sending token only when user is enabled (#456)

leandroBorgesFerreira · Leandro Ferreira · web-flow · commit 1a01097590f3 · 2025-06-05T21:16:27.000+02:00
Co-authored-by: Leandro Ferreira &lt;email@email.com&gt;
diff --git a/backend/core/auth/src/main/java/io/writeopia/api/core/auth/AuthRouting.kt b/backend/core/auth/src/main/java/io/writeopia/api/core/auth/AuthRouting.kt
@@ -15,6 +15,7 @@ import io.ktor.server.routing.put
 import io.writeopia.api.core.auth.hash.HashUtils
 import io.writeopia.api.core.auth.models.toApi
 import io.writeopia.api.core.auth.repository.deleteUserById
+import io.writeopia.api.core.auth.repository.getEnabledUserByEmail
 import io.writeopia.api.core.auth.repository.getUserByEmail
 import io.writeopia.api.core.auth.repository.getUserById
 import io.writeopia.sdk.serialization.data.auth.AuthResponse
@@ -25,11 +26,15 @@ import io.writeopia.sdk.serialization.data.auth.ResetPasswordRequest
 import io.writeopia.sdk.serialization.data.toApi
 import io.writeopia.sql.WriteopiaDbBackend
 
-fun Routing.authRoute(writeopiaDb: WriteopiaDbBackend) {
+fun Routing.authRoute(writeopiaDb: WriteopiaDbBackend, debugMode: Boolean = false) {
     post("api/login") {
         try {
             val credentials = call.receive<LoginRequest>()
-            val user = writeopiaDb.getUserByEmail(credentials.email)
+            val user = if (debugMode) {
+                writeopiaDb.getUserByEmail(credentials.email)
+            } else {
+                writeopiaDb.getEnabledUserByEmail(credentials.email)
+            }
 
             if (user != null) {
                 val hash = user.password
diff --git a/backend/core/auth/src/main/java/io/writeopia/api/core/auth/repository/UserRepository.kt b/backend/core/auth/src/main/java/io/writeopia/api/core/auth/repository/UserRepository.kt
@@ -20,6 +20,21 @@ fun WriteopiaDbBackend.getUserByEmail(email: String): WriteopiaBeUser? =
             )
         }
 
+fun WriteopiaDbBackend.getEnabledUserByEmail(email: String): WriteopiaBeUser? =
+    this.userEntityQueries
+        .selectEnabledUserByEmail(email)
+        .executeAsOneOrNull()
+        ?.let { userEntity ->
+            WriteopiaBeUser(
+                id = userEntity.id,
+                email = userEntity.email,
+                password = userEntity.password,
+                name = userEntity.name,
+                salt = userEntity.salt,
+                companyDomain = userEntity.company
+            )
+        }
+
 fun WriteopiaDbBackend.getUserById(id: String): WriteopiaBeUser? =
     this.userEntityQueries
         .selectUserById(id)
diff --git a/backend/core/database/src/main/sqldelight/io/writeopia/sql/UserEntity.sq b/backend/core/database/src/main/sqldelight/io/writeopia/sql/UserEntity.sq
@@ -15,6 +15,12 @@ FROM user_entity
 WHERE email = ?
 LIMIT 1;
 
+selectEnabledUserByEmail:
+SELECT *
+FROM user_entity
+WHERE email = ? AND enabled = TRUE
+LIMIT 1;
+
 selectUserById:
 SELECT *
 FROM user_entity
diff --git a/backend/gateway/src/main/kotlin/io/writeopia/api/geteway/Application.kt b/backend/gateway/src/main/kotlin/io/writeopia/api/geteway/Application.kt
@@ -18,10 +18,11 @@ fun main() {
 
 fun Application.module(
     writeopiaDb: WriteopiaDbBackend = configurePersistence(),
-    useAi: Boolean = System.getenv("WRITEOPIA_USE_AI")?.toBoolean() ?: false
+    useAi: Boolean = System.getenv("WRITEOPIA_USE_AI")?.toBoolean() ?: false,
+    debugMode: Boolean = false
 ) {
     installAuth()
-    configureRouting(writeopiaDb, useAi)
+    configureRouting(writeopiaDb, useAi, debugMode = debugMode)
     configureSerialization()
     configureEditorSockets()
     configureHTTP()
diff --git a/backend/gateway/src/main/kotlin/io/writeopia/api/geteway/Routing.kt b/backend/gateway/src/main/kotlin/io/writeopia/api/geteway/Routing.kt
@@ -9,14 +9,18 @@ import io.writeopia.api.core.auth.authRoute
 import io.writeopia.api.documents.routing.documentsRoute
 import io.writeopia.sql.WriteopiaDbBackend
 
-fun Application.configureRouting(writeopiaDb: WriteopiaDbBackend, useAi: Boolean) {
+fun Application.configureRouting(
+    writeopiaDb: WriteopiaDbBackend,
+    useAi: Boolean,
+    debugMode: Boolean = false
+) {
     routing {
         documentsRoute(writeopiaDb, useAi)
 
         get {
             call.respondText("Hi")
         }
 
-        authRoute(writeopiaDb)
+        authRoute(writeopiaDb, debugMode)
     }
 }
diff --git a/backend/gateway/src/test/kotlin/io/writeopia/api/gateway/AuthIntegrationTest.kt b/backend/gateway/src/test/kotlin/io/writeopia/api/gateway/AuthIntegrationTest.kt
@@ -43,7 +43,7 @@ class AuthIntegrationTest {
     @Test
     fun `it should be possible to register an user`() = testApplication {
         application {
-            module(db)
+            module(db, debugMode = true)
         }
 
         val client = defaultClient()
@@ -66,7 +66,7 @@ class AuthIntegrationTest {
     @Test
     fun `it should not be possible create 2 users with the same email`() = testApplication {
         application {
-            module(db)
+            module(db, debugMode = true)
         }
 
         val client = defaultClient()
@@ -102,7 +102,7 @@ class AuthIntegrationTest {
     @Test
     fun `it should be possible to delete your account, if your logged in`() = testApplication {
         application {
-            module(db)
+            module(db, debugMode = true)
         }
 
         val client = defaultClient()
@@ -143,7 +143,7 @@ class AuthIntegrationTest {
     fun `it should be possible to delete your account, if don't have the right token`() =
         testApplication {
             application {
-                module(db)
+                module(db, debugMode = true)
             }
 
             val response2 = client.delete("api/account") {
@@ -157,7 +157,7 @@ class AuthIntegrationTest {
     @Test
     fun `it should be possible to reset my password`() = testApplication {
         application {
-            module(db)
+            module(db, debugMode = true)
         }
 
         val client = defaultClient()

Original file line number	Diff line number	Diff line change
`@@ -9,14 +9,18 @@ import io.writeopia.api.core.auth.authRoute`
`9`	`9`	`import io.writeopia.api.documents.routing.documentsRoute`
`10`	`10`	`import io.writeopia.sql.WriteopiaDbBackend`
`11`	`11`
`12`		`-fun Application.configureRouting(writeopiaDb: WriteopiaDbBackend, useAi: Boolean) {`
	`12`	`+fun Application.configureRouting(`
	`13`	`+ writeopiaDb: WriteopiaDbBackend,`
	`14`	`+ useAi: Boolean,`
	`15`	`+ debugMode: Boolean = false`
	`16`	`+) {`
`13`	`17`	`routing {`
`14`	`18`	`documentsRoute(writeopiaDb, useAi)`
`15`	`19`
`16`	`20`	`get {`
`17`	`21`	`call.respondText("Hi")`
`18`	`22`	`}`
`19`	`23`
`20`		`- authRoute(writeopiaDb)`
	`24`	`+ authRoute(writeopiaDb, debugMode)`
`21`	`25`	`}`
`22`	`26`	`}`