feat(invite) add email autocomplete in invite #14610
Conversation
…ken (e. g. email invite type), invite icons updated
raphaelbadawi
force-pushed
the
email-autocomplete
branch
from
6c56b78
to
55e5b0a
Compare
raphaelbadawi
force-pushed
the
email-autocomplete
branch
from
55e5b0a
to
5ed6d73
Compare
|
Hi, thanks for your contribution! |
|
Hello, Here is the CLA signed by my CEO. 8x8_Corporate_CLA_rev.20181129.docx.pdf Best regards, |
|
This PR has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
PIng @damencho |
react/features/invite/functions.ts
Outdated
| ): Promise<any> { | ||
|
|
||
| if (!inviteItems || inviteItems.length === 0) { | ||
| return Promise.resolve(); | ||
| } | ||
|
|
||
| // Parse all the query strings of the search directory endpoint | ||
| const params = new URLSearchParams(); | ||
| params.append('jwt', jwt); |
There was a problem hiding this comment.
This adds jwt to the URL params. This reverts behavior that was dropped in 9af0003.
react/features/invite/functions.ts
Outdated
| // Authentication params for external entities (e. g. email) | ||
| if (peopleSearchTokenLocation && peopleSearchTokenKey) { | ||
| const peopleSearchToken = localStorage.getItem(peopleSearchTokenLocation) ?? ""; | ||
| params.append(peopleSearchTokenKey, peopleSearchToken); |
There was a problem hiding this comment.
Why do you need a second token parameter. Can't you use Authorization': `Bearer headers that are added.
There was a problem hiding this comment.
Can you give more details on this one?
So the token is stored in localstorage? Who is storing it there?
There was a problem hiding this comment.
That is a good question. The whole idea is to be able to authenticate against directories on instances where JWT is not enabled. In our case we added a little fetch request to our auth service at the bottom of index.html which retrieves the token if there is an active session.
What we added to index.html is very straightforward and looks like this:
document.addEventListener("DOMContentLoaded", () => {
fetch("{{SERVER}}/api/login/token", { credentials: "include" })
.then((response) => response.json())
.then((data) => localStorage.setItem("service_token", data.token));
});
There was a problem hiding this comment.
Do you see a problem with using 'Authorization': Bearer ${jwt} with the token you store in service_token?
The idea is to get rid of the URL params with authorization data, as normally the URLs are logged in different places in the backend and is hard to sanitize, so its a better practice to use the headers.
There was a problem hiding this comment.
Don't see any problem doing this, as long as it works. Moreover it's cleaner. I'll let you know when the change will be done ;-)
There was a problem hiding this comment.
Use local storage like this:
Line 364 in b4a5e63
There was a problem hiding this comment.
All good and retested!
react/features/invite/functions.ts
Outdated
| params.append('query', query); | ||
| params.append('queryTypes', queryTypesString); | ||
| params.append('jwt', jwt); | ||
|
|
There was a problem hiding this comment.
We should not add jwt as URL param since: 9af0003
react/features/invite/functions.ts
Outdated
|
|
||
| if (peopleSearchTokenLocation && peopleSearchTokenKey) { | ||
| const peopleSearchToken = localStorage.getItem(peopleSearchTokenLocation) ?? ""; | ||
| params.append(peopleSearchTokenKey, peopleSearchToken); |
There was a problem hiding this comment.
Same here why don't you use Authorization': `Bearer?
|
Thank you for the quick review @damencho. So first I will check all the linter errors today and make sure As for the JWT in the headers, it was not there three months ago when I first did the PR. I just noticed the change today when remerging master to the branch, so I will update things consequently ;-) I'll put a comment when everything will be settled. |
|
Yep, the changes were added a month later after the PR, sorry it fell trough the cracks. |
|
Hmm there is yet a little regression to fix I will let you know when everything is OK. |
|
Everything has been retested again should be fine now. Thanks! |
|
Up |
react/features/invite/functions.ts
Outdated
| const headers = { | ||
| ...jwt ? { 'Authorization': `Bearer ${jwt}` } : {}, | ||
| 'Content-Type': 'application/json' | ||
| }; | ||
|
|
||
| return fetch( | ||
| `${inviteServiceUrl}`, | ||
| `${inviteServiceUrl}?${params.toString()}`, |
There was a problem hiding this comment.
In the default case there will be an empty ? at the end.
|
Other than the questions I have and the small lint error LGTM. |
|
@raphaelbadawi |
I did it. Let's see now 🤞 |
|
jenkins test this please. |
Thank you, I didn't react quickly enough.
Do I have to do something for this part? |
Nope, these is triggering the integration tests when the PR creator is not one of the devs. |
|
Thank you for your contribution and patience :) |
Thank you for your great insights ;-) |
This is the follow up to this discussion in which the specs were discussed.
This adds an autocomplete for mere emails. Since emails are not Jitsi entity types, this also adds an alternative authentication mechanism for directories holding external entities (this authentication mechanism was also discussed in the issue above).
The documentation for this has been written too, here is the PR for this part => jitsi/handbook#503
Thanks!