refactor: fix MFA related codes as vue query updated

Signed-off-by: 이승연 <[email protected]>

Author: seungyeoneeee

apps/web/src/services/auth/authenticator/local/template/ID_PW.vue

@@ -17,7 +17,6 @@ import { useUserStore } from '@/store/user/user-store';
 
 import config from '@/lib/config';
 import { isMobile } from '@/lib/helper/cross-browsing-helper';
-import { showErrorMessage } from '@/lib/helper/notice-alert-helper';
 
 import ErrorHandler from '@/common/composables/error/errorHandler';
 
@@ -85,21 +84,6 @@ const signIn = async () => {
         await loadAuth().signIn(credentials, 'LOCAL');
         displayStore.setIsSignInFailed(false);
 
-        // console.log('userStore.state.requiredActions', userStore.state.requiredActions, userStore.state.mfa);
-        if (userStore.state.requiredActions?.includes(REQUIRED_ACTIONS.ENFORCE_MFA)) {
-            const MFA_TYPE = userStore.state.mfa?.mfa_type;
-            const isMFAEnforced = !!userStore.state.mfa?.options?.enforce && !!MFA_TYPE;
-            const needToEnableMFA = isMFAEnforced && userStore.state.mfa?.state !== 'ENABLED';
-            if (needToEnableMFA) { // Enforced MFA by admin. Always has both `options.enforce` and `mfa_type`.
-                if (import.meta.env.DEV) console.debug(`[ID_PW.vue] MFA_TYPE: ${MFA_TYPE}`);
-                await router.push({ name: AUTH_ROUTE.SIGN_IN.MULTI_FACTOR_AUTH_SETUP._NAME, params: { mfaType: MFA_TYPE } });
-            } else {
-                showErrorMessage('Something went wrong! Contact support.', 'MFA_NOT_SETUP');
-                await router.push({ name: AUTH_ROUTE.SIGN_OUT._NAME });
-            }
-            return;
-        }
-
         if (userStore.state.requiredActions?.includes(REQUIRED_ACTIONS.UPDATE_PASSWORD)) {
             await router.push({ name: AUTH_ROUTE.PASSWORD.STATUS.RESET._NAME });
         } else {
@@ -109,15 +93,36 @@ const signIn = async () => {
         if (e.message.includes('MFA')) {
             const emailRegex = /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/g;
             const mfaTypeRegex = /mfa_type\s*=\s*(\w+)/;
-            await router.push({
-                name: AUTH_ROUTE.SIGN_IN.MULTI_FACTOR_AUTH._NAME,
-                params: {
-                    password: credentials.password,
-                    mfaEmail: e.message.match(emailRegex)[0],
-                    mfaType: e.message.match(mfaTypeRegex)[1],
-                    userId: state.userId?.trim() as string,
-                },
-            });
+            const message = e.message || '';
+
+            const mfaType = message.match(mfaTypeRegex)?.[1];
+            const mfaEmail = message.match(emailRegex)?.[0];
+
+            const isStateEnabled = message.includes('ENABLED');
+            const isStateDisabled = message.includes('DISABLED');
+
+            if (message.includes('MFA is not activated.') && isStateDisabled && mfaType) {
+                const token = message.match(/access_token\s*=\s*([\w.-]+)/)?.[1];
+
+                await router.push({
+                    name: AUTH_ROUTE.SIGN_IN.MULTI_FACTOR_AUTH_SETUP._NAME,
+                    params: { mfaType },
+                    query: { sso_access_token: token },
+                });
+            } else if (message.includes('required') || (message.includes('MFA is not activated.') && isStateEnabled)) {
+                await router.push({
+                    name: AUTH_ROUTE.SIGN_IN.MULTI_FACTOR_AUTH._NAME,
+                    params: {
+                        password: credentials.password, mfaEmail, mfaType, userId: state.userId?.trim() as string,
+                    },
+                });
+            } else if (message.includes('Authenticate failure')) {
+                ErrorHandler.handleError(e);
+                displayStore.setIsSignInFailed(true);
+            } else {
+                ErrorHandler.handleRequestError(e, e.message);
+                await router.push({ name: AUTH_ROUTE.SIGN_OUT._NAME });
+            }
         } else {
             displayStore.setSignInFailedMessage(e.message);
             ErrorHandler.handleError(e);

apps/web/src/services/auth/pages/MultiFactorAuthSetUpPage.vue

@@ -14,8 +14,6 @@ import { MULTI_FACTOR_AUTH_TYPE } from '@/api-clients/identity/user-profile/sche
 import type { MultiFactorAuthType } from '@/api-clients/identity/user-profile/schema/type';
 import { i18n as _i18n } from '@/translations';
 
-import { ROOT_ROUTE } from '@/router/constant';
-
 import { useUserStore } from '@/store/user/user-store';
 
 import { showErrorMessage } from '@/lib/helper/notice-alert-helper';
@@ -47,7 +45,7 @@ const {
 } = route.params as { mfaType: MultiFactorAuthType | undefined };
 
 const state = reactive({
-    isLocalLogin: computed<boolean>(() => userStore.state.authType === 'LOCAL'),
+    // isLocalLogin: computed<boolean>(() => userStore.state.authType === 'LOCAL'),
     myMFAType: computed<MultiFactorAuthType|undefined>(() => userStore.state.mfa?.mfa_type),
     isInvalidMfaType: computed<boolean>(() => state.myMFAType !== mfaTypeRouteParam || !state.myMFAType || !mfaTypeRouteParam),
     needToEnableMFA: computed<boolean>(() => {
@@ -112,16 +110,16 @@ const handleClickConfirmButton = async () => {
     });
 };
 
+const getSSOTokenFromUrl = (): string|undefined => {
+    const query = router.currentRoute.query;
+    return query.sso_access_token as string;
+};
+
 onMounted(() => {
-    // Remove refresh token to prevent forced access to other pages
-    SpaceConnector.removeRefreshToken();
-
-    if (!SpaceConnector.getAccessToken() || !state.needToEnableMFA || state.isInvalidMfaType) {
-        router.push({ name: AUTH_ROUTE.SIGN_OUT._NAME });
-        return;
-    } if (!state.isLocalLogin) {
-        router.push({ name: ROOT_ROUTE._NAME });
-    }
+    const ssoAccessToken = getSSOTokenFromUrl();
+
+    if (!ssoAccessToken) return;
+    SpaceConnector.setToken(ssoAccessToken, '');
 });
 
 onBeforeUnmount(() => {

apps/web/src/services/auth/routes/routes.ts

@@ -74,6 +74,7 @@ export default [
                     isCentered: true,
                 },
                 props: (route) => ({
+                    ssoAccessToken: route.query.sso_access_token,
                     previousPath: route.query.previousPath,
                     redirectPath: route.query.redirectPath,
                 }),

apps/web/src/services/iam/components/UserManagementHeader.vue

@@ -14,10 +14,10 @@ import { useUserWorkspaceStore } from '@/store/app-context/workspace/user-worksp
 import { useQueryTags } from '@/common/composables/query-tags';
 
 import { useUserListPaginationQuery } from '@/services/iam/composables/use-user-list-pagination-query';
+import { useUserListQuery } from '@/services/iam/composables/use-user-list-query';
 import { USER_MODAL_TYPE, USER_SEARCH_HANDLERS } from '@/services/iam/constants/user-constant';
 import { useUserPageStore } from '@/services/iam/store/user-page-store';
 
-import { useUserListQuery } from '../composables/use-user-list-query';
 
 
 interface Props {

apps/web/src/services/iam/components/mfa/UserBulkMFASettingModal.vue

@@ -18,6 +18,7 @@ import ErrorHandler from '@/common/composables/error/errorHandler';
 
 import UserMFASettingFormLayout from '@/services/iam/components/mfa/UserMFASettingFormLayout.vue';
 import { useUserUpdateMutation } from '@/services/iam/composables/mutations/use-user-update-mutation';
+import { useUserListQuery } from '@/services/iam/composables/use-user-list-query';
 import { USER_MODAL_MAP } from '@/services/iam/constants/modal.constant';
 import { MULTI_FACTOR_AUTH_ITEMS } from '@/services/iam/constants/user-constant';
 import { useUserPageStore } from '@/services/iam/store/user-page-store';
@@ -33,19 +34,23 @@ const emit = defineEmits<UserBulkMFASettingModalEmits>();
 const userPageStore = useUserPageStore();
 const userPageState = userPageStore.state;
 const userPageModalState = userPageStore.modalState;
-const userPageGetters = userPageStore.getters;
 const userStore = useUserStore();
 
 /* State */
 const selectedMfaType = ref<MultiFactorAuthType>(MULTI_FACTOR_AUTH_ITEMS[0].type);
 const isRequiredMfa = ref(false);
 
+const selectedUserIds = computed<string[]>(() => userPageState.selectedUserIds);
+
+const { userListData: selectedUsers } = useUserListQuery(selectedUserIds);
+
+
 /* Computed */
 // Only Local Auth Type Users can be updated
-const selectedMFAControllableUsers = computed<UserListItemType[]>(() => userPageGetters.selectedUsers.filter((user) => user.auth_type === 'LOCAL'));
+const selectedMFAControllableUsers = computed<UserListItemType[]>(() => selectedUsers.value?.filter((user) => user.auth_type === 'LOCAL') || []);
 
 // UI Conditions
-const isIncludedExternalAuthTypeUser = computed<boolean>(() => userPageGetters.selectedUsers.some((user) => user.auth_type !== 'LOCAL'));
+const isIncludedExternalAuthTypeUser = computed<boolean>(() => selectedUsers.value?.some((user) => user.auth_type !== 'LOCAL') || false);
 
 /* API */
 // Store failed user IDs

apps/web/src/services/iam/components/mfa/UserMFASecretKeyDeleteModal.vue

@@ -11,6 +11,7 @@ import ErrorHandler from '@/common/composables/error/errorHandler';
 
 
 import { useUserMfaDisableMutation } from '@/services/iam/composables/mutations/use-user-mfa-disable-mutation';
+import { useUserListQuery } from '@/services/iam/composables/use-user-list-query';
 import { USER_MODAL_MAP } from '@/services/iam/constants/modal.constant';
 import { USER_MODAL_TYPE } from '@/services/iam/constants/user-constant';
 import { useUserPageStore } from '@/services/iam/store/user-page-store';
@@ -24,12 +25,15 @@ const emit = defineEmits<UserMFASecretKeyDeleteModalEmits>();
 
 /* Store */
 const userPageStore = useUserPageStore();
+const userPageState = userPageStore.state;
 const userPageModalState = userPageStore.modalState;
-const userPageGetters = userPageStore.getters;
 
 /* Computed */
 // Only Local Auth Type Users can be disabled (disable = delete secret key)
-const selectedMFAEnabledUsers = computed<UserListItemType[]>(() => userPageGetters.selectedUsers.filter((user) => user.auth_type === 'LOCAL' && user.mfa?.state === 'ENABLED') || []);
+const selectedUserIds = computed<string[]>(() => userPageState.selectedUserIds);
+
+const { userListData: selectedUsers } = useUserListQuery(selectedUserIds);
+const selectedMFAEnabledUsers = computed<UserListItemType[]>(() => selectedUsers.value?.filter((user) => user.auth_type === 'LOCAL' && user.mfa?.state === 'ENABLED') || []);
 
 /* API */
 // Store failed user IDs