domain discovery on register, set scope from username

zitadel · Jul 24, 2024 · bab3f00 · bab3f00
1 parent 5216062
commit bab3f00
Showing 5 changed files with 75 additions and 19 deletions.
diff --git a/apps/login/src/app/(login)/register/page.tsx b/apps/login/src/app/(login)/register/page.tsx
@@ -51,6 +51,9 @@ export default async function Page({
           <RegisterFormWithoutPassword
             legal={legal}
             organization={organization}
+            firstname={firstname}
+            lastname={lastname}
+            email={email}
             authRequestId={authRequestId}
           ></RegisterFormWithoutPassword>
         )}

diff --git a/apps/login/src/app/api/loginname/route.ts b/apps/login/src/app/api/loginname/route.ts
@@ -1,12 +1,16 @@
-import { listAuthenticationMethodTypes, listUsers } from "@/lib/zitadel";
+import {
+  getLoginSettings,
+  listAuthenticationMethodTypes,
+  listUsers,
+} from "@/lib/zitadel";
 import { createSessionForUserIdAndUpdateCookie } from "@/utils/session";
 import { NextRequest, NextResponse } from "next/server";
 
 export async function POST(request: NextRequest) {
   const body = await request.json();
   if (body) {
     const { loginName, authRequestId, organization } = body;
-    return listUsers(loginName, organization).then((users) => {
+    return listUsers(loginName, organization).then(async (users) => {
       if (users.details?.totalResult == BigInt(1) && users.result[0].userId) {
         const userId = users.result[0].userId;
         return createSessionForUserIdAndUpdateCookie(
@@ -36,11 +40,34 @@ export async function POST(request: NextRequest) {
             console.error(error);
             return NextResponse.json(error, { status: 500 });
           });
-      } else {
-        return NextResponse.json(
-          { message: "Could not find user" },
-          { status: 404 },
-        );
+      } else if (organization) {
+        const loginSettings = await getLoginSettings(organization);
+
+        // user not found, check if register is enabled on organization
+        if (loginSettings?.allowRegister) {
+          const params: any = { organization };
+          if (authRequestId) {
+            params.authRequestId = authRequestId;
+          }
+          if (loginName) {
+            params.email = loginName;
+          }
+
+          const registerUrl = new URL(
+            "/register?" + new URLSearchParams(params),
+            request.url,
+          );
+
+          return NextResponse.json({
+            nextUrl: registerUrl,
+            status: 200,
+          });
+        } else {
+          return NextResponse.json(
+            { message: "Could not find user" },
+            { status: 404 },
+          );
+        }
       }
     });
   } else {

diff --git a/apps/login/src/ui/RegisterFormWithoutPassword.tsx b/apps/login/src/ui/RegisterFormWithoutPassword.tsx
@@ -13,6 +13,7 @@ import AuthenticationMethodRadio, {
 import Alert from "./Alert";
 import BackButton from "./BackButton";
 import { LegalAndSupportSettings } from "@zitadel/proto/zitadel/settings/v2beta/legal_settings_pb";
+import { first } from "node_modules/cypress/types/lodash";
 
 type Inputs =
   | {
@@ -24,17 +25,28 @@ type Inputs =
 
 type Props = {
   legal: LegalAndSupportSettings;
+  firstname?: string;
+  lastname?: string;
+  email?: string;
   organization?: string;
   authRequestId?: string;
 };
 
 export default function RegisterFormWithoutPassword({
   legal,
+  email,
+  firstname,
+  lastname,
   organization,
   authRequestId,
 }: Props) {
   const { register, handleSubmit, formState } = useForm<Inputs>({
     mode: "onBlur",
+    defaultValues: {
+      email: email ?? "",
+      firstName: firstname ?? "",
+      lastname: lastname ?? "",
+    },
   });
 
   const [loading, setLoading] = useState<boolean>(false);

diff --git a/apps/login/src/ui/SetPasswordForm.tsx b/apps/login/src/ui/SetPasswordForm.tsx
@@ -42,6 +42,11 @@ export default function SetPasswordForm({
 }: Props) {
   const { register, handleSubmit, watch, formState } = useForm<Inputs>({
     mode: "onBlur",
+    defaultValues: {
+      email: email ?? "",
+      firstname: firstname ?? "",
+      lastname: lastname ?? "",
+    },
   });
 
   const [loading, setLoading] = useState<boolean>(false);

diff --git a/apps/login/src/ui/UsernameForm.tsx b/apps/login/src/ui/UsernameForm.tsx
@@ -82,18 +82,21 @@ export default function UsernameForm({
     values: Inputs,
     organization?: string,
   ) {
-    console.log(loginSettings);
     return submitLoginName(values, organization).then((response) => {
-      if (response.authMethodTypes.length == 1) {
+      if (response.nextUrl) {
+        return router.push(response.nextUrl);
+      } else if (response.authMethodTypes.length == 1) {
         const method = response.authMethodTypes[0];
         switch (method) {
           case 1: // user has only password as auth method
             const paramsPassword: any = {
               loginName: response.factors.user.loginName,
             };
 
-            if (organization) {
-              paramsPassword.organization = organization;
+            // TODO: think about a method to skip org discovery from the session
+            if (organization || response.factors.user.organizationId) {
+              paramsPassword.organization =
+                organization ?? response.factors.user.organizationId;
             }
 
             if (
@@ -117,8 +120,10 @@ export default function UsernameForm({
             if (authRequestId) {
               paramsPasskey.authRequestId = authRequestId;
             }
-            if (organization) {
-              paramsPasskey.organization = organization;
+
+            if (organization || response.factors.user.organizationId) {
+              paramsPasskey.organization =
+                organization ?? response.factors.user.organizationId;
             }
 
             return router.push(
@@ -134,8 +139,10 @@ export default function UsernameForm({
             if (authRequestId) {
               paramsPasskeyDefault.authRequestId = authRequestId;
             }
-            if (organization) {
-              paramsPasskeyDefault.organization = organization;
+
+            if (organization || response.factors.user.organizationId) {
+              paramsPasskeyDefault.organization =
+                organization ?? response.factors.user.organizationId;
             }
 
             return router.push(
@@ -161,8 +168,9 @@ export default function UsernameForm({
             passkeyParams.authRequestId = authRequestId;
           }
 
-          if (organization) {
-            passkeyParams.organization = organization;
+          if (organization || response.factors.user.organizationId) {
+            passkeyParams.organization =
+              organization ?? response.factors.user.organizationId;
           }
 
           return router.push(
@@ -180,8 +188,9 @@ export default function UsernameForm({
             paramsPasswordDefault.authRequestId = authRequestId;
           }
 
-          if (organization) {
-            paramsPasswordDefault.organization = organization;
+          if (organization || response.factors.user.organizationId) {
+            paramsPasswordDefault.organization =
+              organization ?? response.factors.user.organizationId;
           }
 
           return router.push(