github/directus
1
1
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-04-25 03:00:53 -04:00
Code Issues Packages Projects Releases Wiki Activity

Ignore email field in oauth and store email in external_identifier (#9153)

Browse Source 
* Ignore email field in oauth and store email in external_identifier if needed

* Removed unused variable
This commit is contained in:
Aiden Foxx
2021-10-26 16:07:33 +02:00
committed by GitHub
parent 93481302e6
commit 5f9f9cbbdc
2 changed files with 4 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
api/src/auth/drivers/oauth2.ts
View File

@@ -70,8 +70,7 @@ export class OAuth2AuthDriver extends LocalAuthDriver {
const user = await this.knex
.select('id')
.from('directus_users')
.whereRaw('LOWER(??) = ?', ['email', identifier.toLowerCase()])
.orWhereRaw('LOWER(??) = ?', ['external_identifier', identifier.toLowerCase()])
.whereRaw('LOWER(??) = ?', ['external_identifier', identifier.toLowerCase()])
.first();
return user?.id;
@@ -125,13 +124,10 @@ export class OAuth2AuthDriver extends LocalAuthDriver {
throw new InvalidCredentialsException();
}
// If email matches identifier, don't set "external_identifier"
const emailIsIdentifier = email?.toLowerCase() === identifier.toLowerCase();
await this.usersService.createOne({
provider: this.config.provider,
email: email,
external_identifier: !emailIsIdentifier ? identifier : undefined,
external_identifier: identifier,
role: this.config.defaultRoleId,
auth_data: tokenSet.refresh_token && JSON.stringify({ refreshToken: tokenSet.refresh_token }),
});

8
api/src/auth/drivers/openid.ts
View File

@@ -71,8 +71,7 @@ export class OpenIDAuthDriver extends LocalAuthDriver {
const user = await this.knex
.select('id')
.from('directus_users')
.whereRaw('LOWER(??) = ?', ['email', identifier.toLowerCase()])
.orWhereRaw('LOWER(??) = ?', ['external_identifier', identifier.toLowerCase()])
.whereRaw('LOWER(??) = ?', ['external_identifier', identifier.toLowerCase()])
.first();
return user?.id;
@@ -128,15 +127,12 @@ export class OpenIDAuthDriver extends LocalAuthDriver {
throw new InvalidCredentialsException();
}
// If email matches identifier, don't set "external_identifier"
const emailIsIdentifier = email?.toLowerCase() === identifier.toLowerCase();
await this.usersService.createOne({
provider: this.config.provider,
first_name: userInfo.given_name,
last_name: userInfo.family_name,
email: email,
external_identifier: !emailIsIdentifier ? identifier : undefined,
external_identifier: identifier,
role: this.config.defaultRoleId,
auth_data: tokenSet.refresh_token && JSON.stringify({ refreshToken: tokenSet.refresh_token }),
});