2024-03-19 14:15:54 +01:00
|
|
|
"use server";
|
|
|
|
|
|
2024-03-15 17:21:21 +01:00
|
|
|
import {
|
2024-04-04 13:50:54 +02:00
|
|
|
createSessionFromChecks,
|
2024-03-15 17:21:21 +01:00
|
|
|
createSessionForUserIdAndIdpIntent,
|
|
|
|
|
getSession,
|
|
|
|
|
server,
|
|
|
|
|
setSession,
|
|
|
|
|
} from "#/lib/zitadel";
|
2023-06-29 19:06:30 +02:00
|
|
|
import {
|
|
|
|
|
SessionCookie,
|
|
|
|
|
addSessionToCookie,
|
|
|
|
|
updateSessionCookie,
|
|
|
|
|
} from "./cookies";
|
2023-08-22 13:15:33 +02:00
|
|
|
import { Session, Challenges, RequestChallenges } from "@zitadel/server";
|
2023-06-29 19:06:30 +02:00
|
|
|
|
|
|
|
|
export async function createSessionAndUpdateCookie(
|
|
|
|
|
loginName: string,
|
|
|
|
|
password: string | undefined,
|
2023-08-22 13:15:33 +02:00
|
|
|
challenges: RequestChallenges | undefined,
|
2024-03-25 15:18:51 +01:00
|
|
|
organization?: string,
|
|
|
|
|
authRequestId?: string
|
2023-06-29 19:06:30 +02:00
|
|
|
): Promise<Session> {
|
2024-04-04 13:50:54 +02:00
|
|
|
const createdSession = await createSessionFromChecks(
|
2023-06-29 19:06:30 +02:00
|
|
|
server,
|
2024-04-04 13:50:54 +02:00
|
|
|
password
|
|
|
|
|
? {
|
|
|
|
|
user: { loginName },
|
|
|
|
|
password: { password },
|
|
|
|
|
// totp: { code: totpCode },
|
|
|
|
|
}
|
|
|
|
|
: { user: { loginName } },
|
2023-06-29 19:06:30 +02:00
|
|
|
challenges
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (createdSession) {
|
|
|
|
|
return getSession(
|
|
|
|
|
server,
|
|
|
|
|
createdSession.sessionId,
|
|
|
|
|
createdSession.sessionToken
|
|
|
|
|
).then((response) => {
|
|
|
|
|
if (response?.session && response.session?.factors?.user?.loginName) {
|
|
|
|
|
const sessionCookie: SessionCookie = {
|
|
|
|
|
id: createdSession.sessionId,
|
|
|
|
|
token: createdSession.sessionToken,
|
2024-04-03 14:12:05 +02:00
|
|
|
creationDate: `${response.session.creationDate?.getTime() ?? ""}`,
|
|
|
|
|
expirationDate: `${response.session.expirationDate?.getTime() ?? ""}`,
|
|
|
|
|
changeDate: `${response.session.changeDate?.getTime() ?? ""}`,
|
2024-03-25 13:39:23 +01:00
|
|
|
loginName: response.session.factors.user.loginName ?? "",
|
|
|
|
|
organization: response.session.factors.user.organizationId ?? "",
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
if (authRequestId) {
|
|
|
|
|
sessionCookie.authRequestId = authRequestId;
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-25 15:18:51 +01:00
|
|
|
if (organization) {
|
|
|
|
|
sessionCookie.organization = organization;
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-25 13:39:23 +01:00
|
|
|
return addSessionToCookie(sessionCookie).then(() => {
|
|
|
|
|
return response.session as Session;
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
throw "could not get session or session does not have loginName";
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
throw "Could not create session";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function createSessionForUserIdAndUpdateCookie(
|
|
|
|
|
userId: string,
|
|
|
|
|
password: string | undefined,
|
|
|
|
|
challenges: RequestChallenges | undefined,
|
|
|
|
|
authRequestId: string | undefined
|
|
|
|
|
): Promise<Session> {
|
2024-04-04 13:50:54 +02:00
|
|
|
const createdSession = await createSessionFromChecks(
|
2024-03-25 13:39:23 +01:00
|
|
|
server,
|
2024-04-04 13:50:54 +02:00
|
|
|
password
|
|
|
|
|
? {
|
|
|
|
|
user: { userId },
|
|
|
|
|
password: { password },
|
|
|
|
|
// totp: { code: totpCode },
|
|
|
|
|
}
|
|
|
|
|
: { user: { userId } },
|
2024-03-25 13:39:23 +01:00
|
|
|
challenges
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (createdSession) {
|
|
|
|
|
return getSession(
|
|
|
|
|
server,
|
|
|
|
|
createdSession.sessionId,
|
|
|
|
|
createdSession.sessionToken
|
|
|
|
|
).then((response) => {
|
|
|
|
|
if (response?.session && response.session?.factors?.user?.loginName) {
|
|
|
|
|
const sessionCookie: SessionCookie = {
|
|
|
|
|
id: createdSession.sessionId,
|
|
|
|
|
token: createdSession.sessionToken,
|
2024-04-03 14:12:05 +02:00
|
|
|
creationDate: `${response.session.creationDate?.getTime() ?? ""}`,
|
|
|
|
|
expirationDate: `${response.session.expirationDate?.getTime() ?? ""}`,
|
|
|
|
|
changeDate: `${response.session.changeDate?.getTime() ?? ""}`,
|
2024-03-25 13:39:23 +01:00
|
|
|
loginName: response.session.factors.user.loginName ?? "",
|
2023-06-29 19:06:30 +02:00
|
|
|
};
|
|
|
|
|
|
2023-08-21 15:14:12 +02:00
|
|
|
if (authRequestId) {
|
|
|
|
|
sessionCookie.authRequestId = authRequestId;
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-25 16:05:38 +01:00
|
|
|
if (response.session.factors.user.organizationId) {
|
|
|
|
|
sessionCookie.organization =
|
|
|
|
|
response.session.factors.user.organizationId;
|
|
|
|
|
}
|
2024-03-25 15:18:51 +01:00
|
|
|
|
2023-06-29 19:06:30 +02:00
|
|
|
return addSessionToCookie(sessionCookie).then(() => {
|
|
|
|
|
return response.session as Session;
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
throw "could not get session or session does not have loginName";
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
throw "Could not create session";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-15 17:21:21 +01:00
|
|
|
export async function createSessionForIdpAndUpdateCookie(
|
|
|
|
|
userId: string,
|
|
|
|
|
idpIntent: {
|
|
|
|
|
idpIntentId?: string | undefined;
|
|
|
|
|
idpIntentToken?: string | undefined;
|
|
|
|
|
},
|
2024-03-25 15:18:51 +01:00
|
|
|
organization: string | undefined,
|
2024-03-15 17:21:21 +01:00
|
|
|
authRequestId: string | undefined
|
|
|
|
|
): Promise<Session> {
|
|
|
|
|
const createdSession = await createSessionForUserIdAndIdpIntent(
|
|
|
|
|
server,
|
|
|
|
|
userId,
|
|
|
|
|
idpIntent
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (createdSession) {
|
|
|
|
|
return getSession(
|
|
|
|
|
server,
|
|
|
|
|
createdSession.sessionId,
|
|
|
|
|
createdSession.sessionToken
|
|
|
|
|
).then((response) => {
|
|
|
|
|
if (response?.session && response.session?.factors?.user?.loginName) {
|
|
|
|
|
const sessionCookie: SessionCookie = {
|
|
|
|
|
id: createdSession.sessionId,
|
|
|
|
|
token: createdSession.sessionToken,
|
2024-04-03 14:12:05 +02:00
|
|
|
creationDate: `${response.session.creationDate?.getTime() ?? ""}`,
|
|
|
|
|
expirationDate: `${response.session.expirationDate?.getTime() ?? ""}`,
|
|
|
|
|
changeDate: `${response.session.changeDate?.getTime() ?? ""}`,
|
2024-03-25 13:39:23 +01:00
|
|
|
loginName: response.session.factors.user.loginName ?? "",
|
|
|
|
|
organization: response.session.factors.user.organizationId ?? "",
|
2024-03-15 17:21:21 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
if (authRequestId) {
|
|
|
|
|
sessionCookie.authRequestId = authRequestId;
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-25 15:18:51 +01:00
|
|
|
if (organization) {
|
|
|
|
|
sessionCookie.organization = organization;
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-15 17:21:21 +01:00
|
|
|
return addSessionToCookie(sessionCookie).then(() => {
|
|
|
|
|
return response.session as Session;
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
throw "could not get session or session does not have loginName";
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
} else {
|
|
|
|
|
throw "Could not create session";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-07-03 09:33:39 +02:00
|
|
|
export type SessionWithChallenges = Session & {
|
|
|
|
|
challenges: Challenges | undefined;
|
|
|
|
|
};
|
2023-07-03 08:44:48 +02:00
|
|
|
|
2023-06-29 19:06:30 +02:00
|
|
|
export async function setSessionAndUpdateCookie(
|
2024-03-18 16:30:44 +01:00
|
|
|
recentCookie: SessionCookie,
|
2023-06-29 19:06:30 +02:00
|
|
|
password: string | undefined,
|
2023-08-29 16:37:46 +02:00
|
|
|
webAuthN: { credentialAssertionData: any } | undefined,
|
2023-08-22 13:15:33 +02:00
|
|
|
challenges: RequestChallenges | undefined,
|
2024-04-04 13:50:54 +02:00
|
|
|
totpCode: string | undefined,
|
2023-08-21 15:14:12 +02:00
|
|
|
authRequestId: string | undefined
|
2023-07-03 08:44:48 +02:00
|
|
|
): Promise<SessionWithChallenges> {
|
2023-06-29 19:06:30 +02:00
|
|
|
return setSession(
|
|
|
|
|
server,
|
2024-03-18 16:30:44 +01:00
|
|
|
recentCookie.id,
|
|
|
|
|
recentCookie.token,
|
2023-06-29 19:06:30 +02:00
|
|
|
password,
|
2024-04-04 13:50:54 +02:00
|
|
|
totpCode,
|
2023-08-29 16:37:46 +02:00
|
|
|
webAuthN,
|
2023-06-29 19:06:30 +02:00
|
|
|
challenges
|
2023-06-30 15:32:41 +02:00
|
|
|
).then((updatedSession) => {
|
|
|
|
|
if (updatedSession) {
|
2023-06-29 19:06:30 +02:00
|
|
|
const sessionCookie: SessionCookie = {
|
2024-03-18 16:30:44 +01:00
|
|
|
id: recentCookie.id,
|
2023-06-30 15:32:41 +02:00
|
|
|
token: updatedSession.sessionToken,
|
2024-03-18 16:30:44 +01:00
|
|
|
creationDate: recentCookie.creationDate,
|
|
|
|
|
expirationDate: recentCookie.expirationDate,
|
2024-04-03 14:12:05 +02:00
|
|
|
changeDate: `${updatedSession.details?.changeDate?.getTime() ?? ""}`,
|
2024-03-18 16:30:44 +01:00
|
|
|
loginName: recentCookie.loginName,
|
2024-03-25 13:39:23 +01:00
|
|
|
organization: recentCookie.organization,
|
2023-06-29 19:06:30 +02:00
|
|
|
};
|
|
|
|
|
|
2023-08-21 15:14:12 +02:00
|
|
|
if (authRequestId) {
|
|
|
|
|
sessionCookie.authRequestId = authRequestId;
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-29 16:37:46 +02:00
|
|
|
return new Promise((resolve) => setTimeout(resolve, 1000)).then(() =>
|
|
|
|
|
// TODO: remove
|
|
|
|
|
getSession(server, sessionCookie.id, sessionCookie.token).then(
|
|
|
|
|
(response) => {
|
|
|
|
|
if (
|
|
|
|
|
response?.session &&
|
|
|
|
|
response.session.factors?.user?.loginName
|
|
|
|
|
) {
|
|
|
|
|
const { session } = response;
|
|
|
|
|
const newCookie: SessionCookie = {
|
|
|
|
|
id: sessionCookie.id,
|
|
|
|
|
token: updatedSession.sessionToken,
|
2024-03-18 16:30:44 +01:00
|
|
|
creationDate: sessionCookie.creationDate,
|
|
|
|
|
expirationDate: sessionCookie.expirationDate,
|
2024-04-03 14:12:05 +02:00
|
|
|
changeDate: `${session.changeDate?.getTime() ?? ""}`,
|
2023-08-29 16:37:46 +02:00
|
|
|
loginName: session.factors?.user?.loginName ?? "",
|
2024-03-25 13:39:23 +01:00
|
|
|
organization: session.factors?.user?.organizationId ?? "",
|
2023-08-29 16:37:46 +02:00
|
|
|
};
|
2023-06-29 19:06:30 +02:00
|
|
|
|
2023-08-29 16:37:46 +02:00
|
|
|
if (sessionCookie.authRequestId) {
|
|
|
|
|
newCookie.authRequestId = sessionCookie.authRequestId;
|
|
|
|
|
}
|
2023-08-21 15:14:12 +02:00
|
|
|
|
2023-08-29 16:37:46 +02:00
|
|
|
return updateSessionCookie(sessionCookie.id, newCookie).then(
|
|
|
|
|
() => {
|
|
|
|
|
return { challenges: updatedSession.challenges, ...session };
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
} else {
|
|
|
|
|
throw "could not get session or session does not have loginName";
|
|
|
|
|
}
|
2023-06-29 19:06:30 +02:00
|
|
|
}
|
2023-08-29 16:37:46 +02:00
|
|
|
)
|
2023-06-29 19:06:30 +02:00
|
|
|
);
|
|
|
|
|
} else {
|
|
|
|
|
throw "Session not be set";
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
