twentyhq/twenty
1
1
Fork 0
mirror of https://github.com/twentyhq/twenty.git synced 2024-11-23 05:53:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

Make workspaceMemberId optional in JWT for workspaces that are not ACTIVE (#6714)

Browse Source 
WorkspaceMemberId is mandatory in the jwt token generated for a given
user on a given workspace.
However, when a user signs up, it does not have a workspaceMemberId yet.
This commit is contained in:
Charles Bochet 2024-08-22 00:28:19 +02:00 committed by GitHub
parent da4bd73881
commit eab202f107
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 30 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
packages/twenty-server/src/engine/core-modules/auth/services/token.service.ts
View File

@ -38,7 +38,10 @@ import {
import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type'; import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type';
import { JwtWrapperService } from 'src/engine/core-modules/jwt/services/jwt-wrapper.service'; import { JwtWrapperService } from 'src/engine/core-modules/jwt/services/jwt-wrapper.service';
import { User } from 'src/engine/core-modules/user/user.entity'; import { User } from 'src/engine/core-modules/user/user.entity';
import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity'; import {
Workspace,
WorkspaceActivationStatus,
} from 'src/engine/core-modules/workspace/workspace.entity';
import { EmailService } from 'src/engine/integrations/email/email.service'; import { EmailService } from 'src/engine/integrations/email/email.service';
import { EnvironmentService } from 'src/engine/integrations/environment/environment.service'; import { EnvironmentService } from 'src/engine/integrations/environment/environment.service';
import { TwentyORMGlobalManager } from 'src/engine/twenty-orm/twenty-orm-global.manager'; import { TwentyORMGlobalManager } from 'src/engine/twenty-orm/twenty-orm-global.manager';
@ -94,33 +97,39 @@ export class TokenService {
); );
} }
const workspaceIdNonNullable = workspaceId const tokenWorkspaceId = workspaceId ?? user.defaultWorkspace.id;
? workspaceId let tokenWorkspaceMemberId: string | undefined;
: user.defaultWorkspace.id;
const workspaceMemberRepository = if (
await this.twentyORMGlobalManager.getRepositoryForWorkspace<WorkspaceMemberWorkspaceEntity>( user.defaultWorkspace.activationStatus ===
workspaceIdNonNullable, WorkspaceActivationStatus.ACTIVE
'workspaceMember', ) {
); const workspaceMemberRepository =
await this.twentyORMGlobalManager.getRepositoryForWorkspace<WorkspaceMemberWorkspaceEntity>(
tokenWorkspaceId,
'workspaceMember',
);
const workspaceMember = await workspaceMemberRepository.findOne({ const workspaceMember = await workspaceMemberRepository.findOne({
where: { where: {
userId: user.id, userId: user.id,
}, },
}); });
if (!workspaceMember) { if (!workspaceMember) {
throw new AuthException( throw new AuthException(
'User is not a member of the workspace', 'User is not a member of the workspace',
AuthExceptionCode.FORBIDDEN_EXCEPTION, AuthExceptionCode.FORBIDDEN_EXCEPTION,
); );
}
tokenWorkspaceMemberId = workspaceMember.id;
} }
const jwtPayload: JwtPayload = { const jwtPayload: JwtPayload = {
sub: user.id, sub: user.id,
workspaceId: workspaceId ? workspaceId : user.defaultWorkspace.id, workspaceId: workspaceId ? workspaceId : user.defaultWorkspace.id,
workspaceMemberId: workspaceMember.id, workspaceMemberId: tokenWorkspaceMemberId,
}; };
return { return {

2
packages/twenty-server/src/engine/core-modules/auth/strategies/jwt.auth.strategy.ts
View File

@ -20,7 +20,7 @@ import { ApiKeyWorkspaceEntity } from 'src/modules/api-key/standard-objects/api-
export type JwtPayload = { export type JwtPayload = {
sub: string; sub: string;
workspaceId: string; workspaceId: string;
workspaceMemberId: string; workspaceMemberId?: string;
jti?: string; jti?: string;
}; };