feat: oidc

server/plugins/04.auth-init.ts

@@ -0,0 +1,37 @@
+import { OIDCManager } from "../internal/oidc";
+
+export const enabledAuthManagers: {
+  simple: boolean;
+  oidc: OIDCManager | undefined;
+} = {
+  simple: false,
+  oidc: undefined,
+};
+
+const initFunctions: {
+  [K in keyof typeof enabledAuthManagers]: () => Promise<any>;
+} = {
+  oidc: OIDCManager.prototype.create,
+  simple: async () => {
+    const disabled = process.env.DISABLE_SIMPLE_AUTH as string | undefined;
+    return !disabled;
+  },
+};
+
+export default defineNitroPlugin(async (nitro) => {
+  for (const [key, init] of Object.entries(initFunctions)) {
+    try {
+      const object = await init();
+      if (!object) break;
+      (enabledAuthManagers as any)[key] = object;
+      console.log(`enabled auth: ${key}`);
+    } catch (e) {
+      console.warn(e);
+    }
+  }
+
+  // Add every other auth mechanism here, and fall back to simple if none of them are enabled
+  if (!enabledAuthManagers.oidc) {
+    enabledAuthManagers.simple = true;
+  }
+});

server/plugins/redirect.ts

@@ -7,6 +7,7 @@ export default defineNitroPlugin((nitro) => {
 
     // Don't handle for API routes
     if (event.path.startsWith("/api")) return;
+    if (event.path.startsWith("/auth")) return;
 
     // Make sure it's a web error
     if (!(error instanceof H3Error)) return;