mirror of
https://github.com/Dokploy/dokploy.git
synced 2026-07-12 09:25:24 +02:00
refactor: update user and authentication schema with two-factor support
This commit is contained in:
@@ -22,9 +22,8 @@ import {
|
||||
cleanUpUnusedVolumes,
|
||||
execAsync,
|
||||
execAsyncRemote,
|
||||
findAdmin,
|
||||
findAdminById,
|
||||
findServerById,
|
||||
findUserById,
|
||||
getDokployImage,
|
||||
getDokployImageTag,
|
||||
getUpdateData,
|
||||
@@ -50,6 +49,7 @@ import {
|
||||
updateLetsEncryptEmail,
|
||||
updateServerById,
|
||||
updateServerTraefik,
|
||||
updateUser,
|
||||
writeConfig,
|
||||
writeMainConfig,
|
||||
writeTraefikConfigInPath,
|
||||
@@ -163,7 +163,7 @@ export const settingsRouter = createTRPCRouter({
|
||||
if (IS_CLOUD) {
|
||||
return true;
|
||||
}
|
||||
await updateAdmin(ctx.user.authId, {
|
||||
await updateUser(ctx.user.id, {
|
||||
sshPrivateKey: input.sshPrivateKey,
|
||||
});
|
||||
|
||||
@@ -175,7 +175,7 @@ export const settingsRouter = createTRPCRouter({
|
||||
if (IS_CLOUD) {
|
||||
return true;
|
||||
}
|
||||
const admin = await updateAdmin(ctx.user.authId, {
|
||||
const user = await updateUser(ctx.user.id, {
|
||||
host: input.host,
|
||||
...(input.letsEncryptEmail && {
|
||||
letsEncryptEmail: input.letsEncryptEmail,
|
||||
@@ -183,25 +183,25 @@ export const settingsRouter = createTRPCRouter({
|
||||
certificateType: input.certificateType,
|
||||
});
|
||||
|
||||
if (!admin) {
|
||||
if (!user) {
|
||||
throw new TRPCError({
|
||||
code: "NOT_FOUND",
|
||||
message: "Admin not found",
|
||||
message: "User not found",
|
||||
});
|
||||
}
|
||||
|
||||
updateServerTraefik(admin, input.host);
|
||||
updateServerTraefik(user, input.host);
|
||||
if (input.letsEncryptEmail) {
|
||||
updateLetsEncryptEmail(input.letsEncryptEmail);
|
||||
}
|
||||
|
||||
return admin;
|
||||
return user;
|
||||
}),
|
||||
cleanSSHPrivateKey: adminProcedure.mutation(async ({ ctx }) => {
|
||||
if (IS_CLOUD) {
|
||||
return true;
|
||||
}
|
||||
await updateAdmin(ctx.user.authId, {
|
||||
await updateUser(ctx.user.id, {
|
||||
sshPrivateKey: null,
|
||||
});
|
||||
return true;
|
||||
@@ -216,7 +216,7 @@ export const settingsRouter = createTRPCRouter({
|
||||
|
||||
const server = await findServerById(input.serverId);
|
||||
|
||||
if (server.adminId !== ctx.user.adminId) {
|
||||
if (server.organizationId !== ctx.session?.activeOrganizationId) {
|
||||
throw new TRPCError({
|
||||
code: "UNAUTHORIZED",
|
||||
message: "You are not authorized to access this server",
|
||||
@@ -245,7 +245,7 @@ export const settingsRouter = createTRPCRouter({
|
||||
await cleanUpUnusedImages(server.serverId);
|
||||
await cleanUpDockerBuilder(server.serverId);
|
||||
await cleanUpSystemPrune(server.serverId);
|
||||
await sendDockerCleanupNotifications(server.adminId);
|
||||
await sendDockerCleanupNotifications(server.organizationId);
|
||||
});
|
||||
}
|
||||
} else {
|
||||
@@ -261,19 +261,11 @@ export const settingsRouter = createTRPCRouter({
|
||||
}
|
||||
}
|
||||
} else if (!IS_CLOUD) {
|
||||
const admin = await findAdminById(ctx.user.adminId);
|
||||
|
||||
if (admin.adminId !== ctx.user.adminId) {
|
||||
throw new TRPCError({
|
||||
code: "UNAUTHORIZED",
|
||||
message: "You are not authorized to access this admin",
|
||||
});
|
||||
}
|
||||
const adminUpdated = await updateAdmin(ctx.user.authId, {
|
||||
const userUpdated = await updateUser(ctx.user.id, {
|
||||
enableDockerCleanup: input.enableDockerCleanup,
|
||||
});
|
||||
|
||||
if (adminUpdated?.enableDockerCleanup) {
|
||||
if (userUpdated?.enableDockerCleanup) {
|
||||
scheduleJob("docker-cleanup", "0 0 * * *", async () => {
|
||||
console.log(
|
||||
`Docker Cleanup ${new Date().toLocaleString()}] Running...`,
|
||||
@@ -281,7 +273,9 @@ export const settingsRouter = createTRPCRouter({
|
||||
await cleanUpUnusedImages();
|
||||
await cleanUpDockerBuilder();
|
||||
await cleanUpSystemPrune();
|
||||
await sendDockerCleanupNotifications(admin.adminId);
|
||||
await sendDockerCleanupNotifications(
|
||||
ctx.session.activeOrganizationId,
|
||||
);
|
||||
});
|
||||
} else {
|
||||
const currentJob = scheduledJobs["docker-cleanup"];
|
||||
@@ -383,7 +377,7 @@ export const settingsRouter = createTRPCRouter({
|
||||
.query(async ({ ctx, input }) => {
|
||||
try {
|
||||
if (ctx.user.rol === "member") {
|
||||
const canAccess = await canAccessToTraefikFiles(ctx.user.authId);
|
||||
const canAccess = await canAccessToTraefikFiles(ctx.user.id);
|
||||
|
||||
if (!canAccess) {
|
||||
throw new TRPCError({ code: "UNAUTHORIZED" });
|
||||
@@ -401,7 +395,7 @@ export const settingsRouter = createTRPCRouter({
|
||||
.input(apiModifyTraefikConfig)
|
||||
.mutation(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "member") {
|
||||
const canAccess = await canAccessToTraefikFiles(ctx.user.authId);
|
||||
const canAccess = await canAccessToTraefikFiles(ctx.user.id);
|
||||
|
||||
if (!canAccess) {
|
||||
throw new TRPCError({ code: "UNAUTHORIZED" });
|
||||
@@ -419,7 +413,7 @@ export const settingsRouter = createTRPCRouter({
|
||||
.input(apiReadTraefikConfig)
|
||||
.query(async ({ input, ctx }) => {
|
||||
if (ctx.user.rol === "member") {
|
||||
const canAccess = await canAccessToTraefikFiles(ctx.user.authId);
|
||||
const canAccess = await canAccessToTraefikFiles(ctx.user.id);
|
||||
|
||||
if (!canAccess) {
|
||||
throw new TRPCError({ code: "UNAUTHORIZED" });
|
||||
@@ -427,12 +421,12 @@ export const settingsRouter = createTRPCRouter({
|
||||
}
|
||||
return readConfigInPath(input.path, input.serverId);
|
||||
}),
|
||||
getIp: protectedProcedure.query(async () => {
|
||||
getIp: protectedProcedure.query(async ({ ctx }) => {
|
||||
if (IS_CLOUD) {
|
||||
return true;
|
||||
}
|
||||
const admin = await findAdmin();
|
||||
return admin.serverIp;
|
||||
const user = await findUserById(ctx.user.ownerId);
|
||||
return user.serverIp;
|
||||
}),
|
||||
|
||||
getOpenApiDocument: protectedProcedure.query(
|
||||
|
||||
Reference in New Issue
Block a user