Merge pull request #4905 from Budibase/fix/public-api-tenancy

Various release fixes (Public API)
This commit is contained in:
Michael Drury 2022-03-14 21:45:46 +00:00 committed by GitHub
commit fd824f70ae
2 changed files with 26 additions and 16 deletions

View File

@ -5,7 +5,7 @@ const { getSession, updateSessionTTL } = require("../security/sessions")
const { buildMatcherRegex, matches } = require("./matchers") const { buildMatcherRegex, matches } = require("./matchers")
const env = require("../environment") const env = require("../environment")
const { SEPARATOR, ViewNames, queryGlobalView } = require("../../db") const { SEPARATOR, ViewNames, queryGlobalView } = require("../../db")
const { getGlobalDB } = require("../tenancy") const { getGlobalDB, doInTenant } = require("../tenancy")
const { decrypt } = require("../security/encryption") const { decrypt } = require("../security/encryption")
function finalise( function finalise(
@ -25,7 +25,8 @@ async function checkApiKey(apiKey, populateUser) {
} }
const decrypted = decrypt(apiKey) const decrypted = decrypt(apiKey)
const tenantId = decrypted.split(SEPARATOR)[0] const tenantId = decrypted.split(SEPARATOR)[0]
const db = getGlobalDB(tenantId) return doInTenant(tenantId, async () => {
const db = getGlobalDB()
// api key is encrypted in the database // api key is encrypted in the database
const userId = await queryGlobalView( const userId = await queryGlobalView(
ViewNames.BY_API_KEY, ViewNames.BY_API_KEY,
@ -35,10 +36,14 @@ async function checkApiKey(apiKey, populateUser) {
db db
) )
if (userId) { if (userId) {
return { valid: true, user: await getUser(userId, tenantId, populateUser) } return {
valid: true,
user: await getUser(userId, tenantId, populateUser),
}
} else { } else {
throw "Invalid API key" throw "Invalid API key"
} }
})
} }
/** /**

View File

@ -85,7 +85,12 @@ exports.setInitInfo = ctx => {
} }
exports.getInitInfo = ctx => { exports.getInitInfo = ctx => {
try {
ctx.body = getCookie(ctx, Cookies.Init) || {} ctx.body = getCookie(ctx, Cookies.Init) || {}
} catch (err) {
clearCookie(ctx, Cookies.Init)
ctx.body = {}
}
} }
/** /**