From 3f0e88b39b6110ac96b1ce09ffc00e32bc034a1b Mon Sep 17 00:00:00 2001 From: elrrrrrrr Date: Tue, 8 Aug 2023 17:39:34 +0800 Subject: [PATCH] fix: signup on auth --- app/core/service/UserService.ts | 10 +++++++--- app/port/controller/TokenController.ts | 9 +++------ .../controller/TokenController/createToken.test.ts | 7 +++---- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/app/core/service/UserService.ts b/app/core/service/UserService.ts index 1d5df151..a6bf8df8 100644 --- a/app/core/service/UserService.ts +++ b/app/core/service/UserService.ts @@ -106,19 +106,23 @@ export class UserService extends AbstractService { return { code: LoginResultCode.Success, user, token }; } - async ensureTokenByUser({ name, email, password = crypto.randomUUID(), ip }: Optional) { + async findOrCreateUser({ name, email, ip, password = crypto.randomUUID() }: Optional) { let user = await this.userRepository.findUserByName(name); if (!user) { const createRes = await this.create({ name, email, - // Authentication via sso - // should use token instead of password password, ip, }); user = createRes.user; } + + return user; + } + + async ensureTokenByUser(opts: Optional) { + const user = await this.findOrCreateUser(opts); const token = await this.createToken(user.userId); return { user, token }; } diff --git a/app/port/controller/TokenController.ts b/app/port/controller/TokenController.ts index 46c65fab..fbbd1b70 100644 --- a/app/port/controller/TokenController.ts +++ b/app/port/controller/TokenController.ts @@ -131,15 +131,12 @@ export class TokenController extends AbstractController { return { objects, total: objects.length, urls: {} }; } - private async ensureWebUser() { + private async ensureWebUser(ip = '') { const userRes = await this.authAdapter.ensureCurrentUser(); if (!userRes?.name || !userRes?.email) { throw new ForbiddenError('need login first'); } - const user = await this.userService.findUserByName(userRes.name); - if (!user?.userId) { - throw new ForbiddenError('invalid user info'); - } + const user = await this.userService.findOrCreateUser({ name: userRes.name, email: userRes.email, ip }); return user; } @@ -155,7 +152,7 @@ export class TokenController extends AbstractController { // 3. Need to implement ensureCurrentUser method in AuthAdapter, or pass in this.user async createGranularToken(@Context() ctx: EggContext, @HTTPBody() tokenOptions: GranularTokenOptions) { ctx.tValidate(GranularTokenOptionsRule, tokenOptions); - const user = await this.ensureWebUser(); + const user = await this.ensureWebUser(ctx.ip); // 生成 Token const { name, description, allowedPackages, allowedScopes, cidr_whitelist, automation, readonly, expires } = tokenOptions; diff --git a/test/port/controller/TokenController/createToken.test.ts b/test/port/controller/TokenController/createToken.test.ts index 44adabc5..f05bcafa 100644 --- a/test/port/controller/TokenController/createToken.test.ts +++ b/test/port/controller/TokenController/createToken.test.ts @@ -135,21 +135,20 @@ describe('test/port/controller/TokenController/createToken.test.ts', () => { assert.match(res.body.error, /\[FORBIDDEN\] need login first/); }); - it('should 403 when no user info', async () => { + it('should auto create when no user info', async () => { mock(AuthAdapter.prototype, 'ensureCurrentUser', async () => { return { name: 'banana', email: 'banana@fruits.com', }; }); - const res = await app.httpRequest() + await app.httpRequest() .post('/-/npm/v1/tokens/gat') .send({ name: 'banana', expires: 30, }) - .expect(403); - assert.match(res.body.error, /\[FORBIDDEN\] invalid user info/); + .expect(200); }); describe('should 200', () => {