wip

2025-09-05 01:39:06 +03:00
parent 84216c3ced
commit 0cf04b4f55
29 changed files with 52428 additions and 133 deletions
--- a/supabase/config.toml
+++ b/supabase/config.toml
@@ -105,9 +105,9 @@ file_size_limit = "50MiB"
 enabled = true
 # The base URL of your website. Used as an allow-list for redirects and for constructing URLs used
 # in emails.
-site_url = "http://127.0.0.1:3000"
+site_url = "http://localhost:3000"
 # A list of *exact* URLs that auth providers are permitted to redirect to post authentication.
-additional_redirect_urls = ["https://127.0.0.1:3000","http://localhost:3000/auth/callback", "http://localhost:3000/update-password"]
+additional_redirect_urls = ["https://127.0.0.1:3000","http://127.0.0.1:3000","http://localhost:3000","http://localhost:3000/auth/callback", "http://localhost:3000/update-password"]
 # How long tokens are valid for, in seconds. Defaults to 3600 (1 hour), maximum 604,800 (1 week).
 jwt_expiry = 3600
 # If disabled, the refresh token will never expire.
@@ -269,6 +269,14 @@ url = ""
 # If enabled, the nonce check will be skipped. Required for local sign in with Google auth.
 skip_nonce_check = false

+[auth.external.keycloak]
+enabled = true
+client_id = "env(SUPABASE_AUTH_CLIENT_ID)"
+secret = "env(SUPABASE_AUTH_KEYCLOAK_SECRET)"
+redirect_uri = "env(SUPABASE_AUTH_KEYCLOAK_CALLBACK_URL)"
+url = "env(SUPABASE_AUTH_KEYCLOAK_URL)"
+skip_nonce_check = true
+
 # Use Firebase Auth as a third-party provider alongside Supabase Auth.
 [auth.third_party.firebase]
 enabled = false