
* Add log in with Google * Fix merge conflicts * Merge branch 'main' into feature/copy-add-identity-provider # Conflicts: # pages/api/auth/[...nextauth].tsx # pages/api/auth/forgot-password.ts # pages/settings/security.tsx # prisma/schema.prisma # public/static/locales/en/common.json * WIP: SAML login * fixed login * fixed verified_email check for Google * tweaks to padding * added BoxyHQ SAML service to local docker-compose * identityProvider is missing from the select clause * user may be undefined * fix for yarn build * Added SAML configuration to Settings -> Security page * UI tweaks * get saml login flag from the server * UI tweaks * moved SAMLConfiguration to a component in ee * updated saml migration date * fixed merge conflict * fixed merge conflict * lint fixes * check-types fixes * check-types fixes * fixed type errors * updated docker image for SAML Jackson * added api keys config * added default values for SAML_TENANT_ID and SAML_PRODUCT_ID * - move all env vars related to saml into a separate file for easy access - added SAML_ADMINS comma separated list of emails that will be able to configure the SAML metadata * cleanup after merging main * revert mistake during merge * revert mistake during merge * set info text to indicate SAML has been configured. * tweaks to text * tweaks to text * i18n text * i18n text * tweak * use a separate db for saml to avoid Prisma schema being out of sync * use separate docker-compose file for saml * padding tweak * Prepare for implementing SAML login for the hosted solution * WIP: Support for SAML in the hosted solution * teams view has changed, adjusting saml changes accordingly * enabled SAML only for PRO plan * if user was invited and signs in via saml/google then update the user record * WIP: embed saml lib * 302 instead of 307 * no separate docker-compose file for saml * - ogs cleanup - type fixes * fixed types for jackson * cleaned up cors, not needed by the oauth flow * updated jackson to support encryption at rest * updated saml-jackson lib * allow only the required http methods * fixed issue with latest merge with main * - Added instructions for deploying SAML support - Tweaked SAML audience identifier * fixed check for hosted Cal instance * Added a new route to initiate Google and SAML login flows * updated saml-jackson lib (node engine version is now 14.x or above) * moved SAML instructions from Google Docs to a docs file * moved randomString to lib * comment SAML_DATABASE_URL and SAML_ADMINS in .env.example so that default is SAML off. * fixed path to randomString * updated @boxyhq/saml-jackson to v0.3.0 * fixed TS errors * tweaked SAML config UI * fixed types * added e2e test for Google login * setup secrets for Google login test * test for OAuth login buttons (Google and SAML) * enabled saml for the test * added test for SAML config UI * fixed nextauth import * use pkce flow * tweaked NextAuth config for saml * updated saml-jackson * added ability to delete SAML configuration * SAML variables explainers and refactoring * Prevents constant collision * Var name changes * Env explainers * better validation for email Co-authored-by: Omar López <zomars@me.com> * enabled GOOGLE_API_CREDENTIALS in e2e tests (Github Actions secret) * cleanup (will create an issue to handle forgot password for Google and SAML identities) Co-authored-by: Chris <76668588+bytesbuffer@users.noreply.github.com> Co-authored-by: Omar López <zomars@me.com>
192 lines
6.4 KiB
TypeScript
192 lines
6.4 KiB
TypeScript
import { GetServerSidePropsContext } from "next";
|
|
import { signIn } from "next-auth/react";
|
|
import { useRouter } from "next/router";
|
|
import { FormProvider, SubmitHandler, useForm } from "react-hook-form";
|
|
|
|
import { asStringOrNull } from "@lib/asStringOrNull";
|
|
import { useLocale } from "@lib/hooks/useLocale";
|
|
import prisma from "@lib/prisma";
|
|
import { isSAMLLoginEnabled } from "@lib/saml";
|
|
import { inferSSRProps } from "@lib/types/inferSSRProps";
|
|
|
|
import { EmailField, PasswordField, TextField } from "@components/form/fields";
|
|
import { HeadSeo } from "@components/seo/head-seo";
|
|
import { Alert } from "@components/ui/Alert";
|
|
import Button from "@components/ui/Button";
|
|
|
|
import { IS_GOOGLE_LOGIN_ENABLED } from "@server/lib/constants";
|
|
import { ssrInit } from "@server/lib/ssr";
|
|
|
|
type Props = inferSSRProps<typeof getServerSideProps>;
|
|
|
|
type FormValues = {
|
|
username: string;
|
|
email: string;
|
|
password: string;
|
|
passwordcheck: string;
|
|
apiError: string;
|
|
};
|
|
|
|
export default function Signup({ email }: Props) {
|
|
const { t } = useLocale();
|
|
const router = useRouter();
|
|
const methods = useForm<FormValues>();
|
|
const {
|
|
register,
|
|
formState: { errors, isSubmitting },
|
|
} = methods;
|
|
|
|
methods.setValue("email", email);
|
|
|
|
const handleErrors = async (resp: Response) => {
|
|
if (!resp.ok) {
|
|
const err = await resp.json();
|
|
throw new Error(err.message);
|
|
}
|
|
};
|
|
|
|
const signUp: SubmitHandler<FormValues> = async (data) => {
|
|
await fetch("/api/auth/signup", {
|
|
body: JSON.stringify({
|
|
...data,
|
|
}),
|
|
headers: {
|
|
"Content-Type": "application/json",
|
|
},
|
|
method: "POST",
|
|
})
|
|
.then(handleErrors)
|
|
.then(async () => await signIn("Cal.com", { callbackUrl: (router.query.callbackUrl || "") as string }))
|
|
.catch((err) => {
|
|
methods.setError("apiError", { message: err.message });
|
|
});
|
|
};
|
|
|
|
return (
|
|
<div
|
|
className="flex flex-col justify-center min-h-screen py-12 bg-gray-50 sm:px-6 lg:px-8"
|
|
aria-labelledby="modal-title"
|
|
role="dialog"
|
|
aria-modal="true">
|
|
<HeadSeo title={t("sign_up")} description={t("sign_up")} />
|
|
<div className="sm:mx-auto sm:w-full sm:max-w-md">
|
|
<h2 className="text-3xl font-extrabold text-center text-gray-900 font-cal">
|
|
{t("create_your_account")}
|
|
</h2>
|
|
</div>
|
|
<div className="mt-8 sm:mx-auto sm:w-full sm:max-w-md">
|
|
<div className="px-4 py-8 mx-2 bg-white shadow sm:rounded-lg sm:px-10">
|
|
{/* TODO: Refactor as soon as /availability is live */}
|
|
<FormProvider {...methods}>
|
|
<form onSubmit={methods.handleSubmit(signUp)} className="space-y-6 bg-white">
|
|
{errors.apiError && <Alert severity="error" message={errors.apiError?.message} />}
|
|
<div className="space-y-2">
|
|
<TextField
|
|
addOnLeading={
|
|
<span className="inline-flex items-center px-3 text-gray-500 border border-r-0 border-gray-300 rounded-l-sm bg-gray-50 sm:text-sm">
|
|
{process.env.NEXT_PUBLIC_APP_URL}/
|
|
</span>
|
|
}
|
|
labelProps={{ className: "block text-sm font-medium text-gray-700" }}
|
|
className="flex-grow block w-full min-w-0 lowercase border-gray-300 rounded-none rounded-r-sm focus:ring-black focus:border-black sm:text-sm"
|
|
{...register("username")}
|
|
required
|
|
/>
|
|
<EmailField
|
|
{...register("email")}
|
|
className="block w-full px-3 py-2 mt-1 bg-gray-100 border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-black focus:border-black sm:text-sm"
|
|
/>
|
|
<PasswordField
|
|
labelProps={{
|
|
className: "block text-sm font-medium text-gray-700",
|
|
}}
|
|
{...register("password")}
|
|
className="block w-full px-3 py-2 mt-1 border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-black focus:border-black sm:text-sm"
|
|
/>
|
|
<PasswordField
|
|
label={t("confirm_password")}
|
|
labelProps={{
|
|
className: "block text-sm font-medium text-gray-700",
|
|
}}
|
|
{...register("passwordcheck", {
|
|
validate: (value) =>
|
|
value === methods.watch("password") || (t("error_password_mismatch") as string),
|
|
})}
|
|
className="block w-full px-3 py-2 mt-1 border border-gray-300 rounded-md shadow-sm focus:outline-none focus:ring-black focus:border-black sm:text-sm"
|
|
/>
|
|
</div>
|
|
<div className="flex space-x-2">
|
|
<Button loading={isSubmitting} className="justify-center w-7/12">
|
|
{t("create_account")}
|
|
</Button>
|
|
<Button
|
|
color="secondary"
|
|
className="justify-center w-5/12"
|
|
onClick={() =>
|
|
signIn("Cal.com", { callbackUrl: (router.query.callbackUrl || "") as string })
|
|
}>
|
|
{t("login_instead")}
|
|
</Button>
|
|
</div>
|
|
</form>
|
|
</FormProvider>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
);
|
|
}
|
|
|
|
export const getServerSideProps = async (ctx: GetServerSidePropsContext) => {
|
|
const ssr = await ssrInit(ctx);
|
|
const token = asStringOrNull(ctx.query.token);
|
|
if (!token) {
|
|
return {
|
|
notFound: true,
|
|
};
|
|
}
|
|
const verificationRequest = await prisma.verificationRequest.findUnique({
|
|
where: {
|
|
token,
|
|
},
|
|
});
|
|
|
|
// for now, disable if no verificationRequestToken given or token expired
|
|
if (!verificationRequest || verificationRequest.expires < new Date()) {
|
|
return {
|
|
notFound: true,
|
|
};
|
|
}
|
|
|
|
const existingUser = await prisma.user.findFirst({
|
|
where: {
|
|
AND: [
|
|
{
|
|
email: verificationRequest.identifier,
|
|
},
|
|
{
|
|
emailVerified: {
|
|
not: null,
|
|
},
|
|
},
|
|
],
|
|
},
|
|
});
|
|
|
|
if (existingUser) {
|
|
return {
|
|
redirect: {
|
|
permanent: false,
|
|
destination: "/auth/login?callbackUrl=" + ctx.query.callbackUrl,
|
|
},
|
|
};
|
|
}
|
|
|
|
return {
|
|
props: {
|
|
isGoogleLoginEnabled: IS_GOOGLE_LOGIN_ENABLED,
|
|
isSAMLLoginEnabled,
|
|
email: verificationRequest.identifier,
|
|
trpcState: ssr.dehydrate(),
|
|
},
|
|
};
|
|
};
|