mirror of
https://github.com/ClusterCockpit/cc-backend
synced 2024-12-26 13:29:05 +01:00
feat: add updateUserOnLogin config option for oidc, jwt
This commit is contained in:
parent
934d1a6114
commit
01102cb9b0
@ -143,19 +143,36 @@ func GetAuthInstance() *Authentication {
|
|||||||
return authInstance
|
return authInstance
|
||||||
}
|
}
|
||||||
|
|
||||||
func persistUser(user *schema.User) {
|
func handleTokenUser(tokenUser *schema.User) {
|
||||||
r := repository.GetUserRepository()
|
r := repository.GetUserRepository()
|
||||||
dbUser, err := r.GetUser(user.Username)
|
dbUser, err := r.GetUser(tokenUser.Username)
|
||||||
|
|
||||||
if err != nil && err != sql.ErrNoRows {
|
if err != nil && err != sql.ErrNoRows {
|
||||||
log.Errorf("Error while loading user '%s': %v", user.Username, err)
|
log.Errorf("Error while loading user '%s': %v", tokenUser.Username, err)
|
||||||
} else if err == sql.ErrNoRows { // Adds New User
|
} else if err == sql.ErrNoRows && config.Keys.JwtConfig.SyncUserOnLogin { // Adds New User
|
||||||
if err := r.AddUser(user); err != nil {
|
if err := r.AddUser(tokenUser); err != nil {
|
||||||
log.Errorf("Error while adding user '%s' to DB: %v", user.Username, err)
|
log.Errorf("Error while adding user '%s' to DB: %v", tokenUser.Username, err)
|
||||||
}
|
}
|
||||||
} else { // Update Existing
|
} else if err == nil && config.Keys.JwtConfig.UpdateUserOnLogin { // Update Existing User
|
||||||
if err := r.UpdateUser(dbUser, user); err != nil {
|
if err := r.UpdateUser(dbUser, tokenUser); err != nil {
|
||||||
log.Errorf("Error while updating user '%s' to DB: %v", user.Username, err)
|
log.Errorf("Error while updating user '%s' to DB: %v", dbUser.Username, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func handleOIDCUser(OIDCUser *schema.User) {
|
||||||
|
r := repository.GetUserRepository()
|
||||||
|
dbUser, err := r.GetUser(OIDCUser.Username)
|
||||||
|
|
||||||
|
if err != nil && err != sql.ErrNoRows {
|
||||||
|
log.Errorf("Error while loading user '%s': %v", OIDCUser.Username, err)
|
||||||
|
} else if err == sql.ErrNoRows && config.Keys.OpenIDConfig.SyncUserOnLogin { // Adds New User
|
||||||
|
if err := r.AddUser(OIDCUser); err != nil {
|
||||||
|
log.Errorf("Error while adding user '%s' to DB: %v", OIDCUser.Username, err)
|
||||||
|
}
|
||||||
|
} else if err == nil && config.Keys.OpenIDConfig.UpdateUserOnLogin { // Update Existing User
|
||||||
|
if err := r.UpdateUser(dbUser, OIDCUser); err != nil {
|
||||||
|
log.Errorf("Error while updating user '%s' to DB: %v", dbUser.Username, err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -198,8 +198,8 @@ func (ja *JWTCookieSessionAuthenticator) Login(
|
|||||||
AuthSource: schema.AuthViaToken,
|
AuthSource: schema.AuthViaToken,
|
||||||
}
|
}
|
||||||
|
|
||||||
if jc.SyncUserOnLogin {
|
if jc.SyncUserOnLogin || jc.UpdateUserOnLogin {
|
||||||
persistUser(user)
|
handleTokenUser(user)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -138,8 +138,8 @@ func (ja *JWTSessionAuthenticator) Login(
|
|||||||
AuthSource: schema.AuthViaToken,
|
AuthSource: schema.AuthViaToken,
|
||||||
}
|
}
|
||||||
|
|
||||||
if config.Keys.JwtConfig.SyncUserOnLogin {
|
if config.Keys.JwtConfig.SyncUserOnLogin || config.Keys.JwtConfig.UpdateUserOnLogin {
|
||||||
persistUser(user)
|
handleTokenUser(user)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -168,8 +168,8 @@ func (oa *OIDC) OAuth2Callback(rw http.ResponseWriter, r *http.Request) {
|
|||||||
AuthSource: schema.AuthViaOIDC,
|
AuthSource: schema.AuthViaOIDC,
|
||||||
}
|
}
|
||||||
|
|
||||||
if config.Keys.OpenIDConfig.SyncUserOnLogin {
|
if config.Keys.OpenIDConfig.SyncUserOnLogin || config.Keys.OpenIDConfig.UpdateUserOnLogin {
|
||||||
persistUser(user)
|
handleOIDCUser(user)
|
||||||
}
|
}
|
||||||
|
|
||||||
oa.authentication.SaveSession(rw, r, user)
|
oa.authentication.SaveSession(rw, r, user)
|
||||||
|
@ -26,6 +26,7 @@ type LdapConfig struct {
|
|||||||
type OpenIDConfig struct {
|
type OpenIDConfig struct {
|
||||||
Provider string `json:"provider"`
|
Provider string `json:"provider"`
|
||||||
SyncUserOnLogin bool `json:"syncUserOnLogin"`
|
SyncUserOnLogin bool `json:"syncUserOnLogin"`
|
||||||
|
UpdateUserOnLogin bool `json:"updateUserOnLogin"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type JWTAuthConfig struct {
|
type JWTAuthConfig struct {
|
||||||
@ -45,6 +46,9 @@ type JWTAuthConfig struct {
|
|||||||
|
|
||||||
// Should an non-existent user be added to the DB based on the information in the token
|
// Should an non-existent user be added to the DB based on the information in the token
|
||||||
SyncUserOnLogin bool `json:"syncUserOnLogin"`
|
SyncUserOnLogin bool `json:"syncUserOnLogin"`
|
||||||
|
|
||||||
|
// Should an existent user be updated in the DB based on the information in the token
|
||||||
|
UpdateUserOnLogin bool `json:"updateUserOnLogin"`
|
||||||
}
|
}
|
||||||
|
|
||||||
type IntRange struct {
|
type IntRange struct {
|
||||||
|
Loading…
Reference in New Issue
Block a user