diff options
-rw-r--r-- | rust/src/api_server.rs | 23 | ||||
-rw-r--r-- | rust/src/api_wrappers.rs | 3 |
2 files changed, 18 insertions, 8 deletions
diff --git a/rust/src/api_server.rs b/rust/src/api_server.rs index 1edf739c..349c6a27 100644 --- a/rust/src/api_server.rs +++ b/rust/src/api_server.rs @@ -544,21 +544,32 @@ impl Server { /// basically an "upsert" of signup/account-creation. /// Returns an editor model and boolean flag indicating whether a new editor was created or /// not. - /// If this function creates an editor, it sets the username to "{iss}-{provider}"; the intent - /// is for this to be temporary but unique. Might look like "bnewbold-github", or might look - /// like "895139824-github". This is a hack to make check/creation idempotent. + /// If this function creates an editor, it sets the username to + /// "{preferred_username}-{provider}"; the intent is for this to be temporary but unique. Might + /// look like "bnewbold-github", or might look like "895139824-github". This is a hack to make + /// check/creation idempotent. pub fn auth_oidc_handler(&self, params: AuthOidc, conn: &DbConn) -> Result<(Editor, bool)> { let existing: Vec<(EditorRow, AuthOidcRow)> = editor::table .inner_join(auth_oidc::table) .filter(auth_oidc::oidc_sub.eq(params.sub.clone())) - .filter(auth_oidc::oidc_iss.eq(params.iss)) + .filter(auth_oidc::oidc_iss.eq(params.iss.clone())) .load(conn)?; let (editor_row, created): (EditorRow, bool) = match existing.first() { Some((editor, _)) => (editor.clone(), false), None => { - let username = format!("{}-{}", params.sub, params.provider); - (create_editor(conn, username, false, false)?, true) + let username = format!("{}-{}", params.preferred_username, params.provider); + let editor = create_editor(conn, username, false, false)?; + // create an auth login row so the user can log back in + diesel::insert_into(auth_oidc::table) + .values(( + auth_oidc::editor_id.eq(editor.id), + auth_oidc::provider.eq(params.provider), + auth_oidc::oidc_iss.eq(params.iss), + auth_oidc::oidc_sub.eq(params.sub), + )) + .execute(conn)?; + (editor, true) } }; diff --git a/rust/src/api_wrappers.rs b/rust/src/api_wrappers.rs index abaa2310..c663c11d 100644 --- a/rust/src/api_wrappers.rs +++ b/rust/src/api_wrappers.rs @@ -930,8 +930,7 @@ impl Api for Server { // admin can update any username auth_context.require_role(FatcatRole::Admin)?; }; - update_editor_username(&conn, editor_id, editor.username) - .map(|e| e.into_model()) + update_editor_username(&conn, editor_id, editor.username).map(|e| e.into_model()) }) { Ok(editor) => UpdateEditorResponse::UpdatedEditor(editor), Err(Error(ErrorKind::Diesel(e), _)) => { |