From bc85575e9b5ca892e91edf1a08bec5d280b61665 Mon Sep 17 00:00:00 2001
From: Luka Radenovic <luka@init.hr>
Date: Mon, 16 May 2022 13:59:05 +0200
Subject: [PATCH] Add app roles to userInfo when logging in

---
 areas/auth/auth.py | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/areas/auth/auth.py b/areas/auth/auth.py
index 9f95b772..8a137d02 100644
--- a/areas/auth/auth.py
+++ b/areas/auth/auth.py
@@ -4,7 +4,7 @@ from flask_cors import cross_origin
 from datetime import timedelta
 
 from areas import api_v1
-from areas.apps import AppRole
+from areas.apps import AppRole, App
 from config import *
 from helpers import HydraOauth, BadRequest, KratosApi
 
@@ -40,7 +40,18 @@ def hydra_callback():
         identity=token, expires_delta=timedelta(days=365)
     )
 
-    app_role = AppRole.query.filter_by(user_id=identity["id"]).first()
+    apps = App.query.all()
+    app_roles = []
+    for app in apps:
+        tmp_app_role = AppRole.query.filter_by(
+            user_id=identity["id"], app_id=app.id
+        ).first()
+        app_roles.append(
+            {
+                "name": app.slug,
+                "role_id": tmp_app_role.role_id if tmp_app_role else None,
+            }
+        )
 
     return jsonify(
         {
@@ -50,7 +61,7 @@ def hydra_callback():
                 "email": user_info["email"],
                 "name": user_info["name"],
                 "preferredUsername": user_info["preferred_username"],
-                "role_id": app_role.role_id if app_role else None,
+                "app_roles": app_roles,
             },
         }
     )
-- 
GitLab