Respect tenant in url in UI app. Reject tenant and session mismatch

This commit is contained in:
Rory Powell 2021-09-29 16:41:58 +01:00
parent ffda3d3e17
commit 0dfae96e52
2 changed files with 22 additions and 0 deletions

View File

@ -9,10 +9,31 @@
$: hasAdminUser = $admin?.checklist?.adminUser?.checked $: hasAdminUser = $admin?.checklist?.adminUser?.checked
$: tenantSet = $auth.tenantSet $: tenantSet = $auth.tenantSet
$: cloud = $admin.cloud $: cloud = $admin.cloud
$: user = $auth.user
const validateTenantId = async () => {
// set the tenant from the url in the cloud
const tenantId = window.location.host.split(".")[0]
if (!tenantId.includes("localhost:")) {
// user doesn't have permission to access this tenant - kick them out
if (user && user.tenantId && user.tenantId !== tenantId) {
await auth.logout()
await auth.setOrganisation(null)
} else {
await auth.setOrganisation(tenantId)
}
}
}
onMount(async () => { onMount(async () => {
await auth.checkAuth() await auth.checkAuth()
await admin.init() await admin.init()
if (cloud && multiTenancyEnabled) {
await validateTenantId()
}
loaded = true loaded = true
}) })

View File

@ -80,6 +80,7 @@ export function createAuthStore() {
return { return {
subscribe: store.subscribe, subscribe: store.subscribe,
setOrganisation: setOrganisation,
checkQueryString: async () => { checkQueryString: async () => {
const urlParams = new URLSearchParams(window.location.search) const urlParams = new URLSearchParams(window.location.search)
if (urlParams.has("tenantId")) { if (urlParams.has("tenantId")) {