fix(user): do not allow changing name in settings when the user originates from an external auth provider

This improves the UX because it does not allow external users to change their name in Vikunja, since that change would be overridden once they log in again.

Resolves https://github.com/go-vikunja/vikunja/issues/357
This commit is contained in:
kolaente 2025-01-21 16:27:06 +01:00
parent 7adccfbe5f
commit 090dd4b2f6
No known key found for this signature in database
GPG Key ID: F40E70337AB24C9B
4 changed files with 46 additions and 2 deletions

View File

@ -99,7 +99,8 @@
"defaultView": "Default view",
"timezone": "Time zone",
"overdueTasksRemindersTime": "Overdue tasks reminder email time",
"filterUsedOnOverview": "Saved filter used on the overview page"
"filterUsedOnOverview": "Saved filter used on the overview page",
"externalUserNameChange": "Your name is managed by your login provider ({provider}). To change it, please update it there instead."
},
"totp": {
"title": "Two Factor Authentication",

View File

@ -8,17 +8,26 @@
<label
class="label"
:for="`newName${id}`"
>{{ $t('user.settings.general.name') }}</label>
>
{{ $t('user.settings.general.name') }}
</label>
<div class="control">
<input
:id="`newName${id}`"
v-model="settings.name"
:disabled="isExternalUser"
class="input"
:placeholder="$t('user.settings.general.newName')"
type="text"
@keyup.enter="updateSettings"
>
</div>
<p
v-if="isExternalUser"
class="help"
>
{{ $t('user.settings.general.externalUserNameChange', {provider: authStore.info.authProvider}) }}
</p>
</div>
<div class="field">
<label class="label">
@ -288,6 +297,8 @@ const availableLanguageOptions = ref(
.sort((a, b) => a.title.localeCompare(b.title)),
)
const isExternalUser = computed(() => !authStore.info.isLocalUser)
watch(
() => authStore.settings,
() => {

View File

@ -76,6 +76,19 @@ func (p *Provider) setOicdProvider() (err error) {
return err
}
func (p *Provider) Issuer() (issuerURL string, err error) {
type Issuer struct {
Issuer string `json:"issuer"`
}
iss := &Issuer{}
err = p.openIDProvider.Claims(iss)
if err != nil {
return "", err
}
return iss.Issuer, nil
}
// HandleCallback handles the auth request callback after redirecting from the provider with an auth code
// @Summary Authenticate a user with OpenID Connect
// @Description After a redirect from the OpenID Connect provider to the frontend has been made with the authentication `code`, this endpoint can be used to obtain a jwt token for that user and thus log them in.

View File

@ -20,6 +20,8 @@ import (
"net/http"
"time"
"code.vikunja.io/api/pkg/modules/auth/openid"
"code.vikunja.io/api/pkg/user"
"code.vikunja.io/api/pkg/models"
@ -36,6 +38,7 @@ type UserWithSettings struct {
Settings *UserSettings `json:"settings"`
DeletionScheduledAt time.Time `json:"deletion_scheduled_at"`
IsLocalUser bool `json:"is_local_user"`
AuthProvider string `json:"auth_provider"`
}
// UserShow gets all information about the current user
@ -82,5 +85,21 @@ func UserShow(c echo.Context) error {
IsLocalUser: u.Issuer == user.IssuerLocal,
}
providers, err := openid.GetAllProviders()
if err != nil {
return handler.HandleHTTPError(err)
}
for _, provider := range providers {
issuerURL, err := provider.Issuer()
if err != nil {
return handler.HandleHTTPError(err)
}
if issuerURL == u.Issuer {
us.AuthProvider = provider.Name
break
}
}
return c.JSON(http.StatusOK, us)
}