Skip to content

Added JWT decoding to Google Auth feature PR#232

Open
twang849 wants to merge 14 commits intosupercog-ai:mainfrom
twang849:feature/google-login
Open

Added JWT decoding to Google Auth feature PR#232
twang849 wants to merge 14 commits intosupercog-ai:mainfrom
twang849:feature/google-login

Conversation

@twang849
Copy link
Contributor

@twang849 twang849 commented Jun 16, 2025
edited
Loading

This PR builds upon #230

Changes

api.py

  • Removed dummy /login endpoint that was used to mimic retrieving a JWT
  • Changed replace("Bearer ", "") with token = token[7:]

cli.py

  • Added implementation of lookup_user, which uses python-jose.jwe for decryption. (had to look up a workaround online that also uses Hkdf since regular methods weren't working, and fastapi-nextauth-jwt does not work for JWEs which is NextAuth's default type of JWT)

api/token/route.ts

  • Changed it so that it does not return the decoded token

app/lib/api.ts

  • Changed fetch from dummy /login endpoint to nextjs API route at /api/token, which retrieves the current JWT using NextAuth's getToken() helper method

login/page.tsx

  • Added GitHub login button
  • Changed old SVG for google to a Nextjs Image component
  • added SVG icons for Google and GitHub

In 'const authFetch' lib/api.ts it currently sets the JWT in local storage which might not be safe. However, not setting it requires it to fetch from /api/token each request which could be quite slow. Please let me know if either is okay/not okay, and I can find a work around.

To test the JWT logic you must run agentic serve with --user-agents

@twang849 twang849 changed the title Feature/google login Added JWT decoding to #203 Jun 16, 2025
@twang849 twang849 changed the title Added JWT decoding to #203 Added JWT decoding to Google Auth feature PR Jun 16, 2025
drbrady8800
drbrady8800 requested changes Jun 16, 2025
View reviewed changes
Copy link
Contributor

@drbrady8800 drbrady8800 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good, exciting stuff! My biggest concerns are backwards compatibility and documentation. If some decides not to set up google auth / github auth then we shouldn't force them into a login page every time. Let's check if the env vars exist, and if they don't just behave as it was. We should also have detailed documentation on how to get the necessary env variables, where to put them, and how to get the whole auth system running. Thank you for putting this all together!

src/agentic/dashboard/src/app/api/auth/[...nextauth]/route.ts
const authOptions: NextAuthOptions = {
// Configure NextAuth to use Google as the OAuth provider
// This handles login, token exchange, and session creation
// Add GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET to .env.local
Copy link
Contributor

@drbrady8800 drbrady8800 Jun 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lets add docs for how to set up the different auth methods. We should only show auth as an option if the relevant env vars are present in .env, otherwise it should behave as before

src/agentic/dashboard/src/app/login/page.tsx
Sign in with Google
</Button>
<Button className="mt-5" onClick={() => signIn('github', { callbackUrl: '/' })}>
<Image
Copy link
Contributor

@drbrady8800 drbrady8800 Jun 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hard to see the github icon on a black button, maybe use the white github icon?

src/agentic/dashboard/src/app/page.tsx
// Login redirection logic
// Redirect if not authenticated
if (status === 'loading') {
return <div>Loading...</div>;
Copy link
Contributor

@drbrady8800 drbrady8800 Jun 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's use the loader to make this look nice

@drbrady8800 drbrady8800 mentioned this pull request Jun 16, 2025
Open
@twang849
Copy link
Contributor Author

twang849 commented Jun 16, 2025

@drbrady8800 Got it, thanks for the feedback. Will implement your suggested changes as soon as possible.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@drbrady8800 drbrady8800 drbrady8800 requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@twang849 @drbrady8800