Archives/gristlabs_grist-core
1
0
Fork 0
mirror of https://github.com/gristlabs/grist-core.git synced 2026-03-02 04:09:24 +00:00
Code Issues Projects Releases Wiki Activity

(core) Add account page option to allow Google login

Browse Source 
Summary:
Enabled by default, the new checkbox is only visible to
users logged in with email/password, and controls whether it is possible
to log in to the same account via a Google account
(with matching email). When disabled, CognitoClient will refuse logins
from Google if a Grist account with the same email exists.

Test Plan:
Server and browser tests for setting flag. Manual tests to verify
Cognito doesn't allow signing in with Google when flag is disabled.

Reviewers: paulfitz

Reviewed By: paulfitz

Differential Revision: https://phab.getgrist.com/D3257
This commit is contained in:
George Gevoian
2022-02-14 13:26:21 -08:00
parent 99f3422217
commit e264094412
8 changed files with 115 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/common/LoginSessionAPI.ts
View File

@@ -11,6 +11,7 @@ export interface UserProfile {
// have been validated against database.
export interface FullUser extends UserProfile {
id: number;
allowGoogleLogin?: boolean; // when present, specifies whether logging in via Google is possible.
}
export interface LoginSessionAPI {

14
app/common/UserAPI.ts
View File

@@ -131,6 +131,12 @@ export interface Document extends DocumentProperties {
trunkAccess?: roles.Role|null;
}
// Non-core options for a user.
export interface UserOptions {
// Whether signing in with Google is allowed. Defaults to true if unset.
allowGoogleLogin?: boolean;
}
export interface PermissionDelta {
maxInheritedRole?: roles.BasicRole|null;
users?: {
@@ -357,6 +363,7 @@ export interface UserAPI {
getUserProfile(): Promise<FullUser>;
getUserMfaPreferences(): Promise<UserMFAPreferences>;
updateUserName(name: string): Promise<void>;
updateAllowGoogleLogin(allowGoogleLogin: boolean): Promise<void>;
getWorker(key: string): Promise<string>;
getWorkerAPI(key: string): Promise<DocWorkerAPI>;
getBillingAPI(): BillingAPI;
@@ -653,6 +660,13 @@ export class UserAPIImpl extends BaseAPI implements UserAPI {
});
}
public async updateAllowGoogleLogin(allowGoogleLogin: boolean): Promise<void> {
await this.request(`${this._url}/api/profile/allowGoogleLogin`, {
method: 'POST',
body: JSON.stringify({allowGoogleLogin})
});
}
public async getWorker(key: string): Promise<string> {
const json = await this.requestJson(`${this._url}/api/worker/${key}`, {
method: 'GET',