From 20b70a0445c511af6094b798da4950de0a955f1c Mon Sep 17 00:00:00 2001 From: Rory Powell Date: Thu, 8 Jul 2021 16:49:07 +0100 Subject: [PATCH] Always maintain original user id. No longer remove old user during sync --- .../middleware/passport/third-party-common.js | 48 +++++++------------ 1 file changed, 16 insertions(+), 32 deletions(-) diff --git a/packages/auth/src/middleware/passport/third-party-common.js b/packages/auth/src/middleware/passport/third-party-common.js index b8cb7375d2..c11465ec3b 100644 --- a/packages/auth/src/middleware/passport/third-party-common.js +++ b/packages/auth/src/middleware/passport/third-party-common.js @@ -66,19 +66,19 @@ exports.authenticateThirdParty = async function ( } } - let user // first time creation if (!dbUser) { - user = constructNewUser(userId, thirdPartyUser) - } else { - // existing user - user = constructMergedUser(userId, dbUser, thirdPartyUser) - await db.remove(dbUser._id, dbUser._rev) + // setup a blank user using the third party id + dbUser = { + _id: userId, + roles: {}, + } } + dbUser = syncUser(dbUser, thirdPartyUser) + // create or sync the user - const response = await db.post(user) - dbUser = user + const response = await db.post(dbUser) dbUser._rev = response.rev // authenticate @@ -96,31 +96,15 @@ exports.authenticateThirdParty = async function ( } /** - * @returns a user object constructed from existing and third party information + * @returns a user that has been sync'd with third party information */ -function constructMergedUser(userId, existing, thirdPartyUser) { - // sync third party fields - const user = constructNewUser(userId, thirdPartyUser) +function syncUser(user, thirdPartyUser) { + // provider + user.provider = thirdPartyUser.provider + user.providerType = thirdPartyUser.providerType - // merge existing fields - user.roles = existing.roles - user.builder = existing.builder - user.admin = existing.admin - - return user -} - -/** - * @returns a user object constructed from third party information - */ -function constructNewUser(userId, thirdPartyUser) { - const user = { - _id: userId, - provider: thirdPartyUser.provider, - providerType: thirdPartyUser.providerType, - email: thirdPartyUser.email, - roles: {}, - } + // email + user.email = thirdPartyUser.email if (thirdPartyUser.profile) { const profile = thirdPartyUser.profile @@ -146,7 +130,7 @@ function constructNewUser(userId, thirdPartyUser) { } } - // persist oauth tokens for future use + // oauth tokens for future use if (thirdPartyUser.oauth2) { user.oauth2 = { ...thirdPartyUser.oauth2,