fix: improvements for login and oidc (#227)

* add csrf * caching * caching * caching * caching * security headers * csp and security headers * error handler csp * select user with display name * csp * user selection styling * username to loginname * regenerate grpc * regenerate * change to login name
2025-08-11 21:37:32 +00:00 · 2020-06-17 08:06:40 +02:00
parent dfe6d0deb4
commit 1c59d18fee
108 changed files with 19226 additions and 19220 deletions
--- a/internal/user/model/user.go
+++ b/internal/user/model/user.go
@@ -81,6 +81,12 @@ func (u *User) CheckOrgIamPolicy(policy *org_model.OrgIamPolicy) error {
 	return nil
 }

+func (u *User) SetNamesAsDisplayname() {
+	if u.Profile != nil && u.DisplayName == "" && u.FirstName != "" && u.LastName != "" {
+		u.DisplayName = u.FirstName + " " + u.LastName
+	}
+}
+
 func (u *User) IsValid() bool {
 	return u.Profile != nil && u.FirstName != "" && u.LastName != "" && u.UserName != "" && u.Email != nil && u.Email.IsValid() && u.Phone == nil || (u.Phone != nil && u.Phone.IsValid())
 }
--- a/internal/user/model/user_session_view.go
+++ b/internal/user/model/user_session_view.go
@@ -15,6 +15,8 @@ type UserSessionView struct {
 	UserAgentID                 string
 	UserID                      string
 	UserName                    string
+	LoginName                   string
+	DisplayName                 string
 	PasswordVerification        time.Time
 	MfaSoftwareVerification     time.Time
 	MfaSoftwareVerificationType req_model.MfaType
--- a/internal/user/repository/eventsourcing/eventstore.go
+++ b/internal/user/repository/eventsourcing/eventstore.go
@@ -109,6 +109,7 @@ func (es *UserEventstore) PrepareCreateUser(ctx context.Context, user *usr_model
 	if err != nil {
 		return nil, nil, err
 	}
+	user.SetNamesAsDisplayname()
 	if !user.IsValid() {
 		return nil, nil, caos_errs.ThrowPreconditionFailed(nil, "EVENT-9dk45", "User is invalid")
 	}
@@ -161,6 +162,7 @@ func (es *UserEventstore) PrepareRegisterUser(ctx context.Context, user *usr_mod
 	if err != nil {
 		return nil, nil, err
 	}
+	user.SetNamesAsDisplayname()
 	if !user.IsValid() || user.Password == nil || user.SecretString == "" {
 		return nil, nil, caos_errs.ThrowPreconditionFailed(nil, "EVENT-9dk45", "Errors.User.InvalidData")
 	}
--- a/internal/user/repository/view/model/user_session.go
+++ b/internal/user/repository/view/model/user_session.go
@@ -27,7 +27,9 @@ type UserSessionView struct {
 	State                       int32     `json:"-" gorm:"column:state"`
 	UserAgentID                 string    `json:"userAgentID" gorm:"column:user_agent_id;primary_key"`
 	UserID                      string    `json:"userID" gorm:"column:user_id;primary_key"`
-	UserName                    string    `json:"userName" gorm:"column:user_name"`
+	UserName                    string    `json:"-" gorm:"column:user_name"`
+	LoginName                   string    `json:"-" gorm:"column:login_name"`
+	DisplayName                 string    `json:"-" gorm:"column:user_display_name"`
 	PasswordVerification        time.Time `json:"-" gorm:"column:password_verification"`
 	MfaSoftwareVerification     time.Time `json:"-" gorm:"column:mfa_software_verification"`
 	MfaSoftwareVerificationType int32     `json:"-" gorm:"column:mfa_software_verification_type"`
@@ -54,6 +56,8 @@ func UserSessionToModel(userSession *UserSessionView) *model.UserSessionView {
 		UserAgentID:                 userSession.UserAgentID,
 		UserID:                      userSession.UserID,
 		UserName:                    userSession.UserName,
+		LoginName:                   userSession.LoginName,
+		DisplayName:                 userSession.DisplayName,
 		PasswordVerification:        userSession.PasswordVerification,
 		MfaSoftwareVerification:     userSession.MfaSoftwareVerification,
 		MfaSoftwareVerificationType: req_model.MfaType(userSession.MfaSoftwareVerificationType),