Merge branch 'feature/global-user-management' of github.com:Budibase/budibase into feature/global-user-management

packages/client/src/api/auth.js

@@ -13,8 +13,8 @@ export const logIn = async ({ email, password }) => {
     return API.error("Please enter your password")
   }
   return await API.post({
-    url: "/api/authenticate",
+    url: "/api/admin/auth",
-    body: { email, password },
+    body: { username: email, password },
   })
 }
 

packages/client/src/store/auth.js

@@ -19,8 +19,8 @@ const createAuthStore = () => {
 
   // Logs a user in
   const logIn = async ({ email, password }) => {
-    const user = await API.logIn({ email, password })
+    const auth = await API.logIn({ email, password })
-    if (!user.error) {
+    if (auth.success) {
       await fetchUser()
       await initialise()
       goToDefaultRoute()
@@ -30,12 +30,7 @@ const createAuthStore = () => {
   // Logs a user out
   const logOut = async () => {
     store.set(null)
-    const appId = get(builderStore).appId
+    window.document.cookie = `budibase:auth=; budibase:currentapp=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;`
-    if (appId) {
-      for (let environment of ["local", "cloud"]) {
-        window.document.cookie = `budibase:${appId}:${environment}=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;`
-      }
-    }
     await initialise()
     goToDefaultRoute()
   }

packages/server/src/middleware/currentapp.js

@@ -23,8 +23,11 @@ module.exports = async (ctx, next) => {
     roleId = BUILTIN_ROLE_IDS.PUBLIC
   } else if (
     requestAppId != null &&
-    (appCookie == null || requestAppId !== appCookie.appId)
+    (appCookie == null ||
+      requestAppId !== appCookie.appId ||
+      appCookie.roleId === BUILTIN_ROLE_IDS.PUBLIC)
   ) {
+    // Different App ID means cookie needs reset, or if the same public user has logged in
     const globalUser = await getGlobalUsers(ctx, requestAppId, ctx.user.email)
     updateCookie = true
     appId = requestAppId

packages/server/src/utilities/builder/setBuilderToken.js

@@ -1,33 +0,0 @@
-const { BUILTIN_ROLE_IDS } = require("../security/roles")
-const env = require("../../environment")
-const CouchDB = require("../../db")
-const jwt = require("jsonwebtoken")
-const { DocumentTypes, SEPARATOR } = require("../../db/utils")
-const { setCookie } = require("@budibase/auth")
-// const { setCookie, clearCookie } = require("../index")
-// const APP_PREFIX = DocumentTypes.APP + SEPARATOR
-
-module.exports = async (ctx, appId, version) => {
-  // const builderUser = {
-  //   userId: "BUILDER",
-  //   roleId: BUILTIN_ROLE_IDS.BUILDER,
-  //   version,
-  // }
-  // if (env.BUDIBASE_API_KEY) {
-  //   builderUser.apiKey = env.BUDIBASE_API_KEY
-  // }
-  // const token = jwt.sign(builderUser, ctx.config.jwtSecret, {
-  //   expiresIn: "30 days",
-  // })
-
-  // set the builder token
-  // setCookie(ctx, token, "builder")
-  // setCookie(ctx, appId, "currentapp")
-  // need to clear all app tokens or else unable to use the app in the builder
-  // let allDbNames = await CouchDB.allDbs()
-  // allDbNames.map(dbName => {
-  //   if (dbName.startsWith(APP_PREFIX)) {
-  //     clearCookie(ctx, dbName)
-  //   }
-  // })
-}

packages/worker/src/api/controllers/auth.js

@@ -28,7 +28,7 @@ exports.authenticate = async (ctx, next) => {
 }
 
 exports.logout = async ctx => {
-  clearCookie(Cookies.Auth)
+  clearCookie(ctx, Cookies.Auth)
   ctx.body = { success: true }
 }