ian/directus-extension-external-jwt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore 🎫: fetch default role from settings
Some checks failed
Release / Release (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Ian Kibet
2025-06-01 15:35:06 +03:00
parent 0f12c3b140
commit 7d5abe7ac1
2 changed files with 20 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/external-jwt/get-accountability-for-token.ts
View File

@@ -54,12 +54,22 @@ const insertUser = async (database: Knex, user: Record<string, string | undefine
return getUser(database, user.external_identifier, user.provider!);
};
const getSettings = async (database: Knex) => {
return database
.select(
"directus_settings.public_registration_role"
)
.from("directus_settings")
.first();
};
// TODO: optimize this function, reduce the amount of loops
export async function getAccountabilityForToken(
token: string | null,
iss: string[] | string | undefined,
accountability: Accountability | null,
database: Knex
database: Knex,
options: { ip: string | null, userAgent?: string }
): Promise<Accountability> {
if (accountability == null) {
accountability = {
@@ -68,7 +78,8 @@ export async function getAccountabilityForToken(
admin: false,
app: false,
roles: [],
ip: null
ip: options.ip,
userAgent: options.userAgent
};
}
@@ -104,12 +115,12 @@ export async function getAccountabilityForToken(
try {
let user = await getUser(database, result.sub, provider.name);
console.debug("User found in database:", user);
if (!user) {
const settings = await getSettings(database);
console.debug("Settings for public registration:", settings);
user = await insertUser(database, {
id: uuid.v4(),
role: provider.default_role_id,
role: settings.public_registration_role || provider.default_role_id,
provider: provider.name,
external_identifier: result.sub
});
@@ -117,8 +128,6 @@ export async function getAccountabilityForToken(
}
if (user) {
// return accountability;
accountability.user = user.id;
accountability.role = user.role;
accountability.admin =

16
src/index.ts
View File

@@ -5,10 +5,7 @@ import jwt from "jsonwebtoken";
import type { Accountability, EventContext } from "@directus/types";
export default defineHook(({ filter }) => {
// get all configuration
filter("authenticate", (defaultAccountability: Accountability, event, context: EventContext) => {
console.log("authenticate hook called");
const req = <Request>event["req"];
if (!req.token) return defaultAccountability;
@@ -17,20 +14,15 @@ export default defineHook(({ filter }) => {
}
const decodedToken = jwt.decode(req.token);
console.log("decoded token", decodedToken);
if (typeof decodedToken === "string" || decodedToken == null) return defaultAccountability; // if token is not a jwt, let directus handle it
if (decodedToken?.iss == "directus") return defaultAccountability; // if token issued by directus, let directus handle it
console.log("getting accountability for token", req.token, decodedToken?.iss, context.accountability, context.database);
return getAccountabilityForToken(req.token, decodedToken?.iss, context.accountability, context.database);
return getAccountabilityForToken(req.token, decodedToken?.iss, context.accountability, context.database, {
ip: req.ip || null,
userAgent: req.headers["user-agent"]
});
});
/*filter('auth.jwt', (status, user, provider) => {
})*/
});