diff --git a/packages/twenty-server/src/engine/core-modules/auth/auth.module.ts b/packages/twenty-server/src/engine/core-modules/auth/auth.module.ts index 8c973c229..f2eb77f6e 100644 --- a/packages/twenty-server/src/engine/core-modules/auth/auth.module.ts +++ b/packages/twenty-server/src/engine/core-modules/auth/auth.module.ts @@ -18,7 +18,7 @@ import { VerifyAuthController } from 'src/engine/core-modules/auth/controllers/v import { TokenService } from 'src/engine/core-modules/auth/services/token.service'; import { GoogleAPIsService } from 'src/engine/core-modules/auth/services/google-apis.service'; import { UserWorkspaceModule } from 'src/engine/core-modules/user-workspace/user-workspace.module'; -import { SignUpService } from 'src/engine/core-modules/auth/services/sign-up.service'; +import { SignInUpService } from 'src/engine/core-modules/auth/services/sign-in-up.service'; import { FeatureFlagEntity } from 'src/engine/core-modules/feature-flag/feature-flag.entity'; import { FileUploadModule } from 'src/engine/core-modules/file/file-upload/file-upload.module'; import { AppTokenService } from 'src/engine/core-modules/app-token/services/app-token.service'; @@ -69,7 +69,7 @@ const jwtModule = JwtModule.registerAsync({ VerifyAuthController, ], providers: [ - SignUpService, + SignInUpService, AuthService, TokenService, JwtAuthStrategy, diff --git a/packages/twenty-server/src/engine/core-modules/auth/auth.resolver.ts b/packages/twenty-server/src/engine/core-modules/auth/auth.resolver.ts index 96126b0e3..610f45cdc 100644 --- a/packages/twenty-server/src/engine/core-modules/auth/auth.resolver.ts +++ b/packages/twenty-server/src/engine/core-modules/auth/auth.resolver.ts @@ -97,7 +97,7 @@ export class AuthResolver { @Mutation(() => LoginToken) async signUp(@Args() signUpInput: SignUpInput): Promise { - const user = await this.authService.signUp(signUpInput); + const user = await this.authService.signInUp(signUpInput); const loginToken = await this.tokenService.generateLoginToken(user.email); diff --git a/packages/twenty-server/src/engine/core-modules/auth/controllers/google-auth.controller.ts b/packages/twenty-server/src/engine/core-modules/auth/controllers/google-auth.controller.ts index d81ba1815..447a65af1 100644 --- a/packages/twenty-server/src/engine/core-modules/auth/controllers/google-auth.controller.ts +++ b/packages/twenty-server/src/engine/core-modules/auth/controllers/google-auth.controller.ts @@ -28,7 +28,7 @@ export class GoogleAuthController { const { firstName, lastName, email, picture, workspaceInviteHash } = req.user; - const user = await this.authService.signUp({ + const user = await this.authService.signInUp({ email, firstName, lastName, diff --git a/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.spec.ts b/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.spec.ts index 4b9bc4da3..b15cdec24 100644 --- a/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.spec.ts +++ b/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.spec.ts @@ -7,7 +7,7 @@ import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity'; import { User } from 'src/engine/core-modules/user/user.entity'; import { EnvironmentService } from 'src/engine/integrations/environment/environment.service'; import { EmailService } from 'src/engine/integrations/email/email.service'; -import { SignUpService } from 'src/engine/core-modules/auth/services/sign-up.service'; +import { SignInUpService } from 'src/engine/core-modules/auth/services/sign-in-up.service'; import { AppToken } from 'src/engine/core-modules/app-token/app-token.entity'; import { AuthService } from './auth.service'; @@ -29,7 +29,7 @@ describe('AuthService', () => { useValue: {}, }, { - provide: SignUpService, + provide: SignInUpService, useValue: {}, }, { diff --git a/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.ts b/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.ts index 0f9b301a2..f2905a6f8 100644 --- a/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.ts +++ b/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.ts @@ -30,7 +30,7 @@ import { UserService } from 'src/engine/core-modules/user/services/user.service' import { EnvironmentService } from 'src/engine/integrations/environment/environment.service'; import { EmailService } from 'src/engine/integrations/email/email.service'; import { UpdatePassword } from 'src/engine/core-modules/auth/dto/update-password.entity'; -import { SignUpService } from 'src/engine/core-modules/auth/services/sign-up.service'; +import { SignInUpService } from 'src/engine/core-modules/auth/services/sign-in-up.service'; import { AuthorizeAppInput } from 'src/engine/core-modules/auth/dto/authorize-app.input'; import { AuthorizeApp } from 'src/engine/core-modules/auth/dto/authorize-app.entity'; import { @@ -51,7 +51,7 @@ export class AuthService { constructor( private readonly tokenService: TokenService, private readonly userService: UserService, - private readonly signUpService: SignUpService, + private readonly signInUpService: SignInUpService, @InjectRepository(Workspace, 'core') private readonly workspaceRepository: Repository, @InjectRepository(User, 'core') @@ -80,7 +80,7 @@ export class AuthService { return user; } - async signUp({ + async signInUp({ email, password, workspaceInviteHash, @@ -95,7 +95,7 @@ export class AuthService { workspaceInviteHash?: string | null; picture?: string | null; }) { - return await this.signUpService.signUp({ + return await this.signInUpService.signInUp({ email, password, firstName, diff --git a/packages/twenty-server/src/engine/core-modules/auth/services/sign-up.service.spec.ts b/packages/twenty-server/src/engine/core-modules/auth/services/sign-in-up.service.spec.ts similarity index 84% rename from packages/twenty-server/src/engine/core-modules/auth/services/sign-up.service.spec.ts rename to packages/twenty-server/src/engine/core-modules/auth/services/sign-in-up.service.spec.ts index f453ce7f6..370bfeee8 100644 --- a/packages/twenty-server/src/engine/core-modules/auth/services/sign-up.service.spec.ts +++ b/packages/twenty-server/src/engine/core-modules/auth/services/sign-in-up.service.spec.ts @@ -5,17 +5,17 @@ import { HttpService } from '@nestjs/axios'; import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity'; import { User } from 'src/engine/core-modules/user/user.entity'; import { EnvironmentService } from 'src/engine/integrations/environment/environment.service'; -import { SignUpService } from 'src/engine/core-modules/auth/services/sign-up.service'; +import { SignInUpService } from 'src/engine/core-modules/auth/services/sign-in-up.service'; import { FileUploadService } from 'src/engine/core-modules/file/file-upload/services/file-upload.service'; import { UserWorkspaceService } from 'src/engine/core-modules/user-workspace/user-workspace.service'; -describe('SignUpService', () => { - let service: SignUpService; +describe('SignInUpService', () => { + let service: SignInUpService; beforeEach(async () => { const module: TestingModule = await Test.createTestingModule({ providers: [ - SignUpService, + SignInUpService, { provide: FileUploadService, useValue: {}, @@ -43,7 +43,7 @@ describe('SignUpService', () => { ], }).compile(); - service = module.get(SignUpService); + service = module.get(SignInUpService); }); it('should be defined', () => { diff --git a/packages/twenty-server/src/engine/core-modules/auth/services/sign-up.service.ts b/packages/twenty-server/src/engine/core-modules/auth/services/sign-in-up.service.ts similarity index 91% rename from packages/twenty-server/src/engine/core-modules/auth/services/sign-up.service.ts rename to packages/twenty-server/src/engine/core-modules/auth/services/sign-in-up.service.ts index 71f0b390c..51f752848 100644 --- a/packages/twenty-server/src/engine/core-modules/auth/services/sign-up.service.ts +++ b/packages/twenty-server/src/engine/core-modules/auth/services/sign-in-up.service.ts @@ -16,6 +16,7 @@ import { assert } from 'src/utils/assert'; import { PASSWORD_REGEX, hashPassword, + compareHash, } from 'src/engine/core-modules/auth/auth.util'; import { User } from 'src/engine/core-modules/user/user.entity'; import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity'; @@ -24,7 +25,7 @@ import { EnvironmentService } from 'src/engine/integrations/environment/environm import { getImageBufferFromUrl } from 'src/utils/image'; import { UserWorkspaceService } from 'src/engine/core-modules/user-workspace/user-workspace.service'; -export type SignUpServiceInput = { +export type SignInUpServiceInput = { email: string; password?: string; firstName?: string | null; @@ -34,7 +35,7 @@ export type SignUpServiceInput = { }; @Injectable() -export class SignUpService { +export class SignInUpService { constructor( private readonly fileUploadService: FileUploadService, @InjectRepository(Workspace, 'core') @@ -46,14 +47,14 @@ export class SignUpService { private readonly environmentService: EnvironmentService, ) {} - async signUp({ + async signInUp({ email, workspaceInviteHash, password, firstName, lastName, picture, - }: SignUpServiceInput) { + }: SignInUpServiceInput) { if (!firstName) firstName = ''; if (!lastName) lastName = ''; @@ -72,17 +73,34 @@ export class SignUpService { if (picture) { imagePath = await this.uploadPicture(picture); } + const existingUser = await this.userRepository.findOne({ + where: { + email: email, + }, + relations: ['defaultWorkspace'], + }); + + if (existingUser && existingUser.passwordHash) { + const isValid = await compareHash( + password || '', + existingUser.passwordHash, + ); + + assert(isValid, 'Wrong password', ForbiddenException); + } if (workspaceInviteHash) { - return await this.signUpOnExistingWorkspace({ + return await this.signInUpOnExistingWorkspace({ email, passwordHash, workspaceInviteHash, firstName, lastName, imagePath, + existingUser, }); - } else { + } + if (!existingUser) { return await this.signUpOnNewWorkspace({ email, passwordHash, @@ -91,15 +109,18 @@ export class SignUpService { imagePath, }); } + + return existingUser; } - private async signUpOnExistingWorkspace({ + private async signInUpOnExistingWorkspace({ email, passwordHash, workspaceInviteHash, firstName, lastName, imagePath, + existingUser, }: { email: string; passwordHash: string | undefined; @@ -107,14 +128,8 @@ export class SignUpService { firstName: string; lastName: string; imagePath: string | undefined; + existingUser: User | null; }) { - const existingUser = await this.userRepository.findOne({ - where: { - email: email, - }, - relations: ['defaultWorkspace'], - }); - const workspace = await this.workspaceRepository.findOneBy({ inviteHash: workspaceInviteHash, }); @@ -181,17 +196,6 @@ export class SignUpService { lastName: string; imagePath: string | undefined; }) { - const existingUser = await this.userRepository.findOne({ - where: { - email: email, - }, - relations: ['defaultWorkspace'], - }); - - if (existingUser) { - assert(!existingUser, 'This user already exists', ForbiddenException); - } - assert( !this.environmentService.get('IS_SIGN_UP_DISABLED'), 'Sign up is disabled',