Skip to content

Commit

Permalink
Extra logs for auth providers (hcengineering#5840)
Browse files Browse the repository at this point in the history 
Signed-off-by: Denis Bykhov <[email protected]>
  • Loading branch information
@BykhovDenis
BykhovDenis authored Jun 18, 2024
1 parent d1f6a9d commit 279b04f
Show file tree
Hide file tree
Showing 3 changed files with 90 additions and 73 deletions.
5 changes: 4 additions & 1 deletion pods/authProviders/src/github.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ export function registerGithub (

router.get('/auth/github', async (ctx, next) => {
const state = ctx.query?.inviteId
measureCtx.info('try auth via', { provider: 'github' })
passport.authenticate('github', { scope: ['user:email'], session: true, state })(ctx, next)
})

Expand All @@ -45,6 +46,7 @@ export function registerGithub (
try {
const email = ctx.state.user.emails?.[0]?.value ?? `github:${ctx.state.user.username}`
const [first, last] = ctx.state.user.displayName?.split(' ') ?? [ctx.state.user.username, '']
measureCtx.info('Provider auth handler', { email, type: 'github' })
if (email !== undefined) {
if (ctx.query?.state != null) {
const loginInfo = await joinWithProvider(
Expand All @@ -71,11 +73,12 @@ export function registerGithub (
ctx.session.loginInfo = loginInfo
}
}
measureCtx.info('Success auth, redirect', { email, type: 'github' })
// Successful authentication, redirect to your application
ctx.redirect(concatLink(frontUrl, '/login/auth'))
}
} catch (err: any) {
measureCtx.error('failed to auth', err)
measureCtx.error('failed to auth', { err, type: 'github', user: ctx.state?.user })
}
await next()
}
Expand Down
5 changes: 4 additions & 1 deletion pods/authProviders/src/google.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ export function registerGoogle (

router.get('/auth/google', async (ctx, next) => {
const state = ctx.query?.inviteId
measureCtx.info('try auth via', { provider: 'google' })
passport.authenticate('google', { scope: ['profile', 'email'], session: true, state })(ctx, next)
})

Expand All @@ -45,6 +46,7 @@ export function registerGoogle (
const email = ctx.state.user.emails?.[0]?.value
const first = ctx.state.user.name.givenName
const last = ctx.state.user.name.familyName
measureCtx.info('Provider auth handler', { email, type: 'google' })
if (email !== undefined) {
try {
if (ctx.query?.state != null) {
Expand All @@ -69,9 +71,10 @@ export function registerGoogle (
}

// Successful authentication, redirect to your application
measureCtx.info('Success auth, redirect', { email, type: 'google' })
ctx.redirect(concatLink(frontUrl, '/login/auth'))
} catch (err: any) {
measureCtx.error('failed to auth', err)
measureCtx.error('failed to auth', { err, type: 'google', user: ctx.state?.user })
}
}
await next()
Expand Down
153 changes: 82 additions & 71 deletions server/account/src/operations.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2064,35 +2064,61 @@ export async function joinWithProvider (
inviteId: ObjectId,
extra?: Record<string, string>
): Promise<WorkspaceLoginInfo | LoginInfo> {
const email = cleanEmail(_email)
const invite = await getInvite(db, inviteId)
const workspace = await checkInvite(ctx, invite, email)
if (last == null) {
last = ''
}
let account = await getAccount(db, email)
if (account == null && extra !== undefined) {
account = await getAccountByQuery(db, extra)
}
if (account !== null) {
// we should clean password if account is not confirmed
if (account.confirmed === false) {
await updatePassword(db, account, null)
try {
const email = cleanEmail(_email)
const invite = await getInvite(db, inviteId)
const workspace = await checkInvite(ctx, invite, email)
if (last == null) {
last = ''
}
let account = await getAccount(db, email)
if (account == null && extra !== undefined) {
account = await getAccountByQuery(db, extra)
}
if (account !== null) {
// we should clean password if account is not confirmed
if (account.confirmed === false) {
await updatePassword(db, account, null)
}

const token = generateToken(email, getWorkspaceId('', productId), getExtra(account))
const ws = await getWorkspaceById(db, productId, workspace.name)
const token = generateToken(email, getWorkspaceId('', productId), getExtra(account))
const ws = await getWorkspaceById(db, productId, workspace.name)

if (ws?.accounts.includes(account._id) ?? false) {
const result = {
endpoint: getEndpoint(),
email,
token
if (ws?.accounts.includes(account._id) ?? false) {
const result = {
endpoint: getEndpoint(),
email,
token
}
return result
}

const wsRes = await assignWorkspace(
ctx,
db,
productId,
branding,
email,
workspace.name,
invite?.role ?? AccountRole.User,
invite?.personId
)
const result = await selectWorkspace(
ctx,
db,
productId,
branding,
token,
wsRes.workspaceUrl ?? wsRes.workspace,
false
)

await useInvite(db, inviteId)
return result
}

const wsRes = await assignWorkspace(
const newAccount = await createAcc(ctx, db, productId, branding, email, null, first, last, true, extra)
const token = generateToken(email, getWorkspaceId('', productId), getExtra(newAccount))
const ws = await assignWorkspace(
ctx,
db,
productId,
Expand All @@ -2102,37 +2128,16 @@ export async function joinWithProvider (
invite?.role ?? AccountRole.User,
invite?.personId
)
const result = await selectWorkspace(
ctx,
db,
productId,
branding,
token,
wsRes.workspaceUrl ?? wsRes.workspace,
false
)
const result = await selectWorkspace(ctx, db, productId, branding, token, ws.workspaceUrl ?? ws.workspace, false)

await useInvite(db, inviteId)

return result
} catch (err: any) {
Analytics.handleError(err)
ctx.error('joinWithProvider error', { email: _email, ...extra, err })
throw err
}

const newAccount = await createAcc(ctx, db, productId, branding, email, null, first, last, true, extra)
const token = generateToken(email, getWorkspaceId('', productId), getExtra(newAccount))
const ws = await assignWorkspace(
ctx,
db,
productId,
branding,
email,
workspace.name,
invite?.role ?? AccountRole.User,
invite?.personId
)
const result = await selectWorkspace(ctx, db, productId, branding, token, ws.workspaceUrl ?? ws.workspace, false)

await useInvite(db, inviteId)

return result
}

export async function loginWithProvider (
Expand All @@ -2145,34 +2150,40 @@ export async function loginWithProvider (
last: string,
extra?: Record<string, string>
): Promise<LoginInfo> {
const email = cleanEmail(_email)
if (last == null) {
last = ''
}
let account = await getAccount(db, email)
if (account == null && extra !== undefined) {
account = await getAccountByQuery(db, extra)
}
if (account !== null) {
// we should clean password if account is not confirmed
if (account.confirmed === false) {
await updatePassword(db, account, null)
try {
const email = cleanEmail(_email)
if (last == null) {
last = ''
}
let account = await getAccount(db, email)
if (account == null && extra !== undefined) {
account = await getAccountByQuery(db, extra)
}
if (account !== null) {
// we should clean password if account is not confirmed
if (account.confirmed === false) {
await updatePassword(db, account, null)
}
const result = {
endpoint: getEndpoint(),
email,
token: generateToken(email, getWorkspaceId('', productId), getExtra(account))
}
return result
}
const newAccount = await createAcc(ctx, db, productId, branding, email, null, first, last, true, extra)

const result = {
endpoint: getEndpoint(),
email,
token: generateToken(email, getWorkspaceId('', productId), getExtra(account))
token: generateToken(email, getWorkspaceId('', productId), getExtra(newAccount))
}
return result
} catch (err: any) {
Analytics.handleError(err)
ctx.error('loginWithProvider error', { email: _email, ...extra, err })
throw err
}
const newAccount = await createAcc(ctx, db, productId, branding, email, null, first, last, true, extra)

const result = {
endpoint: getEndpoint(),
email,
token: generateToken(email, getWorkspaceId('', productId), getExtra(newAccount))
}
return result
}

/**
Expand Down

0 comments on commit 279b04f

Please sign in to comment.