Prevent signin without hosted domain

2018-05-28 22:32:36 -07:00 · 2018-05-28 22:32:36 -07:00 · aa9ed09f08
parent 25aa1f288b
commit aa9ed09f08
6 changed files with 25 additions and 2 deletions
--- a/.env.sample
+++ b/.env.sample
@ -14,7 +14,7 @@ DEPLOYMENT=self
 ENABLE_UPDATES=true
 DEBUG=sql,cache,presenters,events

-# Slack signin credentials (at least one is required)
+# Third party signin credentials (at least one is required)
 SLACK_KEY=71315967491.XXXXXXXXXX
 SLACK_SECRET=d2dc414f9953226bad0a356cXXXXYYYY

--- a/app/stores/AuthStore.js
+++ b/app/stores/AuthStore.js
@ -122,6 +122,9 @@ class AuthStore {
    this.user = data.user;
    this.team = data.team;
    this.oauthState = data.oauthState;
+
+    // load token from state for backwards compatability with
+    // sessions created pre-google auth
    this.token = Cookie.get('accessToken') || data.token;

    autorun(() => {
--- a/index.js
+++ b/index.js
@ -8,7 +8,7 @@ if (process.env.NODE_ENV === 'production') {
 } else if (process.env.NODE_ENV === 'development') {
  console.log(
    '\n\x1b[33m%s\x1b[0m',
-    'Running Outline in development mode with React hot reloading. To run Outline in production mode, use `yarn start`'
+    'Running Outline in development mode with hot reloading. To run Outline in production mode, use `yarn start`'
  );
 }

--- a/server/auth/google.js
+++ b/server/auth/google.js
@ -37,6 +37,11 @@ router.get('google.callback', async ctx => {
    url: 'https://www.googleapis.com/oauth2/v1/userinfo',
  });

+  if (!profile.data.hd) {
+    ctx.redirect('/?notice=google-hd');
+    return;
+  }
+
  const teamName = capitalize(profile.data.hd.split('.')[0]);
  const [team, isFirstUser] = await Team.findOrCreate({
    where: {
--- a/server/pages/Home.js
+++ b/server/pages/Home.js
@ -10,6 +10,7 @@ import { developers, githubUrl } from '../../shared/utils/routeHelpers';
 import { color } from '../../shared/styles/constants';

 type Props = {
+  notice?: 'google-hd',
  lastSignedIn: string,
  googleSigninEnabled: boolean,
  slackSigninEnabled: boolean,
@ -31,6 +32,12 @@ function Home(props: Props) {
          <p>
            <SigninButtons {...props} />
          </p>
+          {props.notice === 'google-hd' && (
+            <Notice>
+              Sorry, Google sign in cannot be used with a personal email. Please
+              try signing in with your company Google account.
+            </Notice>
+          )}
        </Hero>
        <Features reverse={{ mobile: true, tablet: false, desktop: false }}>
          <Grid.Unit size={{ desktop: 1 / 3, tablet: 1 / 2 }}>
@ -107,6 +114,13 @@ function Home(props: Props) {
  );
 }

+const Notice = styled.p`
+  background: #ffd95c;
+  color: hsla(46, 100%, 20%, 1);
+  padding: 10px;
+  border-radius: 4px;
+`;
+
 const Screenshot = styled.img`
  width: 100%;
  box-shadow: 0 0 80px 0 rgba(124, 124, 124, 0.5),
--- a/server/routes.js
+++ b/server/routes.js
@ -71,6 +71,7 @@ router.get('/', async ctx => {
    await renderpage(
      ctx,
      <Home
+        notice={ctx.request.query.notice}
        lastSignedIn={lastSignedIn}
        googleSigninEnabled={!!process.env.GOOGLE_CLIENT_ID}
        slackSigninEnabled={!!process.env.SLACK_KEY}