feat(*): add subdomain management for multiworkpsace #8680
+2,622
−683
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Reorganized the sign-in-up code for better readability and maintainability. Introduced validation for workspace invitations and moved some utility functions to dedicated methods. Added a migration for new auth provider columns in the workspace entity.
Removed unused `EnvironmentService` and redundant `code` property in exceptions for clarity. Simplified email validation in `workspace-invitation.service.ts`. Refactored tests to remove unnecessary `targetWorkspaceSubdomain` property.
Removed redundant services from auth and core modules to streamline the code. Added debug log statements in sign-in-up service and skipped certain test cases temporarily for evaluation.
Eliminate debug logging for workspace invite tokens and validation. This cleanup improves readability and reduces console clutter during runtime.
…ninup # Conflicts: # packages/twenty-server/src/engine/core-modules/auth/services/sign-in-up.service.ts
…facto/improve-signinup # Conflicts: # packages/twenty-server/src/engine/core-modules/auth/dto/available-workspaces.output.ts # packages/twenty-server/src/engine/core-modules/auth/services/auth.service.ts # packages/twenty-server/src/engine/core-modules/auth/services/sign-in-up.service.ts # packages/twenty-server/src/engine/core-modules/user/services/user.service.ts # packages/twenty-server/src/engine/core-modules/workspace/services/workspace.service.ts
Removed the redundant `code` property from WorkspaceInvitationException. Adjusted the import order in WorkspaceResolver to comply with coding standards.
…facto/improve-signinup
Replace user object with user ID in saveDefaultWorkspace method call to fix incorrect parameter type. This ensures that the function operates as expected and prevents potential errors in default workspace assignment.
Deleted outdated user and workspace validation logic, and removed legacy verify-auth controller. Updated Microsoft and Google auth controllers to handle errors correctly and redirect. Added subdomain handling in various components to support multi-workspace setup.
TODOs/FIXMEs:
|
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
PR Summary
This PR implements comprehensive subdomain management for multi-workspace functionality across the Twenty application. Here's a focused summary of the key changes:
- Added subdomain field to Workspace entity with unique constraint and migration scripts to populate existing workspaces with unique subdomains
- Implemented workspace-specific authentication flows that validate and route based on subdomains, including SSO, Google, and Microsoft OAuth
- Modified token management to support workspace-specific cookies and validation through new validateTokenByRequest method
- Added domain settings page in workspace settings UI with subdomain configuration capabilities
- Added workspace switching functionality that redirects users to appropriate workspace subdomains with proper authentication state
The changes appear well-structured but there are some critical issues to address:
- Missing workspaceValidator imports in several auth controllers could cause runtime errors
- Potential security concerns in OriginHeader decorator due to lack of validation
- Duplicate workspace route in SettingsRoutes.tsx needs to be resolved
82 file(s) reviewed, 73 comment(s)
Edit PR Review Bot Settings | Greptile
packages/twenty-front/src/modules/auth/sign-in-up/components/SignInUpGlobalScopeForm.tsx
Show resolved
Hide resolved
packages/twenty-front/src/modules/auth/sign-in-up/components/SignInUpGlobalScopeForm.tsx
Show resolved
Hide resolved
| defaultValue: null, | ||
| effects: [ | ||
| cookieStorageEffect('lastAuthenticateWorkspace', { | ||
| domain: `.${getWorkspaceMainDomain()}`, |
There was a problem hiding this comment.
style: Leading dot in domain could prevent cookie from being set in some environments. Consider making it optional based on environment.
| effects: [ | ||
| cookieStorageEffect('lastAuthenticateWorkspace', { | ||
| domain: `.${getWorkspaceMainDomain()}`, | ||
| expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365), // 1 year |
There was a problem hiding this comment.
logic: Cookie expiration calculated at state creation time rather than when cookie is set. Move calculation into effect.
| }); | ||
| it('should build workspace URL with workspace', () => { | ||
| const baseUrl = 'https://example.com'; | ||
| const workspace = { subdomain: 'subdomain' } as unknown as Workspace; |
There was a problem hiding this comment.
style: Type casting to Workspace without proper mock data could hide type-related issues
Comment on lines
16
to
18
| if (!domain) { | ||
| return false; | ||
| throw new Error('Invalid email format'); | ||
| } |
There was a problem hiding this comment.
logic: Redundant check - if fields[1] exists but is empty, it would have been caught by the length check on line 10
Comment on lines
+24
to
+28
| try { | ||
| return !emailProvidersSet.has(getDomainNameByEmail(email)); | ||
| } catch (err) { | ||
| return false; | ||
| } |
There was a problem hiding this comment.
style: Silently catching all errors masks potential issues - consider logging errors in development
| @@ -58,7 +58,7 @@ This uses the prebuilt images found on [docker hub](https://hub.docker.com/r/twe | |||
|
|
|||
| - Is set in respective tf-files | |||
| - See docs [Setup Environment Variables](https://twenty.com/developers/section/self-hosting/self-hosting-var) for usage | |||
| - After deployment you could can set `IS_SIGN_UP_DISABLED=true` (and run `terraform plan/apply` again) to disable new workspaces from being created | |||
| - After deployment you could can set `IS_MULTIWORKSPACE_ENABLED=false` (and run `terraform plan/apply` again) to disable new workspaces from being created | |||
There was a problem hiding this comment.
syntax: Typo in text: 'you could can' should be either 'you could' or 'you can'
Comment on lines
138
to
140
|
|
||
| Upgrade your Twenty instance to use v0.33.0 image |
There was a problem hiding this comment.
style: heading format is inconsistent with other version headings - others use ## while this uses #
…ce' into feat/add-subdomain-management-for-multiworpsace
Replace manual URL handling with UrlManagerService across authentication and other core modules. This centralization improves maintainability and consistency by consolidating URL construction logic into a dedicated service.
AMoreaux
force-pushed
the
feat/add-subdomain-management-for-multiworpsace
branch
from
dd5817d
to
c782207
Compare
…at/add-subdomain-management-for-multiworpsace # Conflicts: # packages/twenty-server/src/database/commands/upgrade-version/0-33/0-33-upgrade-version.module.ts # packages/twenty-server/src/database/typeorm-seeds/core/workspaces.ts # packages/twenty-server/src/engine/core-modules/billing/stripe/stripe.service.ts # packages/twenty-website/src/content/developers/self-hosting/cloud-providers.mdx # packages/twenty-website/src/content/developers/self-hosting/upgrade-guide.mdx
Removed the entire workspace-url.helper.ts file to consolidate URL management in a dedicated URL manager. Updated references throughout the project to use the new URL manager hooks and state, ensuring improved consistency and modularity.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Blocked by #8579