add isAnonymous to fix auth redirect of public users

prostgles · Dec 22, 2024 · 8fd0bed · 8fd0bed
1 parent fa79417
commit 8fd0bed
Show file tree

Hide file tree

Showing 8 changed files with 32 additions and 24 deletions.
diff --git a/lib/Auth/AuthTypes.ts b/lib/Auth/AuthTypes.ts
@@ -230,6 +230,12 @@ export type SessionUser<
    * id and type values will be available in the prostgles.user session variable in postgres
    * */
   user: ServerUser;
+
+  /**
+   * If true, this is a public/non registered user that can login. Used in UI
+   */
+  isAnonymous?: boolean;
+
   /**
    * Controls which fields from user are available in postgres session variable
    */
@@ -240,14 +246,14 @@ export type SessionUser<
   clientUser: ClientUser;
 };
 
+type AllNeverAndOptional<T> = {
+  [P in keyof T]?: never;
+};
 export type AuthResultWithSID<SU = SessionUser> =
   | (SU & { sid: string })
-  | {
+  | (AllNeverAndOptional<SU> & {
       sid: string | undefined;
-      user?: never;
-      sessionFields?: never;
-      clientUser?: never;
-    };
+    });
 
 export type AuthResult<SU = SessionUser> = SU | undefined;
 export type AuthResultOrError<SU = SessionUser> = AuthFailure["code"] | AuthResult<SU>;

diff --git a/lib/Auth/endpoints/setCatchAllRequestHandler.ts b/lib/Auth/endpoints/setCatchAllRequestHandler.ts
@@ -75,12 +75,12 @@ export function setCatchAllRequestHandler(this: AuthHandler, app: e.Express) {
         return;
 
         /** If Logged in and requesting login then redirect to main page */
-      } else if (
-        this.matchesRoute(AUTH_ROUTES_AND_PARAMS.login, req.path) &&
-        (await isLoggedInUser())
-      ) {
-        res.redirect("/");
-        return;
+      } else if (this.matchesRoute(AUTH_ROUTES_AND_PARAMS.login, req.path)) {
+        const { user, isAnonymous } = await getUser();
+        if (user && !isAnonymous) {
+          res.redirect("/");
+          return;
+        }
       }
 
       onGetRequestOK?.(req, res, {

diff --git a/lib/Auth/endpoints/setConfirmEmailRequestHandler.ts b/lib/Auth/endpoints/setConfirmEmailRequestHandler.ts
@@ -35,6 +35,10 @@ export function setConfirmEmailRequestHandler(
           .status(HTTP_FAIL_CODES.BAD_REQUEST)
           .json({ success: false, code: "something-went-wrong" });
       }
+
+      /**
+       * This approach requires correct handling in setCatchAllRequestHandler to not redirect user.type=public res.redirect("/");
+       */
       if (response.redirect_to) {
         return res.redirect(response.redirect_to);
       }

diff --git a/lib/Auth/utils/getSidAndUserFromRequest.ts b/lib/Auth/utils/getSidAndUserFromRequest.ts
@@ -15,13 +15,12 @@ export async function getSidAndUserFromRequest(
    */
   const getSession = this.opts.cacheSession?.getSession;
   if (clientReq.socket && getSession && clientReq.socket.__prglCache) {
-    const { session, user, clientUser } = clientReq.socket.__prglCache;
+    const { session, ...userData } = clientReq.socket.__prglCache;
     const isValid = this.isNonExpiredSocketSession(clientReq.socket, session);
     if (isValid) {
       return {
+        ...userData,
         sid: session.sid,
-        user,
-        clientUser,
       };
     } else
       return {
@@ -47,9 +46,8 @@ export async function getSidAndUserFromRequest(
       const session = await getSession(sid, this.dbo as any, this.db);
       if (session && session.expires && clientInfo?.user) {
         clientReq.socket.__prglCache = {
+          ...clientInfo,
           session,
-          user: clientInfo.user,
-          clientUser: clientInfo.clientUser,
         };
       }
     }

diff --git a/lib/DboBuilder/DboBuilderTypes.ts b/lib/DboBuilder/DboBuilderTypes.ts
@@ -15,7 +15,7 @@ import {
   TableInfo as TInfo,
   UserLike,
 } from "prostgles-types";
-import { AuthClientRequest, BasicSession } from "../Auth/AuthTypes";
+import { AuthClientRequest, BasicSession, SessionUser } from "../Auth/AuthTypes";
 import { BasicCallback } from "../PubSubManager/PubSubManager";
 import { PublishAllOrNothing } from "../PublishParser/PublishParser";
 import { FieldSpec } from "./QueryBuilder/Functions";
@@ -170,9 +170,9 @@ export type PRGLIOSocket = {
   /** Used for session caching */
   __prglCache?: {
     session: BasicSession;
-    user: UserLike;
-    clientUser: UserLike;
-  };
+    // user: UserLike;
+    // clientUser: UserLike;
+  } & SessionUser;
 
   _user?: AnyObject;
 

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "prostgles-server",
-  "version": "4.2.199",
+  "version": "4.2.200",
   "description": "",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

diff --git a/tests/server/package-lock.json b/tests/server/package-lock.json