From c65a3a0e36cc0f2f743cfef0bd817b9bee8f73b8 Mon Sep 17 00:00:00 2001 From: Victor Vlasenko Date: Wed, 13 Nov 2019 15:41:20 +0200 Subject: [PATCH 1/2] Fix no session on social logins --- modules/authentication/server-ts/access/AccessModule.ts | 4 ++-- modules/user/server-ts/password/resolvers.js | 2 +- modules/user/server-ts/social/shared.js | 5 ++--- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/modules/authentication/server-ts/access/AccessModule.ts b/modules/authentication/server-ts/access/AccessModule.ts index 65e5b179d9..c4f68f3e34 100644 --- a/modules/authentication/server-ts/access/AccessModule.ts +++ b/modules/authentication/server-ts/access/AccessModule.ts @@ -14,10 +14,10 @@ class AccessModule extends ServerModule { } get grantAccess() { - return async (identity: any, req: Request, passwordHash: string) => { + return async (identity: any, req: Request, identityId: string) => { let result = {}; for (const grant of this.grant) { - result = merge(result, await grant(identity, req, passwordHash)); + result = merge(result, await grant(identity, req, identityId)); } return result; }; diff --git a/modules/user/server-ts/password/resolvers.js b/modules/user/server-ts/password/resolvers.js index e40ef1295b..f3d96edd84 100644 --- a/modules/user/server-ts/password/resolvers.js +++ b/modules/user/server-ts/password/resolvers.js @@ -40,7 +40,7 @@ export default () => ({ const user = await User.getUserByUsernameOrEmail(usernameOrEmail); const errors = await validateUserPassword(user, password, req.t); if (!isEmpty(errors)) throw new UserInputError('Failed valid user password', { errors }); - const tokens = await access.grantAccess(user, req, user.passwordHash); + const tokens = await access.grantAccess(user, req, user.id); return { user, tokens }; }, async register(obj, { input }, { mailer, User, req }) { diff --git a/modules/user/server-ts/social/shared.js b/modules/user/server-ts/social/shared.js index 4de43a9204..fa3bd86670 100644 --- a/modules/user/server-ts/social/shared.js +++ b/modules/user/server-ts/social/shared.js @@ -4,7 +4,7 @@ import User from '../sql'; export async function onAuthenticationSuccess(req, res) { const user = await User.getUserWithPassword(req.user.id); const redirectUrl = req.query.state; - const tokens = await access.grantAccess(user, req, user.passwordHash); + const tokens = await access.grantAccess(user, req, user.id); if (redirectUrl) { res.redirect(redirectUrl + (tokens ? '?data=' + JSON.stringify({ tokens }) : '')); @@ -13,11 +13,10 @@ export async function onAuthenticationSuccess(req, res) { } } -export const registerUser = async ({ id, username, displayName, emails: [{ value }] }) => { +export const registerUser = async ({ username, displayName, emails: [{ value }] }) => { return User.register({ username: username || displayName, email: value, - password: id, isActive: true }); }; From 368de2901851bf16352cd3cf10f97fbff43be624 Mon Sep 17 00:00:00 2001 From: Victor Vlasenko Date: Wed, 13 Nov 2019 15:53:47 +0200 Subject: [PATCH 2/2] Use better refresh salt --- modules/authentication/server-ts/access/AccessModule.ts | 4 ++-- modules/user/server-ts/password/resolvers.js | 2 +- modules/user/server-ts/social/shared.js | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/authentication/server-ts/access/AccessModule.ts b/modules/authentication/server-ts/access/AccessModule.ts index c4f68f3e34..8aff778f70 100644 --- a/modules/authentication/server-ts/access/AccessModule.ts +++ b/modules/authentication/server-ts/access/AccessModule.ts @@ -14,10 +14,10 @@ class AccessModule extends ServerModule { } get grantAccess() { - return async (identity: any, req: Request, identityId: string) => { + return async (identity: any, req: Request, refreshSalt: string) => { let result = {}; for (const grant of this.grant) { - result = merge(result, await grant(identity, req, identityId)); + result = merge(result, await grant(identity, req, refreshSalt)); } return result; }; diff --git a/modules/user/server-ts/password/resolvers.js b/modules/user/server-ts/password/resolvers.js index f3d96edd84..5ddb628352 100644 --- a/modules/user/server-ts/password/resolvers.js +++ b/modules/user/server-ts/password/resolvers.js @@ -40,7 +40,7 @@ export default () => ({ const user = await User.getUserByUsernameOrEmail(usernameOrEmail); const errors = await validateUserPassword(user, password, req.t); if (!isEmpty(errors)) throw new UserInputError('Failed valid user password', { errors }); - const tokens = await access.grantAccess(user, req, user.id); + const tokens = await access.grantAccess(user, req, user.id + (user.passwordHash || '')); return { user, tokens }; }, async register(obj, { input }, { mailer, User, req }) { diff --git a/modules/user/server-ts/social/shared.js b/modules/user/server-ts/social/shared.js index fa3bd86670..d613054fb6 100644 --- a/modules/user/server-ts/social/shared.js +++ b/modules/user/server-ts/social/shared.js @@ -4,7 +4,7 @@ import User from '../sql'; export async function onAuthenticationSuccess(req, res) { const user = await User.getUserWithPassword(req.user.id); const redirectUrl = req.query.state; - const tokens = await access.grantAccess(user, req, user.id); + const tokens = await access.grantAccess(user, req, user.id + (user.passwordHash || '')); if (redirectUrl) { res.redirect(redirectUrl + (tokens ? '?data=' + JSON.stringify({ tokens }) : ''));