fix(dashboard): mutation
This commit is contained in:
Lakhan Samani
@@ -22,6 +22,11 @@ type State struct {
|
||||
// AppHandler is the handler for the /app route
|
||||
func AppHandler() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
if envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage) {
|
||||
c.JSON(400, gin.H{"error": "login page is not enabled"})
|
||||
return
|
||||
}
|
||||
|
||||
state := c.Query("state")
|
||||
|
||||
var stateObj State
|
||||
|
||||
@@ -15,7 +15,6 @@ import (
|
||||
"github.com/authorizerdev/authorizer/server/graph/model"
|
||||
"github.com/authorizerdev/authorizer/server/token"
|
||||
"github.com/authorizerdev/authorizer/server/utils"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
// UpdateEnvResolver is a resolver for update config mutation
|
||||
@@ -43,6 +42,23 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
|
||||
return res, fmt.Errorf("error un-marshalling params: %t", err)
|
||||
}
|
||||
|
||||
// in case of admin secret change update the cookie with new hash
|
||||
if params.AdminSecret != nil {
|
||||
if params.OldAdminSecret == nil {
|
||||
return res, errors.New("admin secret and old admin secret are required for secret change")
|
||||
}
|
||||
|
||||
if *params.OldAdminSecret != envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret) {
|
||||
return res, errors.New("old admin secret is not correct")
|
||||
}
|
||||
|
||||
if len(*params.AdminSecret) < 6 {
|
||||
err = fmt.Errorf("admin secret must be at least 6 characters")
|
||||
return res, err
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
updatedData := envstore.EnvInMemoryStoreObj.GetEnvStoreClone()
|
||||
for key, value := range data {
|
||||
if value != nil {
|
||||
@@ -106,22 +122,7 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
|
||||
return res, err
|
||||
}
|
||||
|
||||
encryptedConfig, err := utils.EncryptEnvData(updatedData)
|
||||
if err != nil {
|
||||
return res, err
|
||||
}
|
||||
|
||||
// in case of admin secret change update the cookie with new hash
|
||||
if params.AdminSecret != nil {
|
||||
if params.OldAdminSecret == nil {
|
||||
return res, errors.New("admin secret and old admin secret are required for secret change")
|
||||
}
|
||||
|
||||
err := bcrypt.CompareHashAndPassword([]byte(*params.OldAdminSecret), []byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)))
|
||||
if err != nil {
|
||||
return res, errors.New("old admin secret is not correct")
|
||||
}
|
||||
|
||||
hashedKey, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret))
|
||||
if err != nil {
|
||||
return res, err
|
||||
@@ -129,6 +130,11 @@ func UpdateEnvResolver(ctx context.Context, params model.UpdateEnvInput) (*model
|
||||
cookie.SetAdminCookie(gc, hashedKey)
|
||||
}
|
||||
|
||||
encryptedConfig, err := utils.EncryptEnvData(updatedData)
|
||||
if err != nil {
|
||||
return res, err
|
||||
}
|
||||
|
||||
env.EnvData = encryptedConfig
|
||||
_, err = db.Provider.UpdateEnv(env)
|
||||
if err != nil {
|
||||
|
||||
@@ -1,8 +1,6 @@
|
||||
package routes
|
||||
|
||||
import (
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
"github.com/authorizerdev/authorizer/server/envstore"
|
||||
"github.com/authorizerdev/authorizer/server/handlers"
|
||||
"github.com/authorizerdev/authorizer/server/middlewares"
|
||||
"github.com/gin-contrib/location"
|
||||
@@ -25,21 +23,19 @@ func InitRouter() *gin.Engine {
|
||||
|
||||
router.LoadHTMLGlob("templates/*")
|
||||
// login page app related routes.
|
||||
if !envstore.EnvInMemoryStoreObj.GetBoolStoreEnvVariable(constants.EnvKeyDisableLoginPage) {
|
||||
app := router.Group("/app")
|
||||
{
|
||||
app.Static("/build", "app/build")
|
||||
app.GET("/", handlers.AppHandler())
|
||||
app.GET("/reset-password", handlers.AppHandler())
|
||||
}
|
||||
app := router.Group("/app")
|
||||
{
|
||||
app.Static("/build", "app/build")
|
||||
app.GET("/", handlers.AppHandler())
|
||||
app.GET("/reset-password", handlers.AppHandler())
|
||||
}
|
||||
|
||||
// dashboard related routes
|
||||
app := router.Group("/dashboard")
|
||||
dashboard := router.Group("/dashboard")
|
||||
{
|
||||
app.Static("/build", "dashboard/build")
|
||||
app.GET("/", handlers.DashboardHandler())
|
||||
app.GET("/:page", handlers.DashboardHandler())
|
||||
dashboard.Static("/build", "dashboard/build")
|
||||
dashboard.GET("/", handlers.DashboardHandler())
|
||||
dashboard.GET("/:page", handlers.DashboardHandler())
|
||||
}
|
||||
return router
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user