Fix auto user creation for OIDC auth

This commit is contained in:
Rory Powell 2022-09-05 09:46:54 +01:00
parent 08b351e6e4
commit bc1586761d
1 changed files with 18 additions and 7 deletions

View File

@ -189,23 +189,34 @@ export const save = async (
const tenantId = tenancy.getTenantId() const tenantId = tenancy.getTenantId()
const db = tenancy.getGlobalDB() const db = tenancy.getGlobalDB()
let { email, _id } = user let { email, _id } = user
if (!email && !_id) {
throw new Error("_id or email is required")
}
let dbUser: User | undefined let dbUser: User | undefined
if (_id) { if (_id) {
// try to get existing user from db // try to get existing user from db
dbUser = (await db.get(_id)) as User try {
if (email && dbUser.email !== email) { dbUser = (await db.get(_id)) as User
throw "Email address cannot be changed" if (email && dbUser.email !== email) {
throw "Email address cannot be changed"
}
email = dbUser.email
} catch (e: any) {
if (e.status === 404) {
// do nothing, save this new user with the id specified - required for SSO auth
} else {
throw e
}
} }
email = dbUser.email }
} else if (email) {
if (!dbUser && email) {
// no id was specified - load from email instead // no id was specified - load from email instead
dbUser = await usersCore.getGlobalUserByEmail(email) dbUser = await usersCore.getGlobalUserByEmail(email)
if (dbUser && dbUser._id !== _id) { if (dbUser && dbUser._id !== _id) {
throw `Unavailable` throw `Unavailable`
} }
} else {
throw new Error("_id or email is required")
} }
await validateUniqueUser(email, tenantId) await validateUniqueUser(email, tenantId)