From 362f84e51b6ead3093de7c2232b19da64feca530 Mon Sep 17 00:00:00 2001 From: Eldad Fux Date: Thu, 26 Nov 2020 08:12:24 +0200 Subject: [PATCH] Added missing user ID to both session and token models --- app/config/collections.php | 9 +++++++++ app/controllers/api/account.php | 7 ++++--- app/controllers/api/teams.php | 1 + app/controllers/general.php | 2 +- src/Appwrite/Utopia/Response/Model/Session.php | 5 +++++ src/Appwrite/Utopia/Response/Model/Token.php | 7 ++++++- 6 files changed, 26 insertions(+), 5 deletions(-) diff --git a/app/config/collections.php b/app/config/collections.php index 408e713b7..a9451d4a5 100644 --- a/app/config/collections.php +++ b/app/config/collections.php @@ -300,6 +300,15 @@ $collections = [ 'name' => 'Token', 'structure' => true, 'rules' => [ + [ + '$collection' => Database::SYSTEM_COLLECTION_RULES, + 'label' => 'User ID', + 'key' => 'userId', + 'type' => Database::SYSTEM_VAR_TYPE_TEXT, + 'default' => null, + 'required' => false, + 'array' => false, + ], [ '$collection' => Database::SYSTEM_COLLECTION_RULES, 'label' => 'Type', diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index e97576ee5..4e9d10ba0 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -190,12 +190,12 @@ App::post('/v1/account/sessions') $session = new Document([ '$collection' => Database::SYSTEM_COLLECTION_TOKENS, '$permissions' => ['read' => ['user:'.$profile->getId()], 'write' => ['user:'.$profile->getId()]], + 'userId' => $profile->getId(), 'type' => Auth::TOKEN_TYPE_LOGIN, 'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak 'expire' => $expiry, 'userAgent' => $request->getUserAgent('UNKNOWN'), 'ip' => $request->getIP(), - 'osCode' => $osCode, 'osName' => $osName, 'osVersion' => $osVersion, @@ -505,7 +505,6 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect') // Create session token, verify user account and update OAuth2 ID and Access Token - $dd = new DeviceDetector($request->getUserAgent('UNKNOWN')); $dd->parse(); @@ -528,12 +527,12 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect') $session = new Document([ '$collection' => Database::SYSTEM_COLLECTION_TOKENS, '$permissions' => ['read' => ['user:'.$user['$id']], 'write' => ['user:'.$user['$id']]], + 'userId' => $user->getId(), 'type' => Auth::TOKEN_TYPE_LOGIN, 'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak 'expire' => $expiry, 'userAgent' => $request->getUserAgent('UNKNOWN'), 'ip' => $request->getIP(), - 'osCode' => $osCode, 'osName' => $osName, 'osVersion' => $osVersion, @@ -1192,6 +1191,7 @@ App::post('/v1/account/recovery') $recovery = new Document([ '$collection' => Database::SYSTEM_COLLECTION_TOKENS, '$permissions' => ['read' => ['user:'.$profile->getId()], 'write' => ['user:'.$profile->getId()]], + 'userId' => $profile->getId(), 'type' => Auth::TOKEN_TYPE_RECOVERY, 'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak 'expire' => \time() + Auth::TOKEN_EXPIRATION_RECOVERY, @@ -1382,6 +1382,7 @@ App::post('/v1/account/verification') $verification = new Document([ '$collection' => Database::SYSTEM_COLLECTION_TOKENS, '$permissions' => ['read' => ['user:'.$user->getId()], 'write' => ['user:'.$user->getId()]], + 'userId' => $user->getId(), 'type' => Auth::TOKEN_TYPE_VERIFICATION, 'secret' => Auth::hash($verificationSecret), // One way hash encryption to protect DB leak 'expire' => \time() + Auth::TOKEN_EXPIRATION_CONFIRM, diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php index 32d77e5e1..37fbad335 100644 --- a/app/controllers/api/teams.php +++ b/app/controllers/api/teams.php @@ -581,6 +581,7 @@ App::patch('/v1/teams/:teamId/memberships/:inviteId/status') $session = new Document([ '$collection' => Database::SYSTEM_COLLECTION_TOKENS, '$permissions' => ['read' => ['user:'.$user->getId()], 'write' => ['user:'.$user->getId()]], + 'userId' => $user->getId(), 'type' => Auth::TOKEN_TYPE_LOGIN, 'secret' => Auth::hash($secret), // One way hash encryption to protect DB leak 'expire' => $expiry, diff --git a/app/controllers/general.php b/app/controllers/general.php index 219a4efae..9f61db6ee 100644 --- a/app/controllers/general.php +++ b/app/controllers/general.php @@ -170,7 +170,7 @@ App::init(function ($utopia, $request, $response, $console, $project, $user, $lo */ if (null !== $key && $user->isEmpty()) { $user = new Document([ - '$id' => 0, + '$id' => '', 'status' => Auth::USER_STATUS_ACTIVATED, 'email' => 'app.'.$project->getId().'@service.'.$request->getHostname(), 'password' => '', diff --git a/src/Appwrite/Utopia/Response/Model/Session.php b/src/Appwrite/Utopia/Response/Model/Session.php index 38863016d..01cd23ee2 100644 --- a/src/Appwrite/Utopia/Response/Model/Session.php +++ b/src/Appwrite/Utopia/Response/Model/Session.php @@ -15,6 +15,11 @@ class Session extends Model 'description' => 'Session ID.', 'example' => '5e5ea5c16897e', ]) + ->addRule('userId', [ + 'type' => self::TYPE_STRING, + 'description' => 'User ID.', + 'example' => '5e5bb8c16897e', + ]) ->addRule('expire', [ 'type' => self::TYPE_INTEGER, 'description' => 'Session expiration date in Unix timestamp.', diff --git a/src/Appwrite/Utopia/Response/Model/Token.php b/src/Appwrite/Utopia/Response/Model/Token.php index 43bb4ba71..9d00fe6f9 100644 --- a/src/Appwrite/Utopia/Response/Model/Token.php +++ b/src/Appwrite/Utopia/Response/Model/Token.php @@ -13,7 +13,12 @@ class Token extends Model ->addRule('$id', [ 'type' => self::TYPE_STRING, 'description' => 'Token ID.', - 'example' => '5e5ea5c16897e', + 'example' => 'bb8ea5c16897e', + ]) + ->addRule('userId', [ + 'type' => self::TYPE_STRING, + 'description' => 'User ID.', + 'example' => '5e5ea5c168bb8', ]) ->addRule('secret', [ 'type' => self::TYPE_STRING,