mirror of
https://github.com/gristlabs/grist-core.git
synced 2024-10-27 20:44:07 +00:00
1517dca644
Summary: - Update cookie module, to support modern sameSite settings - Add a new cookie, grist_sid_status with less-sensitive value, to let less-trusted subdomains know if user is signed in - The new cookie is kept in-sync with the session cookie. - For a user signed in once, allow auto-signin is appropriate. - For a user signed in with multiple accounts, show a page to select which account to use. - Move css stylings for rendering users to a separate module. Test Plan: Added a test case with a simulated Discourse page to test redirects and account-selection page. Reviewers: paulfitz Reviewed By: paulfitz Differential Revision: https://phab.getgrist.com/D3047
61 lines
1.9 KiB
TypeScript
61 lines
1.9 KiB
TypeScript
import { UserProfile } from 'app/common/UserAPI';
|
|
import { GristLoginSystem, GristServer } from 'app/server/lib/GristServer';
|
|
import { Request } from 'express';
|
|
|
|
/**
|
|
* Return a login system that supports a single hard-coded user.
|
|
*/
|
|
export async function getMinimalLoginSystem(): Promise<GristLoginSystem> {
|
|
// Login and logout, redirecting immediately back. Signup is treated as login,
|
|
// no nuance here.
|
|
return {
|
|
async getMiddleware(gristServer: GristServer) {
|
|
return {
|
|
async getLoginRedirectUrl(req: Request, url: URL) {
|
|
await setSingleUser(req, gristServer);
|
|
return url.href;
|
|
},
|
|
async getLogoutRedirectUrl(req: Request, url: URL) {
|
|
return url.href;
|
|
},
|
|
async getSignUpRedirectUrl(req: Request, url: URL) {
|
|
await setSingleUser(req, gristServer);
|
|
return url.href;
|
|
},
|
|
async addEndpoints() {
|
|
// If working without a login system, make sure default user exists.
|
|
const dbManager = gristServer.getHomeDBManager();
|
|
const profile = getDefaultProfile();
|
|
const user = await dbManager.getUserByLoginWithRetry(profile.email, profile);
|
|
if (user) {
|
|
// No need to survey this user!
|
|
user.isFirstTimeUser = false;
|
|
await user.save();
|
|
}
|
|
return "no-logins";
|
|
},
|
|
};
|
|
},
|
|
async deleteUser() {
|
|
// nothing to do
|
|
},
|
|
};
|
|
}
|
|
|
|
/**
|
|
* Set the user in the current session to the single hard-coded user.
|
|
*/
|
|
async function setSingleUser(req: Request, gristServer: GristServer) {
|
|
const scopedSession = gristServer.getSessions().getOrCreateSessionFromRequest(req);
|
|
await scopedSession.operateOnScopedSession(req, async (user) => Object.assign(user, {
|
|
profile: getDefaultProfile()
|
|
}));
|
|
}
|
|
|
|
function getDefaultProfile(): UserProfile {
|
|
return {
|
|
email: process.env.GRIST_DEFAULT_EMAIL || 'you@example.com',
|
|
name: 'You',
|
|
};
|
|
}
|