From d72a6dc8dfb74cea9d41f8abdb75ce95795814c3 Mon Sep 17 00:00:00 2001 From: Martin McKeaveney Date: Tue, 13 Apr 2021 13:26:13 +0100 Subject: [PATCH] currentapp being set correctly for user --- packages/auth/src/db/utils.js | 3 + packages/auth/src/middleware/authenticated.js | 2 +- packages/builder/src/stores/backend/auth.js | 9 ++- .../server/src/middleware/authenticated.js | 73 ------------------- packages/server/src/middleware/currentapp.js | 12 +-- .../middleware/tests/authenticated.spec.js | 2 +- .../src/utilities/builder/setBuilderToken.js | 2 +- .../server/src/utilities/workerRequests.js | 2 +- 8 files changed, 16 insertions(+), 89 deletions(-) delete mode 100644 packages/server/src/middleware/authenticated.js diff --git a/packages/auth/src/db/utils.js b/packages/auth/src/db/utils.js index b928d809f9..043987fcc4 100644 --- a/packages/auth/src/db/utils.js +++ b/packages/auth/src/db/utils.js @@ -6,6 +6,7 @@ exports.StaticDatabases = { const DocumentTypes = { USER: "us", + APP: "app", } exports.DocumentTypes = DocumentTypes @@ -13,6 +14,8 @@ exports.DocumentTypes = DocumentTypes const UNICODE_MAX = "\ufff0" const SEPARATOR = "_" +exports.SEPARATOR = SEPARATOR + /** * Generates a new user ID based on the passed in email. * @param {string} email The email which the ID is going to be built up of. diff --git a/packages/auth/src/middleware/authenticated.js b/packages/auth/src/middleware/authenticated.js index 2fdf4baf6c..af2c7d5575 100644 --- a/packages/auth/src/middleware/authenticated.js +++ b/packages/auth/src/middleware/authenticated.js @@ -16,6 +16,6 @@ module.exports = async (ctx, next) => { await next() } catch (err) { - ctx.throw(err.status || 403, err.text) + ctx.throw(err.status || 403, err) } } diff --git a/packages/builder/src/stores/backend/auth.js b/packages/builder/src/stores/backend/auth.js index b6a39dc0af..d0a92237b7 100644 --- a/packages/builder/src/stores/backend/auth.js +++ b/packages/builder/src/stores/backend/auth.js @@ -3,13 +3,18 @@ import api from "../../builderStore/api" async function checkAuth() { const response = await api.get("/api/self") - return await response.json() + const user = await response.json() + if (response.status === 200) return user + + return null } export function createAuthStore() { const { subscribe, set } = writable({}) - checkAuth().then(user => set({ user })) + checkAuth() + .then(user => set({ user })) + .catch(err => set({ user: null })) return { subscribe, diff --git a/packages/server/src/middleware/authenticated.js b/packages/server/src/middleware/authenticated.js deleted file mode 100644 index 848670d67a..0000000000 --- a/packages/server/src/middleware/authenticated.js +++ /dev/null @@ -1,73 +0,0 @@ -// const jwt = require("jsonwebtoken") -// const STATUS_CODES = require("../utilities/statusCodes") -// const { getRole, getBuiltinRoles } = require("../utilities/security/roles") -// const { AuthTypes } = require("../constants") -// const { -// getAppId, -// getCookieName, -// clearCookie, -// setCookie, -// isClient, -// } = require("../utilities") - -// module.exports = async (ctx, next) => { -// if (ctx.path === "/builder") { -// await next() -// return -// } - -// // do everything we can to make sure the appId is held correctly -// // we hold it in state as a -// let appId = getAppId(ctx) -// const cookieAppId = ctx.cookies.get(getCookieName("currentapp")) -// const builtinRoles = getBuiltinRoles() -// if (appId && cookieAppId !== appId) { -// setCookie(ctx, appId, "currentapp") -// } else if (cookieAppId) { -// appId = cookieAppId -// } -// let token, authType -// if (!isClient(ctx)) { -// token = ctx.cookies.get(getCookieName()) -// authType = AuthTypes.BUILDER -// } - -// if (!token && appId) { -// token = ctx.cookies.get(getCookieName(appId)) -// authType = AuthTypes.APP -// } - -// if (!token) { -// ctx.auth.authenticated = false -// ctx.appId = appId -// ctx.user = { -// role: builtinRoles.PUBLIC, -// } -// await next() -// return -// } - -// try { -// ctx.auth.authenticated = authType -// const jwtPayload = jwt.verify(token, ctx.config.jwtSecret) -// ctx.appId = appId -// ctx.auth.apiKey = jwtPayload.apiKey -// ctx.user = { -// ...jwtPayload, -// role: await getRole(appId, jwtPayload.roleId), -// } -// // appId no longer carried in user, make sure -// delete ctx.user.appId -// } catch (err) { -// console.log(err) -// if (authType === AuthTypes.BUILDER) { -// clearCookie(ctx) -// ctx.status = 200 -// return -// } else { -// ctx.throw(err.status || STATUS_CODES.FORBIDDEN, err.text) -// } -// } - -// await next() -// } diff --git a/packages/server/src/middleware/currentapp.js b/packages/server/src/middleware/currentapp.js index 80522d6ac0..ec330b75ab 100644 --- a/packages/server/src/middleware/currentapp.js +++ b/packages/server/src/middleware/currentapp.js @@ -2,11 +2,6 @@ const { getAppId, setCookie, getCookie, Cookies } = require("@budibase/auth") const { getGlobalUsers } = require("../utilities/workerRequests") const { BUILTIN_ROLE_IDS } = require("../utilities/security/roles") -function CurrentAppCookie(appId, roleId) { - this.appId = appId - this.roleId = roleId -} - function finish(ctx, next, { appId, roleId, cookie = false }) { if (appId) { ctx.appId = appId @@ -15,7 +10,7 @@ function finish(ctx, next, { appId, roleId, cookie = false }) { ctx.roleId = roleId } if (cookie && appId) { - setCookie(ctx, new CurrentAppCookie(appId, roleId), Cookies.CurrentApp) + setCookie(ctx, { appId, roleId }, Cookies.CurrentApp) } return next() } @@ -37,10 +32,7 @@ module.exports = async (ctx, next) => { updateCookie = true appId = requestAppId roleId = BUILTIN_ROLE_IDS.PUBLIC - } else if ( - requestAppId != null && - (appCookie == null || requestAppId === appCookie.appId) - ) { + } else if (requestAppId != null) { const globalUser = await getGlobalUsers(ctx, requestAppId, ctx.user.email) updateCookie = true appId = requestAppId diff --git a/packages/server/src/middleware/tests/authenticated.spec.js b/packages/server/src/middleware/tests/authenticated.spec.js index 94441b7a5e..1e532bd0e7 100644 --- a/packages/server/src/middleware/tests/authenticated.spec.js +++ b/packages/server/src/middleware/tests/authenticated.spec.js @@ -66,7 +66,7 @@ describe("Authenticated middleware", () => { await config.executeMiddleware() expect(config.ctx.cookies.set).toHaveBeenCalledWith( - "budibase:currentapp:local", + "budibase:currentapp", appId, expect.any(Object) ) diff --git a/packages/server/src/utilities/builder/setBuilderToken.js b/packages/server/src/utilities/builder/setBuilderToken.js index c8fc54cd12..663a962582 100644 --- a/packages/server/src/utilities/builder/setBuilderToken.js +++ b/packages/server/src/utilities/builder/setBuilderToken.js @@ -22,7 +22,7 @@ module.exports = async (ctx, appId, version) => { // set the builder token // setCookie(ctx, token, "builder") - setCookie(ctx, appId, "currentapp") + // setCookie(ctx, appId, "currentapp") // need to clear all app tokens or else unable to use the app in the builder // let allDbNames = await CouchDB.allDbs() // allDbNames.map(dbName => { diff --git a/packages/server/src/utilities/workerRequests.js b/packages/server/src/utilities/workerRequests.js index b081762e13..65d013c935 100644 --- a/packages/server/src/utilities/workerRequests.js +++ b/packages/server/src/utilities/workerRequests.js @@ -11,7 +11,7 @@ function getAppRole(appId, user) { if (!user.roleId) { user.roleId = BUILTIN_ROLE_IDS.PUBLIC } - delete user.roles + // delete user.roles return user }