diff --git a/lerna.json b/lerna.json index 4ce8a55868..01eccdaea8 100644 --- a/lerna.json +++ b/lerna.json @@ -1,5 +1,5 @@ { - "version": "0.9.173-alpha.8", + "version": "0.9.175", "npmClient": "yarn", "packages": [ "packages/*" diff --git a/packages/auth/package.json b/packages/auth/package.json index 3955a39cb4..bb12df472a 100644 --- a/packages/auth/package.json +++ b/packages/auth/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/auth", - "version": "0.9.173-alpha.8", + "version": "0.9.175", "description": "Authentication middlewares for budibase builder and apps", "main": "src/index.js", "author": "Budibase", diff --git a/packages/auth/src/middleware/passport/local.js b/packages/auth/src/middleware/passport/local.js index 0db40d64eb..f95c3a173e 100644 --- a/packages/auth/src/middleware/passport/local.js +++ b/packages/auth/src/middleware/passport/local.js @@ -9,6 +9,8 @@ const { createASession } = require("../../security/sessions") const { getTenantId } = require("../../tenancy") const INVALID_ERR = "Invalid Credentials" +const SSO_NO_PASSWORD = "SSO user does not have a password set" +const EXPIRED = "This account has expired. Please reset your password" exports.options = { passReqToCallback: true, @@ -36,6 +38,19 @@ exports.authenticate = async function (ctx, email, password, done) { return authError(done, INVALID_ERR) } + // check that the user has a stored password before proceeding + if (!dbUser.password) { + if ( + (dbUser.account && dbUser.account.authType === "sso") || // root account sso + dbUser.thirdPartyProfile // internal sso + ) { + return authError(done, SSO_NO_PASSWORD) + } + + console.error("Non SSO usser has no password set", dbUser) + return authError(done, EXPIRED) + } + // authenticate if (await compare(password, dbUser.password)) { const sessionId = newid() diff --git a/packages/auth/src/utils.js b/packages/auth/src/utils.js index e1df289d6e..f7ab5d6990 100644 --- a/packages/auth/src/utils.js +++ b/packages/auth/src/utils.js @@ -181,8 +181,8 @@ exports.saveUser = async ( // check budibase users in other tenants if (env.MULTI_TENANCY) { - dbUser = await getTenantUser(email) - if (dbUser != null && dbUser.tenantId !== tenantId) { + const tenantUser = await getTenantUser(email) + if (tenantUser != null && tenantUser.tenantId !== tenantId) { throw `Email address ${email} already in use.` } } diff --git a/packages/bbui/package.json b/packages/bbui/package.json index 14c843fe39..7345c9e95f 100644 --- a/packages/bbui/package.json +++ b/packages/bbui/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/bbui", "description": "A UI solution used in the different Budibase projects.", - "version": "0.9.173-alpha.8", + "version": "0.9.175", "license": "AGPL-3.0", "svelte": "src/index.js", "module": "dist/bbui.es.js", diff --git a/packages/builder/package.json b/packages/builder/package.json index 81ee3271cc..b52addcfae 100644 --- a/packages/builder/package.json +++ b/packages/builder/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/builder", - "version": "0.9.173-alpha.8", + "version": "0.9.175", "license": "AGPL-3.0", "private": true, "scripts": { @@ -65,10 +65,10 @@ } }, "dependencies": { - "@budibase/bbui": "^0.9.173-alpha.8", - "@budibase/client": "^0.9.173-alpha.8", + "@budibase/bbui": "^0.9.175", + "@budibase/client": "^0.9.175", "@budibase/colorpicker": "1.1.2", - "@budibase/string-templates": "^0.9.173-alpha.8", + "@budibase/string-templates": "^0.9.175", "@sentry/browser": "5.19.1", "@spectrum-css/page": "^3.0.1", "@spectrum-css/vars": "^3.0.1", diff --git a/packages/builder/src/pages/builder/auth/login.svelte b/packages/builder/src/pages/builder/auth/login.svelte index 7374678236..5a5a27eb6e 100644 --- a/packages/builder/src/pages/builder/auth/login.svelte +++ b/packages/builder/src/pages/builder/auth/login.svelte @@ -44,7 +44,7 @@ } } catch (err) { console.error(err) - notifications.error("Invalid credentials") + notifications.error(err.message ? err.message : "Invalid Credentials") } } diff --git a/packages/builder/src/stores/portal/auth.js b/packages/builder/src/stores/portal/auth.js index 333226e3ba..134232dd74 100644 --- a/packages/builder/src/stores/portal/auth.js +++ b/packages/builder/src/stores/portal/auth.js @@ -112,7 +112,7 @@ export function createAuthStore() { if (response.status === 200) { setUser(json.user) } else { - throw "Invalid credentials" + throw new Error(json.message ? json.message : "Invalid credentials") } return json }, diff --git a/packages/cli/package.json b/packages/cli/package.json index 980de30f1f..89f081d432 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/cli", - "version": "0.9.173-alpha.8", + "version": "0.9.175", "description": "Budibase CLI, for developers, self hosting and migrations.", "main": "src/index.js", "bin": { diff --git a/packages/client/package.json b/packages/client/package.json index cd69c73682..40bbb9e235 100644 --- a/packages/client/package.json +++ b/packages/client/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/client", - "version": "0.9.173-alpha.8", + "version": "0.9.175", "license": "MPL-2.0", "module": "dist/budibase-client.js", "main": "dist/budibase-client.js", @@ -19,9 +19,9 @@ "dev:builder": "rollup -cw" }, "dependencies": { - "@budibase/bbui": "^0.9.173-alpha.8", + "@budibase/bbui": "^0.9.175", "@budibase/standard-components": "^0.9.139", - "@budibase/string-templates": "^0.9.173-alpha.8", + "@budibase/string-templates": "^0.9.175", "regexparam": "^1.3.0", "shortid": "^2.2.15", "svelte-spa-router": "^3.0.5" diff --git a/packages/server/package.json b/packages/server/package.json index e2a7d74a3d..8551667e93 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/server", "email": "hi@budibase.com", - "version": "0.9.173-alpha.8", + "version": "0.9.175", "description": "Budibase Web Server", "main": "src/index.js", "repository": { @@ -68,9 +68,9 @@ "author": "Budibase", "license": "AGPL-3.0-or-later", "dependencies": { - "@budibase/auth": "^0.9.173-alpha.8", - "@budibase/client": "^0.9.173-alpha.8", - "@budibase/string-templates": "^0.9.173-alpha.8", + "@budibase/auth": "^0.9.175", + "@budibase/client": "^0.9.175", + "@budibase/string-templates": "^0.9.175", "@elastic/elasticsearch": "7.10.0", "@koa/router": "8.0.0", "@sendgrid/mail": "7.1.1", diff --git a/packages/string-templates/package.json b/packages/string-templates/package.json index 883ab195e0..ffd37c8558 100644 --- a/packages/string-templates/package.json +++ b/packages/string-templates/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/string-templates", - "version": "0.9.173-alpha.8", + "version": "0.9.175", "description": "Handlebars wrapper for Budibase templating.", "main": "src/index.cjs", "module": "dist/bundle.mjs", diff --git a/packages/worker/package.json b/packages/worker/package.json index bcea1c8ca2..4f0303b58f 100644 --- a/packages/worker/package.json +++ b/packages/worker/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/worker", "email": "hi@budibase.com", - "version": "0.9.173-alpha.8", + "version": "0.9.175", "description": "Budibase background service", "main": "src/index.js", "repository": { @@ -29,8 +29,8 @@ "author": "Budibase", "license": "AGPL-3.0-or-later", "dependencies": { - "@budibase/auth": "^0.9.173-alpha.8", - "@budibase/string-templates": "^0.9.173-alpha.8", + "@budibase/auth": "^0.9.175", + "@budibase/string-templates": "^0.9.175", "@koa/router": "^8.0.0", "@sentry/node": "^6.0.0", "@techpass/passport-openidconnect": "^0.3.0",