Merge pull request #2599 from Budibase/feature/onboarding-backend-self-hosted-flow-and-shared-sessions

Configurable user cache population in auth middleware
This commit is contained in:
Rory Powell 2021-09-14 11:02:20 +01:00 committed by GitHub
commit 708853d890
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 4 deletions

View File

@ -3,7 +3,27 @@ const { getTenantId, lookupTenantId, getGlobalDB } = require("../tenancy")
const EXPIRY_SECONDS = 3600
exports.getUser = async (userId, tenantId = null) => {
/**
* The default populate user function
*/
const populateFromDB = (userId, tenantId) => {
return getGlobalDB(tenantId).get(userId)
}
/**
* Get the requested user by id.
* Use redis cache to first read the user.
* If not present fallback to loading the user directly and re-caching.
* @param {*} userId the id of the user to get
* @param {*} tenantId the tenant of the user to get
* @param {*} populateUser function to provide the user for re-caching. default to couch db
* @returns
*/
exports.getUser = async (
userId,
tenantId = null,
populateUser = populateFromDB
) => {
if (!tenantId) {
try {
tenantId = getTenantId()
@ -15,7 +35,7 @@ exports.getUser = async (userId, tenantId = null) => {
// try cache
let user = await client.get(userId)
if (!user) {
user = await getGlobalDB(tenantId).get(userId)
user = await populateUser(userId, tenantId)
client.store(userId, user, EXPIRY_SECONDS)
}
if (user && !user.tenantId && tenantId) {

View File

@ -21,7 +21,10 @@ function finalise(
* The tenancy modules should not be used here and it should be assumed that the tenancy context
* has not yet been populated.
*/
module.exports = (noAuthPatterns = [], opts = { publicAllowed: false }) => {
module.exports = (
noAuthPatterns = [],
opts = { publicAllowed: false, populateUser: null }
) => {
const noAuthOptions = noAuthPatterns ? buildMatcherRegex(noAuthPatterns) : []
return async (ctx, next) => {
let publicEndpoint = false
@ -46,7 +49,15 @@ module.exports = (noAuthPatterns = [], opts = { publicAllowed: false }) => {
error = "No session found"
} else {
try {
if (opts && opts.populateUser) {
user = await getUser(
userId,
session.tenantId,
opts.populateUser(ctx)
)
} else {
user = await getUser(userId, session.tenantId)
}
delete user.password
authenticated = true
} catch (err) {