From 7b533209d5be0e2cb3440830f766b39823d543c6 Mon Sep 17 00:00:00 2001 From: peeech Date: Tue, 27 Feb 2024 05:09:07 +0100 Subject: [PATCH 1/2] zt_registration checks if registrant is authorized --- server/src/routes/zt_registration.js | 43 +++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/server/src/routes/zt_registration.js b/server/src/routes/zt_registration.js index 3b40cf5..058e8eb 100644 --- a/server/src/routes/zt_registration.js +++ b/server/src/routes/zt_registration.js @@ -72,6 +72,45 @@ const cleanUpMembers = (address, apiToken, networkId) => { .catch((e) => console.log("Unable to deauthorize - Error: ", e)) } +/** + * Check if a given user (identified by email) is alredy registered and if registration parameters are correct + * @param email + */ +const isVerifiedUser = async (email) => { + const mongodbApiKey = await SETTINGS.get('mongodb_api_key') + const mongodbApiUrl = "https://eu-central-1.aws.data.mongodb-api.com/app/data-fcrur/endpoint/data/v1/action/findOne" + + let headers = new Headers() + headers.append("Content-Type", "application/json") + headers.append("api-key", mongodbApiKey) + + let filter = { + "collection":"registrations", + "database":"opsconsoledb", + "dataSource":"Cluster0", + "filter": { + "email": email + } + } + + let resp = await fetch(mongodbApiUrl, { + headers, + method: "POST", + body: JSON.stringify(filter) + }) + + let user = await resp.json() + + if (user.document && user.document.registrationCode.length > 0) { + let host = user.document.registrationCode.find(el => el.role === "host") + + if (host.approved) return true + } + + console.log(`user ${email} was not found in registration database`) + return false +} + /** * It adds a new member to the ZeroTier network. * @returns A 200 status code and a message. @@ -82,7 +121,9 @@ const handle = async req => { const { data } = payload const { email, holochain_agent_id, zerotier_address, holoport_url } = data - return addZeroTierMember(zerotier_address, holochain_agent_id, email) + if (isVerifiedUser(email)) return addZeroTierMember(zerotier_address, holochain_agent_id, email) + + respond(401) } catch (e) { console.log(e) return respond(401) From 6a5442ca3deeb8ae6a5f5b67b49cfd0d7686b70b Mon Sep 17 00:00:00 2001 From: peeech Date: Tue, 27 Feb 2024 05:30:25 +0100 Subject: [PATCH 2/2] update KV for alphanet --- server/wrangler.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server/wrangler.toml b/server/wrangler.toml index 4217e19..d72fa1e 100644 --- a/server/wrangler.toml +++ b/server/wrangler.toml @@ -13,7 +13,7 @@ command = "npm install && npm run build" name = "auth-server" route = "auth-server.holo.host/*" kv_namespaces = [ - { binding = "SETTINGS", id = "5181f479e6d84fc9835c5195b08a7029"} + { binding = "SETTINGS", id = "56ecfe1cf54d43839e2c867798e5003b"} ] -main = "dist/main.js" \ No newline at end of file +main = "dist/main.js"