Merge pull request #241 from supertokens/feat/dashboard-email-login

feat: Add email password login for the dashboard

Author: rishabhpoddar

.gitignore

@@ -20,4 +20,5 @@ gin/
 
 apiPassword
 releasePassword
-.vscode/
+.vscode/
+.idea/

CHANGELOG.md

@@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [0.10.2] - 2023-02-24
+-   Adds APIs and logic to the dashboard recipe to enable email password based login
+
 ## [0.10.1] - 2023-02-06
 
 -   Email template updates

coreDriverInterfaceSupported.json

@@ -8,6 +8,9 @@
                 "2.12",
                 "2.13",
                 "2.14",
-                "2.15"
+                "2.15",
+                "2.16",
+                "2.17",
+                "2.18"
         ]
 }

recipe/dashboard/api/implementation.go

@@ -50,6 +50,8 @@ func MakeAPIImplementation() dashboardmodels.APIInterface {
 		}
 		dashboardAppPath := options.AppInfo.APIBasePath.AppendPath(normalizedDashboardPath).GetAsStringDangerous()
 
+		authMode := string(options.Config.AuthMode)
+
 		return `
 		<html>
 		<head>
@@ -58,6 +60,7 @@ func MakeAPIImplementation() dashboardmodels.APIInterface {
 						window.staticBasePath = "` + bundleDomain + `/static"
 						window.dashboardAppPath = "` + dashboardAppPath + `"
 						window.connectionURI = "` + connectionURI + `"
+						window.authMode = "` + authMode + `"
 				</script>
 				<script defer src="` + bundleDomain + `/static/js/bundle.js"></script></head>
 				<link href="` + bundleDomain + `/static/css/main.css" rel="stylesheet" type="text/css">

recipe/dashboard/api/signInPost.go

@@ -0,0 +1,79 @@
+package api
+
+import (
+	"encoding/json"
+	"github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+	"github.com/supertokens/supertokens-golang/supertokens"
+)
+
+type signInPostResponse struct {
+	Status    string `json:"status"`
+	SessionId string `json:"sessionId,omitempty"`
+	Message   string `json:"message,omitempty"`
+}
+
+type signInRequestBody struct {
+	Email    *string `json:"email"`
+	Password *string `json:"password"`
+}
+
+func SignInPost(apiInterface dashboardmodels.APIInterface, options dashboardmodels.APIOptions) error {
+	body, err := supertokens.ReadFromRequest(options.Req)
+
+	if err != nil {
+		return err
+	}
+
+	var readBody signInRequestBody
+	err = json.Unmarshal(body, &readBody)
+	if err != nil {
+		return err
+	}
+
+	if readBody.Email == nil {
+		return supertokens.BadInputError{
+			Msg: "Required parameter 'email' is missing",
+		}
+	}
+
+	if readBody.Password == nil {
+		return supertokens.BadInputError{
+			Msg: "Required parameter 'password' is missing",
+		}
+	}
+
+	querier, querierErr := supertokens.GetNewQuerierInstanceOrThrowError("dashboard")
+
+	if querierErr != nil {
+		return querierErr
+	}
+
+	apiResponse, apiErr := querier.SendPostRequest("/recipe/dashboard/signin", map[string]interface{}{
+		"email":    *readBody.Email,
+		"password": *readBody.Password,
+	})
+
+	if apiErr != nil {
+		return apiErr
+	}
+
+	status := apiResponse["status"]
+
+	if status == "OK" {
+		return supertokens.Send200Response(options.Res, map[string]interface{}{
+			"status":    "OK",
+			"sessionId": apiResponse["sessionId"].(string),
+		})
+	}
+
+	if status == "USER_SUSPENDED_ERROR" {
+		return supertokens.Send200Response(options.Res, map[string]interface{}{
+			"status":  "USER_SUSPENDED_ERROR",
+			"message": apiResponse["message"].(string),
+		})
+	}
+
+	return supertokens.Send200Response(options.Res, map[string]interface{}{
+		"status": "INVAlID_CREDENTIALS_ERROR",
+	})
+}

recipe/dashboard/api/signOutPost.go

@@ -0,0 +1,43 @@
+package api
+
+import (
+	"github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+	"github.com/supertokens/supertokens-golang/supertokens"
+	"strings"
+)
+
+type signOutPostResponse struct {
+	Status string `json:"status"`
+}
+
+func SignOutPost(apiInterface dashboardmodels.APIInterface, options dashboardmodels.APIOptions) (signOutPostResponse, error) {
+	if options.Config.AuthMode == dashboardmodels.AuthModeAPIKey {
+		return signOutPostResponse{
+			Status: "OK",
+		}, nil
+	}
+
+	sessionIdFromHeader := options.Req.Header.Get("authorization")
+
+	// We receive the api key as `Bearer API_KEY`, this retrieves just the key
+	keyParts := strings.Split(sessionIdFromHeader, " ")
+	sessionIdFromHeader = keyParts[len(keyParts)-1]
+
+	querier, querierErr := supertokens.GetNewQuerierInstanceOrThrowError("dashboard")
+
+	if querierErr != nil {
+		return signOutPostResponse{}, querierErr
+	}
+
+	_, apiError := querier.SendDeleteRequest("/recipe/dashboard/session", map[string]interface{}{}, map[string]string{
+		"sessionId": sessionIdFromHeader,
+	})
+
+	if apiError != nil {
+		return signOutPostResponse{}, apiError
+	}
+
+	return signOutPostResponse{
+		Status: "OK",
+	}, nil
+}

recipe/dashboard/api/utils.go

@@ -65,7 +65,7 @@ func GetUserForRecipeId(userId string, recipeId string) (user dashboardmodels.Us
 			userToReturn.LastName = ""
 			userToReturn.Email = response.Email
 			userToReturn.ThirdParty = &dashboardmodels.ThirdParty{
-				Id: response.ThirdParty.ID,
+				Id:     response.ThirdParty.ID,
 				UserId: response.ThirdParty.UserID,
 			}
 		}
@@ -80,7 +80,7 @@ func GetUserForRecipeId(userId string, recipeId string) (user dashboardmodels.Us
 				userToReturn.LastName = ""
 				userToReturn.Email = tpepResponse.Email
 				userToReturn.ThirdParty = &dashboardmodels.ThirdParty{
-					Id: tpepResponse.ThirdParty.ID,
+					Id:     tpepResponse.ThirdParty.ID,
 					UserId: tpepResponse.ThirdParty.UserID,
 				}
 			}

recipe/dashboard/api/validateKey.go

@@ -2,20 +2,22 @@ package api
 
 import (
 	"github.com/supertokens/supertokens-golang/recipe/dashboard/dashboardmodels"
+	"github.com/supertokens/supertokens-golang/recipe/dashboard/validationUtils"
 	"github.com/supertokens/supertokens-golang/supertokens"
 )
 
 func ValidateKey(apiImplementation dashboardmodels.APIInterface, options dashboardmodels.APIOptions) error {
-	shouldAllowAccess, err := (*options.RecipeImplementation.ShouldAllowAccess)(options.Req, options.Config, supertokens.MakeDefaultUserContextFromAPI(options.Req))
+	isKeyValid, err := validationUtils.ValidateApiKey(options.Req, options.Config, supertokens.MakeDefaultUserContextFromAPI(options.Req))
+
 	if err != nil {
 		return err
 	}
 
-	if !shouldAllowAccess {
+	if isKeyValid {
+		return supertokens.Send200Response(options.Res, map[string]interface{}{
+			"status": "OK",
+		})
+	} else {
 		return supertokens.SendUnauthorisedAccess(options.Res)
 	}
-
-	return supertokens.Send200Response(options.Res, map[string]interface{}{
-		"status": "OK",
-	})
 }

recipe/dashboard/constants.go

@@ -10,3 +10,5 @@ const userSessionsAPI = "/api/user/sessions"
 const userMetaDataAPI = "/api/user/metadata"
 const userEmailVerifyTokenAPI = "/api/user/email/verify/token"
 const userPasswordAPI = "/api/user/password"
+const signInAPI = "/api/signin"
+const signOutAPI = "/api/signout"

recipe/dashboard/dashboardmodels/models.go

@@ -20,8 +20,16 @@ type TypeInput struct {
 	Override *OverrideStruct
 }
 
+type TypeAuthMode string
+
+const (
+	AuthModeEmailPassword TypeAuthMode = "email-password"
+	AuthModeAPIKey        TypeAuthMode = "api-key"
+)
+
 type TypeNormalisedInput struct {
 	ApiKey   string
+	AuthMode TypeAuthMode
 	Override OverrideStruct
 }
 
@@ -36,11 +44,11 @@ type ThirdParty struct {
 }
 
 type UserType struct {
-	Id         string     `json:"id,omitempty"`
-	TimeJoined uint64     `json:"timeJoined,omitempty"`
-	FirstName  string     `json:"firstName,omitempty"`
-	LastName   string     `json:"lastName,omitempty"`
-	Email      string     `json:"email,omitempty"`
+	Id         string      `json:"id,omitempty"`
+	TimeJoined uint64      `json:"timeJoined,omitempty"`
+	FirstName  string      `json:"firstName,omitempty"`
+	LastName   string      `json:"lastName,omitempty"`
+	Email      string      `json:"email,omitempty"`
 	ThirdParty *ThirdParty `json:"thirdParty,omitempty"`
-	Phone      string     `json:"phoneNumber,omitempty"`
+	Phone      string      `json:"phoneNumber,omitempty"`
 }