mirror of
https://github.com/gristlabs/grist-core.git
synced 2024-10-27 20:44:07 +00:00
Implement support for webserver header based auth
This commit is contained in:
parent
aa3fe975e7
commit
82a7f0a796
@ -192,6 +192,7 @@ export async function addRequestUser(dbManager: HomeDBManager, permitStore: IPer
|
|||||||
}
|
}
|
||||||
|
|
||||||
mreq.users = getSessionProfiles(session);
|
mreq.users = getSessionProfiles(session);
|
||||||
|
log.info(`mreq.users: ${mreq.users}`);
|
||||||
|
|
||||||
// If we haven't set a maxAge yet, set it now.
|
// If we haven't set a maxAge yet, set it now.
|
||||||
if (session && session.cookie && !session.cookie.maxAge) {
|
if (session && session.cookie && !session.cookie.maxAge) {
|
||||||
@ -232,6 +233,7 @@ export async function addRequestUser(dbManager: HomeDBManager, permitStore: IPer
|
|||||||
}
|
}
|
||||||
|
|
||||||
profile = sessionUser && sessionUser.profile || undefined;
|
profile = sessionUser && sessionUser.profile || undefined;
|
||||||
|
log.info(`profile: ${profile}`);
|
||||||
|
|
||||||
// If we haven't computed a userId yet, check for one using an email address in the profile.
|
// If we haven't computed a userId yet, check for one using an email address in the profile.
|
||||||
// A user record will be created automatically for emails we've never seen before.
|
// A user record will be created automatically for emails we've never seen before.
|
||||||
@ -245,6 +247,28 @@ export async function addRequestUser(dbManager: HomeDBManager, permitStore: IPer
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Try to determine user based on x-remote-user header
|
||||||
|
if (!mreq.userId) {
|
||||||
|
// mreg.headers["x-remote-user"];
|
||||||
|
// log.info(`mreg.headers: ${JSON.stringify(mreq.headers, null, 4)}`);
|
||||||
|
if (mreq.headers && mreq.headers["x-remote-user"]) {
|
||||||
|
const remoteUser = mreq.headers["x-remote-user"].toString();
|
||||||
|
log.info("Authorized user found");
|
||||||
|
profile = {
|
||||||
|
"email": remoteUser,
|
||||||
|
"name": remoteUser
|
||||||
|
};
|
||||||
|
const user = await dbManager.getUserByLoginWithRetry(remoteUser, profile);
|
||||||
|
if(user) {
|
||||||
|
mreq.user = user;
|
||||||
|
mreq.users = [profile];
|
||||||
|
mreq.userId = user.id;
|
||||||
|
mreq.userIsAuthorized = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
// If no userId has been found yet, fall back on anonymous.
|
// If no userId has been found yet, fall back on anonymous.
|
||||||
if (!mreq.userId) {
|
if (!mreq.userId) {
|
||||||
const anon = dbManager.getAnonymousUser();
|
const anon = dbManager.getAnonymousUser();
|
||||||
|
Loading…
Reference in New Issue
Block a user