diff --git a/apps/server/src/modules/auth/next-auth-options.ts b/apps/server/src/modules/auth/next-auth-options.ts index 3c73306fb6..1fea5d9b0b 100644 --- a/apps/server/src/modules/auth/next-auth-options.ts +++ b/apps/server/src/modules/auth/next-auth-options.ts @@ -15,6 +15,7 @@ import Google from 'next-auth/providers/google'; import { Config } from '../../config'; import { PrismaService } from '../../prisma'; import { NewFeaturesKind } from '../users/types'; +import { isStaff } from '../users/utils'; import { MailService } from './mailer'; import { getUtcTimestamp, UserClaim } from './service'; @@ -255,6 +256,9 @@ export const NextAuthOptionsProvider: FactoryProvider = { } const email = profile?.email ?? user.email; if (email) { + if (isStaff(email)) { + return true; + } return prisma.newFeaturesWaitingList .findUnique({ where: { diff --git a/apps/server/src/modules/auth/next-auth.controller.ts b/apps/server/src/modules/auth/next-auth.controller.ts index 65e542de84..39ff0bd0eb 100644 --- a/apps/server/src/modules/auth/next-auth.controller.ts +++ b/apps/server/src/modules/auth/next-auth.controller.ts @@ -127,11 +127,15 @@ export class NextAuthController { } if (redirect?.endsWith('api/auth/error?error=AccessDenied')) { - res.status(403); - res.json({ - url: 'https://community.affine.pro/c/insider-general/', - error: `You don't have early access permission`, - }); + if (!req.headers?.referer) { + res.redirect('https://community.affine.pro/c/insider-general/'); + } else { + res.status(403); + res.json({ + url: 'https://community.affine.pro/c/insider-general/', + error: `You don't have early access permission`, + }); + } return; } diff --git a/apps/server/src/modules/users/resolver.ts b/apps/server/src/modules/users/resolver.ts index 4d982eee9c..ffcf39a600 100644 --- a/apps/server/src/modules/users/resolver.ts +++ b/apps/server/src/modules/users/resolver.ts @@ -25,6 +25,7 @@ import type { FileUpload } from '../../types'; import { Auth, CurrentUser, Public } from '../auth/guard'; import { StorageService } from '../storage/storage.service'; import { NewFeaturesKind } from './types'; +import { isStaff } from './utils'; registerEnumType(NewFeaturesKind, { name: 'NewFeaturesKind', @@ -116,7 +117,7 @@ export class UserResolver { }) @Public() async user(@Args('email') email: string) { - if (this.config.featureFlags.earlyAccessPreview) { + if (this.config.featureFlags.earlyAccessPreview && !isStaff(email)) { const hasEarlyAccess = await this.prisma.newFeaturesWaitingList .findUnique({ where: { email, type: NewFeaturesKind.EarlyAccess }, diff --git a/apps/server/src/modules/users/utils.ts b/apps/server/src/modules/users/utils.ts new file mode 100644 index 0000000000..a10cedbcaa --- /dev/null +++ b/apps/server/src/modules/users/utils.ts @@ -0,0 +1,3 @@ +export function isStaff(email: string) { + return email.endsWith('@toeverything.info'); +}