diff --git a/src/lib/auth.ts b/src/lib/auth.ts index 3d17b43..b848e33 100644 --- a/src/lib/auth.ts +++ b/src/lib/auth.ts @@ -9,6 +9,7 @@ import { redirect } from "@solidjs/router"; import { z } from "zod"; import { db } from "./db"; import { PrismaAdapter } from "@auth/prisma-adapter"; +import { k8sCore } from "./k8s"; declare module "@auth/core/types" { export interface Session { @@ -42,6 +43,35 @@ const authOptions: SolidAuthConfig = { debug: false, trustHost: true, basePath: "/api/auth", + callbacks: { + signIn: async (user) => { + if (!user.user.name) return false; + let existingNamespace; + try { + existingNamespace = await k8sCore.readNamespace(user.user.name); + } catch (e) {} + // disallow register when namespace exists + if ( + !(await db.user.findUnique({ where: { id: user.user.id } })) && + existingNamespace + ) + return false; + + if (existingNamespace) return true; + + await k8sCore.createNamespace({ + apiVersion: "v1", + kind: "Namespace", + metadata: { + name: user.user.name, + labels: { + "app.kubernetes.io/managed-by": "deploycat", + }, + }, + }); + return true; + }, + }, }; export const getAuthOptions = () => authOptions;