(core) Add authSubject and authProvider to sessions

Summary: This also updates Authorizer to link the authSubject to Grist users if not previously linked. Linked subjects are now used as the username for password-based logins, instead of emails, which remain as a fallback. Test Plan: Existing tests, and tested login flows manually. Reviewers: paulfitz Reviewed By: paulfitz Differential Revision: https://phab.getgrist.com/D3356
2026-03-02 04:09:24 +00:00 · 2022-04-11 11:08:44 -07:00
parent 14f7e30e6f
commit 859c593448
9 changed files with 56 additions and 29 deletions
--- a/app/server/lib/requestUtils.ts
+++ b/app/server/lib/requestUtils.ts
@@ -21,6 +21,7 @@ export const TEST_HTTPS_OFFSET = process.env.GRIST_TEST_HTTPS_OFFSET ?
 const INTERNAL_FIELDS = new Set([
  'apiKey', 'billingAccountId', 'firstLoginAt', 'filteredOut', 'ownerId', 'gracePeriodStart', 'stripeCustomerId',
  'stripeSubscriptionId', 'stripePlanId', 'stripeProductId', 'userId', 'isFirstTimeUser', 'allowGoogleLogin',
+  'authSubject',
 ]);

 /**