mirror of
https://github.com/documenso/documenso.git
synced 2025-11-10 20:42:34 +10:00
55c8632620
Adds password reauthentication to our existing reauth providers, additionally swaps from an exclusive provider to an inclusive type where multiple methods can be selected to offer a this or that experience.
77 lines
2.3 KiB
TypeScript
77 lines
2.3 KiB
TypeScript
import type { Document, Recipient } from '@prisma/client';
|
|
|
|
import type {
|
|
TDocumentAuthOptions,
|
|
TRecipientAccessAuthTypes,
|
|
TRecipientActionAuthTypes,
|
|
TRecipientAuthOptions,
|
|
} from '../types/document-auth';
|
|
import { DocumentAuth } from '../types/document-auth';
|
|
import { ZDocumentAuthOptionsSchema, ZRecipientAuthOptionsSchema } from '../types/document-auth';
|
|
|
|
type ExtractDocumentAuthMethodsOptions = {
|
|
documentAuth: Document['authOptions'];
|
|
recipientAuth?: Recipient['authOptions'];
|
|
};
|
|
|
|
/**
|
|
* Parses and extracts the document and recipient authentication values.
|
|
*
|
|
* Will combine the recipient and document auth values to derive the final
|
|
* auth values for a recipient if possible.
|
|
*/
|
|
export const extractDocumentAuthMethods = ({
|
|
documentAuth,
|
|
recipientAuth,
|
|
}: ExtractDocumentAuthMethodsOptions) => {
|
|
const documentAuthOption = ZDocumentAuthOptionsSchema.parse(documentAuth);
|
|
const recipientAuthOption = ZRecipientAuthOptionsSchema.parse(recipientAuth);
|
|
|
|
const derivedRecipientAccessAuth: TRecipientAccessAuthTypes[] =
|
|
recipientAuthOption.accessAuth.length > 0
|
|
? recipientAuthOption.accessAuth
|
|
: documentAuthOption.globalAccessAuth;
|
|
|
|
const derivedRecipientActionAuth: TRecipientActionAuthTypes[] =
|
|
recipientAuthOption.actionAuth.length > 0
|
|
? recipientAuthOption.actionAuth
|
|
: documentAuthOption.globalActionAuth;
|
|
|
|
const recipientAccessAuthRequired = derivedRecipientAccessAuth.length > 0;
|
|
|
|
const recipientActionAuthRequired =
|
|
derivedRecipientActionAuth.length > 0 &&
|
|
!derivedRecipientActionAuth.includes(DocumentAuth.EXPLICIT_NONE);
|
|
|
|
return {
|
|
derivedRecipientAccessAuth,
|
|
derivedRecipientActionAuth,
|
|
recipientAccessAuthRequired,
|
|
recipientActionAuthRequired,
|
|
documentAuthOption,
|
|
recipientAuthOption,
|
|
};
|
|
};
|
|
|
|
/**
|
|
* Create document auth options in a type safe way.
|
|
*/
|
|
export const createDocumentAuthOptions = (options: TDocumentAuthOptions): TDocumentAuthOptions => {
|
|
return {
|
|
globalAccessAuth: options?.globalAccessAuth ?? [],
|
|
globalActionAuth: options?.globalActionAuth ?? [],
|
|
};
|
|
};
|
|
|
|
/**
|
|
* Create recipient auth options in a type safe way.
|
|
*/
|
|
export const createRecipientAuthOptions = (
|
|
options: TRecipientAuthOptions,
|
|
): TRecipientAuthOptions => {
|
|
return {
|
|
accessAuth: options?.accessAuth ?? [],
|
|
actionAuth: options?.actionAuth ?? [],
|
|
};
|
|
};
|