From 97fd18506f29e321f889bd65f348987e41edb983 Mon Sep 17 00:00:00 2001 From: Antoine Moreaux Date: Fri, 20 Dec 2024 17:38:33 +0100 Subject: [PATCH] feat(auth): include workspace ID in login token generation Added support for passing the workspace ID when generating login tokens. This enhances token specificity and aligns with multi-workspace authentication requirements. Adjusted controller and token service to handle the additional parameter. --- .../auth/controllers/microsoft-auth.controller.ts | 1 + .../core-modules/auth/token/services/login-token.service.ts | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/packages/twenty-server/src/engine/core-modules/auth/controllers/microsoft-auth.controller.ts b/packages/twenty-server/src/engine/core-modules/auth/controllers/microsoft-auth.controller.ts index b8c4333b8705..3d12f2a91238 100644 --- a/packages/twenty-server/src/engine/core-modules/auth/controllers/microsoft-auth.controller.ts +++ b/packages/twenty-server/src/engine/core-modules/auth/controllers/microsoft-auth.controller.ts @@ -83,6 +83,7 @@ export class MicrosoftAuthController { const loginToken = await this.loginTokenService.generateLoginToken( user.email, + workspace.id, ); return res.redirect( diff --git a/packages/twenty-server/src/engine/core-modules/auth/token/services/login-token.service.ts b/packages/twenty-server/src/engine/core-modules/auth/token/services/login-token.service.ts index 054ecc3405d3..a1af3de1ae74 100644 --- a/packages/twenty-server/src/engine/core-modules/auth/token/services/login-token.service.ts +++ b/packages/twenty-server/src/engine/core-modules/auth/token/services/login-token.service.ts @@ -18,7 +18,10 @@ export class LoginTokenService { email: string, workspaceId: string, ): Promise { - const secret = this.jwtWrapperService.generateAppSecret('LOGIN'); + const secret = this.jwtWrapperService.generateAppSecret( + 'LOGIN', + workspaceId, + ); const expiresIn = this.environmentService.get('LOGIN_TOKEN_EXPIRES_IN');