From 53f42209bb59bbf855b12cb8bc502e2c04fbf3b2 Mon Sep 17 00:00:00 2001 From: Pranav C Date: Wed, 7 Feb 2024 12:26:43 +0000 Subject: [PATCH] feat: login with short-lived token --- packages/nc-gui/middleware/auth.global.ts | 40 +++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/packages/nc-gui/middleware/auth.global.ts b/packages/nc-gui/middleware/auth.global.ts index 42b9e4140d..9d37a7f26a 100644 --- a/packages/nc-gui/middleware/auth.global.ts +++ b/packages/nc-gui/middleware/auth.global.ts @@ -51,6 +51,8 @@ export default defineNuxtRouteMiddleware(async (to, from) => { await tryGoogleAuth(api, state.signIn) } + await tryShortTokenAuth(api, state.signIn) + /** if public allow all visitors */ if (to.meta.public) return @@ -155,3 +157,41 @@ async function tryGoogleAuth(api: Api, signIn: Actions['signIn']) { window.location.reload() } } + +/** + * If short-token present, try using it to generate log-living token before navigating to the next page + */ +async function tryShortTokenAuth(api: Api, signIn: Actions['signIn']) { + if (window.location.search && /\bshort-token=/.test(window.location.search)) { + let extraProps: any = {} + try { + // `extra` prop is used in our cloud implementation, so we are keeping it + const { + data: { token, extra }, + } = await api.instance.post( + `/auth/long-lived-token-refresh`, + {}, + { + headers: { + 'x-short-token': window.location.search.split('=')[1], + } as any, + }, + ) + + // if extra prop is null/undefined set it as an empty object as fallback + extraProps = extra || {} + + signIn(token) + } catch (e: any) { + message.error(await extractSdkResponseErrorMsg(e)) + } + + const newURL = window.location.href.split('?')[0] + window.history.pushState( + 'object', + document.title, + `${extraProps?.continueAfterSignIn ? `${newURL}#/?continueAfterSignIn=${extraProps.continueAfterSignIn}` : newURL}`, + ) + window.location.reload() + } +}