diff --git a/app.py b/app.py index 650ab12..f80b0bf 100644 --- a/app.py +++ b/app.py @@ -207,7 +207,10 @@ class GetUserId(Resource): @api.doc('get_userid') def post(self): - """Check if user exists and return user ID based on email""" + """ + Check if user exists and return user ID based on email + If user doesnt exist, create a temp user and return the ID + """ try: data = request.get_json() @@ -226,10 +229,12 @@ def post(self): break if not user_found: - return {'error': f'User with email "{email}" not found'}, 404 + user = magic_link(email, "", 0, False, True) + keycloak_auth.toggle_user_enabled(user["user_id"], enabled=False) + return {'user_id': user["user_id"]} return { - 'user_id': user_found.get('user_id') or user_found.get('id'), + 'user_id': user_found.get('user_id'), } except Exception as e: @@ -716,7 +721,7 @@ def post(self): if not redirect_uri: return {'error': 'Redirect is required'}, 400 - keycloak_response = magic_link(email, redirect_uri, expiration_seconds, send_email) + keycloak_response = magic_link(email, redirect_uri, expiration_seconds, send_email, True) return keycloak_response @@ -3410,6 +3415,7 @@ class OrganisationInviteConfirm(Resource): def post(self, token): user = keycloak_auth.get_users_by_attribute('invite_org_token', token)[0] user_id = user["user_id"] + keycloak_auth.toggle_user_enabled(user_id, enabled=True) invite_org_id = user["attributes"].get("invite_org_id", [""])[0] invite_org_role = user["attributes"].get(f"invite_org_role_{invite_org_id}", [""])[0] diff --git a/helpers.py b/helpers.py index 5e5e59c..80acc33 100644 --- a/helpers.py +++ b/helpers.py @@ -139,7 +139,7 @@ def mjml_to_html(template_name): return html_template -def magic_link(email, redirect_uri, expiration_seconds=600, send_email=True): +def magic_link(email, redirect_uri, expiration_seconds=600, send_email=True, force_create=False): admin_token = keycloak_auth.get_admin_token() if not admin_token: return {"error": "Failed to authenticate with Keycloak admin"}, 500 @@ -152,7 +152,7 @@ def magic_link(email, redirect_uri, expiration_seconds=600, send_email=True): "client_id": keycloak_auth.client_id, "redirect_uri": redirect_uri, "expiration_seconds": 90000, - "force_create": True, + "force_create": force_create, "reusable": True, "send_email": False, } @@ -185,12 +185,6 @@ def magic_link(email, redirect_uri, expiration_seconds=600, send_email=True): return {"error": f"Failed to create magic link."}, 500 -def quiet_create_user(email, redirect_uri): - keycloak_response = magic_link(email, redirect_uri, 0, False) - - return keycloak_response - - def invite_user_to_project(user, redirect_uri, project_id, role): if user.get("attributes"): name = user["attributes"].get("name", [""])[0] diff --git a/test/rest/org_invite_flow.http b/test/rest/org_invite_flow.http index 1bb31e6..4c1b47b 100644 --- a/test/rest/org_invite_flow.http +++ b/test/rest/org_invite_flow.http @@ -25,7 +25,7 @@ username={{username}} @token = {{login.response.body.access_token}} ########################## -### 1. Get user id +### 1. Get user id (obsolete) ########################## # @name create_users POST {{folio}}/users/ @@ -38,6 +38,17 @@ Content-Type: application/json "send_email": false } +########################## +### 1. Get user id +########################## +# @name get_userid +POST {{folio}}/info/userid +Content-Type: application/json + +{ + "email": "test-user20@example.com" +} + ########################## ### 2. Send invite to user ########################## @@ -49,7 +60,7 @@ Authorization: Bearer {{token}} Content-Type: application/json { - "user_id": "e9f23458-7fb1-484a-bf30-82db540c362e", + "user_id": "af52b5d2-29bc-4b5d-ac65-2c1bc5583368", "role": "org-viewer", "redirect_uri": "http://127.0.0.1" } @@ -59,7 +70,7 @@ Content-Type: application/json ### https://agari-staging.openup.org.za/accept-invite-org?userid=887d7ebc-9e5e-47ae-bf1c-8562f48bdad7&token=5460558cfec1e17fb18693a036eac41d ### Use the token in the request below to confirm the invite ########################## -@inv_token = 2678e2768931eb5e507fe8aa09643599 +@inv_token = 231dd74a783c4684167187470eb9b896 # @name accept_organisation_invite POST {{folio}}/invites/organisation/{{inv_token}}/accept