Merge pull request #407 from AppFlowy-IO/admin-frontend/email-invite

Admin frontend/email invite
2024-03-21 21:11:17 +08:00 · 2024-03-21 21:11:17 +08:00 · 68b0769bf0
parent aa3f0fd86e 7547ecd998
commit 68b0769bf0
6 changed files with 62 additions and 40 deletions
--- a/admin_frontend/src/web_api.rs
+++ b/admin_frontend/src/web_api.rs
@ -28,11 +28,11 @@ pub fn router() -> Router<AppState> {
  Router::new()
    .route("/signin", post(sign_in_handler))
    .route("/signup", post(sign_up_handler))
-    .route("/login_refresh/:refresh_token", post(login_refresh_handler))
+    .route("/login-refresh/:refresh_token", post(login_refresh_handler))
    .route("/logout", post(logout_handler))

    // user
-    .route("/change_password", post(change_password_handler))
+    .route("/change-password", post(change_password_handler))
    .route("/oauth_login/:provider", post(post_oauth_login_handler))
    .route("/invite", post(invite_handler))
    .route("/workspace/:workspace_id/invite", post(workspace_invite_handler))
--- a/admin_frontend/templates/components/sidebar.html
+++ b/admin_frontend/templates/components/sidebar.html
@ -3,6 +3,7 @@
    class="sidebar-item"
    hx-target="#sidebar-content"
    hx-get="/web/components/user/navigate"
+    data-section="navigate"
  >
    Navigate
  </div>
@ -10,6 +11,7 @@
    class="sidebar-item"
    hx-target="#sidebar-content"
    hx-get="/web/components/user/change-password"
+    data-section="change-password"
  >
    Change Password
  </div>
@ -17,6 +19,7 @@
    class="sidebar-item"
    hx-target="#sidebar-content"
    hx-get="/web/components/user/invite"
+    data-section="invite"
  >
    Invite
  </div>
@ -24,6 +27,7 @@
    class="sidebar-item"
    hx-target="#sidebar-content"
    hx-get="/web/components/user/user-usage"
+    data-section="user-usage"
  >
    User Usage
  </div>
@ -31,7 +35,24 @@
    class="sidebar-item"
    hx-target="#sidebar-content"
    hx-get="/web/components/user/workspace-usage"
+    data-section="workspace-usage"
  >
    Workspace Usage
  </div>
 </div>
+
+<script>
+  document.addEventListener('DOMContentLoaded', (event) => {
+    const frag = window.location.href.split('#');
+    if (frag.length > 1) {
+      const section = frag[1];
+      const sidebarItems = document.querySelectorAll('.sidebar-item');
+
+      sidebarItems.forEach(item => {
+        if (item.getAttribute('data-section') === section) {
+          item.click();
+        }
+      });
+    }
+  });
+</script>
--- a/admin_frontend/templates/oc
+++ b/admin_frontend/templates/oc
--- a/admin_frontend/templates/pages/login.html
+++ b/admin_frontend/templates/pages/login.html
@ -107,22 +107,46 @@
  </div>

  <script>
-    // OAuthLogin
+    // OAuthLogin (This is done because axum doesn't support fragment in the URL)
+    // https://github.com/tokio-rs/axum/discussions/2147
+
+    // Parse the fragment and extract the parameters
+    const paramMap = {};
    if (window.location.hash) {
-      // Extract data from the URL fragment
-      const fragmentData = window.location.hash.substring(1); // Remove the leading #
-      const fragmentParams = new URLSearchParams(fragmentData); // Parse the fragment data as a URLSearchParams object
-      const refreshToken = fragmentParams.get("refresh_token"); // Extract the refresh_token
-      fetch(`/web-api/login_refresh/${refreshToken}`, {
-        // Login in via refresh_token
+      const fragments = window.location.href.split('#').slice(1);
+      for (let i = 0; i < fragments.length; i++) {
+        const params = fragments[i].split('&');
+        for (let j = 0; j < params.length; j++) {
+          const keyValue = params[j].split('=');
+          if (keyValue.length === 2) {
+            const key = keyValue[0];
+            const value = keyValue[1];
+            paramMap[key] = value;
+          }
+        }
+      }
+
+      // Clear the fragment from the URL
+      history.replaceState("", document.title, window.location.pathname + window.location.search);
+
+      // Login in via refresh_token
+      const refreshToken = paramMap['refresh_token'];
+      fetch(`/web-api/login-refresh/${refreshToken}`, {
        method: "POST",
      }).then((response) => {
        if (!response.ok) {
          displayHttpStatusAndPayload(response);
        } else {
-          window.location.href = "/web/home";
+          const redirect_to = paramMap['redirect_to'];
+          if (redirect_to && redirect_to.trim() !== "") {
+            console.log("redirect_to is not empty");
+            window.location.href = "/web/home#" + redirect_to;
+          } else {
+            window.location.href = "/web/home";
+          }
        }
      });
+
    }
  </script>
  {% endblock %}
--- a/src/api/workspace.rs
+++ b/src/api/workspace.rs
@ -250,7 +250,6 @@ async fn post_workspace_invite_handler(
  let invited_members = payload.into_inner();
  workspace::ops::invite_workspace_members(
    &state.pg_pool,
-    &state.gotrue_admin,
    &state.gotrue_client,
    &user_uuid,
    &workspace_id,
--- a/src/biz/workspace/ops.rs
+++ b/src/biz/workspace/ops.rs
@ -1,5 +1,4 @@
 use crate::biz::workspace::access_control::WorkspaceAccessControl;
-use crate::state::GoTrueAdmin;
 use anyhow::Context;
 use app_error::AppError;
 use database::collab::upsert_collab_member_with_txn;
@ -21,7 +20,7 @@ use database_entity::dto::{
  WorkspaceUsage,
 };

-use gotrue::params::InviteUserParams;
+use gotrue::params::MagicLinkParams;
 use shared_entity::dto::workspace_dto::{
  CreateWorkspaceMember, WorkspaceMemberChangeset, WorkspaceMemberInvitation,
 };
@ -31,7 +30,7 @@ use sqlx::{types::uuid, PgPool};
 use std::collections::HashMap;
 use std::ops::DerefMut;
 use std::sync::Arc;
-use tracing::{info, instrument};
+use tracing::instrument;
 use uuid::Uuid;
 use workspace_template::document::get_started::GetStartedDocumentTemplate;

@ -164,7 +163,6 @@ pub async fn accept_workspace_invite(
 #[instrument(level = "debug", skip_all, err)]
 pub async fn invite_workspace_members(
  pg_pool: &PgPool,
-  gotrue_admin: &GoTrueAdmin,
  gotrue_client: &gotrue::api::Client,
  inviter: &Uuid,
  workspace_id: &Uuid,
@ -175,36 +173,16 @@ pub async fn invite_workspace_members(
    .await
    .context("Begin transaction to invite workspace members")?;

-  let admin_token = gotrue_admin.token(gotrue_client).await?;
  for invitation in invitations {
-    match gotrue_client
-      .admin_invite_user(
-        &admin_token,
-        &InviteUserParams {
+    gotrue_client
+      .magic_link(
+        &MagicLinkParams {
          email: invitation.email.clone(),
          ..Default::default()
        },
+        Some("/web/home#redirect_to=invite".to_owned()),
      )
-      .await
-    {
-      Ok(new_user) => {
-        info!(
-          "Invited new user: {:?} to workspace: {:?}",
-          new_user, workspace_id
-        );
-      },
-      Err(err) => match err {
-        app_error::gotrue::GoTrueError::Internal(ref err_serde) => {
-          match (err_serde.code, err_serde.msg.as_str()) {
-            (422, "A user with this email address has already been registered") => {
-              info!("User already exists, skipping invite");
-            },
-            _ => return Err(AppError::Internal(err.into())),
-          }
-        },
-        _ => return Err(err.into()),
-      },
-    }
+      .await?;

    // Generate a link such that when clicked, the user is added to the workspace.
    insert_workspace_invitation(