admin/twenty
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(auth): enhance SSO handling and workspace auth logic (#9858)

Browse Source 
- Return only SSO providers with an `activate` status
- If only 1 SSO provider is enabled for auth, redirect the user to the
provider login page.
- if only SSO auth is available set the step to SSO selection.

---------

Co-authored-by: Charles Bochet <charles@twenty.com>
This commit is contained in:
Antoine Moreaux
2025-01-29 19:28:21 +01:00
committed by GitHub
parent 85df6ada52
commit 4edeb7f991
12 changed files with 215 additions and 149 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
packages/twenty-front/src/modules/auth/sign-in-up/components/SignInUpWithSSO.tsx
View File

@ -7,6 +7,7 @@ import { workspaceAuthProvidersState } from '@/workspace/states/workspaceAuthPro
import { useTheme } from '@emotion/react';
import { useRecoilValue, useSetRecoilState } from 'recoil';
import { HorizontalSeparator, IconLock, MainButton } from 'twenty-ui';
import { isDefined } from '~/utils/isDefined';
export const SignInUpWithSSO = () => {
const theme = useTheme();
@ -18,7 +19,10 @@ export const SignInUpWithSSO = () => {
const { redirectToSSOLoginPage } = useSSO();
const signInWithSSO = () => {
if (workspaceAuthProviders.sso.length === 1) {
if (
isDefined(workspaceAuthProviders) &&
workspaceAuthProviders.sso.length === 1
) {
return redirectToSSOLoginPage(workspaceAuthProviders.sso[0].id);
}

4
packages/twenty-front/src/modules/auth/sign-in-up/components/SignInUpWorkspaceScopeForm.tsx
View File

@ -26,6 +26,10 @@ export const SignInUpWorkspaceScopeForm = () => {
const { signInUpStep } = useSignInUp(form);
if (!workspaceAuthProviders) {
return null;
}
return (
<>
<StyledContentContainer>

37
packages/twenty-front/src/modules/auth/sign-in-up/components/SignInUpWorkspaceScopeFormEffect.tsx
View File

@ -1,11 +1,15 @@
import { useSSO } from '@/auth/sign-in-up/hooks/useSSO';
import { useSignInUp } from '@/auth/sign-in-up/hooks/useSignInUp';
import { useSignInUpForm } from '@/auth/sign-in-up/hooks/useSignInUpForm';
import { SignInUpStep } from '@/auth/states/signInUpStepState';
import {
SignInUpStep,
signInUpStepState,
} from '@/auth/states/signInUpStepState';
import { isRequestingCaptchaTokenState } from '@/captcha/states/isRequestingCaptchaTokenState';
import { captchaState } from '@/client-config/states/captchaState';
import { workspaceAuthProvidersState } from '@/workspace/states/workspaceAuthProvidersState';
import { useEffect, useState } from 'react';
import { useRecoilValue } from 'recoil';
import { useRecoilValue, useSetRecoilState } from 'recoil';
import { isDefined } from '~/utils/isDefined';
const searchParams = new URLSearchParams(window.location.search);
@ -31,10 +35,32 @@ export const SignInUpWorkspaceScopeFormEffect = () => {
);
const { form } = useSignInUpForm();
const { redirectToSSOLoginPage } = useSSO();
const { signInUpStep, continueWithEmail, continueWithCredentials } =
useSignInUp(form);
const setSignInUpStep = useSetRecoilState(signInUpStepState);
useEffect(() => {
if (!workspaceAuthProviders) {
return;
}
if (workspaceAuthProviders.sso.length > 1) {
return setSignInUpStep(SignInUpStep.SSOIdentityProviderSelection);
}
const hasOnlySSOProvidersEnabled =
!workspaceAuthProviders.google &&
!workspaceAuthProviders.microsoft &&
!workspaceAuthProviders.password;
if (hasOnlySSOProvidersEnabled && workspaceAuthProviders.sso.length === 1) {
redirectToSSOLoginPage(workspaceAuthProviders.sso[0].id);
}
}, [redirectToSSOLoginPage, setSignInUpStep, workspaceAuthProviders]);
useEffect(() => {
if (loadingStatus === LoadingStatus.Done) {
return;
@ -58,6 +84,8 @@ export const SignInUpWorkspaceScopeFormEffect = () => {
}, [captcha?.provider, isRequestingCaptchaToken, loadingStatus]);
useEffect(() => {
if (!workspaceAuthProviders) return;
if (
signInUpStep === SignInUpStep.Init &&
!workspaceAuthProviders.google &&
@ -77,10 +105,7 @@ export const SignInUpWorkspaceScopeFormEffect = () => {
}
}, [
signInUpStep,
workspaceAuthProviders.google,
workspaceAuthProviders.microsoft,
workspaceAuthProviders.sso,
workspaceAuthProviders.password,
workspaceAuthProviders,
continueWithEmail,
continueWithCredentials,
loadingStatus,