Fix user impersonation
This commit is contained in:
parent
a6d3dc0c80
commit
b19baaf8f3
|
@ -16,7 +16,7 @@
|
||||||
</template>
|
</template>
|
||||||
<template v-else>
|
<template v-else>
|
||||||
<div class="px-6">
|
<div class="px-6">
|
||||||
<Loader class="h-4 w-4 inline" />
|
<Loader class="h-4 w-4 inline"/>
|
||||||
</div>
|
</div>
|
||||||
</template>
|
</template>
|
||||||
</button>
|
</button>
|
||||||
|
@ -24,18 +24,18 @@
|
||||||
</template>
|
</template>
|
||||||
|
|
||||||
<script>
|
<script>
|
||||||
import { computed } from 'vue'
|
import {computed} from 'vue'
|
||||||
import { useAuthStore } from '../../stores/auth.js';
|
import {useAuthStore} from '../../stores/auth.js';
|
||||||
import { useWorkspacesStore } from '../../stores/workspaces.js';
|
import {useWorkspacesStore} from '../../stores/workspaces.js';
|
||||||
|
|
||||||
export default {
|
export default {
|
||||||
setup () {
|
setup() {
|
||||||
const authStore = useAuthStore()
|
const authStore = useAuthStore()
|
||||||
const workspacesStore = useWorkspacesStore()
|
const workspacesStore = useWorkspacesStore()
|
||||||
return {
|
return {
|
||||||
authStore,
|
authStore,
|
||||||
workspacesStore,
|
workspacesStore,
|
||||||
isImpersonating : computed(() => authStore.isImpersonating),
|
isImpersonating: computed(() => authStore.isImpersonating),
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
||||||
|
@ -45,16 +45,21 @@ export default {
|
||||||
|
|
||||||
computed: {},
|
computed: {},
|
||||||
|
|
||||||
mounted () {},
|
mounted() {
|
||||||
|
},
|
||||||
|
|
||||||
methods: {
|
methods: {
|
||||||
reverseImpersonation () {
|
async reverseImpersonation() {
|
||||||
this.loading = true
|
this.loading = true
|
||||||
this.authStore.stopImpersonating().then(() => {
|
this.authStore.stopImpersonating()
|
||||||
this.workspacesStore.set([])
|
|
||||||
this.$router.push({ name: 'settings.admin' })
|
// Fetch the user.
|
||||||
this.loading = false
|
const userData = await opnFetch('user')
|
||||||
})
|
this.authStore.setUser(userData)
|
||||||
|
const workspaces = await fetchAllWorkspaces()
|
||||||
|
this.workspacesStore.set(workspaces.data.value)
|
||||||
|
this.$router.push({name: 'settings-admin'})
|
||||||
|
this.loading = false
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -36,6 +36,8 @@
|
||||||
|
|
||||||
<script setup>
|
<script setup>
|
||||||
import { useRouter } from 'vue-router';
|
import { useRouter } from 'vue-router';
|
||||||
|
import {opnFetch} from "~/composables/useOpnApi.js";
|
||||||
|
import {fetchAllWorkspaces} from "~/stores/workspaces.js";
|
||||||
|
|
||||||
definePageMeta({
|
definePageMeta({
|
||||||
middleware: "admin"
|
middleware: "admin"
|
||||||
|
@ -51,30 +53,31 @@ const router = useRouter()
|
||||||
let form = useForm({
|
let form = useForm({
|
||||||
identifier: ''
|
identifier: ''
|
||||||
})
|
})
|
||||||
let loading = false
|
const loading = ref(false)
|
||||||
|
|
||||||
const runtimeConfig = useRuntimeConfig()
|
const runtimeConfig = useRuntimeConfig()
|
||||||
const statsUrl = runtimeConfig.public.apiBase + '/stats'
|
const statsUrl = runtimeConfig.public.apiBase + '/stats'
|
||||||
const horizonUrl = runtimeConfig.public.apiBase + '/horizon'
|
const horizonUrl = runtimeConfig.public.apiBase + '/horizon'
|
||||||
|
|
||||||
const impersonate = () => {
|
const impersonate = () => {
|
||||||
loading = true
|
loading.value = true
|
||||||
authStore.startImpersonating()
|
authStore.startImpersonating()
|
||||||
opnFetch('/admin/impersonate/' + encodeURI(form.identifier)).then(async (data) => {
|
opnFetch('/admin/impersonate/' + encodeURI(form.identifier)).then(async (data) => {
|
||||||
loading = false
|
|
||||||
|
|
||||||
// Save the token.
|
// Save the token.
|
||||||
authStore.saveToken(data.token, false)
|
authStore.setToken(data.token, false)
|
||||||
|
|
||||||
// Fetch the user.
|
// Fetch the user.
|
||||||
await authStore.fetchUser()
|
const userData = await opnFetch('user')
|
||||||
|
authStore.setUser(userData)
|
||||||
|
const workspaces = await fetchAllWorkspaces()
|
||||||
|
workspacesStore.set(workspaces.data.value)
|
||||||
|
loading.value = false
|
||||||
|
|
||||||
// Redirect to the dashboard.
|
|
||||||
workspacesStore.set([])
|
|
||||||
router.push({ name: 'home' })
|
router.push({ name: 'home' })
|
||||||
}).catch((error) => {
|
}).catch((error) => {
|
||||||
|
console.error(error)
|
||||||
useAlert().error(error.response.data.message)
|
useAlert().error(error.response.data.message)
|
||||||
loading = false
|
loading.value = false
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
</script>
|
</script>
|
||||||
|
|
|
@ -3,6 +3,7 @@ export default defineNitroPlugin(nitroApp => {
|
||||||
const routePath = event.node?.req?.url || event.node?.req?.originalUrl
|
const routePath = event.node?.req?.url || event.node?.req?.originalUrl
|
||||||
// const routePath= event.context.params._
|
// const routePath= event.context.params._
|
||||||
if (routePath && !routePath.startsWith('/forms/')) {
|
if (routePath && !routePath.startsWith('/forms/')) {
|
||||||
|
console.error('Not a form, setting X-Frame-Options', routePath)
|
||||||
// Only allow embedding of forms
|
// Only allow embedding of forms
|
||||||
response.headers['X-Frame-Options'] = 'sameorigin'
|
response.headers['X-Frame-Options'] = 'sameorigin'
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,9 +19,8 @@ export const useAuthStore = defineStore('auth', {
|
||||||
},
|
},
|
||||||
// Stop admin impersonation
|
// Stop admin impersonation
|
||||||
stopImpersonating() {
|
stopImpersonating() {
|
||||||
this.token = this.admin_token
|
this.setToken(this.admin_token)
|
||||||
this.admin_token = null
|
this.admin_token = null
|
||||||
// TODO: re-fetch user
|
|
||||||
},
|
},
|
||||||
|
|
||||||
setToken(token) {
|
setToken(token) {
|
||||||
|
|
Loading…
Reference in New Issue