From 6a52a8809cb0473908bb190217b53f06aee33aae Mon Sep 17 00:00:00 2001
From: peintnermax <max@caos.ch>
Date: Mon, 1 Apr 2024 15:03:41 +0200
Subject: [PATCH] pass sessionid on verify, create session for created user

---
 apps/login/app/(login)/verify/page.tsx      |  4 +++-
 apps/login/app/api/registeruser/route.ts    | 18 ++++++++++++++--
 apps/login/cypress/integration/verify.cy.ts |  4 ++--
 apps/login/lib/zitadel.ts                   | 24 +++++++++------------
 apps/login/ui/RegisterForm.tsx              |  2 +-
 apps/login/ui/SetPasswordForm.tsx           |  5 ++++-
 apps/login/ui/VerifyEmailForm.tsx           | 16 +++++++++++++-
 7 files changed, 51 insertions(+), 22 deletions(-)

diff --git a/apps/login/app/(login)/verify/page.tsx b/apps/login/app/(login)/verify/page.tsx
index 6386f0fc5d3..f218adc616b 100644
--- a/apps/login/app/(login)/verify/page.tsx
+++ b/apps/login/app/(login)/verify/page.tsx
@@ -5,7 +5,8 @@ import { ExclamationTriangleIcon } from "@heroicons/react/24/outline";
 
 export default async function Page({ searchParams }: { searchParams: any }) {
   const {
-    userID,
+    userId,
+    sessionId,
     code,
     submit,
     organization,
@@ -31,6 +32,7 @@ export default async function Page({ searchParams }: { searchParams: any }) {
             submit={submit === "true"}
             organization={organization}
             authRequestId={authRequestId}
+            sessionId={sessionId}
           />
         ) : (
           <div className="w-full flex flex-row items-center justify-center border border-yellow-600/40 dark:border-yellow-500/20 bg-yellow-200/30 text-yellow-600 dark:bg-yellow-700/20 dark:text-yellow-200 rounded-md py-2 scroll-px-40">
diff --git a/apps/login/app/api/registeruser/route.ts b/apps/login/app/api/registeruser/route.ts
index d0ed88f47fa..f3d39050d72 100644
--- a/apps/login/app/api/registeruser/route.ts
+++ b/apps/login/app/api/registeruser/route.ts
@@ -1,4 +1,8 @@
 import { addHumanUser, server } from "#/lib/zitadel";
+import {
+  createSessionAndUpdateCookie,
+  createSessionForUserIdAndUpdateCookie,
+} from "#/utils/session";
 import { NextRequest, NextResponse } from "next/server";
 
 export async function POST(request: NextRequest) {
@@ -20,8 +24,18 @@ export async function POST(request: NextRequest) {
       password: password ? password : undefined,
       organization,
     })
-      .then((userId) => {
-        return NextResponse.json({ userId });
+      .then((user) => {
+        return createSessionForUserIdAndUpdateCookie(
+          user.userId,
+          password,
+          undefined,
+          authRequestId
+        ).then((session) => {
+          return NextResponse.json({
+            userId: user.userId,
+            sessionId: session.id,
+          });
+        });
       })
       .catch((error) => {
         return NextResponse.json(error, { status: 500 });
diff --git a/apps/login/cypress/integration/verify.cy.ts b/apps/login/cypress/integration/verify.cy.ts
index e8bca4dd281..7e829028234 100644
--- a/apps/login/cypress/integration/verify.cy.ts
+++ b/apps/login/cypress/integration/verify.cy.ts
@@ -3,7 +3,7 @@ import { stub } from "../support/mock";
 describe("/verify", () => {
   it("redirects after successful email verification", () => {
     stub("zitadel.user.v2beta.UserService", "VerifyEmail");
-    cy.visit("/verify?userID=123&code=abc&submit=true");
+    cy.visit("/verify?userId=123&code=abc&submit=true");
     cy.location("pathname", { timeout: 10_000 }).should("eq", "/loginname");
   });
   it("shows an error if validation failed", () => {
@@ -13,7 +13,7 @@ describe("/verify", () => {
     });
     // TODO: Avoid uncaught exception in application
     cy.once("uncaught:exception", () => false);
-    cy.visit("/verify?userID=123&code=abc&submit=true");
+    cy.visit("/verify?userId=123&code=abc&submit=true");
     cy.contains("error validating code");
   });
 });
diff --git a/apps/login/lib/zitadel.ts b/apps/login/lib/zitadel.ts
index dae509a1786..bb5e9190ab1 100644
--- a/apps/login/lib/zitadel.ts
+++ b/apps/login/lib/zitadel.ts
@@ -271,7 +271,7 @@ export type AddHumanUserData = {
 export async function addHumanUser(
   server: ZitadelServer,
   { email, firstName, lastName, password, organization }: AddHumanUserData
-): Promise<string> {
+): Promise<AddHumanUserResponse> {
   const userService = user.getUser(server);
 
   const payload: Partial<AddHumanUserRequest> = {
@@ -284,19 +284,15 @@ export async function addHumanUser(
     payload.organization = { orgId: organization };
   }
 
-  return userService
-    .addHumanUser(
-      password
-        ? {
-            ...payload,
-            password: { password },
-          }
-        : payload,
-      {}
-    )
-    .then((resp: AddHumanUserResponse) => {
-      return resp.userId;
-    });
+  return userService.addHumanUser(
+    password
+      ? {
+          ...payload,
+          password: { password },
+        }
+      : payload,
+    {}
+  );
 }
 
 export async function listUsers(
diff --git a/apps/login/ui/RegisterForm.tsx b/apps/login/ui/RegisterForm.tsx
index 86ef5348eed..8e122d853e1 100644
--- a/apps/login/ui/RegisterForm.tsx
+++ b/apps/login/ui/RegisterForm.tsx
@@ -78,7 +78,7 @@ export default function RegisterForm({
 
   function submitAndLink(value: Inputs): Promise<boolean | void> {
     return submitRegister(value).then((resp: any) => {
-      const params: any = { userID: resp.userId };
+      const params: any = { userId: resp.userId };
 
       if (organization) {
         params.organization = organization;
diff --git a/apps/login/ui/SetPasswordForm.tsx b/apps/login/ui/SetPasswordForm.tsx
index 091c6f42817..d3356e0ec4f 100644
--- a/apps/login/ui/SetPasswordForm.tsx
+++ b/apps/login/ui/SetPasswordForm.tsx
@@ -104,7 +104,7 @@ export default function SetPasswordForm({
         return createSessionWithLoginNameAndPassword(
           email,
           value.password
-        ).then(() => {
+        ).then((session) => {
           setLoading(false);
           const params: any = { userID: humanResponse.userId };
 
@@ -114,6 +114,9 @@ export default function SetPasswordForm({
           if (organization) {
             params.organization = organization;
           }
+          if (session && session.sessionId) {
+            params.sessionId = session.sessionId;
+          }
 
           return router.push(`/verify?` + new URLSearchParams(params));
         });
diff --git a/apps/login/ui/VerifyEmailForm.tsx b/apps/login/ui/VerifyEmailForm.tsx
index e3bd9472df3..9f3843b0879 100644
--- a/apps/login/ui/VerifyEmailForm.tsx
+++ b/apps/login/ui/VerifyEmailForm.tsx
@@ -18,6 +18,7 @@ type Props = {
   submit: boolean;
   organization?: string;
   authRequestId?: string;
+  sessionId?: string;
 };
 
 export default function VerifyEmailForm({
@@ -26,6 +27,7 @@ export default function VerifyEmailForm({
   submit,
   organization,
   authRequestId,
+  sessionId,
 }: Props) {
   const { register, handleSubmit, formState } = useForm<Inputs>({
     mode: "onBlur",
@@ -96,7 +98,19 @@ export default function VerifyEmailForm({
 
   function submitCodeAndContinue(value: Inputs): Promise<boolean | void> {
     return submitCode(value).then((resp: any) => {
-      return router.push(`/loginname`);
+      const params = new URLSearchParams({});
+
+      if (organization) {
+        params.set("organization", organization);
+      }
+
+      if (authRequestId && sessionId) {
+        params.set("authRequest", authRequestId);
+        params.set("sessionId", sessionId);
+        return router.push(`/login?` + params);
+      } else {
+        return router.push(`/loginname?` + params);
+      }
     });
   }