[NAN-578] Implement Google Social Login/Signup #1872
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
khaliqgant
changed the title
| @@ -0,0 +1,82 @@ | |||
| interface Props { | |||
There was a problem hiding this comment.
I was the impression that /ui folder was for Generic reusable component, this one is really a one of. (my pov is that everything is related to ui anyway so it's either an unnecessary hierarchy level or it's specific for one scenario)
|
@bodinsamuel Thanks for the review. I updated the PR based on some of your feedback. The other items I didn't see as blocking but let me know if you feel strongly about any items I didn't address and I can add more color on why I didn't adjust it based on your feedback. |
| } | ||
|
|
||
| const createAccountIfNotInvited = async (state: string, name: string): Promise<number | null> => { | ||
| const parsedAccount = (state ? JSON.parse(Buffer.from(state, 'base64').toString('ascii')) : null) as InviteAccountState | null; |
There was a problem hiding this comment.
Cannot JSON.parse throw an exception? What should happen in this case?
| } | ||
|
|
||
| return accountId; | ||
| } |
There was a problem hiding this comment.
can this be?
const res: Result<InviteAccountState> = parseState(state) // returns a valid InviteAccountState or a ResultErr
if (isOk(res)) {
const validToken = await userService.getInvitedUserByToken(token);
if (validToken) {
await userService.markAcceptedInvite(parsedAccount.token);
}
return parsedAccount.accountId ;
}
| if (!workos) { | ||
| errorManager.errRes(res, 'workos_not_configured'); | ||
| return; | ||
| } |
There was a problem hiding this comment.
see my comment above. This is not a concern for the user and I think it would be better to crash the server at startup
There was a problem hiding this comment.
WorkOS is only required for Cloud so don't think it should crash here.
There was a problem hiding this comment.
what I mean is this is a configuration issue that would better detected as soon as possible (aka: when the app starts) rather than deferred to whenever a request is being received.
For sure for non-cloud setup this configuration can be ignored.
I prefer never to deployed a misconfigured app than getting a bug report by an end-user
There was a problem hiding this comment.
Yup, I gotcha, but who are we protecting here? Developers running the application locally? Cloud will have the necessary env variables.
There was a problem hiding this comment.
Yup, I gotcha, but who are we protecting here?
We protecting our future self
Cloud will have the necessary env variables.
They will, until one day the infra changes and configuration is somehow forgotten or messed up.
In general trying to detect error as soon as possible is a good principle to follow.
Not a blocker though.
| ? `${authorizedUser.firstName || ''} ${authorizedUser.lastName || ''}` | ||
| : authorizedUser.email.split('@')[0]; | ||
|
|
||
| const accountId = await createAccountIfNotInvited(state as string, name as string); |
There was a problem hiding this comment.
should state and name be validated prior to make sure they are acceptable string. That would also avoid having to cast them
| @@ -260,6 +292,79 @@ class AuthController { | |||
| next(error); | |||
| } | |||
| } | |||
|
|
|||
| getHostedLogin(req: Request, res: Response, next: NextFunction) { | |||
There was a problem hiding this comment.
not sure what Hosted referred to here?
There was a problem hiding this comment.
I find our use of Hosted rather confusing, everything is hosted by default.
Is it enterprise, cloud or community? if hosted = enterprise + cloud maybe we can come up with a naming more representative like "managed".
Plus we use hosted for self-hosted in the Docker images right now, which is the opposite
| @@ -260,6 +292,79 @@ class AuthController { | |||
| next(error); | |||
| } | |||
| } | |||
|
|
|||
| getHostedLogin(req: Request, res: Response, next: NextFunction) { | |||
There was a problem hiding this comment.
I find our use of Hosted rather confusing, everything is hosted by default.
Is it enterprise, cloud or community? if hosted = enterprise + cloud maybe we can come up with a naming more representative like "managed".
Plus we use hosted for self-hosted in the Docker images right now, which is the opposite
If a user is suspended they're essentially locked out of Nango. Handling this seems out of scope of this as it is a known limitation of the invite flow. Let me know if you disagree |
|
Tested one last time on staging, all good 👍🏻 |
Describe your changes
Adds in google auth using workos
Issue ticket number and link
NAN-578
Checklist before requesting a review (skip if just adding/editing APIs & templates)