diff --git a/src/api/private/auth/auth.controller.ts b/src/api/private/auth/auth.controller.ts index 84352b6cb..7f509a970 100644 --- a/src/api/private/auth/auth.controller.ts +++ b/src/api/private/auth/auth.controller.ts @@ -75,11 +75,18 @@ export class AuthController { @Post('local/login') @OpenApi(201, 400, 401) login( - @Req() request: Request & { session: { user: string } }, + @Req() + request: Request & { + session: { + authProvider: string; + user: string; + }; + }, @Body() loginDto: LoginDto, ): void { // There is no further testing needed as we only get to this point if LocalAuthGuard was successful request.session.user = loginDto.username; + request.session.authProvider = 'local'; } @UseGuards(SessionGuard) diff --git a/src/api/private/me/me.controller.ts b/src/api/private/me/me.controller.ts index 9a93bff17..f8df2d8d4 100644 --- a/src/api/private/me/me.controller.ts +++ b/src/api/private/me/me.controller.ts @@ -10,11 +10,12 @@ import { SessionGuard } from '../../../identity/session.guard'; import { ConsoleLoggerService } from '../../../logger/console-logger.service'; import { MediaUploadDto } from '../../../media/media-upload.dto'; import { MediaService } from '../../../media/media.service'; -import { FullUserInfoDto } from '../../../users/user-info.dto'; +import { UserLoginInfoDto } from '../../../users/user-info.dto'; import { User } from '../../../users/user.entity'; import { UsersService } from '../../../users/users.service'; import { OpenApi } from '../../utils/openapi.decorator'; import { RequestUser } from '../../utils/request-user.decorator'; +import { SessionAuthProvider } from '../../utils/session-authprovider.decorator'; @UseGuards(SessionGuard) @OpenApi(401) @@ -31,8 +32,11 @@ export class MeController { @Get() @OpenApi(200) - getMe(@RequestUser() user: User): FullUserInfoDto { - return this.userService.toFullUserDto(user); + getMe( + @RequestUser() user: User, + @SessionAuthProvider() authProvider: string, + ): UserInfoDto { + return this.userService.toUserLoginInfoDto(user, authProvider); } @Get('media') diff --git a/src/api/utils/session-authprovider.decorator.ts b/src/api/utils/session-authprovider.decorator.ts new file mode 100644 index 000000000..6268b7470 --- /dev/null +++ b/src/api/utils/session-authprovider.decorator.ts @@ -0,0 +1,34 @@ +/* + * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file) + * + * SPDX-License-Identifier: AGPL-3.0-only + */ +import { + createParamDecorator, + ExecutionContext, + InternalServerErrorException, +} from '@nestjs/common'; +import { Request } from 'express'; + +/** + * Extracts the auth provider identifier from a session inside a request + * + * Will throw an {@link InternalServerErrorException} if no identifier is present + */ +// eslint-disable-next-line @typescript-eslint/naming-convention +export const SessionAuthProvider = createParamDecorator( + (data: unknown, ctx: ExecutionContext) => { + const request: Request & { + session: { + authProvider: string; + }; + } = ctx.switchToHttp().getRequest(); + if (!request.session?.authProvider) { + // We should have an auth provider here, otherwise something is wrong + throw new InternalServerErrorException( + 'Session is missing an auth provider identifier', + ); + } + return request.session.authProvider; + }, +); diff --git a/src/users/user-info.dto.ts b/src/users/user-info.dto.ts index 882a6d86c..29027128d 100644 --- a/src/users/user-info.dto.ts +++ b/src/users/user-info.dto.ts @@ -51,3 +51,12 @@ export class FullUserInfoDto extends UserInfoDto { @IsString() email: string; } + +export class UserLoginInfoDto extends UserInfoDto { + /** + * Identifier of the auth provider that was used to log in + */ + @ApiProperty() + @IsString() + authProvider: string; +} diff --git a/src/users/users.service.ts b/src/users/users.service.ts index 140388b91..ec7d875e2 100644 --- a/src/users/users.service.ts +++ b/src/users/users.service.ts @@ -9,7 +9,11 @@ import { Repository } from 'typeorm'; import { AlreadyInDBError, NotInDBError } from '../errors/errors'; import { ConsoleLoggerService } from '../logger/console-logger.service'; -import { FullUserInfoDto, UserInfoDto } from './user-info.dto'; +import { + FullUserInfoDto, + UserInfoDto, + UserLoginInfoDto, +} from './user-info.dto'; import { UserRelationEnum } from './user-relation.enum'; import { User } from './user.entity'; @@ -131,4 +135,8 @@ export class UsersService { email: user.email ?? '', }; } + + toUserLoginInfoDto(user: User, authProvider: string): UserLoginInfoDto { + return { ...this.toUserDto(user), authProvider }; + } } diff --git a/test/private-api/me.e2e-spec.ts b/test/private-api/me.e2e-spec.ts index f737afb56..1ba0b6dc5 100644 --- a/test/private-api/me.e2e-spec.ts +++ b/test/private-api/me.e2e-spec.ts @@ -8,7 +8,7 @@ import request from 'supertest'; import { NotInDBError } from '../../src/errors/errors'; import { Note } from '../../src/notes/note.entity'; -import { FullUserInfoDto } from '../../src/users/user-info.dto'; +import { UserLoginInfoDto } from '../../src/users/user-info.dto'; import { User } from '../../src/users/user.entity'; import { TestSetup, TestSetupBuilder } from '../test-setup'; @@ -50,12 +50,12 @@ describe('Me', () => { }); it('GET /me', async () => { - const userInfo = testSetup.userService.toFullUserDto(user); + const userInfo = testSetup.userService.toUserLoginInfoDto(user, 'local'); const response = await agent .get('/api/private/me') .expect('Content-Type', /json/) .expect(200); - const gotUser = response.body as FullUserInfoDto; + const gotUser = response.body as UserLoginInfoDto; expect(gotUser).toEqual(userInfo); }); diff --git a/test/private-api/register-and-login.e2e-spec.ts b/test/private-api/register-and-login.e2e-spec.ts index 04972d390..79a75484a 100644 --- a/test/private-api/register-and-login.e2e-spec.ts +++ b/test/private-api/register-and-login.e2e-spec.ts @@ -55,6 +55,7 @@ describe('Register and Login', () => { const profile = await session.get('/api/private/me').expect(200); expect(profile.body.username).toEqual(USERNAME); expect(profile.body.displayName).toEqual(DISPLAYNAME); + expect(profile.body.authProvider).toEqual('local'); // logout again await session.delete('/api/private/auth/logout').expect(204);