From 0e3242372be9ce4249b7fac12be660aac1629943 Mon Sep 17 00:00:00 2001 From: Jerebtw Date: Tue, 27 Sep 2022 23:17:58 +0200 Subject: [PATCH 1/3] feat: add app & admin cookie secure variable to dashboard Todo: Generate graphql (i don't work on my PC (Windows)) --- .../src/components/EnvComponents/Features.tsx | 280 ++++++++++-------- dashboard/src/constants.ts | 4 + dashboard/src/graphql/queries/index.ts | 2 + dashboard/src/pages/Environment.tsx | 2 + server/graph/schema.graphqls | 59 ++++ 5 files changed, 219 insertions(+), 128 deletions(-) diff --git a/dashboard/src/components/EnvComponents/Features.tsx b/dashboard/src/components/EnvComponents/Features.tsx index 6da3028..38477e9 100644 --- a/dashboard/src/components/EnvComponents/Features.tsx +++ b/dashboard/src/components/EnvComponents/Features.tsx @@ -1,133 +1,157 @@ -import React from 'react'; -import { Divider, Flex, Stack, Text } from '@chakra-ui/react'; -import InputField from '../InputField'; -import { SwitchInputType } from '../../constants'; +import React from "react"; +import { Divider, Flex, Stack, Text } from "@chakra-ui/react"; +import InputField from "../InputField"; +import { SwitchInputType } from "../../constants"; const Features = ({ variables, setVariables }: any) => { - return ( -
- {' '} - - Disable Features - - - - - Disable Login Page: - - - - - - - - Disable Email Verification: - - - - - - - - Disable Magic Login Link: - - - - - - - - Disable Basic Authentication: - - - - - - - - Disable Sign Up: - - - - - - - - Disable Strong Password: - - - - - - - - - Disable Multi Factor Authentication (MFA): - - - Note: Enabling this will ignore Enforcing MFA shown below and will - also ignore the user MFA setting. - - - - - - - - - - Enable Features - - - - - - Enforce Multi Factor Authentication (MFA): - - - Note: If you disable enforcing after it was enabled, it will still - keep MFA enabled for older users. - - - - - - - -
- ); + return ( +
+ {" "} + + Disable Features + + + + + Disable secure app cookie: + + + + + + + + Disable secure admin cookie: + + + + + + + + Disable Login Page: + + + + + + + + Disable Email Verification: + + + + + + + + Disable Magic Login Link: + + + + + + + + Disable Basic Authentication: + + + + + + + + Disable Sign Up: + + + + + + + + Disable Strong Password: + + + + + + + + + Disable Multi Factor Authentication (MFA): + + + Note: Enabling this will ignore Enforcing MFA shown below and will + also ignore the user MFA setting. + + + + + + + + + + Enable Features + + + + + + Enforce Multi Factor Authentication (MFA): + + + Note: If you disable enforcing after it was enabled, it will still + keep MFA enabled for older users. + + + + + + + +
+ ); }; export default Features; diff --git a/dashboard/src/constants.ts b/dashboard/src/constants.ts index 3911a40..c15c5b2 100644 --- a/dashboard/src/constants.ts +++ b/dashboard/src/constants.ts @@ -63,6 +63,8 @@ export const TextAreaInputType = { }; export const SwitchInputType = { + DISABLE_APP_COOKIE_SECURE: 'DISABLE_APP_COOKIE_SECURE', + DISABLE_ADMIN_COOKIE_SECURE: 'DISABLE_ADMIN_COOKIE_SECURE', DISABLE_LOGIN_PAGE: 'DISABLE_LOGIN_PAGE', DISABLE_MAGIC_LINK_LOGIN: 'DISABLE_MAGIC_LINK_LOGIN', DISABLE_EMAIL_VERIFICATION: 'DISABLE_EMAIL_VERIFICATION', @@ -133,6 +135,8 @@ export interface envVarTypes { ORGANIZATION_LOGO: string; CUSTOM_ACCESS_TOKEN_SCRIPT: string; ADMIN_SECRET: string; + DISABLE_APP_COOKIE_SECURE: boolean; + DISABLE_ADMIN_COOKIE_SECURE: boolean; DISABLE_LOGIN_PAGE: boolean; DISABLE_MAGIC_LINK_LOGIN: boolean; DISABLE_EMAIL_VERIFICATION: boolean; diff --git a/dashboard/src/graphql/queries/index.ts b/dashboard/src/graphql/queries/index.ts index 977cff8..8494a52 100644 --- a/dashboard/src/graphql/queries/index.ts +++ b/dashboard/src/graphql/queries/index.ts @@ -50,6 +50,8 @@ export const EnvVariablesQuery = ` ORGANIZATION_NAME ORGANIZATION_LOGO ADMIN_SECRET + DISABLE_APP_COOKIE_SECURE + DISABLE_ADMIN_COOKIE_SECURE DISABLE_LOGIN_PAGE DISABLE_MAGIC_LINK_LOGIN DISABLE_EMAIL_VERIFICATION diff --git a/dashboard/src/pages/Environment.tsx b/dashboard/src/pages/Environment.tsx index 045b997..834e9a1 100644 --- a/dashboard/src/pages/Environment.tsx +++ b/dashboard/src/pages/Environment.tsx @@ -71,6 +71,8 @@ const Environment = () => { ORGANIZATION_LOGO: '', CUSTOM_ACCESS_TOKEN_SCRIPT: '', ADMIN_SECRET: '', + DISABLE_APP_COOKIE_SECURE: false, + DISABLE_ADMIN_COOKIE_SECURE: false, DISABLE_LOGIN_PAGE: false, DISABLE_MAGIC_LINK_LOGIN: false, DISABLE_EMAIL_VERIFICATION: false, diff --git a/server/graph/schema.graphqls b/server/graph/schema.graphqls index 5c2aa64..0234c98 100644 --- a/server/graph/schema.graphqls +++ b/server/graph/schema.graphqls @@ -94,6 +94,7 @@ type Response { } type Env { +<<<<<<< HEAD ACCESS_TOKEN_EXPIRY_TIME: String ADMIN_SECRET: String DATABASE_NAME: String @@ -146,6 +147,62 @@ type Env { TWITTER_CLIENT_SECRET: String ORGANIZATION_NAME: String ORGANIZATION_LOGO: String +======= + ACCESS_TOKEN_EXPIRY_TIME: String + ADMIN_SECRET: String + DATABASE_NAME: String + DATABASE_URL: String + DATABASE_TYPE: String + DATABASE_USERNAME: String + DATABASE_PASSWORD: String + DATABASE_HOST: String + DATABASE_PORT: String + CLIENT_ID: String! + CLIENT_SECRET: String! + CUSTOM_ACCESS_TOKEN_SCRIPT: String + SMTP_HOST: String + SMTP_PORT: String + SMTP_USERNAME: String + SMTP_PASSWORD: String + SENDER_EMAIL: String + JWT_TYPE: String + JWT_SECRET: String + JWT_PRIVATE_KEY: String + JWT_PUBLIC_KEY: String + ALLOWED_ORIGINS: [String!] + APP_URL: String + REDIS_URL: String + RESET_PASSWORD_URL: String + DISABLE_APP_COOKIE_SECURE: Boolean! + DISABLE_ADMIN_COOKIE_SECURE: Boolean! + DISABLE_EMAIL_VERIFICATION: Boolean! + DISABLE_BASIC_AUTHENTICATION: Boolean! + DISABLE_MAGIC_LINK_LOGIN: Boolean! + DISABLE_LOGIN_PAGE: Boolean! + DISABLE_SIGN_UP: Boolean! + DISABLE_REDIS_FOR_ENV: Boolean! + DISABLE_STRONG_PASSWORD: Boolean! + DISABLE_MULTI_FACTOR_AUTHENTICATION: Boolean! + ENFORCE_MULTI_FACTOR_AUTHENTICATION: Boolean! + ROLES: [String!] + PROTECTED_ROLES: [String!] + DEFAULT_ROLES: [String!] + JWT_ROLE_CLAIM: String + GOOGLE_CLIENT_ID: String + GOOGLE_CLIENT_SECRET: String + GITHUB_CLIENT_ID: String + GITHUB_CLIENT_SECRET: String + FACEBOOK_CLIENT_ID: String + FACEBOOK_CLIENT_SECRET: String + LINKEDIN_CLIENT_ID: String + LINKEDIN_CLIENT_SECRET: String + APPLE_CLIENT_ID: String + APPLE_CLIENT_SECRET: String + TWITTER_CLIENT_ID: String + TWITTER_CLIENT_SECRET: String + ORGANIZATION_NAME: String + ORGANIZATION_LOGO: String +>>>>>>> 238e4e8 (feat: add app & admin cookie secure variable to dashboard) } type ValidateJWTTokenResponse { @@ -225,6 +282,8 @@ input UpdateEnvInput { ALLOWED_ORIGINS: [String!] APP_URL: String RESET_PASSWORD_URL: String + DISABLE_APP_COOKIE_SECURE: Boolean + DISABLE_ADMIN_COOKIE_SECURE: Boolean DISABLE_EMAIL_VERIFICATION: Boolean DISABLE_BASIC_AUTHENTICATION: Boolean DISABLE_MAGIC_LINK_LOGIN: Boolean From bd4d48c7c5c13cdf4cfd646d155570c51afa41a3 Mon Sep 17 00:00:00 2001 From: Jerebtw Date: Sat, 1 Oct 2022 17:57:23 +0200 Subject: [PATCH 2/3] fix: schema.graphqls --- server/graph/schema.graphqls | 61 ++---------------------------------- 1 file changed, 2 insertions(+), 59 deletions(-) diff --git a/server/graph/schema.graphqls b/server/graph/schema.graphqls index 0234c98..6cbf133 100644 --- a/server/graph/schema.graphqls +++ b/server/graph/schema.graphqls @@ -94,7 +94,6 @@ type Response { } type Env { -<<<<<<< HEAD ACCESS_TOKEN_EXPIRY_TIME: String ADMIN_SECRET: String DATABASE_NAME: String @@ -147,62 +146,6 @@ type Env { TWITTER_CLIENT_SECRET: String ORGANIZATION_NAME: String ORGANIZATION_LOGO: String -======= - ACCESS_TOKEN_EXPIRY_TIME: String - ADMIN_SECRET: String - DATABASE_NAME: String - DATABASE_URL: String - DATABASE_TYPE: String - DATABASE_USERNAME: String - DATABASE_PASSWORD: String - DATABASE_HOST: String - DATABASE_PORT: String - CLIENT_ID: String! - CLIENT_SECRET: String! - CUSTOM_ACCESS_TOKEN_SCRIPT: String - SMTP_HOST: String - SMTP_PORT: String - SMTP_USERNAME: String - SMTP_PASSWORD: String - SENDER_EMAIL: String - JWT_TYPE: String - JWT_SECRET: String - JWT_PRIVATE_KEY: String - JWT_PUBLIC_KEY: String - ALLOWED_ORIGINS: [String!] - APP_URL: String - REDIS_URL: String - RESET_PASSWORD_URL: String - DISABLE_APP_COOKIE_SECURE: Boolean! - DISABLE_ADMIN_COOKIE_SECURE: Boolean! - DISABLE_EMAIL_VERIFICATION: Boolean! - DISABLE_BASIC_AUTHENTICATION: Boolean! - DISABLE_MAGIC_LINK_LOGIN: Boolean! - DISABLE_LOGIN_PAGE: Boolean! - DISABLE_SIGN_UP: Boolean! - DISABLE_REDIS_FOR_ENV: Boolean! - DISABLE_STRONG_PASSWORD: Boolean! - DISABLE_MULTI_FACTOR_AUTHENTICATION: Boolean! - ENFORCE_MULTI_FACTOR_AUTHENTICATION: Boolean! - ROLES: [String!] - PROTECTED_ROLES: [String!] - DEFAULT_ROLES: [String!] - JWT_ROLE_CLAIM: String - GOOGLE_CLIENT_ID: String - GOOGLE_CLIENT_SECRET: String - GITHUB_CLIENT_ID: String - GITHUB_CLIENT_SECRET: String - FACEBOOK_CLIENT_ID: String - FACEBOOK_CLIENT_SECRET: String - LINKEDIN_CLIENT_ID: String - LINKEDIN_CLIENT_SECRET: String - APPLE_CLIENT_ID: String - APPLE_CLIENT_SECRET: String - TWITTER_CLIENT_ID: String - TWITTER_CLIENT_SECRET: String - ORGANIZATION_NAME: String - ORGANIZATION_LOGO: String ->>>>>>> 238e4e8 (feat: add app & admin cookie secure variable to dashboard) } type ValidateJWTTokenResponse { @@ -282,8 +225,8 @@ input UpdateEnvInput { ALLOWED_ORIGINS: [String!] APP_URL: String RESET_PASSWORD_URL: String - DISABLE_APP_COOKIE_SECURE: Boolean - DISABLE_ADMIN_COOKIE_SECURE: Boolean + DISABLE_APP_COOKIE_SECURE: Boolean! + DISABLE_ADMIN_COOKIE_SECURE: Boolean! DISABLE_EMAIL_VERIFICATION: Boolean DISABLE_BASIC_AUTHENTICATION: Boolean DISABLE_MAGIC_LINK_LOGIN: Boolean From f1509f90f031eb0834c988af93546b5220883033 Mon Sep 17 00:00:00 2001 From: ruessej Date: Sat, 1 Oct 2022 18:09:43 +0200 Subject: [PATCH 3/3] feat: Update generated and models_gen --- server/graph/generated/generated.go | 20 +++++++++++++++++++- server/graph/model/models_gen.go | 2 ++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/server/graph/generated/generated.go b/server/graph/generated/generated.go index c69c681..9b51470 100644 --- a/server/graph/generated/generated.go +++ b/server/graph/generated/generated.go @@ -2158,6 +2158,8 @@ input UpdateEnvInput { ALLOWED_ORIGINS: [String!] APP_URL: String RESET_PASSWORD_URL: String + DISABLE_APP_COOKIE_SECURE: Boolean! + DISABLE_ADMIN_COOKIE_SECURE: Boolean! DISABLE_EMAIL_VERIFICATION: Boolean DISABLE_BASIC_AUTHENTICATION: Boolean DISABLE_MAGIC_LINK_LOGIN: Boolean @@ -14858,7 +14860,7 @@ func (ec *executionContext) unmarshalInputUpdateEnvInput(ctx context.Context, ob asMap[k] = v } - fieldsInOrder := [...]string{"ACCESS_TOKEN_EXPIRY_TIME", "ADMIN_SECRET", "CUSTOM_ACCESS_TOKEN_SCRIPT", "OLD_ADMIN_SECRET", "SMTP_HOST", "SMTP_PORT", "SMTP_USERNAME", "SMTP_PASSWORD", "SENDER_EMAIL", "JWT_TYPE", "JWT_SECRET", "JWT_PRIVATE_KEY", "JWT_PUBLIC_KEY", "ALLOWED_ORIGINS", "APP_URL", "RESET_PASSWORD_URL", "DISABLE_EMAIL_VERIFICATION", "DISABLE_BASIC_AUTHENTICATION", "DISABLE_MAGIC_LINK_LOGIN", "DISABLE_LOGIN_PAGE", "DISABLE_SIGN_UP", "DISABLE_REDIS_FOR_ENV", "DISABLE_STRONG_PASSWORD", "DISABLE_MULTI_FACTOR_AUTHENTICATION", "ENFORCE_MULTI_FACTOR_AUTHENTICATION", "ROLES", "PROTECTED_ROLES", "DEFAULT_ROLES", "JWT_ROLE_CLAIM", "GOOGLE_CLIENT_ID", "GOOGLE_CLIENT_SECRET", "GITHUB_CLIENT_ID", "GITHUB_CLIENT_SECRET", "FACEBOOK_CLIENT_ID", "FACEBOOK_CLIENT_SECRET", "LINKEDIN_CLIENT_ID", "LINKEDIN_CLIENT_SECRET", "APPLE_CLIENT_ID", "APPLE_CLIENT_SECRET", "TWITTER_CLIENT_ID", "TWITTER_CLIENT_SECRET", "ORGANIZATION_NAME", "ORGANIZATION_LOGO"} + fieldsInOrder := [...]string{"ACCESS_TOKEN_EXPIRY_TIME", "ADMIN_SECRET", "CUSTOM_ACCESS_TOKEN_SCRIPT", "OLD_ADMIN_SECRET", "SMTP_HOST", "SMTP_PORT", "SMTP_USERNAME", "SMTP_PASSWORD", "SENDER_EMAIL", "JWT_TYPE", "JWT_SECRET", "JWT_PRIVATE_KEY", "JWT_PUBLIC_KEY", "ALLOWED_ORIGINS", "APP_URL", "RESET_PASSWORD_URL", "DISABLE_APP_COOKIE_SECURE", "DISABLE_ADMIN_COOKIE_SECURE", "DISABLE_EMAIL_VERIFICATION", "DISABLE_BASIC_AUTHENTICATION", "DISABLE_MAGIC_LINK_LOGIN", "DISABLE_LOGIN_PAGE", "DISABLE_SIGN_UP", "DISABLE_REDIS_FOR_ENV", "DISABLE_STRONG_PASSWORD", "DISABLE_MULTI_FACTOR_AUTHENTICATION", "ENFORCE_MULTI_FACTOR_AUTHENTICATION", "ROLES", "PROTECTED_ROLES", "DEFAULT_ROLES", "JWT_ROLE_CLAIM", "GOOGLE_CLIENT_ID", "GOOGLE_CLIENT_SECRET", "GITHUB_CLIENT_ID", "GITHUB_CLIENT_SECRET", "FACEBOOK_CLIENT_ID", "FACEBOOK_CLIENT_SECRET", "LINKEDIN_CLIENT_ID", "LINKEDIN_CLIENT_SECRET", "APPLE_CLIENT_ID", "APPLE_CLIENT_SECRET", "TWITTER_CLIENT_ID", "TWITTER_CLIENT_SECRET", "ORGANIZATION_NAME", "ORGANIZATION_LOGO"} for _, k := range fieldsInOrder { v, ok := asMap[k] if !ok { @@ -14993,6 +14995,22 @@ func (ec *executionContext) unmarshalInputUpdateEnvInput(ctx context.Context, ob if err != nil { return it, err } + case "DISABLE_APP_COOKIE_SECURE": + var err error + + ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("DISABLE_APP_COOKIE_SECURE")) + it.DisableAppCookieSecure, err = ec.unmarshalNBoolean2bool(ctx, v) + if err != nil { + return it, err + } + case "DISABLE_ADMIN_COOKIE_SECURE": + var err error + + ctx := graphql.WithPathContext(ctx, graphql.NewPathWithField("DISABLE_ADMIN_COOKIE_SECURE")) + it.DisableAdminCookieSecure, err = ec.unmarshalNBoolean2bool(ctx, v) + if err != nil { + return it, err + } case "DISABLE_EMAIL_VERIFICATION": var err error diff --git a/server/graph/model/models_gen.go b/server/graph/model/models_gen.go index 19fd6d9..645cf4b 100644 --- a/server/graph/model/models_gen.go +++ b/server/graph/model/models_gen.go @@ -277,6 +277,8 @@ type UpdateEnvInput struct { AllowedOrigins []string `json:"ALLOWED_ORIGINS"` AppURL *string `json:"APP_URL"` ResetPasswordURL *string `json:"RESET_PASSWORD_URL"` + DisableAppCookieSecure bool `json:"DISABLE_APP_COOKIE_SECURE"` + DisableAdminCookieSecure bool `json:"DISABLE_ADMIN_COOKIE_SECURE"` DisableEmailVerification *bool `json:"DISABLE_EMAIL_VERIFICATION"` DisableBasicAuthentication *bool `json:"DISABLE_BASIC_AUTHENTICATION"` DisableMagicLinkLogin *bool `json:"DISABLE_MAGIC_LINK_LOGIN"`