gcg/static-cms
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Better handling of roles and names

Browse Source
This commit is contained in:
Mathias Biilmann Christensen 2017-09-05 16:48:51 -07:00
parent a6b1b3f0a7
commit 1a25b2c6b3
4 changed files with 14 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
example/config.yml
View File

@ -1,6 +1,7 @@
backend: backend:
name: test-repo name: netlify-auth
delay: 0.1 auth_url: "/.netlify/identity"
github_proxy_url: "/.netlify/git/github"
media_folder: "assets/uploads" media_folder: "assets/uploads"

3
example/index.html
View File

@ -78,6 +78,9 @@
} }
} }
</script> </script>
<script type='text/javascript' src='https://d33wubrfki0l68.cloudfront.net/js/1e8330b19f2c7165019dffac65520214da9f0af4/netlify-identity-umd.js'></script>
<script>window.identity = new netlifyIdentity()</script>
</head> </head>
<body> <body>

4
src/backends/netlify-auth/AuthenticationPage.js
View File

@ -66,10 +66,6 @@ export default class AuthenticationPage extends React.Component {
const { errors } = this.state; const { errors } = this.state;
const { error } = this.props; const { error } = this.props;
if (this.identity) {
return <section className={styles.root}></section>;
}
return ( return (
<section className={styles.root}> <section className={styles.root}>
<Card className={styles.card}> <Card className={styles.card}>

12
src/backends/netlify-auth/implementation.js
View File

@ -36,7 +36,7 @@ export default class NetlifyAuth extends GitHubBackend {
const netlifySiteURL = localStorage.getItem("netlifySiteURL"); const netlifySiteURL = localStorage.getItem("netlifySiteURL");
const APIUrl = getEndpoint(config.getIn(["backend", "auth_url"]), netlifySiteURL); const APIUrl = getEndpoint(config.getIn(["backend", "auth_url"]), netlifySiteURL);
this.github_proxy_url = getEndpoint(config.getIn(["backend", "github_proxy_url"]), netlifySiteURL); this.github_proxy_url = getEndpoint(config.getIn(["backend", "github_proxy_url"]), netlifySiteURL);
this.authClient = new Gotrue({APIUrl}); this.authClient = new GoTrue({APIUrl});
AuthenticationPage.authClient = this.authClient; AuthenticationPage.authClient = this.authClient;
} }
@ -51,10 +51,14 @@ export default class NetlifyAuth extends GitHubBackend {
this.tokenPromise = user.jwt.bind(user); this.tokenPromise = user.jwt.bind(user);
return this.tokenPromise() return this.tokenPromise()
.then((token) => { .then((token) => {
let validRole = true;
if (this.accept_roles && this.accept_roles.length > 0) {
validRole = intersection(userRoles, this.accept_roles).length > 0;
}
const userRoles = get(jwtDecode(token), 'app_metadata.roles', []); const userRoles = get(jwtDecode(token), 'app_metadata.roles', []);
if (intersection(userRoles, this.accept_roles).length > 0) { if (validRole) {
const userData = { const userData = {
name: `${ user.user_metadata.firstname } ${ user.user_metadata.lastname }`, name: user.user_metadata.name,
email: user.email, email: user.email,
metadata: user.user_metadata, metadata: user.user_metadata,
}; };
@ -65,7 +69,7 @@ export default class NetlifyAuth extends GitHubBackend {
}); });
return userData; return userData;
} else { } else {
throw new Error("User is not authorized"); throw new Error("You don't have sufficient permissions to access Netlify CMS");
} }
}); });
} }