Skip to content

Commit

Permalink
fix: signup on auth
Browse files Browse the repository at this point in the history
  • Loading branch information
elrrrrrrr committed Aug 8, 2023
1 parent 3297121 commit 3f0e88b
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 13 deletions.
10 changes: 7 additions & 3 deletions app/core/service/UserService.ts
Original file line number Diff line number Diff line change
Expand Up @@ -106,19 +106,23 @@ export class UserService extends AbstractService {
return { code: LoginResultCode.Success, user, token };
}

async ensureTokenByUser({ name, email, password = crypto.randomUUID(), ip }: Optional<CreateUser, 'password'>) {
async findOrCreateUser({ name, email, ip, password = crypto.randomUUID() }: Optional<CreateUser, 'password'>) {
let user = await this.userRepository.findUserByName(name);
if (!user) {
const createRes = await this.create({
name,
email,
// Authentication via sso
// should use token instead of password
password,
ip,
});
user = createRes.user;
}

return user;
}

async ensureTokenByUser(opts: Optional<CreateUser, 'password'>) {
const user = await this.findOrCreateUser(opts);
const token = await this.createToken(user.userId);
return { user, token };
}
Expand Down
9 changes: 3 additions & 6 deletions app/port/controller/TokenController.ts
Original file line number Diff line number Diff line change
Expand Up @@ -131,15 +131,12 @@ export class TokenController extends AbstractController {
return { objects, total: objects.length, urls: {} };
}

private async ensureWebUser() {
private async ensureWebUser(ip = '') {
const userRes = await this.authAdapter.ensureCurrentUser();
if (!userRes?.name || !userRes?.email) {
throw new ForbiddenError('need login first');
}
const user = await this.userService.findUserByName(userRes.name);
if (!user?.userId) {
throw new ForbiddenError('invalid user info');
}
const user = await this.userService.findOrCreateUser({ name: userRes.name, email: userRes.email, ip });
return user;
}

Expand All @@ -155,7 +152,7 @@ export class TokenController extends AbstractController {
// 3. Need to implement ensureCurrentUser method in AuthAdapter, or pass in this.user
async createGranularToken(@Context() ctx: EggContext, @HTTPBody() tokenOptions: GranularTokenOptions) {
ctx.tValidate(GranularTokenOptionsRule, tokenOptions);
const user = await this.ensureWebUser();
const user = await this.ensureWebUser(ctx.ip);

// 生成 Token
const { name, description, allowedPackages, allowedScopes, cidr_whitelist, automation, readonly, expires } = tokenOptions;
Expand Down
7 changes: 3 additions & 4 deletions test/port/controller/TokenController/createToken.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -135,21 +135,20 @@ describe('test/port/controller/TokenController/createToken.test.ts', () => {
assert.match(res.body.error, /\[FORBIDDEN\] need login first/);
});

it('should 403 when no user info', async () => {
it('should auto create when no user info', async () => {
mock(AuthAdapter.prototype, 'ensureCurrentUser', async () => {
return {
name: 'banana',
email: 'banana@fruits.com',
};
});
const res = await app.httpRequest()
await app.httpRequest()
.post('/-/npm/v1/tokens/gat')
.send({
name: 'banana',
expires: 30,
})
.expect(403);
assert.match(res.body.error, /\[FORBIDDEN\] invalid user info/);
.expect(200);
});

describe('should 200', () => {
Expand Down

0 comments on commit 3f0e88b

Please sign in to comment.