Return NEEDS_ORG when no org exists
All checks were successful
build-and-deploy / build-deploy (push) Successful in 27s
All checks were successful
build-and-deploy / build-deploy (push) Successful in 27s
This commit is contained in:
androidlover5842
@@ -32,7 +32,12 @@ class Auth(
|
|||||||
request: HttpServletRequest
|
request: HttpServletRequest
|
||||||
): AuthResponse {
|
): AuthResponse {
|
||||||
logger.info("Auth verify hit, principalPresent={}", principal != null)
|
logger.info("Auth verify hit, principalPresent={}", principal != null)
|
||||||
return buildAuthResponse(principal ?: resolvePrincipalFromHeader(request))
|
val resolved = principal ?: resolvePrincipalFromHeader(request)
|
||||||
|
return if (resolved == null) {
|
||||||
|
AuthResponse(status = "NEEDS_ORG")
|
||||||
|
} else {
|
||||||
|
buildAuthResponse(resolved)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/me")
|
@GetMapping("/me")
|
||||||
@@ -40,13 +45,15 @@ class Auth(
|
|||||||
@AuthenticationPrincipal principal: MyPrincipal?,
|
@AuthenticationPrincipal principal: MyPrincipal?,
|
||||||
request: HttpServletRequest
|
request: HttpServletRequest
|
||||||
): AuthResponse {
|
): AuthResponse {
|
||||||
return buildAuthResponse(principal ?: resolvePrincipalFromHeader(request))
|
val resolved = principal ?: resolvePrincipalFromHeader(request)
|
||||||
|
return if (resolved == null) {
|
||||||
|
AuthResponse(status = "NEEDS_ORG")
|
||||||
|
} else {
|
||||||
|
buildAuthResponse(resolved)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private fun buildAuthResponse(principal: MyPrincipal?): AuthResponse {
|
private fun buildAuthResponse(principal: MyPrincipal): AuthResponse {
|
||||||
if (principal == null) {
|
|
||||||
throw ResponseStatusException(HttpStatus.UNAUTHORIZED, "Missing principal")
|
|
||||||
}
|
|
||||||
val user = appUserRepo.findById(principal.userId).orElseThrow {
|
val user = appUserRepo.findById(principal.userId).orElseThrow {
|
||||||
ResponseStatusException(HttpStatus.UNAUTHORIZED, "User not found")
|
ResponseStatusException(HttpStatus.UNAUTHORIZED, "User not found")
|
||||||
}
|
}
|
||||||
@@ -58,6 +65,7 @@ class Auth(
|
|||||||
)
|
)
|
||||||
}
|
}
|
||||||
return AuthResponse(
|
return AuthResponse(
|
||||||
|
status = "OK",
|
||||||
user = UserResponse(
|
user = UserResponse(
|
||||||
id = user.id!!,
|
id = user.id!!,
|
||||||
orgId = user.org.id!!,
|
orgId = user.org.id!!,
|
||||||
@@ -70,7 +78,7 @@ class Auth(
|
|||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
private fun resolvePrincipalFromHeader(request: HttpServletRequest): MyPrincipal {
|
private fun resolvePrincipalFromHeader(request: HttpServletRequest): MyPrincipal? {
|
||||||
val header = request.getHeader("Authorization") ?: throw ResponseStatusException(
|
val header = request.getHeader("Authorization") ?: throw ResponseStatusException(
|
||||||
HttpStatus.UNAUTHORIZED,
|
HttpStatus.UNAUTHORIZED,
|
||||||
"Missing Authorization token"
|
"Missing Authorization token"
|
||||||
@@ -86,25 +94,33 @@ class Auth(
|
|||||||
logger.warn("Auth verify failed: {}", ex.message)
|
logger.warn("Auth verify failed: {}", ex.message)
|
||||||
throw ResponseStatusException(HttpStatus.UNAUTHORIZED, "Invalid token")
|
throw ResponseStatusException(HttpStatus.UNAUTHORIZED, "Invalid token")
|
||||||
}
|
}
|
||||||
val user = appUserRepo.findByFirebaseUid(decoded.uid) ?: run {
|
val user = appUserRepo.findByFirebaseUid(decoded.uid)
|
||||||
|
if (user == null) {
|
||||||
val orgs = organizationRepo.findAll()
|
val orgs = organizationRepo.findAll()
|
||||||
if (orgs.size != 1) {
|
if (orgs.isEmpty()) {
|
||||||
logger.warn("Auth verify user not found for uid={}, orgCount={}", decoded.uid, orgs.size)
|
logger.warn("Auth verify user not found for uid={}, orgCount=0", decoded.uid)
|
||||||
throw ResponseStatusException(HttpStatus.UNAUTHORIZED, "User not found")
|
return null
|
||||||
}
|
}
|
||||||
val org = orgs.first()
|
if (orgs.size == 1) {
|
||||||
val phone = decoded.claims["phone_number"] as? String
|
val org = orgs.first()
|
||||||
val name = decoded.claims["name"] as? String
|
val phone = decoded.claims["phone_number"] as? String
|
||||||
val created = appUserRepo.save(
|
val name = decoded.claims["name"] as? String
|
||||||
com.android.trisolarisserver.models.property.AppUser(
|
val created = appUserRepo.save(
|
||||||
org = org,
|
com.android.trisolarisserver.models.property.AppUser(
|
||||||
firebaseUid = decoded.uid,
|
org = org,
|
||||||
phoneE164 = phone,
|
firebaseUid = decoded.uid,
|
||||||
name = name
|
phoneE164 = phone,
|
||||||
|
name = name
|
||||||
|
)
|
||||||
)
|
)
|
||||||
)
|
logger.warn("Auth verify auto-created user uid={}, userId={}, orgId={}", decoded.uid, created.id, org.id)
|
||||||
logger.warn("Auth verify auto-created user uid={}, userId={}, orgId={}", decoded.uid, created.id, org.id)
|
return MyPrincipal(
|
||||||
created
|
userId = created.id ?: throw ResponseStatusException(HttpStatus.UNAUTHORIZED, "User id missing"),
|
||||||
|
firebaseUid = decoded.uid
|
||||||
|
)
|
||||||
|
}
|
||||||
|
logger.warn("Auth verify user not found for uid={}, orgCount={}", decoded.uid, orgs.size)
|
||||||
|
throw ResponseStatusException(HttpStatus.UNAUTHORIZED, "User not found")
|
||||||
}
|
}
|
||||||
logger.warn("Auth verify resolved uid={}, userId={}", decoded.uid, user.id)
|
logger.warn("Auth verify resolved uid={}, userId={}", decoded.uid, user.id)
|
||||||
return MyPrincipal(
|
return MyPrincipal(
|
||||||
@@ -115,6 +131,7 @@ class Auth(
|
|||||||
}
|
}
|
||||||
|
|
||||||
data class AuthResponse(
|
data class AuthResponse(
|
||||||
val user: UserResponse,
|
val status: String,
|
||||||
val properties: List<PropertyUserResponse>
|
val user: UserResponse? = null,
|
||||||
|
val properties: List<PropertyUserResponse> = emptyList()
|
||||||
)
|
)
|
||||||
|
|||||||
Reference in New Issue
Block a user