Merge pull request #1267 from lowcoder-org/fix/disabled_email

FalkWolsky · web-flow · commit 8ae6b32d96eb · 2024-11-11T15:25:00.000+01:00
forbid email login that is disabled
diff --git a/server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/exception/BizError.java b/server/api-service/lowcoder-sdk/src/main/java/org/lowcoder/sdk/exception/BizError.java
@@ -102,6 +102,7 @@ public enum BizError {
     JWT_NOT_FIND(400, 5619),
     ID_NOT_EXIST(500, 5620),
     DUPLICATE_AUTH_CONFIG_ADDITION(400, 5621),
+    EMAIL_PROVIDER_DISABLED(403, 5622),
 
 
     // asset related, code range 5700 - 5799
diff --git a/server/api-service/lowcoder-sdk/src/main/resources/locale_en.properties b/server/api-service/lowcoder-sdk/src/main/resources/locale_en.properties
@@ -281,3 +281,4 @@ ORG_DELETED_FOR_ENTERPRISE_MODE=Provided enterpriseOrgId workspace has been dele
 DISABLE_AUTH_CONFIG_FORBIDDEN=Can not disable current administrator''s last identity provider.
 USER_NOT_EXIST=User not exist.
 DUPLICATE_AUTH_CONFIG_ADDITION=Provider auth type already added to organization
+EMAIL_PROVIDER_DISABLED=Email provider is disabled.
diff --git a/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java b/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java
@@ -88,15 +88,19 @@ protected Mono<AuthUser> authenticate(String authId, @Deprecated String source,
                     log.warn("source is deprecated and will be removed in the future, please use authId instead. {}", source);
                     return authenticationService.findAuthConfigBySource(context.getOrgId(), source);
                 })
-                .doOnNext(findAuthConfig -> {
+                .flatMap(findAuthConfig -> {
                     context.setAuthConfig(findAuthConfig.authConfig());
                     if (findAuthConfig.authConfig().getSource().equals("EMAIL")) {
                         if(StringUtils.isBlank(context.getOrgId())) {
                             context.setOrgId(Optional.ofNullable(findAuthConfig.organization()).map(Organization::getId).orElse(null));
                         }
+                        if(!findAuthConfig.authConfig().getEnable()) {
+                            return Mono.error(new BizException(EMAIL_PROVIDER_DISABLED, "EMAIL_PROVIDER_DISABLED"));
+                        }
                     } else {
                         context.setOrgId(Optional.ofNullable(findAuthConfig.organization()).map(Organization::getId).orElse(null));
                     }
+                    return Mono.just(findAuthConfig);
                 })
                 .then(authRequestFactory.build(context))
                 .flatMap(authRequest -> authRequest.auth(context))
