ensuring public users can log in after being assigned a roleId

This commit is contained in:
Martin McKeaveney 2021-04-13 16:56:45 +01:00
parent 56b4b1583c
commit a68227735c
5 changed files with 10 additions and 45 deletions

View File

@ -13,8 +13,8 @@ export const logIn = async ({ email, password }) => {
return API.error("Please enter your password")
}
return await API.post({
url: "/api/authenticate",
body: { email, password },
url: "/api/admin/auth",
body: { username: email, password },
})
}

View File

@ -19,8 +19,8 @@ const createAuthStore = () => {
// Logs a user in
const logIn = async ({ email, password }) => {
const user = await API.logIn({ email, password })
if (!user.error) {
const auth = await API.logIn({ email, password })
if (auth.success) {
await fetchUser()
await initialise()
goToDefaultRoute()
@ -30,12 +30,7 @@ const createAuthStore = () => {
// Logs a user out
const logOut = async () => {
store.set(null)
const appId = get(builderStore).appId
if (appId) {
for (let environment of ["local", "cloud"]) {
window.document.cookie = `budibase:${appId}:${environment}=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;`
}
}
window.document.cookie = `budibase:auth=; budibase:currentapp=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;`
await initialise()
goToDefaultRoute()
}

View File

@ -23,8 +23,11 @@ module.exports = async (ctx, next) => {
roleId = BUILTIN_ROLE_IDS.PUBLIC
} else if (
requestAppId != null &&
(appCookie == null || requestAppId !== appCookie.appId)
(appCookie == null ||
requestAppId !== appCookie.appId ||
appCookie.roleId === BUILTIN_ROLE_IDS.PUBLIC)
) {
// Different App ID means cookie needs reset, or if the same public user has logged in
const globalUser = await getGlobalUsers(ctx, requestAppId, ctx.user.email)
updateCookie = true
appId = requestAppId

View File

@ -1,33 +0,0 @@
const { BUILTIN_ROLE_IDS } = require("../security/roles")
const env = require("../../environment")
const CouchDB = require("../../db")
const jwt = require("jsonwebtoken")
const { DocumentTypes, SEPARATOR } = require("../../db/utils")
const { setCookie } = require("@budibase/auth")
// const { setCookie, clearCookie } = require("../index")
// const APP_PREFIX = DocumentTypes.APP + SEPARATOR
module.exports = async (ctx, appId, version) => {
// const builderUser = {
// userId: "BUILDER",
// roleId: BUILTIN_ROLE_IDS.BUILDER,
// version,
// }
// if (env.BUDIBASE_API_KEY) {
// builderUser.apiKey = env.BUDIBASE_API_KEY
// }
// const token = jwt.sign(builderUser, ctx.config.jwtSecret, {
// expiresIn: "30 days",
// })
// set the builder token
// setCookie(ctx, token, "builder")
// setCookie(ctx, appId, "currentapp")
// need to clear all app tokens or else unable to use the app in the builder
// let allDbNames = await CouchDB.allDbs()
// allDbNames.map(dbName => {
// if (dbName.startsWith(APP_PREFIX)) {
// clearCookie(ctx, dbName)
// }
// })
}

View File

@ -28,7 +28,7 @@ exports.authenticate = async (ctx, next) => {
}
exports.logout = async ctx => {
clearCookie(Cookies.Auth)
clearCookie(ctx, Cookies.Auth)
ctx.body = { success: true }
}