feat(whitelabeling): implement public whitelabeling configuration retrieval

- Added a new service to fetch public whitelabeling configuration for unauthenticated contexts.
- Updated the whitelabeling router to utilize the new service for public requests.
- Enhanced license validation checks to ensure proper access control based on organization licenses.
This commit is contained in:
Mauricio Siu
2026-07-06 16:33:12 -06:00
parent 86f941d606
commit 8f9be1636c
3 changed files with 66 additions and 22 deletions

View File

@@ -1,5 +1,7 @@
import {
getPublicWhitelabelingConfig,
getWebServerSettings,
hasValidLicense,
IS_CLOUD,
updateWebServerSettings,
} from "@dokploy/server";
@@ -13,10 +15,13 @@ import {
} from "../../trpc";
export const whitelabelingRouter = createTRPCRouter({
get: protectedProcedure.query(async () => {
get: protectedProcedure.query(async ({ ctx }) => {
if (IS_CLOUD) {
return null;
}
if (!(await hasValidLicense(ctx.session.activeOrganizationId))) {
return null;
}
const settings = await getWebServerSettings();
return settings?.whitelabelingConfig ?? null;
}),
@@ -82,25 +87,5 @@ export const whitelabelingRouter = createTRPCRouter({
// Public endpoint only for unauthenticated pages (login, register, error)
// Returns only the fields needed for public pages
getPublic: publicProcedure.query(async () => {
if (IS_CLOUD) {
return null;
}
const settings = await getWebServerSettings();
const config = settings?.whitelabelingConfig;
if (!config) return null;
return {
appName: config.appName,
appDescription: config.appDescription,
logoUrl: config.logoUrl,
loginLogoUrl: config.loginLogoUrl,
faviconUrl: config.faviconUrl,
customCss: config.customCss,
metaTitle: config.metaTitle,
errorPageTitle: config.errorPageTitle,
errorPageDescription: config.errorPageDescription,
footerText: config.footerText,
};
}),
getPublic: publicProcedure.query(() => getPublicWhitelabelingConfig()),
});

View File

@@ -38,6 +38,7 @@ export * from "./services/project";
export * from "./services/proprietary/forward-auth";
export * from "./services/proprietary/license-key";
export * from "./services/proprietary/sso";
export * from "./services/proprietary/whitelabeling";
export * from "./services/redirect";
export * from "./services/redis";
export * from "./services/registry";

View File

@@ -0,0 +1,58 @@
import { IS_CLOUD } from "@dokploy/server/constants";
import { db } from "@dokploy/server/db";
import { hasValidLicense } from "@dokploy/server/services/proprietary/license-key";
import { getWebServerSettings } from "@dokploy/server/services/web-server-settings";
export interface PublicWhitelabelingConfig {
appName: string | null;
appDescription: string | null;
logoUrl: string | null;
loginLogoUrl: string | null;
faviconUrl: string | null;
customCss: string | null;
metaTitle: string | null;
errorPageTitle: string | null;
errorPageDescription: string | null;
footerText: string | null;
}
// Self-hosted is single-tenant; gate on the oldest organization's license,
// mirroring resolveLocalConcurrency in server/queues/concurrency.ts. Used only
// for unauthenticated requests (no active organization in session).
const hasAnyValidLicense = async (): Promise<boolean> => {
const org = await db.query.organization.findFirst({
columns: { id: true },
orderBy: (organization, { asc }) => [asc(organization.createdAt)],
});
return org ? await hasValidLicense(org.id) : false;
};
/**
* Public whitelabeling config for unauthenticated contexts (login page, SSR
* document shell). No active organization/session is available here.
*/
export const getPublicWhitelabelingConfig =
async (): Promise<PublicWhitelabelingConfig | null> => {
if (IS_CLOUD) {
return null;
}
if (!(await hasAnyValidLicense())) {
return null;
}
const settings = await getWebServerSettings();
const config = settings?.whitelabelingConfig;
if (!config) return null;
return {
appName: config.appName,
appDescription: config.appDescription,
logoUrl: config.logoUrl,
loginLogoUrl: config.loginLogoUrl,
faviconUrl: config.faviconUrl,
customCss: config.customCss,
metaTitle: config.metaTitle,
errorPageTitle: config.errorPageTitle,
errorPageDescription: config.errorPageDescription,
footerText: config.footerText,
};
};