Skip to content

Commit fedae9a

Browse files
zicklagzicklag
committed
fix: fix several issues related to the rauthy upgrade.
1 parent b7655f3 commit fedae9a

File tree

9 files changed

+34
-39
lines changed

9 files changed

+34
-39
lines changed

compose.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,11 +33,12 @@ services:
3333
- rauthy:/app/data
3434

3535
rauthy:
36-
image: ghcr.io/sebadob/rauthy:0.27.3
36+
image: ghcr.io/sebadob/rauthy:0.28.3
3737
depends_on:
3838
- set-rauthy-volume-owner
3939
- smtp4dev
4040
environment:
41+
LOCAL_TEST: 'true'
4142
PUB_URL: localhost:9523
4243
DATABASE_URL: 'sqlite:/app/data/rauthy.db'
4344
BOOTSTRAP_ADMIN_EMAIL: [email protected]

src/lib/rauthy/server.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ export async function reset(opts: {
6767
method: 'put',
6868
headers: {
6969
Cookie: cookie.serialize('rauthy-pwd-reset', opts.cookie),
70-
'pwd-csrf-token': opts.csrfToken
70+
'x-pwd-csrf-token': opts.csrfToken
7171
},
7272
body: JSON.stringify({
7373
magic_link_id: opts.token,

src/routes/(app)/[username]/components/ManageAccountModal.svelte

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@
3838
};
3939
const resp = await fetch(`/auth/v1/providers/${provider_id}/link`, {
4040
method: 'POST',
41-
headers: [['csrf-token', localStorage.getItem('csrfToken')!]],
41+
headers: [['x-csrf-token', localStorage.getItem('csrfToken')!]],
4242
body: JSON.stringify(data)
4343
});
4444
await checkResponse(resp);
@@ -58,7 +58,7 @@
5858
async function unlinkAccount() {
5959
await fetch(`/auth/v1/providers/link`, {
6060
method: 'delete',
61-
headers: [['csrf-token', localStorage.getItem('csrfToken')!]]
61+
headers: [['x-csrf-token', localStorage.getItem('csrfToken')!]]
6262
});
6363
window.location.reload();
6464
}

src/routes/(app)/account/forgot-password/+page.svelte

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@
2525
method: 'post',
2626
body: JSON.stringify({ email }),
2727
headers: [
28-
['csrf-token', localStorage.getItem('csrfToken')!],
28+
['x-csrf-token', localStorage.getItem('csrfToken')!],
2929
['content-type', 'application/json']
3030
]
3131
});

src/routes/(app)/auth/v1/providers/callback/+page.svelte

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@
2121
method: 'post',
2222
body: JSON.stringify(data),
2323
headers: [
24-
['csrf-token', localStorage.getItem('csrfToken')!],
24+
['x-csrf-token', localStorage.getItem('csrfToken')!],
2525
['content-type', 'application/json']
2626
]
2727
});

src/routes/(app)/auth/v1/users/[user]/reset/[token]/+page.svelte

Lines changed: 16 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
const passwordValidityLabels: { [K in PolicyKey]: string } = {
1212
include_digits: 'Include %s numbers',
1313
include_lower_case: 'Include %s lowercase',
14-
include_upper_case: 'Include &s uppercase',
14+
include_upper_case: 'Include %s uppercase',
1515
include_special: 'Include %s special characters',
1616
length_max: 'Shorter than %s',
1717
length_min: 'At least %s long',
@@ -23,14 +23,18 @@
2323
let passwordValidity: { [K in PolicyKey]?: { label: string; valid?: boolean } } = $state(
2424
Object.fromEntries(
2525
Object.entries(data.passwordPolicy)
26+
.filter(([key, _]) => !!passwordValidityLabels[key as PolicyKey])
2627
.filter(([_, value]) => !!value)
27-
.map(([key, value]) => [
28-
key,
29-
{
30-
label: passwordValidityLabels[key as PolicyKey].replace('%s', value.toString()),
31-
valid: false
32-
}
33-
])
28+
.map(([key, value]) => {
29+
console.log(key, value);
30+
return [
31+
key,
32+
{
33+
label: passwordValidityLabels[key as PolicyKey].replace('%s', value.toString()),
34+
valid: false
35+
}
36+
];
37+
})
3438
)
3539
);
3640
let passwordValid = $derived(Object.values(passwordValidity).every((x) => x.valid !== false));
@@ -75,7 +79,10 @@
7579
try {
7680
const resp = await fetch(`/auth/v1/users/${data.user}/reset`, {
7781
method: 'put',
78-
headers: [['pwd-csrf-token', data.csrfToken!]],
82+
headers: [
83+
['x-pwd-csrf-token', data.csrfToken!],
84+
['content-type', 'application/json']
85+
],
7986
body: JSON.stringify({ magic_link_id: data.token, password })
8087
});
8188
await checkResponse(resp);

src/routes/(app)/auth/v1/users/[user]/reset/[token]/+page.ts

Lines changed: 7 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -13,26 +13,13 @@ export const load: PageLoad = async ({ params, fetch }) => {
1313
not_recently_used?: number;
1414
} = {};
1515
try {
16-
const initResp = await fetch(`/auth/v1/users/${user}/reset/${token}`, {});
17-
const initContent = await initResp.text();
18-
const csrfFind = 'name="rauthy-csrf-token" id="';
19-
let contentSplit = initContent.split(csrfFind)[1];
20-
csrfToken = contentSplit.split('"')[0];
21-
const passwordPolicyFind = 'name="rauthy-data" id="';
22-
contentSplit = initContent.split(passwordPolicyFind)[1];
23-
const arr = contentSplit
24-
.split('"')[0]
25-
.split(',')
26-
.map((x) => (x == '-1' ? undefined : Number.parseInt(x)));
27-
passwordPolicy = {
28-
length_min: arr[0],
29-
length_max: arr[1],
30-
include_lower_case: arr[2],
31-
include_upper_case: arr[3],
32-
include_digits: arr[4],
33-
include_special: arr[5],
34-
not_recently_used: arr[6]
35-
};
16+
const initResp = await fetch(`/auth/v1/users/${user}/reset/${token}`, {
17+
headers: [['accept', 'application/json']]
18+
});
19+
console.log('resp', initResp);
20+
const json = await initResp.json();
21+
csrfToken = json.csrf_token;
22+
passwordPolicy = json.password_policy;
3623
} catch (e) {
3724
console.error('error loading reset page', e);
3825
}

src/routes/(app)/login/+page.svelte

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -76,7 +76,7 @@
7676
method: 'post',
7777
body: JSON.stringify(data),
7878
headers: [
79-
['csrf-token', localStorage.getItem('csrfToken')!],
79+
['x-csrf-token', localStorage.getItem('csrfToken')!],
8080
['content-type', 'application/json']
8181
]
8282
});
@@ -139,7 +139,7 @@
139139
scopes
140140
}),
141141
headers: [
142-
['csrf-token', localStorage.getItem('csrfToken')!],
142+
['x-csrf-token', localStorage.getItem('csrfToken')!],
143143
['content-type', 'application/json']
144144
]
145145
});
@@ -183,7 +183,7 @@
183183
method: 'post',
184184
body: JSON.stringify(req),
185185
headers: [
186-
['csrf-token', localStorage.getItem('csrfToken')!],
186+
['x-csrf-token', localStorage.getItem('csrfToken')!],
187187
['content-type', 'application/json']
188188
]
189189
});

src/routes/(app)/logout/+page.svelte

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@
2222
const resp = await fetch('/auth/v1/oidc/logout', {
2323
method: 'post',
2424
headers: [
25-
['csrf-token', csrf!],
25+
['x-csrf-token', csrf!],
2626
['content-type', 'application/json']
2727
],
2828
body: JSON.stringify(req)

0 commit comments

Comments
 (0)