yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-09-25 16:29:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Prevent deactivated user to connect using sso

Browse Source
This commit is contained in:
Convly 2021-02-10 12:14:21 +01:00
parent 9f01afca88
commit e9b9013e4a
1 changed files with 55 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
packages/strapi-admin/ee/controllers/authentication/middlewares.js
View File

@ -26,15 +26,31 @@ const authenticate = async (ctx, next) => {
return ctx.redirect(redirectUrls.error);
}
const { email, firstname, lastname, username } = profile;
const user = await strapi.admin.services.user.findOne({ email });
const user = await strapi.admin.services.user.findOne({ email: profile.email });
const scenario = user ? existingUserScenario : nonExistingUserScenario;
// If a profile exists with this email, login with this user
if (user) {
ctx.state.user = user;
return next();
return scenario(ctx, next)(user || profile, provider);
})(ctx, next);
};
const existingUserScenario = (ctx, next) => async (user, provider) => {
const redirectUrls = utils.getPrefixedRedirectUrls();
if (!user.isActive) {
strapi.eventHub.emit('admin.auth.error', {
error: new Error(`Deactivated user tried to login (${user.id})`),
provider,
});
return ctx.redirect(redirectUrls.error);
}
ctx.state.user = user;
return next();
};
const nonExistingUserScenario = (ctx, next) => async (profile, provider) => {
const { email, firstname, lastname, username } = profile;
const redirectUrls = utils.getPrefixedRedirectUrls();
const adminStore = await utils.getAdminStore();
const { providers } = await adminStore.get({ key: 'auth' });
@ -71,7 +87,6 @@ const authenticate = async (ctx, next) => {
});
return next();
})(ctx, next);
};
const redirectWithAuth = ctx => {