From 56f2b90c76efb89dffabbbce7fcc55289232e876 Mon Sep 17 00:00:00 2001 From: Max Peintner Date: Mon, 18 Nov 2024 17:30:46 +0100 Subject: [PATCH] finish flow --- apps/login/locales/de.json | 3 +- apps/login/locales/en.json | 3 +- apps/login/locales/es.json | 3 +- apps/login/locales/it.json | 3 +- apps/login/readme.md | 8 ++++ apps/login/src/app/(login)/signedin/page.tsx | 30 ++++++++++++++- apps/login/src/components/login-passkey.tsx | 6 +-- apps/login/src/lib/login.ts | 40 ++++++++++++-------- 8 files changed, 72 insertions(+), 24 deletions(-) diff --git a/apps/login/locales/de.json b/apps/login/locales/de.json index ef71731d1fe..c6576de0001 100644 --- a/apps/login/locales/de.json +++ b/apps/login/locales/de.json @@ -151,7 +151,8 @@ }, "signedin": { "title": "Willkommen {user}!", - "description": "Sie sind angemeldet." + "description": "Sie sind angemeldet.", + "continue": "Weiter" }, "verify": { "userIdMissing": "Keine Benutzer-ID angegeben!", diff --git a/apps/login/locales/en.json b/apps/login/locales/en.json index d6cdc4009eb..4bb7bfe5524 100644 --- a/apps/login/locales/en.json +++ b/apps/login/locales/en.json @@ -151,7 +151,8 @@ }, "signedin": { "title": "Welcome {user}!", - "description": "You are signed in." + "description": "You are signed in.", + "continue": "Continue" }, "verify": { "userIdMissing": "No userId provided!", diff --git a/apps/login/locales/es.json b/apps/login/locales/es.json index 0a9c24f93bf..e7f093dc5da 100644 --- a/apps/login/locales/es.json +++ b/apps/login/locales/es.json @@ -151,7 +151,8 @@ }, "signedin": { "title": "¡Bienvenido {user}!", - "description": "Has iniciado sesión." + "description": "Has iniciado sesión.", + "continue": "Continuar" }, "verify": { "userIdMissing": "¡No se proporcionó userId!", diff --git a/apps/login/locales/it.json b/apps/login/locales/it.json index 74425a06a0c..0b488e00a27 100644 --- a/apps/login/locales/it.json +++ b/apps/login/locales/it.json @@ -151,7 +151,8 @@ }, "signedin": { "title": "Benvenuto {user}!", - "description": "Sei connesso." + "description": "Sei connesso.", + "continue": "Continua" }, "verify": { "userIdMissing": "Nessun userId fornito!", diff --git a/apps/login/readme.md b/apps/login/readme.md index 190fcf60026..38eee55b90d 100644 --- a/apps/login/readme.md +++ b/apps/login/readme.md @@ -386,3 +386,11 @@ In future, self service options to jump to are shown below, like: - logout > NOTE: This page has to be explicitly enabled or act as a fallback if no default redirect is set. + +## Currently NOT Supported + +- loginSettings.disableLoginWithEmail +- loginSettings.disableLoginWithPhone +- loginSettings.allowExternalIdp - this will be deprecated with the new login as it can be determined by the available IDPs +- loginSettings.forceMfaLocalOnly +- loginSettings lifetimes - all besides Multifactor Init Check can be implemented. for the Init Check, an external storage or a timestamp has to be implemented which keeps track of the last verification diff --git a/apps/login/src/app/(login)/signedin/page.tsx b/apps/login/src/app/(login)/signedin/page.tsx index b2274478ea5..3833d1b7536 100644 --- a/apps/login/src/app/(login)/signedin/page.tsx +++ b/apps/login/src/app/(login)/signedin/page.tsx @@ -1,14 +1,21 @@ +import { Button, ButtonVariants } from "@/components/button"; import { DynamicTheme } from "@/components/dynamic-theme"; import { SelfServiceMenu } from "@/components/self-service-menu"; import { UserAvatar } from "@/components/user-avatar"; import { getMostRecentCookieWithLoginname } from "@/lib/cookies"; -import { createCallback, getBrandingSettings, getSession } from "@/lib/zitadel"; +import { + createCallback, + getBrandingSettings, + getLoginSettings, + getSession, +} from "@/lib/zitadel"; import { create } from "@zitadel/client"; import { CreateCallbackRequestSchema, SessionSchema, } from "@zitadel/proto/zitadel/oidc/v2/oidc_service_pb"; import { getLocale, getTranslations } from "next-intl/server"; +import Link from "next/link"; import { redirect } from "next/navigation"; async function loadSession(loginName: string, authRequestId?: string) { @@ -48,6 +55,11 @@ export default async function Page({ searchParams }: { searchParams: any }) { const branding = await getBrandingSettings(organization); + let loginSettings; + if (!authRequestId) { + loginSettings = await getLoginSettings(organization); + } + return (
@@ -66,6 +78,22 @@ export default async function Page({ searchParams }: { searchParams: any }) { {sessionFactors?.id && ( )} + + {loginSettings?.defaultRedirectUri && ( +
+ + + + + +
+ )}
); diff --git a/apps/login/src/components/login-passkey.tsx b/apps/login/src/components/login-passkey.tsx index ab801028fec..87691ea47c2 100644 --- a/apps/login/src/components/login-passkey.tsx +++ b/apps/login/src/components/login-passkey.tsx @@ -176,15 +176,15 @@ export function LoginPasskey({ }, }; - return submitLogin(data).then((resp) => { + return submitLogin(data).then(async (resp) => { return authRequestId && resp?.sessionId - ? finishFlow({ + ? await finishFlow({ sessionId: resp.sessionId, authRequestId: authRequestId, organization: organization, }) : resp?.factors?.user?.loginName - ? finishFlow({ + ? await finishFlow({ loginName: resp.factors.user.loginName, organization: organization, }) diff --git a/apps/login/src/lib/login.ts b/apps/login/src/lib/login.ts index 765255a945a..ec023b8a9cf 100644 --- a/apps/login/src/lib/login.ts +++ b/apps/login/src/lib/login.ts @@ -1,4 +1,5 @@ import { redirect } from "next/navigation"; +import { getLoginSettings } from "./zitadel"; type FinishFlowCommand = | { @@ -8,25 +9,32 @@ type FinishFlowCommand = | { loginName: string }; /** - * on client: redirects user back to OIDC application or to a success page + * for client: redirects user back to OIDC application or to a success page when using authRequestId, check if a default redirect and redirect to it, or just redirect to a success page with the loginName * @param command * @returns */ -export function finishFlow( +export async function finishFlow( command: FinishFlowCommand & { organization?: string }, ) { - return "sessionId" in command && "authRequestId" in command - ? redirect( - `/login?` + - new URLSearchParams({ - sessionId: command.sessionId, - authRequest: command.authRequestId, - }), - ) - : redirect( - `/signedin?` + - new URLSearchParams({ - loginName: command.loginName, - }), - ); + if ("sessionId" in command && "authRequestId" in command) { + return redirect( + `/login?` + + new URLSearchParams({ + sessionId: command.sessionId, + authRequest: command.authRequestId, + }), + ); + } + + const loginSettings = await getLoginSettings(command.organization); + if (loginSettings?.defaultRedirectUri) { + return redirect(loginSettings.defaultRedirectUri); + } + + return redirect( + `/signedin?` + + new URLSearchParams({ + loginName: command.loginName, + }), + ); }