feat: signup on auth (#567)

> Auto init the account when auth * 🧶 Added `findOrCreateUser` method. Initialize account on both login and authorization, as per the submitted GitHub." ------ > 授权时，默认进行账户初始化 * 🧶 新增 `findOrCreateUser` 方法，登录和授权时均初始化账户
cnpm · Aug 8, 2023 · c710600 · c710600
1 parent b102711
commit c710600
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 13 deletions.
diff --git a/app/core/service/UserService.ts b/app/core/service/UserService.ts
@@ -106,19 +106,23 @@ export class UserService extends AbstractService {
     return { code: LoginResultCode.Success, user, token };
   }
 
-  async ensureTokenByUser({ name, email, password = crypto.randomUUID(), ip }: Optional<CreateUser, 'password'>) {
+  async findOrCreateUser({ name, email, ip, password = crypto.randomUUID() }: Optional<CreateUser, 'password'>) {
     let user = await this.userRepository.findUserByName(name);
     if (!user) {
       const createRes = await this.create({
         name,
         email,
-        // Authentication via sso
-        // should use token instead of password
         password,
         ip,
       });
       user = createRes.user;
     }
+
+    return user;
+  }
+
+  async ensureTokenByUser(opts: Optional<CreateUser, 'password'>) {
+    const user = await this.findOrCreateUser(opts);
     const token = await this.createToken(user.userId);
     return { user, token };
   }

diff --git a/app/port/controller/TokenController.ts b/app/port/controller/TokenController.ts
@@ -131,15 +131,12 @@ export class TokenController extends AbstractController {
     return { objects, total: objects.length, urls: {} };
   }
 
-  private async ensureWebUser() {
+  private async ensureWebUser(ip = '') {
     const userRes = await this.authAdapter.ensureCurrentUser();
     if (!userRes?.name || !userRes?.email) {
       throw new ForbiddenError('need login first');
     }
-    const user = await this.userService.findUserByName(userRes.name);
-    if (!user?.userId) {
-      throw new ForbiddenError('invalid user info');
-    }
+    const user = await this.userService.findOrCreateUser({ name: userRes.name, email: userRes.email, ip });
     return user;
   }
 
@@ -155,7 +152,7 @@ export class TokenController extends AbstractController {
   // 3. Need to implement ensureCurrentUser method in AuthAdapter, or pass in this.user
   async createGranularToken(@Context() ctx: EggContext, @HTTPBody() tokenOptions: GranularTokenOptions) {
     ctx.tValidate(GranularTokenOptionsRule, tokenOptions);
-    const user = await this.ensureWebUser();
+    const user = await this.ensureWebUser(ctx.ip);
 
     // 生成 Token
     const { name, description, allowedPackages, allowedScopes, cidr_whitelist, automation, readonly, expires } = tokenOptions;

diff --git a/test/port/controller/TokenController/createToken.test.ts b/test/port/controller/TokenController/createToken.test.ts
@@ -135,21 +135,20 @@ describe('test/port/controller/TokenController/createToken.test.ts', () => {
       assert.match(res.body.error, /\[FORBIDDEN\] need login first/);
     });
 
-    it('should 403 when no user info', async () => {
+    it('should auto create when no user info', async () => {
       mock(AuthAdapter.prototype, 'ensureCurrentUser', async () => {
         return {
           name: 'banana',
           email: '[email protected]',
         };
       });
-      const res = await app.httpRequest()
+      await app.httpRequest()
         .post('/-/npm/v1/tokens/gat')
         .send({
           name: 'banana',
           expires: 30,
         })
-        .expect(403);
-      assert.match(res.body.error, /\[FORBIDDEN\] invalid user info/);
+        .expect(200);
     });
 
     describe('should 200', () => {