chore 🎫: fetch default role from settings
Some checks failed
Release / Release (push) Has been cancelled
Some checks failed
Release / Release (push) Has been cancelled
This commit is contained in:
@@ -54,12 +54,22 @@ const insertUser = async (database: Knex, user: Record<string, string | undefine
|
|||||||
return getUser(database, user.external_identifier, user.provider!);
|
return getUser(database, user.external_identifier, user.provider!);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
const getSettings = async (database: Knex) => {
|
||||||
|
return database
|
||||||
|
.select(
|
||||||
|
"directus_settings.public_registration_role"
|
||||||
|
)
|
||||||
|
.from("directus_settings")
|
||||||
|
.first();
|
||||||
|
};
|
||||||
|
|
||||||
// TODO: optimize this function, reduce the amount of loops
|
// TODO: optimize this function, reduce the amount of loops
|
||||||
export async function getAccountabilityForToken(
|
export async function getAccountabilityForToken(
|
||||||
token: string | null,
|
token: string | null,
|
||||||
iss: string[] | string | undefined,
|
iss: string[] | string | undefined,
|
||||||
accountability: Accountability | null,
|
accountability: Accountability | null,
|
||||||
database: Knex
|
database: Knex,
|
||||||
|
options: { ip: string | null, userAgent?: string }
|
||||||
): Promise<Accountability> {
|
): Promise<Accountability> {
|
||||||
if (accountability == null) {
|
if (accountability == null) {
|
||||||
accountability = {
|
accountability = {
|
||||||
@@ -68,7 +78,8 @@ export async function getAccountabilityForToken(
|
|||||||
admin: false,
|
admin: false,
|
||||||
app: false,
|
app: false,
|
||||||
roles: [],
|
roles: [],
|
||||||
ip: null
|
ip: options.ip,
|
||||||
|
userAgent: options.userAgent
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -104,12 +115,12 @@ export async function getAccountabilityForToken(
|
|||||||
try {
|
try {
|
||||||
let user = await getUser(database, result.sub, provider.name);
|
let user = await getUser(database, result.sub, provider.name);
|
||||||
|
|
||||||
console.debug("User found in database:", user);
|
|
||||||
|
|
||||||
if (!user) {
|
if (!user) {
|
||||||
|
const settings = await getSettings(database);
|
||||||
|
console.debug("Settings for public registration:", settings);
|
||||||
user = await insertUser(database, {
|
user = await insertUser(database, {
|
||||||
id: uuid.v4(),
|
id: uuid.v4(),
|
||||||
role: provider.default_role_id,
|
role: settings.public_registration_role || provider.default_role_id,
|
||||||
provider: provider.name,
|
provider: provider.name,
|
||||||
external_identifier: result.sub
|
external_identifier: result.sub
|
||||||
});
|
});
|
||||||
@@ -117,8 +128,6 @@ export async function getAccountabilityForToken(
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (user) {
|
if (user) {
|
||||||
// return accountability;
|
|
||||||
|
|
||||||
accountability.user = user.id;
|
accountability.user = user.id;
|
||||||
accountability.role = user.role;
|
accountability.role = user.role;
|
||||||
accountability.admin =
|
accountability.admin =
|
||||||
|
|||||||
16
src/index.ts
16
src/index.ts
@@ -5,10 +5,7 @@ import jwt from "jsonwebtoken";
|
|||||||
import type { Accountability, EventContext } from "@directus/types";
|
import type { Accountability, EventContext } from "@directus/types";
|
||||||
|
|
||||||
export default defineHook(({ filter }) => {
|
export default defineHook(({ filter }) => {
|
||||||
|
|
||||||
// get all configuration
|
|
||||||
filter("authenticate", (defaultAccountability: Accountability, event, context: EventContext) => {
|
filter("authenticate", (defaultAccountability: Accountability, event, context: EventContext) => {
|
||||||
console.log("authenticate hook called");
|
|
||||||
const req = <Request>event["req"];
|
const req = <Request>event["req"];
|
||||||
if (!req.token) return defaultAccountability;
|
if (!req.token) return defaultAccountability;
|
||||||
|
|
||||||
@@ -17,20 +14,15 @@ export default defineHook(({ filter }) => {
|
|||||||
}
|
}
|
||||||
|
|
||||||
const decodedToken = jwt.decode(req.token);
|
const decodedToken = jwt.decode(req.token);
|
||||||
console.log("decoded token", decodedToken);
|
|
||||||
|
|
||||||
if (typeof decodedToken === "string" || decodedToken == null) return defaultAccountability; // if token is not a jwt, let directus handle it
|
if (typeof decodedToken === "string" || decodedToken == null) return defaultAccountability; // if token is not a jwt, let directus handle it
|
||||||
if (decodedToken?.iss == "directus") return defaultAccountability; // if token issued by directus, let directus handle it
|
if (decodedToken?.iss == "directus") return defaultAccountability; // if token issued by directus, let directus handle it
|
||||||
|
|
||||||
console.log("getting accountability for token", req.token, decodedToken?.iss, context.accountability, context.database);
|
|
||||||
|
|
||||||
return getAccountabilityForToken(req.token, decodedToken?.iss, context.accountability, context.database);
|
return getAccountabilityForToken(req.token, decodedToken?.iss, context.accountability, context.database, {
|
||||||
|
ip: req.ip || null,
|
||||||
|
userAgent: req.headers["user-agent"]
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
/*filter('auth.jwt', (status, user, provider) => {
|
|
||||||
|
|
||||||
})*/
|
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user