Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Indexing site with authentication #136

Closed
erzz opened this issue Jan 7, 2024 · 2 comments
Closed

Indexing site with authentication #136

erzz opened this issue Jan 7, 2024 · 2 comments

Comments

@erzz
Copy link

erzz commented Jan 7, 2024
edited
Loading

In one deployment scenario we need to wrap the application in our SSO provide (azure) which means that the site is built with authentication enabled.

Lunr seems to do its indexing after the site is built (understandably) which means that in this scenario it cannot access any of the URLs (as it has no SSO credentials). This results in zero docs getting indexed of course.

The only workaround I can think of for this would be:

  • Run the build once with SSO disabled to generate the index and search-docs.
  • Run build again with SSO enabled for deployment
  • Copy the index and search docs over to the build folder of the deployment run

I dont expect that there is a lot you can do about solving SSO requirements here - but do wonder if you have any brainwaves on a better approach or method of generating the index in a different way?
@lxix
Copy link
Contributor

lxix commented Jan 11, 2024

This is how I do it:
I have a bare (meaning that I have not modified/wrapped docusaurus or docusaurus-lunr-search in any way, especially with auth) docusaurus project in my private repository, which I build a docker image from (with nixpacks, but not important). Then I push the image to a (private) registry and deploy it to a server. On this server there is a traefik container configured to do the authentication before requests can reach the docusaurus container.

@erzz
Copy link
Author

erzz commented Jan 11, 2024

Thanks @lxix :)

Whilst you wrote your answer I also found an answer thanks to the tip in #105 (which this is essentially a dupe of!). Here is my solution when using azure's msal-browser auth package.

export default function Root({children}) {
  /* this allows the search indexing to work in a CI context */
  const isBrowser = useIsBrowser();
  if (!isBrowser) {
    return <>{children}</>;
  } else {
    /* otherwise require SSO */
    return (
      <MsalProvider instance={pca}>
        <UnauthenticatedTemplate>
          <Login />
        </UnauthenticatedTemplate>
        <AuthenticatedTemplate>{children};</AuthenticatedTemplate>
      </MsalProvider>
    );
  }
}

So essentially the build process is not a browser context, so we can detect that and allow it to bypass auth. But when its being served as a CSR the auth kicks in.

@erzz erzz closed this as completed Jan 11, 2024
@praveenn77 praveenn77 mentioned this issue May 24, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lxix @erzz