From 48cfaad34edb83f043d61928b7552dc613671358 Mon Sep 17 00:00:00 2001 From: Aydan Pirani Date: Tue, 28 May 2024 20:21:47 -0700 Subject: [PATCH 1/2] Added admin + whitelist --- src/config.ts | 16 ++++++++++++++++ src/services/auth/auth-utils.ts | 11 +++++++++-- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/src/config.ts b/src/config.ts index b92f607..474dcd2 100644 --- a/src/config.ts +++ b/src/config.ts @@ -29,6 +29,22 @@ export const Config = { AUTH_CALLBACK_URI_BASE: "https://api.reflectionsprojections.org/auth/callback/", + AUTH_ADMIN_WHITELIST: new Set([ + "apirani2@illinois.edu", // Aydan Pirani (Dev) + "divyack2@illinois.edu" // Divya Koya (Dev) + "abahl3@illinois.edu", // Aryan Bahl (Dev) + "alexy3@illinois.edu", // Alex Yang (Dev) + "aryanb3@illinois.edu", // Aryan Bhardwaj (Dev) + "devrp3@illinois.edu", // Dev Patel (Dev) + "divyack2@illinois.edu", // Divya Koya (Dev) + "jechang3@illinois.edu", // Jacob Chang (Dev) + "jeremy19@illinois.edu", // Jeremy Wu (Dev) + "manyad2@illinois.edu", // Manya Dua (Dev) + "riyakp2@illinois.edu", // Riya Patel (Dev) + "ronita2@illinois.edu", // Ronit Anandani (Dev) + "srd8@illinois.edu", // Shreenija Reddy Daggavolu (Dev) + ]), + JWT_SIGNING_SECRET: getEnv("JWT_SIGNING_SECRET"), JWT_EXPIRATION_TIME: "1 day", diff --git a/src/services/auth/auth-utils.ts b/src/services/auth/auth-utils.ts index b4a3c2e..3fb40cd 100644 --- a/src/services/auth/auth-utils.ts +++ b/src/services/auth/auth-utils.ts @@ -2,6 +2,7 @@ import { Strategy as GoogleStrategy } from "passport-google-oauth20"; import { Config } from "../../config"; import { Database } from "../../database"; +import { Role } from "./auth-models"; export function createGoogleStrategy(device: string) { return new GoogleStrategy( @@ -16,10 +17,16 @@ export function createGoogleStrategy(device: string) { const userId = `user${profile.id}`; const name = profile.displayName; const email = profile._json.email; - + const roles = []; + + // Check if user is admin -> if so, add ADMIN role to their list + if (Config.AUTH_ADMIN_WHITELIST.has(email ?? "")) { + roles.push(Role.Enum.ADMIN); + } + Database.ROLES.findOneAndUpdate( { userId: userId }, - { userId, name, email }, + { userId, name, email, roles }, { upsert: true } ) .then(() => cb(null, profile)) From cee2182fa55b537befca9d50e5d20771e987950c Mon Sep 17 00:00:00 2001 From: Aydan Pirani Date: Tue, 28 May 2024 20:28:13 -0700 Subject: [PATCH 2/2] Add typing to database --- src/config.ts | 26 +++++++++++++------------- src/database.ts | 6 ++++-- src/services/auth/auth-utils.ts | 4 ++-- 3 files changed, 19 insertions(+), 17 deletions(-) diff --git a/src/config.ts b/src/config.ts index 474dcd2..e609288 100644 --- a/src/config.ts +++ b/src/config.ts @@ -30,19 +30,19 @@ export const Config = { "https://api.reflectionsprojections.org/auth/callback/", AUTH_ADMIN_WHITELIST: new Set([ - "apirani2@illinois.edu", // Aydan Pirani (Dev) - "divyack2@illinois.edu" // Divya Koya (Dev) - "abahl3@illinois.edu", // Aryan Bahl (Dev) - "alexy3@illinois.edu", // Alex Yang (Dev) - "aryanb3@illinois.edu", // Aryan Bhardwaj (Dev) - "devrp3@illinois.edu", // Dev Patel (Dev) - "divyack2@illinois.edu", // Divya Koya (Dev) - "jechang3@illinois.edu", // Jacob Chang (Dev) - "jeremy19@illinois.edu", // Jeremy Wu (Dev) - "manyad2@illinois.edu", // Manya Dua (Dev) - "riyakp2@illinois.edu", // Riya Patel (Dev) - "ronita2@illinois.edu", // Ronit Anandani (Dev) - "srd8@illinois.edu", // Shreenija Reddy Daggavolu (Dev) + "apirani2@illinois.edu", // Aydan Pirani (Dev) + "divyack2@illinois.edu", // Divya Koya (Dev) + "abahl3@illinois.edu", // Aryan Bahl (Dev) + "alexy3@illinois.edu", // Alex Yang (Dev) + "aryanb3@illinois.edu", // Aryan Bhardwaj (Dev) + "devrp3@illinois.edu", // Dev Patel (Dev) + "divyack2@illinois.edu", // Divya Koya (Dev) + "jechang3@illinois.edu", // Jacob Chang (Dev) + "jeremy19@illinois.edu", // Jeremy Wu (Dev) + "manyad2@illinois.edu", // Manya Dua (Dev) + "riyakp2@illinois.edu", // Riya Patel (Dev) + "ronita2@illinois.edu", // Ronit Anandani (Dev) + "srd8@illinois.edu", // Shreenija Reddy Daggavolu (Dev) ]), JWT_SIGNING_SECRET: getEnv("JWT_SIGNING_SECRET"), diff --git a/src/database.ts b/src/database.ts index 460279a..42fdb60 100644 --- a/src/database.ts +++ b/src/database.ts @@ -1,4 +1,4 @@ -import mongoose, { Schema } from "mongoose"; +import mongoose, { Schema, Document } from "mongoose"; import { AttendeeSchema, AttendeeValidator, @@ -43,7 +43,9 @@ function initializeModel( }, }); - return mongoose.model(modelName, schema); + type objectType = Zod.infer; + interface modelType extends Document, objectType {} + return mongoose.model(modelName, schema); } // Example usage diff --git a/src/services/auth/auth-utils.ts b/src/services/auth/auth-utils.ts index 3fb40cd..93fe77a 100644 --- a/src/services/auth/auth-utils.ts +++ b/src/services/auth/auth-utils.ts @@ -18,12 +18,12 @@ export function createGoogleStrategy(device: string) { const name = profile.displayName; const email = profile._json.email; const roles = []; - + // Check if user is admin -> if so, add ADMIN role to their list if (Config.AUTH_ADMIN_WHITELIST.has(email ?? "")) { roles.push(Role.Enum.ADMIN); } - + Database.ROLES.findOneAndUpdate( { userId: userId }, { userId, name, email, roles },