mohiit1502/Automata
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(core): Improve ldap/saml toggle and tests (#5771)

Browse Source 
* improve ldap/saml toggle and tests

* import cleanup

* reject regular login users when saml is enabled

* lint fix
This commit is contained in:
Michael Auerswald
2023-03-24 17:46:06 +01:00
committed by GitHub
parent 30aeeb70b4
commit 47ee357059
9 changed files with 186 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
packages/cli/src/controllers/auth.controller.ts
View File

@@ -19,8 +19,10 @@ import type {
} from '@/Interfaces';
import { handleEmailLogin, handleLdapLogin } from '@/auth';
import type { PostHogClient } from '@/posthog';
import { isSamlCurrentAuthenticationMethod } from '../sso/ssoHelpers';
import { SamlUrls } from '../sso/saml/constants';
import {
isLdapCurrentAuthenticationMethod,
isSamlCurrentAuthenticationMethod,
} from '@/sso/ssoHelpers';
@RestController()
export class AuthController {
@@ -73,19 +75,12 @@ export class AuthController {
if (preliminaryUser?.globalRole?.name === 'owner') {
user = preliminaryUser;
} else {
// TODO:SAML - uncomment this block when we have a way to redirect users to the SSO flow
// if (doRedirectUsersFromLoginToSsoFlow()) {
res.redirect(SamlUrls.restInitSSO);
return;
// return withFeatureFlags(this.postHog, sanitizeUser(preliminaryUser));
// } else {
// throw new AuthError(
// 'Login with username and password is disabled due to SAML being the default authentication method. Please use SAML to log in.',
// );
// }
throw new AuthError('SAML is enabled, please log in with SAML');
}
} else if (isLdapCurrentAuthenticationMethod()) {
user = await handleLdapLogin(email, password);
} else {
user = (await handleLdapLogin(email, password)) ?? (await handleEmailLogin(email, password));
user = await handleEmailLogin(email, password);
}
if (user) {
await issueCookie(res, user);