Merge branch 'dev' into diagnostics

2025-03-01 10:36:34 +00:00 · 2022-04-27 12:08:32 +01:00
parent 4054d0eca7 e8f20285af
commit e714ff35c4
210 changed files with 26309 additions and 21234 deletions
--- a/packages/node_modules/@node-red/editor-api/lib/auth/index.js
+++ b/packages/node_modules/@node-red/editor-api/lib/auth/index.js
@@ -106,9 +106,15 @@ async function login(req,res) {
                urlPrefix += "/";
            }
            response = {
-                "type":"strategy",
-                "prompts":[{type:"button",label:mergedAdminAuth.strategy.label, url: urlPrefix + "auth/strategy"}]
+                "type":"strategy"
            }
+            if (mergedAdminAuth.strategy.autoLogin) {
+                response.autoLogin = true
+                response.loginRedirect = urlPrefix + "auth/strategy"
+            }
+            response.prompts = [
+                {type:"button",label:mergedAdminAuth.strategy.label, url: urlPrefix + "auth/strategy"}
+            ]
            if (mergedAdminAuth.strategy.icon) {
                response.prompts[0].icon = mergedAdminAuth.strategy.icon;
            }
@@ -185,7 +191,7 @@ function genericStrategy(adminApp,strategy) {
                }
            };

-            options.verify.apply(null,args);
+            options.verify.apply(this,args);
        } else {
            var profile = arguments[arguments.length - 2];
            return completeVerify(profile,originalDone);
--- a/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js
+++ b/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js
@@ -92,10 +92,16 @@ var passwordTokenExchange = function(client, username, password, scope, done) {
                loginAttempts = loginAttempts.filter(function(logEntry) {
                    return logEntry.user !== username;
                });
-                Tokens.create(username,client.id,scope).then(function(tokens) {
-                    log.audit({event: "auth.login",user,username:username,client:client.id,scope:scope});
-                    done(null,tokens.accessToken,null,{expires_in:tokens.expires_in});
-                });
+                // Check if the user contains a user defined token and use it
+                // instead of generating a new token
+                if(user.token){
+                    done(null,user.token,null,null);
+                } else {
+                    Tokens.create(username,client.id,scope).then(function(tokens) {
+                        log.audit({event: "auth.login",user,username:username,client:client.id,scope:scope});
+                        done(null,tokens.accessToken,null,{expires_in:tokens.expires_in});
+                    });
+                }
            } else {
                log.audit({event: "auth.login.fail.permissions",username:username,client:client.id,scope:scope});
                done(null,false);