feat: scope login attempts to specific subdomains if available - do not switch subdomains (#3741)

* make the user lookup in user creator sensitive to team * add team specific logic to oidc strat * factor out slugifyDomain * change type of req during auth to Koa.Context
2022-07-19 06:50:55 -07:00
parent 4ee3929e9d
commit c3f5563e7f
12 changed files with 148 additions and 64 deletions
--- a/shared/utils/domains.test.ts
+++ b/shared/utils/domains.test.ts
@@ -1,5 +1,5 @@
 import env from "@shared/env";
-import { parseDomain, getCookieDomain } from "./domains";
+import { parseDomain, getCookieDomain, slugifyDomain } from "./domains";

 // test suite is based on subset of parse-domain module we want to support
 // https://github.com/peerigon/parse-domain/blob/master/test/parseDomain.test.js
@@ -158,6 +158,14 @@ describe("#parseDomain", () => {
  });
 });

+describe("#slugifyDomain", () => {
+  it("strips the last . delineated segment from strings", () => {
+    expect(slugifyDomain("foo.co")).toBe("foo");
+    expect(slugifyDomain("foo.co.uk")).toBe("foo-co");
+    expect(slugifyDomain("www.foo.co.uk")).toBe("www-foo-co");
+  });
+});
+
 describe("#getCookieDomain", () => {
  beforeEach(() => {
    env.URL = "https://example.com";
--- a/shared/utils/domains.ts
+++ b/shared/utils/domains.ts
@@ -7,6 +7,16 @@ type Domain = {
  custom: boolean;
 };

+/**
+ * Removes the the top level domain from the argument and slugifies it
+ *
+ * @param domain Domain string to slugify
+ * @returns String with only non top-level domains
+ */
+export function slugifyDomain(domain: string) {
+  return domain.split(".").slice(0, -1).join("-");
+}
+
 // strips protocol and whitespace from input
 // then strips the path and query string
 function normalizeUrl(url: string) {