-
-
Notifications
You must be signed in to change notification settings - Fork 274
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add authenticated session to app server context #3157
Merged
apedroferreira
merged 67 commits into
mui:master
from
apedroferreira:add-user-to-context
Feb 12, 2024
Merged
Changes from 54 commits
Commits
Show all changes
67 commits
Select commit
Hold shift + click to select a range
973aa97
Add universal required email config for authentication
apedroferreira ba2399d
Must have at least 1 verified email in Github
apedroferreira ebcbf55
Merge remote-tracking branch 'upstream/master' into auth-required-email
apedroferreira 08791c6
Address review comments
apedroferreira ef5731b
Merge remote-tracking branch 'upstream/master' into auth-required-email
apedroferreira 39c0f00
Refactor (review comments)
apedroferreira d7fc87c
Small refactor
apedroferreira 07015a0
Load env before imports
apedroferreira f730414
Add spacing to navigation
apedroferreira ebce000
Azure AD auth provider (without role mapping)
apedroferreira 60f031d
Use just size property in icon
apedroferreira f58dcc9
Add role mapping
apedroferreira 43c9af0
Update schemas
apedroferreira 1c06826
Better name
apedroferreira f6fdf95
Fix Azure icon
apedroferreira 761f0ed
Merge remote-tracking branch 'upstream/master' into auth-azure-ad-pro…
apedroferreira 71ea8a7
Disable feature flag
apedroferreira 9cffb6a
Self-review
apedroferreira 8f150de
Merge remote-tracking branch 'upstream/master' into auth-azure-ad-pro…
apedroferreira f550a02
Fix page blocking logic and default page
apedroferreira f725a21
More fixes
apedroferreira 7d921c2
Better signout experience
apedroferreira af6835a
[WIP] Authentication tests
apedroferreira 8bcf78b
Simplify error mesage logic
apedroferreira 4d8fc43
Auth test without restricted domains
apedroferreira 11a6704
Much more better
apedroferreira ec4c161
Add note to try a better way next
apedroferreira e1acc08
Best possible test without creating test users with public credentials
apedroferreira 4efa00f
Small refactor
apedroferreira a1ca40c
Add credentials provider for testing
apedroferreira 488da7d
Fix some scenarios with missing secret and unnecessary requests
apedroferreira 68f9de7
More fixes
apedroferreira 9d6b82a
Fix CSRF bullshit, add test with authentication, sign in, sign out an…
apedroferreira 188ef58
Add roles test
apedroferreira 55b35e7
Update test/integration/auth/basic.spec.ts
apedroferreira 9baabfe
Better function name
apedroferreira ba3b0e3
Forgot this
apedroferreira 74e9cb9
Merge remote-tracking branch 'upstream/master' into auth-tests
apedroferreira 9affd28
Continue merge
apedroferreira e7b2931
Add some refactors from other PR
apedroferreira 27f8e3e
Disable feature flag
apedroferreira 3d7ad43
Fix tests
apedroferreira 833feb7
Update @auth/core
apedroferreira e079ac1
Run install
apedroferreira f799ce5
Lint fixins
apedroferreira d4869b1
Prettier
apedroferreira 6f9c719
Revert @auth/core version
apedroferreira 3b8a69e
Remove all temporary fixtures
apedroferreira 3a3d59e
Remove more unwanted things
apedroferreira 4445f9d
Update @auth/core, fix error message
apedroferreira b587343
Add logged-in user to context
apedroferreira 6dae561
Fix type
apedroferreira 3ebe46a
Remove feature flag changes
apedroferreira ec1d7fe
Merge remote-tracking branch 'upstream/master' into add-user-to-context
apedroferreira f2d4a65
Update docs more, change API a bit
apedroferreira 3e786c9
Non-docs changes
apedroferreira 935fd36
Better type name
apedroferreira bbe2270
Merge remote-tracking branch 'upstream/master' into add-user-to-context
apedroferreira b852709
Fix types
apedroferreira e35837f
Adjust copy
apedroferreira 172d2c3
Use react router, fix Firefox test
apedroferreira 80a5a60
Show ServerContextSession in separate table in docs, rename user to s…
apedroferreira d30af5e
Merge remote-tracking branch 'upstream/master' into add-user-to-context
apedroferreira 6968018
Include user inside session instead
apedroferreira 937e930
Adjustments
apedroferreira 58141ef
Cover session in context in tests
apedroferreira cd1b59c
Merge remote-tracking branch 'upstream/master' into add-user-to-context
apedroferreira File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
import type express from 'express'; | ||
import { JWT, getToken } from '@auth/core/jwt'; | ||
import { adaptRequestFromExpressToFetch } from '@mui/toolpad-utils/httpApiAdapters'; | ||
|
||
export async function getUserToken(req: express.Request): Promise<JWT | null> { | ||
let token = null; | ||
if (process.env.TOOLPAD_AUTH_SECRET) { | ||
const request = adaptRequestFromExpressToFetch(req); | ||
|
||
// @TODO: Library types are wrong as salt should not be required, remove once fixed | ||
// Github discussion: https://github.com/nextauthjs/next-auth/discussions/9133 | ||
// @ts-ignore | ||
token = await getToken({ | ||
req: request, | ||
secret: process.env.TOOLPAD_AUTH_SECRET, | ||
}); | ||
} | ||
|
||
return token; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
export declare module '@auth/core/types' { | ||
interface User { | ||
roles: string[]; | ||
} | ||
} | ||
export declare module '@auth/core/jwt' { | ||
interface JWT { | ||
roles: string[]; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
15 changes: 9 additions & 6 deletions
15
...toolpad-app/src/server/httpApiAdapters.ts → ...ages/toolpad-utils/src/httpApiAdapters.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The interface should also be described here: https://mui.com/toolpad/reference/api/get-context/
Ideally we keep the amount of properties in that object intentionally small.
name
,email
,avatar
,roles
. Let's wait for implementing things until users are asking for it.