fix(api-frontend): resolved failure in inviting existing infisical us…

…ers to organization
Infisical · Dec 27, 2022 · c653f80 · c653f80
1 parent c28d857
commit c653f80
Show file tree

Hide file tree

Showing 5 changed files with 34 additions and 17 deletions.
diff --git a/backend/src/controllers/v1/membershipOrgController.ts b/backend/src/controllers/v1/membershipOrgController.ts
@@ -218,12 +218,6 @@ export const verifyUserToOrganization = async (req: Request, res: Response) => {
 		const { email, code } = req.body;
 
 		user = await User.findOne({ email }).select('+publicKey');
-		if (user && user?.publicKey) {
-			// case: user has already completed account
-			return res.status(403).send({
-				error: 'Failed email magic link verification for complete account'
-			});
-		}
 
 		const membershipOrg = await MembershipOrg.findOne({
 			inviteEmail: email,
@@ -238,6 +232,18 @@ export const verifyUserToOrganization = async (req: Request, res: Response) => {
 			code
 		});
 
+		if (user && user?.publicKey) {
+			// case: user has already completed account
+			// membership can be approved and redirected to login/dashboard
+			membershipOrg.status = ACCEPTED;
+			await membershipOrg.save();
+
+			return res.status(200).send({
+				message: 'Successfully verified email',
+				user,
+			});
+        }
+
 		if (!user) {
 			// initialize user account
 			user = await new User({

diff --git a/frontend/components/RouteGuard.js b/frontend/components/RouteGuard.js
@@ -48,6 +48,7 @@ export default function RouteGuard({ children }) {
     // Check if the user is authenticated
     const response = await checkAuth();
     // #TODO: figure our why sometimes it doesn't output a response
+    // ANS(akhilmhdh): Because inside the security client the await token() doesn't have try/catch
     if (!publicPaths.includes(path)) {
       try {
         if (response.status !== 200) {

diff --git a/frontend/components/utilities/SecurityClient.ts b/frontend/components/utilities/SecurityClient.ts
@@ -16,12 +16,19 @@ export default class SecurityClient {
     const req = new Request(resource, options);
 
     if (this.#token == '') {
-      this.setToken(await token());
+      try {
+        // TODO: This should be moved to a context to do it only once when app loads
+        // this try catch saves route guard from a stuck state
+        this.setToken(await token());
+      } catch (error) {
+        console.error("Unauthorized access");
+      }
     }
 
     if (this.#token) {
       req.headers.set('Authorization', 'Bearer ' + this.#token);
-      return fetch(req);
     }
+
+    return fetch(req);
   }
 }
diff --git a/frontend/pages/api/auth/CheckAuth.ts b/frontend/pages/api/auth/CheckAuth.ts
@@ -10,13 +10,7 @@ const checkAuth = async () => {
     headers: {
       'Content-Type': 'application/json'
     }
-  }).then((res) => {
-    if (res && res.status == 200) {
-      return res;
-    } else {
-      console.log('Not authorized');
-    }
-  });
+  }).then((res) => res);
 };
 
 export default checkAuth;
diff --git a/frontend/pages/signupinvite.js b/frontend/pages/signupinvite.js
@@ -159,8 +159,17 @@ export default function SignupInvite() {
               code: token
             });
             if (response.status == 200) {
-              setVerificationToken((await response.json()).token);
-              setStep(2);
+              const res = await response.json();
+              // user will have temp token if doesn't have an account
+              // then continue with account setup workflow
+              if(res?.token){
+                setVerificationToken(res.token);
+                setStep(2);
+              } else {
+                // user will be redirected to dashboard
+                // if not logged in gets kicked out to login 
+                router.push("/dashboard")
+              }
             } else {
               console.log('ERROR', response);
               router.push('/requestnewinvite');