* feat: support login via okta
* add deployment config
* feat: automatically start okta login when visiting /auth with okta provider query parameter
* remove trailing slash from base url
* laurin pls
* ...
* adjust deployment url
* we dont need this
* docs: document how to enabled Google and GitHub social login (#511)
* docs: document how to enabled Google and GitHub social login
* Apply suggestions from code review
* Apply suggestions from code review
* docs: add Okta instructions
* fix typo
* add database migration
* feat: env decoding
* auto generate id
* add generates types for the postgres table
* implement crud graphql fields for the oidc integration entites
* add unique constraint for the oidc domain column
* use correct sql query for updating an oidc integration
* return organization from deleteOIDCIntegration ok result
* add crud forms to the settings page
* update integration test fixture value
* drop unique constraint for oidc_integrations.domain as this would allow a malicous user to block another account from using a domain
* move notice to isolated component
* apply url normalization in a central place
* implement supertokens provider and overrides for dynamic oidc provider integrations
* relocate code to correct files
* prettify oidc crud forms
* replace Query.isOIDCIntegrationFeatureEnabled with the Organization.viewerCanManageOIDCIntegration field
* do not show oidc integrations for personal organizations + disable crud endpoints if the feature is disabled
* load oidc integration for the supertokens flow via trpc from the server
* prepare encryption secret within constructor
* add user to organization upon oidc login
* login via oidc does not create a personal organization
* redirect oidc user to oidc organization
* disallow oidc users to create an organization
* disallow oidc accounts joining another organization
* add test for updating an oidc integration
* enhance ui
* add documentation for OIDC SSO
* add more tests
* import Callout component
* update snapshots
* rename field User.isLinkedToOIDCIntegration to User.canSwitchOrganization to be more decriptive
* add traling new line
* gracefully handle unique constraint
* upgrade supertokens-auth-react and adjust the code in order to remove the global preApiHook
* sync image versions with tests
* remove obsolete comment
* rename database column
* bruv
* add test for oidc user deletion
* Use 5432 as default port of pg
* Fix ssl
* fix: only set heartbeat env variable if heartbeat is enabled (#446)
* fix: only set heartbeat env variable if heartbeat is enabled
* fix: default port
Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
* POSTGRES_SSL everywhere
* oh come on
* Fix Kafka connection
* Fix DOCS_URL
* Fix docs url
* But I can feel your heartbeat
I can feel your heartbeat (he said to me)
'I can feel your heartbeat' (running through me)
Feel your heartbeat
She said, 'I can feel your heartbeat' (she said to me)
'I can feel your heartbeat' (she said to me)
'I can feel your heartbeat' (running through me)
Your heartbeat, feel your heartbeat
* Your heartbeat, your heartbeat
Co-authored-by: Laurin Quast <laurinquast@googlemail.com>
* add supertoken container to docker-compose file
* yeah I am sorry this one big commit and I am ashamed of it
* use logOut function
* feat: show header on 404 page
* feat: better handling for organization cookie when not authenticated
* wrap it
* check session within server side props
* add is_admin flag user migration
* simplify and annotate the config
* fix: handle status codes + fix email/password sign up with import from auth0
* no hardcoded env pls
* decode process.env
* secure update user id mapping via a key
* fix: login form
* lol we don't need to hit the API
* fix: do graphql api authorization via authorization header instead of cookie
* implement isAdmin flag
* fix: types :)
* skipit
* yo we can run this
* set env variables
* disable because it annoys the hell out of me
* use the right host
* add not about token length
* refactor: decode environment variables
* feat: store external user id from guthub/google provider in the database
* workaround supertokens omitting null values from the token
* re-enable check
* i have no time for this shit
* add missing env variable
* fix: email test; missing domain extension
* configure pulumi deployment
Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
Co-authored-by: Dotan Simha <dotansimha@gmail.com>
* configure pulumi deployment
Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
Co-authored-by: Dotan Simha <dotansimha@gmail.com>
* configure pulumi deployment
Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
Co-authored-by: Dotan Simha <dotansimha@gmail.com>
* configure pulumi deployment
Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
* fix: env names
* fix: link google account to the correct db record
* feat: email confirmation emails
* ?
* bump ts-node
* fix types
* omit package form the bundle
* remove it from dependencies...
* add emails apckage to dev deps
* resolve eslint issues
* remove comments
* update dev info + change env variable (no need to expose it on the frontend)
* use correct user id lol
Co-authored-by: Kamil Kisiela <kamil.kisiela@gmail.com>
Co-authored-by: Dotan Simha <dotansimha@gmail.com>
