feat: welcome page - fix jwt auth

package.json

@@ -36,11 +36,11 @@
     "node": ">=16.0"
   },
   "dependencies": {
-    "@azure/storage-blob": "12.9.0",
+    "@azure/storage-blob": "12.11.0",
     "@exlinc/keycloak-passport": "1.0.2",
     "@graphql-tools/schema": "8.3.7",
     "@graphql-tools/utils": "8.6.6",
-    "@joplin/turndown-plugin-gfm": "1.0.43",
+    "@joplin/turndown-plugin-gfm": "1.0.44",
     "@root/csr": "0.8.1",
     "@root/keypairs": "0.10.3",
     "@root/pem": "1.0.4",
@@ -50,18 +50,18 @@
     "apollo-server": "3.6.7",
     "apollo-server-express": "3.6.7",
     "auto-load": "3.0.4",
-    "aws-sdk": "2.1111.0",
+    "aws-sdk": "2.1208.0",
     "bcryptjs-then": "1.0.1",
     "bluebird": "3.7.2",
     "body-parser": "1.20.0",
     "chalk": "4.1.2",
-    "cheerio": "1.0.0-rc.5",
+    "cheerio": "1.0.0-rc.12",
     "chokidar": "3.5.3",
     "chromium-pickle-js": "0.2.0",
     "clean-css": "4.2.3",
     "command-exists": "1.2.9",
     "compression": "1.7.4",
-    "connect-session-knex": "2.1.1",
+    "connect-session-knex": "3.0.0",
     "cookie-parser": "1.4.6",
     "cors": "2.8.5",
     "cuint": "0.2.2",
@@ -69,13 +69,13 @@
     "dependency-graph": "0.9.0",
     "diff": "4.0.2",
     "diff2html": "3.1.14",
-    "dompurify": "2.2.7",
+    "dompurify": "2.4.0",
     "dotize": "0.3.0",
-    "emoji-regex": "9.2.2",
-    "eventemitter2": "6.4.5",
-    "express": "4.17.3",
+    "emoji-regex": "10.1.0",
+    "eventemitter2": "6.4.7",
+    "express": "4.18.1",
     "express-brute": "1.0.1",
-    "express-session": "1.17.2",
+    "express-session": "1.17.3",
     "file-type": "15.0.1",
     "filesize": "6.1.0",
     "fs-extra": "9.0.1",
@@ -98,7 +98,7 @@
     "jsonwebtoken": "8.5.1",
     "katex": "0.12.0",
     "klaw": "4.0.1",
-    "knex": "1.0.5",
+    "knex": "2.3.0",
     "lodash": "4.17.21",
     "luxon": "2.3.1",
     "markdown-it": "11.0.1",
@@ -124,11 +124,11 @@
     "nanoid": "3.3.2",
     "node-2fa": "1.1.2",
     "node-cache": "5.1.2",
-    "nodemailer": "6.7.3",
+    "nodemailer": "6.7.8",
     "objection": "3.0.1",
-    "passport": "0.5.2",
-    "passport-auth0": "1.4.2",
-    "passport-azure-ad": "4.3.1",
+    "passport": "0.6.0",
+    "passport-auth0": "1.4.3",
+    "passport-azure-ad": "4.3.4",
     "passport-cas": "0.1.1",
     "passport-discord": "0.1.4",
     "passport-dropbox-oauth2": "1.1.0",
@@ -139,7 +139,7 @@
     "passport-jwt": "4.0.0",
     "passport-ldapauth": "3.0.1",
     "passport-local": "1.0.0",
-    "passport-microsoft": "0.1.0",
+    "passport-microsoft": "1.0.0",
     "passport-oauth2": "1.6.1",
     "passport-okta-oauth": "0.0.1",
     "passport-openidconnect": "0.1.1",
@@ -147,22 +147,22 @@
     "passport-slack-oauth2": "1.1.1",
     "passport-twitch-strategy": "2.2.0",
     "pem-jwk": "2.0.0",
-    "pg": "8.7.3",
+    "pg": "8.8.0",
     "pg-hstore": "2.3.4",
-    "pg-pubsub": "0.6.1",
-    "pg-query-stream": "4.2.3",
-    "pg-tsquery": "8.3.0",
+    "pg-pubsub": "0.8.0",
+    "pg-query-stream": "4.2.4",
+    "pg-tsquery": "8.4.0",
     "pug": "3.0.2",
     "punycode": "2.1.1",
     "qr-image": "3.2.0",
-    "rate-limiter-flexible": "2.3.6",
+    "rate-limiter-flexible": "2.3.8",
     "remove-markdown": "0.3.0",
     "request": "2.88.2",
     "request-promise": "4.2.6",
     "safe-regex": "2.1.1",
     "sanitize-filename": "1.6.3",
     "scim-query-filter-parser": "2.0.4",
-    "semver": "7.3.6",
+    "semver": "7.3.7",
     "serve-favicon": "2.5.0",
     "simple-git": "2.21.0",
     "ssh2": "1.9.0",
@@ -174,7 +174,7 @@
     "uslug": "1.0.4",
     "uuid": "8.3.2",
     "validate.js": "0.13.1",
-    "xss": "1.0.11",
+    "xss": "1.0.14",
     "yargs": "16.1.0"
   },
   "devDependencies": {

server/controllers/common.js

@@ -42,7 +42,8 @@ router.get([
   '/_profile',
   '/_profile/*',
   '/_error',
-  '/_error/*'
+  '/_error/*',
+  '/_welcome'
 ], (req, res, next) => {
   res.sendFile(path.join(WIKI.ROOTPATH, 'assets/index.html'))
 })
@@ -533,8 +534,7 @@ router.get('/*', async (req, res, next) => {
           effectivePermissions
         })
       } else if (pageArgs.path === 'home') {
-        _.set(res.locals, 'pageMeta.title', 'Welcome')
-        res.render('welcome', { locale: pageArgs.locale })
+        res.redirect('/_welcome')
       } else {
         _.set(res.locals, 'pageMeta.title', 'Page Not Found')
         if (effectivePermissions.pages.write) {

server/core/auth.js

@@ -159,10 +159,13 @@ module.exports = {
           WIKI.logger.warn(errc)
           return next()
         }
-      }
-
-      // JWT is NOT valid, set as guest
-      if (!user) {
+      } else if (user) {
+        user = await WIKI.models.users.getById(user.id)
+        user.permissions = user.getPermissions()
+        user.groups = user.getGroups()
+        req.user = user
+      } else {
+        // JWT is NOT valid, set as guest
         if (WIKI.auth.guest.cacheExpiration <= DateTime.utc()) {
           WIKI.auth.guest = await WIKI.models.users.getGuestUser()
           WIKI.auth.guest.cacheExpiration = DateTime.utc().plus({ minutes: 1 })

server/models/users.js

@@ -116,7 +116,7 @@ module.exports = class User extends Model {
     return (result && _.has(result, 'delta') && result.delta === 0)
   }
 
-  getPermissions() {
+  getPermissions () {
     return _.uniq(_.flatten(_.map(this.groups, 'permissions')))
   }
 
@@ -128,6 +128,12 @@ module.exports = class User extends Model {
   // Model Methods
   // ------------------------------------------------
 
+  static async getById(id) {
+    return WIKI.models.users.query().findById(id).withGraphFetched('groups').modifyGraph('groups', builder => {
+      builder.select('groups.id', 'permissions')
+    })
+  }
+
   static async processProfile({ profile, providerKey }) {
     const provider = _.get(WIKI.auth.strategies, providerKey, {})
     provider.info = _.find(WIKI.data.authentication, ['key', provider.stategyKey])
@@ -385,7 +391,7 @@ module.exports = class User extends Model {
    * Generate a new token for a user
    */
   static async refreshToken(user) {
-    if (_.isSafeInteger(user)) {
+    if (_.isString(user)) {
       user = await WIKI.models.users.query().findById(user).withGraphFetched('groups').modifyGraph('groups', builder => {
         builder.select('groups.id', 'permissions')
       })

ux/src/i18n/locales/en.json

@@ -1478,5 +1478,9 @@
   "common.error.generic.title": "Unexpected Error",
   "common.error.generic.hint": "Oops, something went wrong...",
   "common.error.notfound.title": "Not Found",
-  "common.error.notfound.hint": "That page doesn't exist or is not available."
+  "common.error.notfound.hint": "That page doesn't exist or is not available.",
+  "welcome.title": "Welcome to Wiki.js!",
+  "welcome.subtitle": "Let's get started...",
+  "welcome.createHome": "Create the homepage",
+  "welcome.admin": "Administration Area"
 }

ux/src/pages/Welcome.vue

@@ -0,0 +1,112 @@
+<template lang='pug'>
+.welcome
+  .welcome-bg
+  .welcome-content
+    .welcome-logo
+      img(src='/_assets/logo-wikijs.svg')
+    .welcome-title {{t('welcome.title')}}
+    .welcome-subtitle {{t('welcome.subtitle')}}
+    .welcome-actions
+      q-btn(
+        push
+        color='primary'
+        :label='t(`welcome.createHome`)'
+        icon='las la-plus'
+        no-caps
+        to='/_new'
+      )
+      q-btn(
+        push
+        color='primary'
+        :label='t(`welcome.admin`)'
+        icon='las la-cog'
+        no-caps
+        to='/_admin'
+      )
+
+</template>
+
+<script setup>
+import { useI18n } from 'vue-i18n'
+import { useMeta } from 'quasar'
+
+// I18N
+
+const { t } = useI18n()
+
+// META
+
+useMeta({
+  title: t('welcome.title')
+})
+
+</script>
+
+<style lang="scss">
+  .welcome {
+    background: $dark-6 radial-gradient(ellipse, $dark-4, $dark-6);
+    color: #FFF;
+    height: 100vh;
+
+    &-bg {
+      position: absolute;
+      top: 50%;
+      left: 50%;
+      width: 320px;
+      height: 320px;
+      background: linear-gradient(0, $purple-6 50%, $blue-9 50%);
+      border-radius: 50%;
+      filter: blur(80px);
+      transform: translate(-50%, -50%);
+    }
+
+    &-content {
+      position: absolute;
+      top: 50%;
+      left: 50%;
+      transform: translate(-50%, -50%);
+      display: flex;
+      flex-direction: column;
+      justify-content: center;
+      align-items: center;
+      width: 90vw;
+    }
+
+    &-logo {
+      user-select: none;
+
+      > img {
+        height: 200px;
+      }
+    }
+
+    &-title {
+      font-size: 4rem;
+      font-weight: 500;
+      line-height: 4rem;
+      text-align: center;
+
+      @media (max-width: $breakpoint-md-max) {
+        font-size: 2.5rem;
+        line-height: 2.5rem;
+      }
+    }
+
+    &-subtitle {
+      font-size: 1.2rem;
+      font-weight: 500;
+      color: $purple-2;
+      line-height: 1.2rem;
+      margin-top: 1rem;
+    }
+
+    &-actions {
+      margin-top: 2rem;
+      text-align: center;
+
+      > .q-btn {
+        margin: 0 5px 5px 5px;
+      }
+    }
+  }
+</style>

ux/src/router/routes.js

@@ -54,6 +54,10 @@ const routes = [
       { path: 'flags', component: () => import('pages/AdminFlags.vue') }
     ]
   },
+  {
+    path: '/_welcome',
+    component: () => import('pages/Welcome.vue')
+  },
   {
     path: '/_error/:action?',
     component: () => import('pages/ErrorGeneric.vue')