Merge pull request #4261 from Budibase/fix/csrf-post-login
Fix CSRF token not present using local auth
This commit is contained in:
commit
fc05cd240e
|
@ -61,7 +61,7 @@
|
||||||
await auth.setInitInfo({ init_template: $params["?template"] })
|
await auth.setInitInfo({ init_template: $params["?template"] })
|
||||||
}
|
}
|
||||||
|
|
||||||
await auth.checkAuth()
|
await auth.getSelf()
|
||||||
await admin.init()
|
await admin.init()
|
||||||
|
|
||||||
if (useAccountPortal && multiTenancyEnabled) {
|
if (useAccountPortal && multiTenancyEnabled) {
|
||||||
|
|
|
@ -31,7 +31,7 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
onMount(async () => {
|
onMount(async () => {
|
||||||
await auth.checkAuth()
|
await auth.getSelf()
|
||||||
await organisation.init()
|
await organisation.init()
|
||||||
})
|
})
|
||||||
</script>
|
</script>
|
||||||
|
|
|
@ -108,11 +108,7 @@ export function createAuthStore() {
|
||||||
return json
|
return json
|
||||||
}
|
}
|
||||||
|
|
||||||
return {
|
const actions = {
|
||||||
subscribe: store.subscribe,
|
|
||||||
setOrganisation,
|
|
||||||
getInitInfo,
|
|
||||||
setInitInfo,
|
|
||||||
checkQueryString: async () => {
|
checkQueryString: async () => {
|
||||||
const urlParams = new URLSearchParams(window.location.search)
|
const urlParams = new URLSearchParams(window.location.search)
|
||||||
if (urlParams.has("tenantId")) {
|
if (urlParams.has("tenantId")) {
|
||||||
|
@ -123,7 +119,7 @@ export function createAuthStore() {
|
||||||
setOrg: async tenantId => {
|
setOrg: async tenantId => {
|
||||||
await setOrganisation(tenantId)
|
await setOrganisation(tenantId)
|
||||||
},
|
},
|
||||||
checkAuth: async () => {
|
getSelf: async () => {
|
||||||
const response = await api.get("/api/global/users/self")
|
const response = await api.get("/api/global/users/self")
|
||||||
if (response.status !== 200) {
|
if (response.status !== 200) {
|
||||||
setUser(null)
|
setUser(null)
|
||||||
|
@ -138,13 +134,12 @@ export function createAuthStore() {
|
||||||
`/api/global/auth/${tenantId}/login`,
|
`/api/global/auth/${tenantId}/login`,
|
||||||
creds
|
creds
|
||||||
)
|
)
|
||||||
const json = await response.json()
|
|
||||||
if (response.status === 200) {
|
if (response.status === 200) {
|
||||||
setUser(json.user)
|
await actions.getSelf()
|
||||||
} else {
|
} else {
|
||||||
|
const json = await response.json()
|
||||||
throw new Error(json.message ? json.message : "Invalid credentials")
|
throw new Error(json.message ? json.message : "Invalid credentials")
|
||||||
}
|
}
|
||||||
return json
|
|
||||||
},
|
},
|
||||||
logout: async () => {
|
logout: async () => {
|
||||||
const response = await api.post(`/api/global/auth/logout`)
|
const response = await api.post(`/api/global/auth/logout`)
|
||||||
|
@ -197,6 +192,14 @@ export function createAuthStore() {
|
||||||
await response.json()
|
await response.json()
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return {
|
||||||
|
subscribe: store.subscribe,
|
||||||
|
setOrganisation,
|
||||||
|
getInitInfo,
|
||||||
|
setInitInfo,
|
||||||
|
...actions,
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
export const auth = createAuthStore()
|
export const auth = createAuthStore()
|
||||||
|
|
|
@ -74,10 +74,7 @@ async function authInternal(ctx, user, err = null, info = null) {
|
||||||
exports.authenticate = async (ctx, next) => {
|
exports.authenticate = async (ctx, next) => {
|
||||||
return passport.authenticate("local", async (err, user, info) => {
|
return passport.authenticate("local", async (err, user, info) => {
|
||||||
await authInternal(ctx, user, err, info)
|
await authInternal(ctx, user, err, info)
|
||||||
|
ctx.status = 200
|
||||||
delete user.token
|
|
||||||
|
|
||||||
ctx.body = { user }
|
|
||||||
})(ctx, next)
|
})(ctx, next)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue