2017-09-05 13:24:16 -07:00
|
|
|
import GoTrue from "gotrue-js";
|
2017-01-26 19:23:42 -02:00
|
|
|
import jwtDecode from 'jwt-decode';
|
2017-09-05 13:24:16 -07:00
|
|
|
import {List} from 'immutable';
|
2017-01-26 19:23:42 -02:00
|
|
|
import { get, pick, intersection } from "lodash";
|
2016-12-23 16:59:48 -02:00
|
|
|
import GitHubBackend from "../github/implementation";
|
|
|
|
|
import API from "./API";
|
|
|
|
|
import AuthenticationPage from "./AuthenticationPage";
|
|
|
|
|
|
2017-09-05 13:24:16 -07:00
|
|
|
const localHosts = {
|
|
|
|
|
localhost: true,
|
|
|
|
|
'127.0.0.1': true,
|
|
|
|
|
'0.0.0.0': true
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function getEndpoint(endpoint, netlifySiteURL) {
|
|
|
|
|
if (localHosts[document.location.host] && netlifySiteURL && endpoint.match(/^\/\.netlify\//)) {
|
|
|
|
|
const parts = [netlifySiteURL];
|
|
|
|
|
if (!netlifySiteURL.match(/\/$/)) { parts.push("/"); }
|
|
|
|
|
parts.push(endpoint);
|
|
|
|
|
return parts.join("");
|
|
|
|
|
}
|
|
|
|
|
return endpoint;
|
|
|
|
|
}
|
|
|
|
|
|
2016-12-23 16:59:48 -02:00
|
|
|
export default class NetlifyAuth extends GitHubBackend {
|
|
|
|
|
constructor(config) {
|
|
|
|
|
super(config, true);
|
|
|
|
|
if (config.getIn(["backend", "auth_url"]) == null) { throw new Error("The NetlifyAuth backend needs an \"auth_url\" in the backend configuration."); }
|
|
|
|
|
|
|
|
|
|
if (config.getIn(["backend", "github_proxy_url"]) == null) {
|
|
|
|
|
throw new Error("The NetlifyAuth backend needs an \"github_proxy_url\" in the backend configuration.");
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-05 13:24:16 -07:00
|
|
|
this.accept_roles = (config.getIn(["backend", "accept_roles"]) || new List()).toArray();
|
2017-01-26 19:23:42 -02:00
|
|
|
|
2017-09-05 13:24:16 -07:00
|
|
|
const netlifySiteURL = localStorage.getItem("netlifySiteURL");
|
|
|
|
|
const APIUrl = getEndpoint(config.getIn(["backend", "auth_url"]), netlifySiteURL);
|
|
|
|
|
this.github_proxy_url = getEndpoint(config.getIn(["backend", "github_proxy_url"]), netlifySiteURL);
|
|
|
|
|
this.authClient = new Gotrue({APIUrl});
|
2016-12-23 16:59:48 -02:00
|
|
|
|
|
|
|
|
AuthenticationPage.authClient = this.authClient;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
setUser() {
|
|
|
|
|
const user = this.authClient.currentUser();
|
|
|
|
|
if (!user) return Promise.reject();
|
|
|
|
|
return this.authenticate(user);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
authenticate(user) {
|
2017-01-10 22:23:22 -02:00
|
|
|
this.tokenPromise = user.jwt.bind(user);
|
2017-01-26 19:23:42 -02:00
|
|
|
return this.tokenPromise()
|
|
|
|
|
.then((token) => {
|
|
|
|
|
const userRoles = get(jwtDecode(token), 'app_metadata.roles', []);
|
|
|
|
|
if (intersection(userRoles, this.accept_roles).length > 0) {
|
|
|
|
|
const userData = {
|
|
|
|
|
name: `${ user.user_metadata.firstname } ${ user.user_metadata.lastname }`,
|
|
|
|
|
email: user.email,
|
|
|
|
|
metadata: user.user_metadata,
|
|
|
|
|
};
|
|
|
|
|
this.api = new API({
|
|
|
|
|
api_root: this.github_proxy_url,
|
|
|
|
|
tokenPromise: this.tokenPromise,
|
|
|
|
|
commitAuthor: pick(userData, ["name", "email"]),
|
|
|
|
|
});
|
|
|
|
|
return userData;
|
|
|
|
|
} else {
|
|
|
|
|
throw new Error("User is not authorized");
|
|
|
|
|
}
|
2017-09-05 13:24:16 -07:00
|
|
|
});
|
2017-01-10 22:23:22 -02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
getToken() {
|
|
|
|
|
return this.tokenPromise();
|
2016-12-23 16:59:48 -02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
authComponent() {
|
|
|
|
|
return AuthenticationPage;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
