mirror of
https://github.com/SecurityBrewery/catalyst.git
synced 2025-12-07 15:52:47 +01:00
Allow @ in usernames (#742)
This commit is contained in:
Jonas Plum
GitHub
@@ -93,7 +93,7 @@ func (db *Database) UserCreate(ctx context.Context, newUser *model.UserForm) (*m
|
|||||||
|
|
||||||
var doc model.User
|
var doc model.User
|
||||||
newctx := driver.WithReturnNew(ctx, &doc)
|
newctx := driver.WithReturnNew(ctx, &doc)
|
||||||
meta, err := db.userCollection.CreateDocument(ctx, newctx, strcase.ToKebab(newUser.ID), toUser(newUser, sha256Hash))
|
meta, err := db.userCollection.CreateDocument(ctx, newctx, newUser.ID, toUser(newUser, sha256Hash))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,13 +1,13 @@
|
|||||||
users:
|
users:
|
||||||
alice:
|
alice@example.com:
|
||||||
displayname: Alice
|
displayname: Alice
|
||||||
password: "$argon2id$v=19$m=65536,t=3,p=4$S3hTSS90U1QycjNEWURZTw$aJP1fI/byC/3A7NCz5lyrXR7NS+l+1YMnqj5qFopZRk"
|
password: "$argon2id$v=19$m=65536,t=3,p=4$S3hTSS90U1QycjNEWURZTw$aJP1fI/byC/3A7NCz5lyrXR7NS+l+1YMnqj5qFopZRk"
|
||||||
email: alice@example.com
|
email: alice@example.com
|
||||||
bob:
|
bob@example.com:
|
||||||
displayname: "Bob"
|
displayname: "Bob"
|
||||||
password: "$argon2id$v=19$m=65536,t=3,p=4$amxRcURFVUk4TlhPOXFmWg$sPRsvGg9rrqefRp0fFA7wQG3O8OcMnQhj4IckHYPEz8"
|
password: "$argon2id$v=19$m=65536,t=3,p=4$amxRcURFVUk4TlhPOXFmWg$sPRsvGg9rrqefRp0fFA7wQG3O8OcMnQhj4IckHYPEz8"
|
||||||
email: bob@example.com
|
email: bob@example.com
|
||||||
admin:
|
admin@example.com:
|
||||||
displayname: "Admin"
|
displayname: "Admin"
|
||||||
password: "$argon2id$v=19$m=65536,t=3,p=4$SFBXa1BXblNZKytoZ1ZLYQ$JruWROu9opYmcPNw1cIiHms4k4466DqrKIPvJe94nfA"
|
password: "$argon2id$v=19$m=65536,t=3,p=4$SFBXa1BXblNZKytoZ1ZLYQ$JruWROu9opYmcPNw1cIiHms4k4466DqrKIPvJe94nfA"
|
||||||
email: admin@example.com
|
email: admin@example.com
|
||||||
@@ -4,6 +4,7 @@ import (
|
|||||||
"context"
|
"context"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"net/url"
|
||||||
|
|
||||||
"github.com/arangodb/go-driver"
|
"github.com/arangodb/go-driver"
|
||||||
maut "github.com/jonas-plum/maut/auth"
|
maut "github.com/jonas-plum/maut/auth"
|
||||||
@@ -20,14 +21,6 @@ func newUserResponseID(user *model.NewUserResponse) []driver.DocumentID {
|
|||||||
return userID(user.ID)
|
return userID(user.ID)
|
||||||
}
|
}
|
||||||
|
|
||||||
func userResponseID(user *model.UserResponse) []driver.DocumentID {
|
|
||||||
if user == nil {
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
return userID(user.ID)
|
|
||||||
}
|
|
||||||
|
|
||||||
func userID(id string) []driver.DocumentID {
|
func userID(id string) []driver.DocumentID {
|
||||||
return []driver.DocumentID{driver.DocumentID(fmt.Sprintf("%s/%s", database.UserCollectionName, id))}
|
return []driver.DocumentID{driver.DocumentID(fmt.Sprintf("%s/%s", database.UserCollectionName, id))}
|
||||||
}
|
}
|
||||||
@@ -42,20 +35,35 @@ func (s *Service) CreateUser(ctx context.Context, form *model.UserForm) (doc *mo
|
|||||||
return s.database.UserCreate(ctx, form)
|
return s.database.UserCreate(ctx, form)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Service) GetUser(ctx context.Context, s2 string) (*model.UserResponse, error) {
|
func (s *Service) GetUser(ctx context.Context, id string) (*model.UserResponse, error) {
|
||||||
return s.database.UserGet(ctx, s2)
|
decodedValue, err := url.QueryUnescape(id)
|
||||||
|
if err == nil {
|
||||||
|
id = decodedValue
|
||||||
|
}
|
||||||
|
|
||||||
|
return s.database.UserGet(ctx, id)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Service) UpdateUser(ctx context.Context, s2 string, form *model.UserForm) (doc *model.UserResponse, err error) {
|
func (s *Service) UpdateUser(ctx context.Context, id string, form *model.UserForm) (doc *model.UserResponse, err error) {
|
||||||
defer s.publishRequest(ctx, err, "UpdateUser", userID(s2))
|
decodedValue, err := url.QueryUnescape(id)
|
||||||
|
if err == nil {
|
||||||
|
id = decodedValue
|
||||||
|
}
|
||||||
|
|
||||||
return s.database.UserUpdate(ctx, s2, form)
|
defer s.publishRequest(ctx, err, "UpdateUser", userID(id))
|
||||||
|
|
||||||
|
return s.database.UserUpdate(ctx, id, form)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Service) DeleteUser(ctx context.Context, s2 string) (err error) {
|
func (s *Service) DeleteUser(ctx context.Context, id string) (err error) {
|
||||||
defer s.publishRequest(ctx, err, "DeleteUser", userID(s2))
|
decodedValue, err := url.QueryUnescape(id)
|
||||||
|
if err == nil {
|
||||||
|
id = decodedValue
|
||||||
|
}
|
||||||
|
|
||||||
return s.database.UserDelete(ctx, s2)
|
defer s.publishRequest(ctx, err, "DeleteUser", userID(id))
|
||||||
|
|
||||||
|
return s.database.UserDelete(ctx, id)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Service) CurrentUser(ctx context.Context) (*model.UserResponse, error) {
|
func (s *Service) CurrentUser(ctx context.Context) (*model.UserResponse, error) {
|
||||||
|
|||||||
@@ -4,6 +4,7 @@ import (
|
|||||||
"context"
|
"context"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"net/url"
|
||||||
|
|
||||||
"github.com/arangodb/go-driver"
|
"github.com/arangodb/go-driver"
|
||||||
maut "github.com/jonas-plum/maut/auth"
|
maut "github.com/jonas-plum/maut/auth"
|
||||||
@@ -29,10 +30,20 @@ func (s *Service) ListUserData(ctx context.Context) (doc []*model.UserDataRespon
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (s *Service) GetUserData(ctx context.Context, id string) (*model.UserDataResponse, error) {
|
func (s *Service) GetUserData(ctx context.Context, id string) (*model.UserDataResponse, error) {
|
||||||
|
decodedValue, err := url.QueryUnescape(id)
|
||||||
|
if err == nil {
|
||||||
|
id = decodedValue
|
||||||
|
}
|
||||||
|
|
||||||
return s.database.UserDataGet(ctx, id)
|
return s.database.UserDataGet(ctx, id)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Service) UpdateUserData(ctx context.Context, id string, data *model.UserData) (doc *model.UserDataResponse, err error) {
|
func (s *Service) UpdateUserData(ctx context.Context, id string, data *model.UserData) (doc *model.UserDataResponse, err error) {
|
||||||
|
decodedValue, err := url.QueryUnescape(id)
|
||||||
|
if err == nil {
|
||||||
|
id = decodedValue
|
||||||
|
}
|
||||||
|
|
||||||
defer s.publishRequest(ctx, err, "UpdateUserData", userDataResponseID(doc))
|
defer s.publishRequest(ctx, err, "UpdateUserData", userDataResponseID(doc))
|
||||||
|
|
||||||
return s.database.UserDataUpdate(ctx, id, data)
|
return s.database.UserDataUpdate(ctx, id, data)
|
||||||
|
|||||||
@@ -26,7 +26,7 @@ Cypress.Commands.add('login', (options = {}) => {
|
|||||||
cy.get("#kc-login").click();
|
cy.get("#kc-login").click();
|
||||||
} else if (Cypress.env('AUTH') === 'authelia') {
|
} else if (Cypress.env('AUTH') === 'authelia') {
|
||||||
cy.contains("Login with OIDC").should('be.visible').click();
|
cy.contains("Login with OIDC").should('be.visible').click();
|
||||||
cy.get("#username-textfield").should('be.visible').type("bob");
|
cy.get("#username-textfield").should('be.visible').type("bob@example.com");
|
||||||
cy.get("#password-textfield").type("bob");
|
cy.get("#password-textfield").type("bob");
|
||||||
cy.get("#sign-in-button").click();
|
cy.get("#sign-in-button").click();
|
||||||
cy.get("#accept-button").should('be.visible').click();
|
cy.get("#accept-button").should('be.visible').click();
|
||||||
|
|||||||
Reference in New Issue
Block a user