fix(login): email or phone query, session context from loginname (#10158)

This PR fixes an issue where the orQuery for phone and email was not
correctly set.
This commit is contained in:
Max Peintner
2025-07-03 10:07:34 +02:00
committed by GitHub
parent 8c39779533
commit 47f0486ee8
4 changed files with 41 additions and 30 deletions

View File

@@ -61,7 +61,7 @@ export default async function Page(props: {
return (
<DynamicTheme branding={branding}>
<div className="flex flex-col items-center space-y-4">
<h1 data-i18n-key="error.tryagain">
<h1>
<Translated i18nKey="title" namespace="loginname" />
</h1>
<p className="ztdl-p">

View File

@@ -291,23 +291,25 @@ export async function sendLoginname(command: SendLoginnameCommand) {
};
}
const paramsPassword: any = {
const paramsPassword = new URLSearchParams({
loginName: session.factors?.user?.loginName,
};
});
// TODO: does this have to be checked in loginSettings.allowDomainDiscovery
if (command.organization || session.factors?.user?.organizationId) {
paramsPassword.organization =
command.organization ?? session.factors?.user?.organizationId;
paramsPassword.append(
"organization",
command.organization ?? session.factors?.user?.organizationId,
);
}
if (command.requestId) {
paramsPassword.requestId = command.requestId;
paramsPassword.append("requestId", command.requestId);
}
return {
redirect: "/password?" + new URLSearchParams(paramsPassword),
redirect: "/password?" + paramsPassword,
};
case AuthenticationMethodType.PASSKEY: // AuthenticationMethodType.AUTHENTICATION_METHOD_TYPE_PASSKEY
@@ -318,36 +320,42 @@ export async function sendLoginname(command: SendLoginnameCommand) {
};
}
const paramsPasskey: any = { loginName: command.loginName };
const paramsPasskey = new URLSearchParams({
loginName: session.factors?.user?.loginName,
});
if (command.requestId) {
paramsPasskey.requestId = command.requestId;
paramsPasskey.append("requestId", command.requestId);
}
if (command.organization || session.factors?.user?.organizationId) {
paramsPasskey.organization =
command.organization ?? session.factors?.user?.organizationId;
paramsPasskey.append(
"organization",
command.organization ?? session.factors?.user?.organizationId,
);
}
return { redirect: "/passkey?" + new URLSearchParams(paramsPasskey) };
return { redirect: "/passkey?" + paramsPasskey };
}
} else {
// prefer passkey in favor of other methods
if (methods.authMethodTypes.includes(AuthenticationMethodType.PASSKEY)) {
const passkeyParams: any = {
loginName: command.loginName,
const passkeyParams = new URLSearchParams({
loginName: session.factors?.user?.loginName,
altPassword: `${methods.authMethodTypes.includes(1)}`, // show alternative password option
};
});
if (command.requestId) {
passkeyParams.requestId = command.requestId;
passkeyParams.append("requestId", command.requestId);
}
if (command.organization || session.factors?.user?.organizationId) {
passkeyParams.organization =
command.organization ?? session.factors?.user?.organizationId;
passkeyParams.append(
"organization",
command.organization ?? session.factors?.user?.organizationId,
);
}
return { redirect: "/passkey?" + new URLSearchParams(passkeyParams) };
return { redirect: "/passkey?" + passkeyParams };
} else if (
methods.authMethodTypes.includes(AuthenticationMethodType.IDP)
) {
@@ -356,19 +364,23 @@ export async function sendLoginname(command: SendLoginnameCommand) {
methods.authMethodTypes.includes(AuthenticationMethodType.PASSWORD)
) {
// user has no passkey setup and login settings allow passkeys
const paramsPasswordDefault: any = { loginName: command.loginName };
const paramsPasswordDefault = new URLSearchParams({
loginName: session.factors?.user?.loginName,
});
if (command.requestId) {
paramsPasswordDefault.requestId = command.requestId;
paramsPasswordDefault.append("requestId", command.requestId);
}
if (command.organization || session.factors?.user?.organizationId) {
paramsPasswordDefault.organization =
command.organization ?? session.factors?.user?.organizationId;
paramsPasswordDefault.append(
"organization",
command.organization ?? session.factors?.user?.organizationId,
);
}
return {
redirect: "/password?" + new URLSearchParams(paramsPasswordDefault),
redirect: "/password?" + paramsPasswordDefault,
};
}
}

View File

@@ -13,7 +13,6 @@ import {
type LoadMostRecentSessionParams = {
serviceUrl: string;
sessionParams: {
loginName?: string;
organization?: string;

View File

@@ -854,15 +854,15 @@ export async function searchUsers({
const emailQuery = EmailQuery(searchValue);
emailAndPhoneQueries.push(emailQuery);
} else {
const emailAndPhoneOrQueries: SearchQuery[] = [];
const orQuery: SearchQuery[] = [];
const emailQuery = EmailQuery(searchValue);
emailAndPhoneOrQueries.push(emailQuery);
orQuery.push(emailQuery);
let phoneQuery;
if (searchValue.length <= 20) {
phoneQuery = PhoneQuery(searchValue);
emailAndPhoneOrQueries.push(phoneQuery);
orQuery.push(phoneQuery);
}
emailAndPhoneQueries.push(
@@ -870,7 +870,7 @@ export async function searchUsers({
query: {
case: "orQuery",
value: {
queries: emailAndPhoneOrQueries,
queries: orQuery,
},
},
}),
@@ -903,7 +903,7 @@ export async function searchUsers({
}
if (emailOrPhoneResult.result.length == 1) {
return loginNameResult;
return emailOrPhoneResult;
}
return { error: "User not found in the system" };