From 516c812043e77be7f834ae1326d13d39e156ef77 Mon Sep 17 00:00:00 2001
From: kolaente <k@knt.li>
Date: Sun, 31 Oct 2021 12:37:31 +0100
Subject: [PATCH] feat: expose if a user is a local user through its jwt token

---
 pkg/modules/auth/auth.go | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/pkg/modules/auth/auth.go b/pkg/modules/auth/auth.go
index 486f598c07..abe5d355f4 100644
--- a/pkg/modules/auth/auth.go
+++ b/pkg/modules/auth/auth.go
@@ -24,6 +24,7 @@ import (
 	"code.vikunja.io/api/pkg/models"
 	"code.vikunja.io/api/pkg/user"
 	"code.vikunja.io/web"
+
 	"github.com/golang-jwt/jwt/v4"
 	"github.com/labstack/echo/v4"
 )
@@ -51,7 +52,7 @@ func NewUserAuthTokenResponse(u *user.User, c echo.Context) error {
 }
 
 // NewUserJWTAuthtoken generates and signes a new jwt token for a user. This is a global function to be able to call it from integration tests.
-func NewUserJWTAuthtoken(user *user.User) (token string, err error) {
+func NewUserJWTAuthtoken(u *user.User) (token string, err error) {
 	t := jwt.New(jwt.SigningMethodHS256)
 
 	var ttl = time.Duration(config.ServiceJWTTTL.GetInt64())
@@ -60,12 +61,13 @@ func NewUserJWTAuthtoken(user *user.User) (token string, err error) {
 	// Set claims
 	claims := t.Claims.(jwt.MapClaims)
 	claims["type"] = AuthTypeUser
-	claims["id"] = user.ID
-	claims["username"] = user.Username
-	claims["email"] = user.Email
+	claims["id"] = u.ID
+	claims["username"] = u.Username
+	claims["email"] = u.Email
 	claims["exp"] = exp
-	claims["name"] = user.Name
-	claims["emailRemindersEnabled"] = user.EmailRemindersEnabled
+	claims["name"] = u.Name
+	claims["emailRemindersEnabled"] = u.EmailRemindersEnabled
+	claims["isLocalUser"] = u.Issuer == user.IssuerLocal
 
 	// Generate encoded token and send it as response.
 	return t.SignedString([]byte(config.ServiceJWTSecret.GetString()))
@@ -87,6 +89,7 @@ func NewLinkShareJWTAuthtoken(share *models.LinkSharing) (token string, err erro
 	claims["right"] = share.Right
 	claims["sharedByID"] = share.SharedByID
 	claims["exp"] = exp
+	claims["isLocalUser"] = true // Link shares are always local
 
 	// Generate encoded token and send it as response.
 	return t.SignedString([]byte(config.ServiceJWTSecret.GetString()))