID and CheckMK configuration cards
- LoginPage: "Sign in with Microsoft" button, shown only when Azure is active
- App.tsx: OAuth callback handling (?token=/?auth_error=), Settings tab for admins
This commit is contained in:
Brückner
2026-06-03 16:02:47 +02:00
parent eed01b9665
commit d364aea4c1
5 changed files with 569 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

316
src/components/Settings.tsx Normal file
View File

@ -0,0 +1,316 @@
import React, { useState, useEffect } from 'react';
import { authFetch } from '../lib/auth';
import { User } from '../types';
import {
Shield, Activity, Save, CheckCircle, AlertCircle, Eye, EyeOff, Settings2, Lock,
} from 'lucide-react';
const SECRET_SENTINEL = '__SET__';
interface RawSettings {
azure_enabled: string;
azure_client_id: string;
azure_tenant_id: string;
azure_client_secret: string;
azure_redirect_uri: string;
checkmk_api_url: string;
checkmk_api_secret: string;
checkmk_sync_interval_ms: string;
}
interface SettingsProps {
currentUser: User;
}
function FieldLabel({ children }: { children: React.ReactNode }) {
return (
<label className="block text-xs font-semibold text-slate-300 mb-1.5">{children}</label>
);
}
function TextInput({
value, onChange, placeholder, disabled, monospace,
}: {
value: string;
onChange: (v: string) => void;
placeholder?: string;
disabled?: boolean;
monospace?: boolean;
}) {
return (
<input
type="text"
value={value}
onChange={e => onChange(e.target.value)}
placeholder={placeholder}
disabled={disabled}
className={`w-full bg-slate-900 border border-slate-700 rounded-lg px-3 py-2.5 text-sm text-white placeholder-slate-500 focus:outline-none focus:ring-2 focus:ring-cyan-500/50 focus:border-cyan-500/50 transition-all disabled:opacity-50 disabled:cursor-not-allowed ${monospace ? 'font-mono' : ''}`}
/>
);
}
function SecretInput({
value, onChange, alreadySet, show, onToggleShow, placeholder,
}: {
value: string;
onChange: (v: string) => void;
alreadySet: boolean;
show: boolean;
onToggleShow: () => void;
placeholder?: string;
}) {
return (
<div className="relative">
<input
type={show ? 'text' : 'password'}
value={value}
onChange={e => onChange(e.target.value)}
placeholder={alreadySet ? 'Bereits konfiguriert leer lassen zum Behalten' : (placeholder ?? 'Neuen Wert eingeben')}
className="w-full bg-slate-900 border border-slate-700 rounded-lg px-3 py-2.5 pr-10 text-sm text-white placeholder-slate-500 font-mono focus:outline-none focus:ring-2 focus:ring-cyan-500/50 focus:border-cyan-500/50 transition-all"
/>
<button
type="button"
onClick={onToggleShow}
className="absolute right-3 top-1/2 -translate-y-1/2 text-slate-400 hover:text-slate-200 transition-colors"
tabIndex={-1}
>
{show ? <EyeOff className="w-4 h-4" /> : <Eye className="w-4 h-4" />}
</button>
</div>
);
}
export default function Settings({ currentUser }: SettingsProps) {
const [loading, setLoading] = useState(true);
const [saving, setSaving] = useState(false);
const [error, setError] = useState('');
const [successMsg, setSuccessMsg] = useState('');
// Entra ID
const [azureEnabled, setAzureEnabled] = useState(false);
const [azureClientId, setAzureClientId] = useState('');
const [azureTenantId, setAzureTenantId] = useState('');
const [azureClientSecret, setAzureClientSecret] = useState('');
const [azureSecretSet, setAzureSecretSet] = useState(false);
const [azureRedirectUri, setAzureRedirectUri] = useState('');
const [showAzureSecret, setShowAzureSecret] = useState(false);
// CheckMK
const [checkmkApiUrl, setCheckmkApiUrl] = useState('');
const [checkmkApiSecret, setCheckmkApiSecret] = useState('');
const [checkmkSecretSet, setCheckmkSecretSet] = useState(false);
const [checkmkSyncInterval, setCheckmkSyncInterval] = useState('60000');
const [showCheckmkSecret, setShowCheckmkSecret] = useState(false);
useEffect(() => { loadSettings(); }, []);
async function loadSettings() {
setLoading(true);
setError('');
try {
const res = await authFetch('/api/settings');
if (!res.ok) { setError('Einstellungen konnten nicht geladen werden.'); return; }
const data: RawSettings = await res.json();
setAzureEnabled(data.azure_enabled === 'true');
setAzureClientId(data.azure_client_id || '');
setAzureTenantId(data.azure_tenant_id || '');
setAzureSecretSet(data.azure_client_secret === SECRET_SENTINEL);
setAzureClientSecret('');
setAzureRedirectUri(data.azure_redirect_uri || '');
setCheckmkApiUrl(data.checkmk_api_url || '');
setCheckmkSecretSet(data.checkmk_api_secret === SECRET_SENTINEL);
setCheckmkApiSecret('');
setCheckmkSyncInterval(data.checkmk_sync_interval_ms || '60000');
} catch {
setError('Netzwerkfehler beim Laden der Einstellungen.');
} finally {
setLoading(false);
}
}
async function handleSave() {
setSaving(true);
setError('');
setSuccessMsg('');
const payload: Record<string, string> = {
azure_enabled: azureEnabled ? 'true' : 'false',
azure_client_id: azureClientId,
azure_tenant_id: azureTenantId,
azure_redirect_uri: azureRedirectUri,
checkmk_api_url: checkmkApiUrl,
checkmk_sync_interval_ms: checkmkSyncInterval,
};
if (azureClientSecret) payload.azure_client_secret = azureClientSecret;
if (checkmkApiSecret) payload.checkmk_api_secret = checkmkApiSecret;
try {
const res = await authFetch('/api/settings', { method: 'PUT', body: JSON.stringify(payload) });
if (!res.ok) {
const d = await res.json();
setError(d.error || 'Speichern fehlgeschlagen.');
return;
}
const data: RawSettings = await res.json();
setAzureSecretSet(data.azure_client_secret === SECRET_SENTINEL);
setCheckmkSecretSet(data.checkmk_api_secret === SECRET_SENTINEL);
setAzureClientSecret('');
setCheckmkApiSecret('');
setSuccessMsg('Einstellungen gespeichert.');
setTimeout(() => setSuccessMsg(''), 4000);
} catch {
setError('Netzwerkfehler beim Speichern.');
} finally {
setSaving(false);
}
}
if (currentUser.role.toLowerCase() !== 'admin') {
return (
<div className="flex flex-col items-center justify-center h-64 space-y-3">
<Lock className="w-10 h-10 text-slate-600" />
<p className="text-slate-400 text-sm">Einstellungen sind nur für Administratoren zugänglich.</p>
</div>
);
}
if (loading) {
return (
<div className="flex items-center justify-center h-64">
<span className="w-5 h-5 border-2 border-slate-600 border-t-cyan-400 rounded-full animate-spin" />
</div>
);
}
return (
<div className="space-y-6 max-w-3xl">
{/* Page header */}
<div className="flex items-center gap-3">
<div className="p-2 bg-slate-900 border border-slate-800 rounded-xl">
<Settings2 className="w-5 h-5 text-cyan-400" />
</div>
<div>
<h1 className="text-lg font-bold text-white">Einstellungen</h1>
<p className="text-xs text-slate-400">Integrationen und Dienst-Konfigurationen</p>
</div>
</div>
{/* Feedback */}
{error && (
<div className="flex items-center gap-2 bg-red-950/60 border border-red-800/60 rounded-lg px-3 py-2.5 text-xs text-red-300">
<AlertCircle className="w-4 h-4 shrink-0 text-red-400" />
{error}
</div>
)}
{successMsg && (
<div className="flex items-center gap-2 bg-emerald-950/60 border border-emerald-800/60 rounded-lg px-3 py-2.5 text-xs text-emerald-300">
<CheckCircle className="w-4 h-4 shrink-0 text-emerald-400" />
{successMsg}
</div>
)}
{/* Microsoft Entra ID */}
<div className="bg-[#0F172A] border border-[#1E293B] rounded-2xl p-6 space-y-5">
<div className="flex items-center justify-between">
<div className="flex items-center gap-3">
<div className="p-1.5 bg-blue-950/50 border border-blue-900/50 rounded-lg">
<Shield className="w-4 h-4 text-blue-400" />
</div>
<div>
<h3 className="text-sm font-semibold text-white">Microsoft Entra ID</h3>
<p className="text-xs text-slate-500">OAuth 2.0 Login für Organisationsaccounts</p>
</div>
</div>
{/* Toggle */}
<button
type="button"
onClick={() => setAzureEnabled(v => !v)}
className={`relative w-11 h-6 rounded-full transition-colors ${azureEnabled ? 'bg-blue-600' : 'bg-slate-700'}`}
title={azureEnabled ? 'Deaktivieren' : 'Aktivieren'}
>
<span className={`absolute top-0.5 left-0.5 w-5 h-5 bg-white rounded-full shadow transition-transform ${azureEnabled ? 'translate-x-5' : 'translate-x-0'}`} />
</button>
</div>
<div className={`grid grid-cols-1 sm:grid-cols-2 gap-4 ${!azureEnabled ? 'opacity-50 pointer-events-none' : ''}`}>
<div>
<FieldLabel>Tenant ID</FieldLabel>
<TextInput value={azureTenantId} onChange={setAzureTenantId} placeholder="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" monospace />
</div>
<div>
<FieldLabel>Client ID (Application ID)</FieldLabel>
<TextInput value={azureClientId} onChange={setAzureClientId} placeholder="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" monospace />
</div>
<div>
<FieldLabel>Client Secret</FieldLabel>
<SecretInput
value={azureClientSecret}
onChange={setAzureClientSecret}
alreadySet={azureSecretSet}
show={showAzureSecret}
onToggleShow={() => setShowAzureSecret(v => !v)}
/>
</div>
<div>
<FieldLabel>Redirect URI <span className="text-slate-500 font-normal">(leer = automatisch)</span></FieldLabel>
<TextInput value={azureRedirectUri} onChange={setAzureRedirectUri} placeholder="https://ghostgrid.internal/api/auth/azure/callback" monospace />
</div>
</div>
</div>
{/* CheckMK */}
<div className="bg-[#0F172A] border border-[#1E293B] rounded-2xl p-6 space-y-5">
<div className="flex items-center gap-3">
<div className="p-1.5 bg-emerald-950/50 border border-emerald-900/50 rounded-lg">
<Activity className="w-4 h-4 text-emerald-400" />
</div>
<div>
<h3 className="text-sm font-semibold text-white">CheckMK</h3>
<p className="text-xs text-slate-500">Geräte-Status-Synchronisation über die CheckMK REST API</p>
</div>
</div>
<div className="grid grid-cols-1 sm:grid-cols-2 gap-4">
<div className="sm:col-span-2">
<FieldLabel>API URL</FieldLabel>
<TextInput
value={checkmkApiUrl}
onChange={setCheckmkApiUrl}
placeholder="https://checkmk.internal/<site>/check_mk/api/1.0"
monospace
/>
</div>
<div>
<FieldLabel>Automation Secret</FieldLabel>
<SecretInput
value={checkmkApiSecret}
onChange={setCheckmkApiSecret}
alreadySet={checkmkSecretSet}
show={showCheckmkSecret}
onToggleShow={() => setShowCheckmkSecret(v => !v)}
/>
</div>
<div>
<FieldLabel>Sync-Intervall (ms)</FieldLabel>
<TextInput value={checkmkSyncInterval} onChange={setCheckmkSyncInterval} placeholder="60000" monospace />
</div>
</div>
</div>
{/* Save */}
<div className="flex justify-end">
<button
onClick={handleSave}
disabled={saving}
className="flex items-center gap-2 bg-cyan-600 hover:bg-cyan-500 disabled:bg-slate-700 disabled:text-slate-500 text-white font-semibold text-sm px-5 py-2.5 rounded-lg transition-all shadow-lg shadow-cyan-900/30"
>
{saving ? (
<span className="w-4 h-4 border-2 border-white/30 border-t-white rounded-full animate-spin" />
) : (
<Save className="w-4 h-4" />
)}
{saving ? 'Speichert…' : 'Einstellungen speichern'}
</button>
</div>
</div>
);
}