Merge branch 'main' into CATALYST-768

bigcommerce · Jan 7, 2025 · 9364dcf · 9364dcf
2 parents 7c85082 + 4e6e7c7
commit 9364dcf
Show file tree

Hide file tree

Showing 48 changed files with 1,418 additions and 928 deletions.
diff --git a/.changeset/chilled-rocks-sneeze.md b/.changeset/chilled-rocks-sneeze.md
diff --git a/.changeset/gentle-experts-remember.md b/.changeset/gentle-experts-remember.md
diff --git a/.changeset/grumpy-roses-attack.md b/.changeset/grumpy-roses-attack.md
diff --git a/.changeset/late-boats-own.md b/.changeset/late-boats-own.md
diff --git a/.changeset/old-bananas-destroy.md b/.changeset/old-bananas-destroy.md
diff --git a/.changeset/proud-queens-serve.md b/.changeset/proud-queens-serve.md
diff --git a/.changeset/proud-taxis-smoke.md b/.changeset/proud-taxis-smoke.md
diff --git a/.changeset/silly-balloons-stare.md b/.changeset/silly-balloons-stare.md
diff --git a/.changeset/translations-patch-aaa6e4db.md b/.changeset/translations-patch-aaa6e4db.md
diff --git a/.changeset/yellow-cougars-allow.md b/.changeset/yellow-cougars-allow.md
diff --git a/.changeset/young-pugs-dream.md b/.changeset/young-pugs-dream.md
diff --git a/core/CHANGELOG.md b/core/CHANGELOG.md
@@ -1,5 +1,43 @@
 # Changelog
 
+## 0.24.1
+
+### Patch Changes
+
+- [`632a645`](https://github.com/bigcommerce/catalyst/commit/632a645850c500be9ea478490e1df4b98d9b3543) Thanks [@bookernath](https://github.com/bookernath)! - Add stub for generating Customer Login API tokens for SSO integrations
+
+- [`632a645`](https://github.com/bigcommerce/catalyst/commit/632a645850c500be9ea478490e1df4b98d9b3543) Thanks [@bookernath](https://github.com/bookernath)! - Add /login/token endpoint to power Customer Login API
+
+- [#1816](https://github.com/bigcommerce/catalyst/pull/1816) [`6eb30ac`](https://github.com/bigcommerce/catalyst/commit/6eb30ac1745e2dcc37aef892fb001f218d9b8ddb) Thanks [@bc-svc-local](https://github.com/bc-svc-local)! - Update translations.
+
+## 0.24.0
+
+### Minor Changes
+
+- [#1749](https://github.com/bigcommerce/catalyst/pull/1749) [`cacdd22`](https://github.com/bigcommerce/catalyst/commit/cacdd22de140897f57fb8aaf52b2a9e7f48c23c4) Thanks [@chanceaclark](https://github.com/chanceaclark)! - Change the rest of the auth pages to use toasts.
+
+- [#1746](https://github.com/bigcommerce/catalyst/pull/1746) [`0e34915`](https://github.com/bigcommerce/catalyst/commit/0e34915171da18ed141ecfacc6fa4c2a8f5e4c23) Thanks [@chanceaclark](https://github.com/chanceaclark)! - Converts the change password messages over to using a toast. This should provide a better DX and UX.
+
+- [#1747](https://github.com/bigcommerce/catalyst/pull/1747) [`608b886`](https://github.com/bigcommerce/catalyst/commit/608b886978518f3d27230f50a2ad462363527d63) Thanks [@chanceaclark](https://github.com/chanceaclark)! - Update the register customer page to use toasts for messaging.
+
+- [#1749](https://github.com/bigcommerce/catalyst/pull/1749) [`cacdd22`](https://github.com/bigcommerce/catalyst/commit/cacdd22de140897f57fb8aaf52b2a9e7f48c23c4) Thanks [@chanceaclark](https://github.com/chanceaclark)! - Converts the reset password messages over to using a toast.
+
+- [#1749](https://github.com/bigcommerce/catalyst/pull/1749) [`cacdd22`](https://github.com/bigcommerce/catalyst/commit/cacdd22de140897f57fb8aaf52b2a9e7f48c23c4) Thanks [@chanceaclark](https://github.com/chanceaclark)! - Remove the account state provider components
+
+- [#1749](https://github.com/bigcommerce/catalyst/pull/1749) [`cacdd22`](https://github.com/bigcommerce/catalyst/commit/cacdd22de140897f57fb8aaf52b2a9e7f48c23c4) Thanks [@chanceaclark](https://github.com/chanceaclark)! - Converts the login messages over to using a toast.
+
+- [#1743](https://github.com/bigcommerce/catalyst/pull/1743) [`7c03428`](https://github.com/bigcommerce/catalyst/commit/7c03428bf815bf2cc7b8aa35ff331379f7615094) Thanks [@chanceaclark](https://github.com/chanceaclark)! - After login, redirect to orders page instead of an account overview page. This also removes the account overview page.
+
+- [#1741](https://github.com/bigcommerce/catalyst/pull/1741) [`5136fac`](https://github.com/bigcommerce/catalyst/commit/5136fac6e05c6eb1ebce9707abcf1f180712358e) Thanks [@chanceaclark](https://github.com/chanceaclark)! - If a customer is already logged in, we want to redirect them back to their account pages if they are trying to hit one of the non-logged-in customer auth routes. The prevents any side effects that may occur trying to re-auth the client. This is done by providing a root layout.tsx page under the (auth) route group.
+
+- [#1749](https://github.com/bigcommerce/catalyst/pull/1749) [`cacdd22`](https://github.com/bigcommerce/catalyst/commit/cacdd22de140897f57fb8aaf52b2a9e7f48c23c4) Thanks [@chanceaclark](https://github.com/chanceaclark)! - Converts the change/forgot password messages over to using a toast.
+
+### Patch Changes
+
+- [#1765](https://github.com/bigcommerce/catalyst/pull/1765) [`1c9b880`](https://github.com/bigcommerce/catalyst/commit/1c9b8804cec99f5fd9700b422a3fb9739a850045) Thanks [@bookernath](https://github.com/bookernath)! - Assign cart to customer as part of initial login mutation
+
+- [#1760](https://github.com/bigcommerce/catalyst/pull/1760) [`f6161c5`](https://github.com/bigcommerce/catalyst/commit/f6161c5dcf2fbd65f4192eec36ebd3e62e60bd33) Thanks [@bc-svc-local](https://github.com/bc-svc-local)! - Update translations.
+
 ## 0.23.0
 
 ### Minor Changes

diff --git a/core/app/[locale]/(default)/(auth)/login/_actions/login.ts b/core/app/[locale]/(default)/(auth)/login/_actions/login.ts
@@ -15,6 +15,7 @@ export const login = async (formData: FormData): Promise<LoginResponse> => {
     const locale = await getLocale();
 
     const credentials = Credentials.parse({
+      type: 'password',
       email: formData.get('email'),
       password: formData.get('password'),
     });

diff --git a/core/app/login/token/[token]/route.ts b/core/app/login/token/[token]/route.ts
@@ -0,0 +1,43 @@
+/*
+ * This route is used to accept customer login token JWTs from the
+ * [Customer Login API](https://developer.bigcommerce.com/docs/start/authentication/customer-login)
+ * and log the customers in using alternative authentication methods
+ */
+
+import { decodeJwt } from 'jose';
+// eslint-disable-next-line @typescript-eslint/no-restricted-imports
+import { redirect, unstable_rethrow as rethrow } from 'next/navigation';
+
+import { signIn } from '~/auth';
+
+interface TokenParams {
+  params: Promise<{ token: string }>;
+}
+
+export async function GET(request: Request, { params }: TokenParams) {
+  const token = (await params).token;
+
+  try {
+    // decode token without checking signature to get redirect path
+    // token is not checked for validity here, so it could be expired or invalid at this point
+    // token validity and signature are checked in the signIn function
+    const claims = decodeJwt(token);
+    const redirectTo =
+      typeof claims.redirect_to === 'string' ? claims.redirect_to : '/account/orders';
+
+    // sign in with token which will check validity against BigCommerce API
+    // and redirect to redirectTo
+    await signIn('credentials', {
+      type: 'jwt',
+      jwt: token,
+      redirectTo,
+    });
+  } catch (error) {
+    rethrow(error);
+
+    redirect(`/login?error=InvalidToken`);
+  }
+}
+
+export const runtime = 'edge';
+export const dynamic = 'force-dynamic';
diff --git a/core/auth.ts b/core/auth.ts
diff --git a/core/auth/customer-login-api.ts b/core/auth/customer-login-api.ts
@@ -0,0 +1,60 @@
+import { randomUUID } from 'crypto';
+import { SignJWT } from 'jose';
+
+/**
+ * Build a Customer Login API JWT which can be used in auth/index.ts to log in a customer
+ * using the LoginWithTokenMutation, or used as a redirect to /login/token/[token]
+ *
+ * This is a stub intended to be used when implementing 3rd party authentication callbacks
+ *
+ * Requires that BIGCOMMERCE_CLIENT_SECRET and BIGCOMMERCE_CLIENT_ID are set in the environment
+ * from a client that has the Customer Login scope enabled
+ *
+ * @param {number} customerId - The BigCommerce customer ID to generate the login token for
+ * @param {number} [channelId] - Channel ID that the customer will be logged into
+ * @param {string} [redirectTo] - Relative URL to redirect to after successful login
+ * @param {Record<string, any>} [additionalClaims] - Optional additional claims to include in the JWT
+ * @returns {Promise<string>} A JWT token that can be used to authenticate the customer
+ * @throws {Error} If BIGCOMMERCE_CLIENT_SECRET is not set in environment variables
+ * @throws {Error} If BIGCOMMERCE_CLIENT_ID is not set in environment variables
+ */
+export const generateCustomerLoginApiJwt = async (
+  customerId: number,
+  channelId: number,
+  redirectTo: string = '/account/orders',
+  additionalClaims?: Record<string, any>,
+): Promise<string> => {
+  const clientId = process.env.BIGCOMMERCE_CLIENT_ID;
+  const clientSecret = process.env.BIGCOMMERCE_CLIENT_SECRET;
+  const storeHash = process.env.BIGCOMMERCE_STORE_HASH;
+
+  if (!clientSecret) {
+    throw new Error('BIGCOMMERCE_CLIENT_SECRET is not set in environment variables');
+  }
+
+  if (!clientId) {
+    throw new Error('BIGCOMMERCE_CLIENT_ID is not set in environment variables');
+  }
+
+  if (!storeHash) {
+    throw new Error('BIGCOMMERCE_STORE_HASH is not set in environment variables');
+  }
+
+  const payload = {
+    iss: clientId,
+    iat: Math.floor(Date.now() / 1000),
+    jti: randomUUID(),
+    operation: 'customer_login',
+    store_hash: storeHash,
+    customer_id: Math.floor(customerId),
+    ...(channelId && { channel_id: channelId }),
+    ...(redirectTo && { redirect_to: redirectTo }),
+    ...(additionalClaims || {}),
+  };
+
+  // Convert client secret to Uint8Array for jose library
+  const secretKey = new TextEncoder().encode(clientSecret);
+
+  // Create and sign the JWT
+  return await new SignJWT(payload).setProtectedHeader({ alg: 'HS256', typ: 'JWT' }).sign(secretKey);
+};