Check password in signinup only when email/password signInUp (#5042)

- disable password check when signInUp from google (sso)
- check password when signInUp with email password
This commit is contained in:
martmull
2024-04-18 17:52:01 +02:00
committed by GitHub
parent e0efa358de
commit 36d4c38c3d
4 changed files with 11 additions and 2 deletions

View File

@ -97,7 +97,10 @@ export class AuthResolver {
@Mutation(() => LoginToken)
async signUp(@Args() signUpInput: SignUpInput): Promise<LoginToken> {
const user = await this.authService.signInUp(signUpInput);
const user = await this.authService.signInUp({
...signUpInput,
fromSSO: false,
});
const loginToken = await this.tokenService.generateLoginToken(user.email);

View File

@ -34,6 +34,7 @@ export class GoogleAuthController {
lastName,
picture,
workspaceInviteHash,
fromSSO: true,
});
const loginToken = await this.tokenService.generateLoginToken(user.email);

View File

@ -87,6 +87,7 @@ export class AuthService {
firstName,
lastName,
picture,
fromSSO,
}: {
email: string;
password?: string;
@ -94,6 +95,7 @@ export class AuthService {
lastName?: string | null;
workspaceInviteHash?: string | null;
picture?: string | null;
fromSSO: boolean;
}) {
return await this.signInUpService.signInUp({
email,
@ -102,6 +104,7 @@ export class AuthService {
lastName,
workspaceInviteHash,
picture,
fromSSO,
});
}

View File

@ -32,6 +32,7 @@ export type SignInUpServiceInput = {
lastName?: string | null;
workspaceInviteHash?: string | null;
picture?: string | null;
fromSSO: boolean;
};
@Injectable()
@ -54,6 +55,7 @@ export class SignInUpService {
firstName,
lastName,
picture,
fromSSO,
}: SignInUpServiceInput) {
if (!firstName) firstName = '';
if (!lastName) lastName = '';
@ -80,7 +82,7 @@ export class SignInUpService {
relations: ['defaultWorkspace'],
});
if (existingUser && existingUser.passwordHash) {
if (existingUser && !fromSSO) {
const isValid = await compareHash(
password || '',
existingUser.passwordHash,