Merge pull request #2801 from Budibase/fix/set-tenant-from-url-ui
Respect tenant in url in UI app. Reject tenant and session mismatch
This commit is contained in:
commit
00572e86ea
|
@ -9,10 +9,31 @@
|
||||||
$: hasAdminUser = $admin?.checklist?.adminUser?.checked
|
$: hasAdminUser = $admin?.checklist?.adminUser?.checked
|
||||||
$: tenantSet = $auth.tenantSet
|
$: tenantSet = $auth.tenantSet
|
||||||
$: cloud = $admin.cloud
|
$: cloud = $admin.cloud
|
||||||
|
$: user = $auth.user
|
||||||
|
|
||||||
|
const validateTenantId = async () => {
|
||||||
|
// set the tenant from the url in the cloud
|
||||||
|
const tenantId = window.location.host.split(".")[0]
|
||||||
|
|
||||||
|
if (!tenantId.includes("localhost:")) {
|
||||||
|
// user doesn't have permission to access this tenant - kick them out
|
||||||
|
if (user?.tenantId !== tenantId) {
|
||||||
|
await auth.logout()
|
||||||
|
await auth.setOrganisation(null)
|
||||||
|
} else {
|
||||||
|
await auth.setOrganisation(tenantId)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
onMount(async () => {
|
onMount(async () => {
|
||||||
await auth.checkAuth()
|
await auth.checkAuth()
|
||||||
await admin.init()
|
await admin.init()
|
||||||
|
|
||||||
|
if (cloud && multiTenancyEnabled) {
|
||||||
|
await validateTenantId()
|
||||||
|
}
|
||||||
|
|
||||||
loaded = true
|
loaded = true
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
|
@ -80,6 +80,7 @@ export function createAuthStore() {
|
||||||
|
|
||||||
return {
|
return {
|
||||||
subscribe: store.subscribe,
|
subscribe: store.subscribe,
|
||||||
|
setOrganisation: setOrganisation,
|
||||||
checkQueryString: async () => {
|
checkQueryString: async () => {
|
||||||
const urlParams = new URLSearchParams(window.location.search)
|
const urlParams = new URLSearchParams(window.location.search)
|
||||||
if (urlParams.has("tenantId")) {
|
if (urlParams.has("tenantId")) {
|
||||||
|
|
Loading…
Reference in New Issue