MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Cloud SSO flow and auto login on verification

This commit is contained in:
Rory Powell 2021-09-21 18:20:26 +01:00
parent 44002979b0
commit ee2732fd51
2 changed files with 20 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
packages/worker/src/api/controllers/global/users.js
View File

@ -31,7 +31,12 @@ async function allUsers() {
return response.rows.map(row => row.doc) return response.rows.map(row => row.doc)
} }
async function saveUser(user, tenantId, hashPassword = true) { async function saveUser(
user,
tenantId,
hashPassword = true,
requirePassword = true
) {
if (!tenantId) { if (!tenantId) {
throw "No tenancy specified." throw "No tenancy specified."
} }
@ -57,7 +62,7 @@ async function saveUser(user, tenantId, hashPassword = true) {
hashedPassword = hashPassword ? await hash(password) : password hashedPassword = hashPassword ? await hash(password) : password
} else if (dbUser) { } else if (dbUser) {
hashedPassword = dbUser.password hashedPassword = dbUser.password
} else { } else if (requirePassword) {
throw "Password must be specified." throw "Password must be specified."
} }
@ -106,16 +111,21 @@ exports.save = async ctx => {
} }
} }
const parseBooleanParam = param => {
if (param && param == "false") {
return false
} else {
return true
}
}
exports.adminUser = async ctx => { exports.adminUser = async ctx => {
const { email, password, tenantId } = ctx.request.body const { email, password, tenantId } = ctx.request.body
// account portal sends a pre-hashed password - honour param to prevent double hashing // account portal sends a pre-hashed password - honour param to prevent double hashing
let hashPassword = ctx.request.query.hashPassword const hashPassword = parseBooleanParam(ctx.request.query.hashPassword)
if (hashPassword && hashPassword == "false") { // account portal sends no password for SSO users
hashPassword = false const requirePassword = parseBooleanParam(ctx.request.query.requirePassword)
} else {
hashPassword = true
}
if (await doesTenantExist(tenantId)) { if (await doesTenantExist(tenantId)) {
ctx.throw(403, "Organisation already exists.") ctx.throw(403, "Organisation already exists.")
@ -148,7 +158,7 @@ exports.adminUser = async ctx => {
tenantId, tenantId,
} }
try { try {
ctx.body = await saveUser(user, tenantId, hashPassword) ctx.body = await saveUser(user, tenantId, hashPassword, requirePassword)
} catch (err) { } catch (err) {
ctx.throw(err.status || 400, err) ctx.throw(err.status || 400, err)
} }

2
packages/worker/src/api/routes/global/users.js
View File

@ -10,7 +10,7 @@ function buildAdminInitValidation() {
return joiValidator.body( return joiValidator.body(
Joi.object({ Joi.object({
email: Joi.string().required(), email: Joi.string().required(),
password: Joi.string().required(), password: Joi.string(),
tenantId: Joi.string().required(), tenantId: Joi.string().required(),
}) })
.required() .required()