Merge pull request #316 from Budibase/fix-user-agent
use custom user agent header
This commit is contained in:
commit
b087a65e7e
|
@ -3,7 +3,7 @@ const apiCall = method => async (url, body) => {
|
|||
method: method,
|
||||
headers: {
|
||||
"Content-Type": "application/json",
|
||||
"User-Agent": "Budibase Builder",
|
||||
"x-user-agent": "Budibase Builder",
|
||||
},
|
||||
body: body && JSON.stringify(body),
|
||||
})
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
import { get } from "builderStore/api"
|
||||
|
||||
/**
|
||||
* Fetches the definitions for component library components. This includes
|
||||
* their props and other metadata from components.json.
|
||||
|
@ -6,7 +8,7 @@
|
|||
export const fetchComponentLibDefinitions = async appId => {
|
||||
const LIB_DEFINITION_URL = `/${appId}/components/definitions`
|
||||
try {
|
||||
const libDefinitionResponse = await fetch(LIB_DEFINITION_URL)
|
||||
const libDefinitionResponse = await get(LIB_DEFINITION_URL)
|
||||
return await libDefinitionResponse.json()
|
||||
} catch (err) {
|
||||
console.error(`Error fetching component definitions for ${appId}`, err)
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
}
|
||||
</script>
|
||||
|
||||
{#if panelDefinition.length > 0}
|
||||
{#if panelDefinition && panelDefinition.length > 0}
|
||||
{#each panelDefinition as definition}
|
||||
{#if propExistsOnComponentDef(definition.key)}
|
||||
<PropertyControl
|
||||
|
|
|
@ -317,7 +317,28 @@ export default {
|
|||
icon: "ri-bar-chart-fill",
|
||||
properties: {
|
||||
design: { ...all },
|
||||
settings: [{ label: "Model", key: "model", control: ModelSelect }],
|
||||
settings: [
|
||||
{ label: "Model", key: "model", control: ModelSelect },
|
||||
{
|
||||
label: "Chart Type",
|
||||
key: "type",
|
||||
control: OptionSelect,
|
||||
options: [
|
||||
"column2d",
|
||||
"column3d",
|
||||
"line",
|
||||
"area2d",
|
||||
"bar2d",
|
||||
"bar3d",
|
||||
"pie2d",
|
||||
"pie3d",
|
||||
"doughnut2d",
|
||||
"doughnut3d",
|
||||
"pareto2d",
|
||||
"pareto3d",
|
||||
],
|
||||
},
|
||||
],
|
||||
},
|
||||
children: [],
|
||||
},
|
||||
|
|
|
@ -27,6 +27,7 @@ export const bbFactory = ({
|
|||
method: method,
|
||||
headers: {
|
||||
"Content-Type": "application/json",
|
||||
"x-user-agent": "Budibase Builder",
|
||||
},
|
||||
body: body && JSON.stringify(body),
|
||||
})
|
||||
|
|
|
@ -10,12 +10,9 @@ exports.authenticate = async ctx => {
|
|||
if (!username) ctx.throw(400, "Username Required.")
|
||||
if (!password) ctx.throw(400, "Password Required")
|
||||
|
||||
// TODO: Don't use this. It can't be relied on
|
||||
const referer = ctx.request.headers.referer.split("/")
|
||||
const appId = referer[3]
|
||||
|
||||
// find the instance that the user is associated with
|
||||
const db = new CouchDB(ClientDb.name(env.CLIENT_ID))
|
||||
const appId = ctx.params.appId
|
||||
const app = await db.get(appId)
|
||||
const instanceId = app.userInstanceMap[username]
|
||||
|
||||
|
|
|
@ -3,6 +3,6 @@ const controller = require("../controllers/auth")
|
|||
|
||||
const router = Router()
|
||||
|
||||
router.post("/api/authenticate", controller.authenticate)
|
||||
router.post("/:appId/api/authenticate", controller.authenticate)
|
||||
|
||||
module.exports = router
|
||||
|
|
|
@ -22,7 +22,7 @@ exports.supertest = async () => {
|
|||
exports.defaultHeaders = {
|
||||
Accept: "application/json",
|
||||
Cookie: ["builder:token=test-admin-secret"],
|
||||
"user-agent": "Budibase Builder",
|
||||
"x-user-agent": "Budibase Builder",
|
||||
}
|
||||
|
||||
exports.createModel = async (request, instanceId, model) => {
|
||||
|
@ -176,8 +176,7 @@ const createUserWithPermissions = async (
|
|||
const designDoc = await db.get("_design/database")
|
||||
|
||||
const loginResult = await request
|
||||
.post(`/api/authenticate`)
|
||||
.set("Referer", `http://localhost:4001/${designDoc.metadata.applicationId}`)
|
||||
.post(`/${designDoc.metadata.applicationId}/api/authenticate`)
|
||||
.send({ username, password })
|
||||
|
||||
// returning necessary request headers
|
||||
|
|
|
@ -15,19 +15,16 @@ module.exports = async (ctx, next) => {
|
|||
|
||||
const appToken = ctx.cookies.get("budibase:token")
|
||||
const builderToken = ctx.cookies.get("builder:token")
|
||||
const isBuilderAgent = ctx.headers["user-agent"] === "Budibase Builder"
|
||||
const isBuilderAgent = ctx.headers["x-user-agent"] === "Budibase Builder"
|
||||
|
||||
// all admin api access should auth with buildertoken and 'Budibase Builder user agent
|
||||
const shouldAuthAsBuilder = isBuilderAgent && builderToken
|
||||
|
||||
if (shouldAuthAsBuilder) {
|
||||
if (builderToken === env.ADMIN_SECRET) {
|
||||
ctx.isAuthenticated = true
|
||||
ctx.isBuilder = true
|
||||
} else {
|
||||
ctx.isAuthenticated = false
|
||||
ctx.isBuilder = false
|
||||
}
|
||||
const builderTokenValid = builderToken === env.ADMIN_SECRET
|
||||
|
||||
ctx.isAuthenticated = builderTokenValid
|
||||
ctx.isBuilder = builderTokenValid
|
||||
|
||||
await next()
|
||||
return
|
||||
|
|
Loading…
Reference in New Issue