Revamp the authentication setup (#7419)

* feat: Add email pass authentication provider package * feat: Revamp auth module and remove concept of scope * feat: Revamp the auth module to be more standardized in how providers are loaded * feat: Switch from scope to actor type for authentication * feat: Add support for per-actor auth methods * feat: Add emailpass auth provider by default * fix: Add back app_metadata in auth module
2024-05-23 20:56:40 +02:00
parent 7b0cfe3b77
commit 8a070d5d85
100 changed files with 991 additions and 1005 deletions
--- a/packages/medusa/src/api/admin/users/middlewares.ts
+++ b/packages/medusa/src/api/admin/users/middlewares.ts
@@ -17,7 +17,7 @@ export const adminUserRoutesMiddlewares: MiddlewareRoute[] = [
    method: ["GET"],
    matcher: "/admin/users",
    middlewares: [
-      authenticate("admin", ["bearer", "session"]),
+      authenticate("user", ["bearer", "session"]),
      validateAndTransformQuery(
        AdminGetUsersParams,
        QueryConfig.listTransformQueryConfig
@@ -28,7 +28,7 @@ export const adminUserRoutesMiddlewares: MiddlewareRoute[] = [
    method: ["POST"],
    matcher: "/admin/users",
    middlewares: [
-      authenticate("admin", ["bearer", "session"], { allowUnregistered: true }),
+      authenticate("user", ["bearer", "session"], { allowUnregistered: true }),
      validateAndTransformBody(AdminCreateUser),
      validateAndTransformQuery(
        AdminGetUserParams,
@@ -40,7 +40,7 @@ export const adminUserRoutesMiddlewares: MiddlewareRoute[] = [
    method: ["GET"],
    matcher: "/admin/users/:id",
    middlewares: [
-      authenticate("admin", ["bearer", "session"]),
+      authenticate("user", ["bearer", "session"]),
      validateAndTransformQuery(
        AdminGetUserParams,
        QueryConfig.retrieveTransformQueryConfig
@@ -51,7 +51,7 @@ export const adminUserRoutesMiddlewares: MiddlewareRoute[] = [
    method: ["GET"],
    matcher: "/admin/users/me",
    middlewares: [
-      authenticate("admin", ["bearer", "session"]),
+      authenticate("user", ["bearer", "session"]),
      validateAndTransformQuery(
        AdminGetUserParams,
        QueryConfig.retrieveTransformQueryConfig
@@ -62,7 +62,7 @@ export const adminUserRoutesMiddlewares: MiddlewareRoute[] = [
    method: ["POST"],
    matcher: "/admin/users/:id",
    middlewares: [
-      authenticate("admin", ["bearer", "session"]),
+      authenticate("user", ["bearer", "session"]),
      validateAndTransformBody(AdminUpdateUser),
      validateAndTransformQuery(
        AdminGetUserParams,
@@ -73,6 +73,6 @@ export const adminUserRoutesMiddlewares: MiddlewareRoute[] = [
  {
    method: ["DELETE"],
    matcher: "/admin/users/:id",
-    middlewares: [authenticate("admin", ["bearer", "session"])],
+    middlewares: [authenticate("user", ["bearer", "session"])],
  },
 ]
--- a/packages/medusa/src/api/admin/users/route.ts
+++ b/packages/medusa/src/api/admin/users/route.ts
@@ -73,8 +73,6 @@ export const POST = async (
      actor_id: result.id,
      actor_type: "user",
      auth_identity_id: req.auth_context.auth_identity_id,
-      app_metadata: {},
-      scope: "admin",
    },
    {
      secret: jwtSecret,