Added whitelisting

2023-03-10 16:29:00 -05:00 · 2023-03-10 16:29:00 -05:00 · 601c0544ff
parent 5ef06e8184
commit 601c0544ff
3 changed files with 34 additions and 1 deletions
--- a/src/server.ts
+++ b/src/server.ts
@ -4,11 +4,29 @@ const app = express();
 const publicDirname = path.join(__dirname, "../public");
 const DEVELOPMENT_PORT = 8000;

+import whiteListedUsers from "./whitelistedUser.json";
+
 import * as dotenv from "dotenv";
 import { makePullRequest } from "./giteaClient";

 dotenv.config();

+const devQuestId = "cdalek"
+
+const validateAuthorization = (req, res, next) => {
+  // TODO: Replace with actual quest id from request
+  if (!whiteListedUsers.includes(devQuestId)) { 
+    const err = Error("UnauthorizedError");
+    err.name = "UnauthorizedError";
+    next(err);
+  } 
+    
+  return next();
+}
+
+// Validate user's quest id
+app.use(validateAuthorization); 
+
 app.get("/", async (req, res) => {
  res.sendFile(path.join(publicDirname, "index.html"));

@ -19,6 +37,17 @@ app.get("/", async (req, res) => {
 //  Allows serving static files
 app.use(express.static(publicDirname));

+// Catch errors at very end
+app.use(async (err, req, res, next) => {
+  console.log(err);
+  if (err.name == "UnauthorizedError") {
+    return res.sendStatus(401);
+  }
+
+  return res.sendStatus(404);
+});
+
 app.listen(DEVELOPMENT_PORT, () => {
  console.log(`Listening on http://localhost:${DEVELOPMENT_PORT}`);
 });
+
--- a/src/whitelistedUser.json
+++ b/src/whitelistedUser.json
@ -0,0 +1,3 @@
+[
+  "cdalek"
+]
--- a/tsconfig.json
+++ b/tsconfig.json
@ -7,7 +7,8 @@
    "noEmitOnError": true,
    "experimentalDecorators": true,
    "emitDecoratorMetadata": true,
-    "outDir": "build"
+    "outDir": "build",
+    "resolveJsonModule": true,
  },
  "include": ["src"]
 }