Added missing user ID to both session and token models
This commit is contained in:
parent
8d41590596
commit
362f84e51b
|
@ -300,6 +300,15 @@ $collections = [
|
|||
'name' => 'Token',
|
||||
'structure' => true,
|
||||
'rules' => [
|
||||
[
|
||||
'$collection' => Database::SYSTEM_COLLECTION_RULES,
|
||||
'label' => 'User ID',
|
||||
'key' => 'userId',
|
||||
'type' => Database::SYSTEM_VAR_TYPE_TEXT,
|
||||
'default' => null,
|
||||
'required' => false,
|
||||
'array' => false,
|
||||
],
|
||||
[
|
||||
'$collection' => Database::SYSTEM_COLLECTION_RULES,
|
||||
'label' => 'Type',
|
||||
|
|
|
@ -190,12 +190,12 @@ App::post('/v1/account/sessions')
|
|||
$session = new Document([
|
||||
'$collection' => Database::SYSTEM_COLLECTION_TOKENS,
|
||||
'$permissions' => ['read' => ['user:'.$profile->getId()], 'write' => ['user:'.$profile->getId()]],
|
||||
'userId' => $profile->getId(),
|
||||
'type' => Auth::TOKEN_TYPE_LOGIN,
|
||||
'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak
|
||||
'expire' => $expiry,
|
||||
'userAgent' => $request->getUserAgent('UNKNOWN'),
|
||||
'ip' => $request->getIP(),
|
||||
|
||||
'osCode' => $osCode,
|
||||
'osName' => $osName,
|
||||
'osVersion' => $osVersion,
|
||||
|
@ -505,7 +505,6 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
|
||||
// Create session token, verify user account and update OAuth2 ID and Access Token
|
||||
|
||||
|
||||
$dd = new DeviceDetector($request->getUserAgent('UNKNOWN'));
|
||||
|
||||
$dd->parse();
|
||||
|
@ -528,12 +527,12 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
$session = new Document([
|
||||
'$collection' => Database::SYSTEM_COLLECTION_TOKENS,
|
||||
'$permissions' => ['read' => ['user:'.$user['$id']], 'write' => ['user:'.$user['$id']]],
|
||||
'userId' => $user->getId(),
|
||||
'type' => Auth::TOKEN_TYPE_LOGIN,
|
||||
'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak
|
||||
'expire' => $expiry,
|
||||
'userAgent' => $request->getUserAgent('UNKNOWN'),
|
||||
'ip' => $request->getIP(),
|
||||
|
||||
'osCode' => $osCode,
|
||||
'osName' => $osName,
|
||||
'osVersion' => $osVersion,
|
||||
|
@ -1192,6 +1191,7 @@ App::post('/v1/account/recovery')
|
|||
$recovery = new Document([
|
||||
'$collection' => Database::SYSTEM_COLLECTION_TOKENS,
|
||||
'$permissions' => ['read' => ['user:'.$profile->getId()], 'write' => ['user:'.$profile->getId()]],
|
||||
'userId' => $profile->getId(),
|
||||
'type' => Auth::TOKEN_TYPE_RECOVERY,
|
||||
'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak
|
||||
'expire' => \time() + Auth::TOKEN_EXPIRATION_RECOVERY,
|
||||
|
@ -1382,6 +1382,7 @@ App::post('/v1/account/verification')
|
|||
$verification = new Document([
|
||||
'$collection' => Database::SYSTEM_COLLECTION_TOKENS,
|
||||
'$permissions' => ['read' => ['user:'.$user->getId()], 'write' => ['user:'.$user->getId()]],
|
||||
'userId' => $user->getId(),
|
||||
'type' => Auth::TOKEN_TYPE_VERIFICATION,
|
||||
'secret' => Auth::hash($verificationSecret), // One way hash encryption to protect DB leak
|
||||
'expire' => \time() + Auth::TOKEN_EXPIRATION_CONFIRM,
|
||||
|
|
|
@ -581,6 +581,7 @@ App::patch('/v1/teams/:teamId/memberships/:inviteId/status')
|
|||
$session = new Document([
|
||||
'$collection' => Database::SYSTEM_COLLECTION_TOKENS,
|
||||
'$permissions' => ['read' => ['user:'.$user->getId()], 'write' => ['user:'.$user->getId()]],
|
||||
'userId' => $user->getId(),
|
||||
'type' => Auth::TOKEN_TYPE_LOGIN,
|
||||
'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak
|
||||
'expire' => $expiry,
|
||||
|
|
|
@ -170,7 +170,7 @@ App::init(function ($utopia, $request, $response, $console, $project, $user, $lo
|
|||
*/
|
||||
if (null !== $key && $user->isEmpty()) {
|
||||
$user = new Document([
|
||||
'$id' => 0,
|
||||
'$id' => '',
|
||||
'status' => Auth::USER_STATUS_ACTIVATED,
|
||||
'email' => 'app.'.$project->getId().'@service.'.$request->getHostname(),
|
||||
'password' => '',
|
||||
|
|
|
@ -15,6 +15,11 @@ class Session extends Model
|
|||
'description' => 'Session ID.',
|
||||
'example' => '5e5ea5c16897e',
|
||||
])
|
||||
->addRule('userId', [
|
||||
'type' => self::TYPE_STRING,
|
||||
'description' => 'User ID.',
|
||||
'example' => '5e5bb8c16897e',
|
||||
])
|
||||
->addRule('expire', [
|
||||
'type' => self::TYPE_INTEGER,
|
||||
'description' => 'Session expiration date in Unix timestamp.',
|
||||
|
|
|
@ -13,7 +13,12 @@ class Token extends Model
|
|||
->addRule('$id', [
|
||||
'type' => self::TYPE_STRING,
|
||||
'description' => 'Token ID.',
|
||||
'example' => '5e5ea5c16897e',
|
||||
'example' => 'bb8ea5c16897e',
|
||||
])
|
||||
->addRule('userId', [
|
||||
'type' => self::TYPE_STRING,
|
||||
'description' => 'User ID.',
|
||||
'example' => '5e5ea5c168bb8',
|
||||
])
|
||||
->addRule('secret', [
|
||||
'type' => self::TYPE_STRING,
|
||||
|
|
Loading…
Reference in a new issue