Self hosted SSO flow and account deletion

2021-09-21 12:27:53 +01:00 · 2021-09-21 12:27:53 +01:00 · 44002979b0
parent 1a6927cf32
commit 44002979b0
4 changed files with 14 additions and 2 deletions
--- a/packages/auth/src/index.js
+++ b/packages/auth/src/index.js
@ -12,6 +12,7 @@ const {
  auditLog,
  tenancy,
  appTenancy,
+  authError,
 } = require("./middleware")
 const { setDB } = require("./db")
 const userCache = require("./cache/user")
@ -60,6 +61,7 @@ module.exports = {
    buildTenancyMiddleware: tenancy,
    buildAppTenancyMiddleware: appTenancy,
    auditLog,
+    authError,
  },
  cache: {
    user: userCache,
--- a/packages/auth/src/middleware/index.js
+++ b/packages/auth/src/middleware/index.js
@ -2,6 +2,7 @@ const jwt = require("./passport/jwt")
 const local = require("./passport/local")
 const google = require("./passport/google")
 const oidc = require("./passport/oidc")
+const { authError } = require("./passport/utils")
 const authenticated = require("./authenticated")
 const auditLog = require("./auditLog")
 const tenancy = require("./tenancy")
@ -16,4 +17,5 @@ module.exports = {
  auditLog,
  tenancy,
  appTenancy,
+  authError,
 }
--- a/packages/auth/src/middleware/passport/google.js
+++ b/packages/auth/src/middleware/passport/google.js
@ -27,7 +27,11 @@ async function authenticate(accessToken, refreshToken, profile, done) {
 * from couchDB rather than environment variables, using this factory is necessary for dynamically configuring passport.
 * @returns Dynamically configured Passport Google Strategy
 */
-exports.strategyFactory = async function (config, callbackUrl) {
+exports.strategyFactory = async function (
+  config,
+  callbackUrl,
+  verify = authenticate
+) {
  try {
    const { clientID, clientSecret } = config

@ -43,7 +47,7 @@ exports.strategyFactory = async function (config, callbackUrl) {
        clientSecret: config.clientSecret,
        callbackURL: callbackUrl,
      },
-      authenticate
+      verify
    )
  } catch (err) {
    console.error(err)
--- a/packages/auth/src/security/sessions.js
+++ b/packages/auth/src/security/sessions.js
@ -30,6 +30,10 @@ exports.invalidateSessions = async (userId, sessionId = null) => {
    sessions.push({ key: makeSessionID(userId, sessionId) })
  } else {
    sessions = await getSessionsForUser(userId)
+    sessions.forEach(
+      session =>
+        (session.key = makeSessionID(session.userId, session.sessionId))
+    )
  }
  const client = await redis.getSessionClient()
  const promises = []