invite user to github automatically
This commit is contained in:
parent
c51e363b10
commit
cbcb8268b0
|
@ -21,11 +21,6 @@ export async function GET(request: Request) {
|
||||||
const id = await provider.getId();
|
const id = await provider.getId();
|
||||||
const permitted = await provider.isPermitted();
|
const permitted = await provider.isPermitted();
|
||||||
|
|
||||||
if (!permitted) {
|
|
||||||
logger.info({ id }, "user tried to sign up");
|
|
||||||
return new Response("not permitted to register account", { status: 403 });
|
|
||||||
}
|
|
||||||
|
|
||||||
// If someone clicked register on the front page with an existing account,
|
// If someone clicked register on the front page with an existing account,
|
||||||
// wire it to their user via the auth ticket
|
// wire it to their user via the auth ticket
|
||||||
let gluestickId = null;
|
let gluestickId = null;
|
||||||
|
@ -35,6 +30,11 @@ export async function GET(request: Request) {
|
||||||
gluestickId = currentUser!.id;
|
gluestickId = currentUser!.id;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!permitted && gluestickId == null) {
|
||||||
|
logger.info({ id }, "user tried to sign up");
|
||||||
|
return new Response("not permitted to register account", { status: 403 });
|
||||||
|
}
|
||||||
|
|
||||||
const userId = await DiscordAuthProvider.update(
|
const userId = await DiscordAuthProvider.update(
|
||||||
id,
|
id,
|
||||||
tokenBody.access_token,
|
tokenBody.access_token,
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
import { getLogger } from "@/logger";
|
import { getLogger } from "@/logger";
|
||||||
import { GitHubAuthProvider } from "@/auth/github";
|
import { GitHubAuthProvider, inviteToGitHub } from "@/auth/github";
|
||||||
import {
|
import {
|
||||||
AuthState,
|
AuthState,
|
||||||
authTicketOAuth,
|
authTicketOAuth,
|
||||||
|
@ -21,11 +21,6 @@ export async function GET(request: Request) {
|
||||||
const id = await provider.getId();
|
const id = await provider.getId();
|
||||||
const permitted = await provider.isPermitted();
|
const permitted = await provider.isPermitted();
|
||||||
|
|
||||||
if (!permitted) {
|
|
||||||
logger.info({ id }, "user tried to sign up");
|
|
||||||
return new Response("not permitted to register account", { status: 403 });
|
|
||||||
}
|
|
||||||
|
|
||||||
// If someone clicked register on the front page with an existing account,
|
// If someone clicked register on the front page with an existing account,
|
||||||
// wire it to their user via the auth ticket
|
// wire it to their user via the auth ticket
|
||||||
let gluestickId = null;
|
let gluestickId = null;
|
||||||
|
@ -35,6 +30,11 @@ export async function GET(request: Request) {
|
||||||
gluestickId = currentUser!.id;
|
gluestickId = currentUser!.id;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!permitted && gluestickId == null) {
|
||||||
|
logger.info({ id }, "user tried to sign up");
|
||||||
|
return new Response("not permitted to register account", { status: 403 });
|
||||||
|
}
|
||||||
|
|
||||||
const userId = await GitHubAuthProvider.update(
|
const userId = await GitHubAuthProvider.update(
|
||||||
id,
|
id,
|
||||||
tokenBody.access_token,
|
tokenBody.access_token,
|
||||||
|
@ -42,6 +42,7 @@ export async function GET(request: Request) {
|
||||||
);
|
);
|
||||||
|
|
||||||
if (gluestickId != null) {
|
if (gluestickId != null) {
|
||||||
|
await inviteToGitHub(provider);
|
||||||
return new Response(null, {
|
return new Response(null, {
|
||||||
status: 302,
|
status: 302,
|
||||||
headers: {
|
headers: {
|
||||||
|
|
|
@ -14,6 +14,18 @@ type GitHubUserResponse = {
|
||||||
email: string;
|
email: string;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
async function getMembers(): Promise<GitHubUserResponse[]> {
|
||||||
|
const req = await fetch(
|
||||||
|
`https://api.github.com/orgs/${process.env.GITHUB_ORG}/members`,
|
||||||
|
{
|
||||||
|
headers: {
|
||||||
|
Authorization: `Bearer ${process.env.GITHUB_TOKEN}`
|
||||||
|
}
|
||||||
|
}
|
||||||
|
);
|
||||||
|
return await req.json();
|
||||||
|
}
|
||||||
|
|
||||||
export class GitHubAuthProvider extends AuthProvider {
|
export class GitHubAuthProvider extends AuthProvider {
|
||||||
private async getMe(): Promise<GitHubUserResponse> {
|
private async getMe(): Promise<GitHubUserResponse> {
|
||||||
const req = await fetch("https://api.github.com/user", {
|
const req = await fetch("https://api.github.com/user", {
|
||||||
|
@ -27,16 +39,8 @@ export class GitHubAuthProvider extends AuthProvider {
|
||||||
|
|
||||||
async isPermitted(): Promise<boolean> {
|
async isPermitted(): Promise<boolean> {
|
||||||
const me = await this.getMe();
|
const me = await this.getMe();
|
||||||
const req = await fetch(
|
const members = await getMembers();
|
||||||
`https://api.github.com/orgs/${process.env.GITHUB_ORG}/members`,
|
return members.some((user) => user.login === me.login);
|
||||||
{
|
|
||||||
headers: {
|
|
||||||
Authorization: `Bearer ${process.env.GITHUB_TOKEN}`
|
|
||||||
}
|
|
||||||
}
|
|
||||||
);
|
|
||||||
const res: GitHubUserResponse[] = await req.json();
|
|
||||||
return res.some((user) => user.login === me.login);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
async getDisplayName(): Promise<string> {
|
async getDisplayName(): Promise<string> {
|
||||||
|
@ -139,3 +143,24 @@ export class GitHubAuthProvider extends AuthProvider {
|
||||||
return a.userId;
|
return a.userId;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export async function inviteToGitHub(auth: GitHubAuthProvider) {
|
||||||
|
const id = await auth.getId();
|
||||||
|
const members = await getMembers();
|
||||||
|
if (members.find((x) => x.id === parseInt(id))) return;
|
||||||
|
|
||||||
|
await fetch(
|
||||||
|
`https://api.github.com/orgs/${process.env.GITHUB_ORG}/invitations`,
|
||||||
|
{
|
||||||
|
method: "POST",
|
||||||
|
headers: {
|
||||||
|
Authorization: `Bearer ${process.env.GITHUB_TOKEN}`,
|
||||||
|
Accept: "application/vnd.github.v3+json"
|
||||||
|
},
|
||||||
|
body: JSON.stringify({
|
||||||
|
invitee_id: parseInt(id),
|
||||||
|
role: "direct_member"
|
||||||
|
})
|
||||||
|
}
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue