Dropped whitelisting
This commit is contained in:
Jori Lallo
@ -1,104 +1,17 @@
|
||||
// @flow
|
||||
import Router from 'koa-router';
|
||||
import apiError from '../errors';
|
||||
import { presentUser, presentTeam } from '../presenters';
|
||||
import { User, Team } from '../models';
|
||||
import * as Slack from '../slack';
|
||||
|
||||
const router = new Router();
|
||||
|
||||
// router.post('auth.signup', async ctx => {
|
||||
// const { username, name, email, password } = ctx.request.body;
|
||||
|
||||
// ctx.assertPresent(username, 'name is required');
|
||||
// ctx.assertPresent(name, 'name is required');
|
||||
// ctx.assertPresent(email, 'email is required');
|
||||
// ctx.assertEmail(email, 'email is invalid');
|
||||
// ctx.assertPresent(password, 'password is required');
|
||||
|
||||
// if (await User.findOne({ where: { email } })) {
|
||||
// throw apiError(
|
||||
// 400,
|
||||
// 'user_exists_with_email',
|
||||
// 'User already exists with this email'
|
||||
// );
|
||||
// }
|
||||
|
||||
// if (await User.findOne({ where: { username } })) {
|
||||
// throw apiError(
|
||||
// 400,
|
||||
// 'user_exists_with_username',
|
||||
// 'User already exists with this username'
|
||||
// );
|
||||
// }
|
||||
|
||||
// const user = await User.create({
|
||||
// username,
|
||||
// name,
|
||||
// email,
|
||||
// password,
|
||||
// });
|
||||
|
||||
// ctx.body = {
|
||||
// data: {
|
||||
// user: await presentUser(ctx, user),
|
||||
// accessToken: user.getJwtToken(),
|
||||
// },
|
||||
// };
|
||||
// });
|
||||
|
||||
// router.post('auth.login', async ctx => {
|
||||
// const { username, password } = ctx.request.body;
|
||||
|
||||
// ctx.assertPresent(username, 'username/email is required');
|
||||
// ctx.assertPresent(password, 'password is required');
|
||||
|
||||
// let user;
|
||||
// if (username) {
|
||||
// user = await User.findOne({
|
||||
// where: Sequelize.or({ email: username }, { username }),
|
||||
// });
|
||||
// } else {
|
||||
// throw apiError(400, 'invalid_credentials', 'username or email is invalid');
|
||||
// }
|
||||
|
||||
// if (!user) {
|
||||
// throw apiError(400, 'username or email is invalid');
|
||||
// }
|
||||
|
||||
// if (!user.passwordDigest) {
|
||||
// throw apiError(400, 'no_password', 'No password set');
|
||||
// }
|
||||
|
||||
// if (!await user.verifyPassword(password)) {
|
||||
// throw apiError(400, 'invalid_password', 'Invalid password');
|
||||
// }
|
||||
|
||||
// ctx.body = {
|
||||
// data: {
|
||||
// user: await presentUser(ctx, user),
|
||||
// accessToken: user.getJwtToken(),
|
||||
// },
|
||||
// };
|
||||
// });
|
||||
|
||||
router.post('auth.slack', async ctx => {
|
||||
const { code } = ctx.body;
|
||||
ctx.assertPresent(code, 'code is required');
|
||||
|
||||
const data = await Slack.oauthAccess(code);
|
||||
|
||||
// Temp to block
|
||||
const allowedSlackDomains = (process.env.ALLOWED_SLACK_DOMAINS || '')
|
||||
.split(',');
|
||||
if (!allowedSlackDomains.includes(data.team.domain)) {
|
||||
throw apiError(
|
||||
400,
|
||||
'invalid_slack_team',
|
||||
'Atlas is currently in private beta'
|
||||
);
|
||||
}
|
||||
|
||||
let user = await User.findOne({ where: { slackId: data.user.id } });
|
||||
let team = await Team.findOne({ where: { slackId: data.team.id } });
|
||||
const teamExisted = !!team;
|
||||
|
||||
Reference in New Issue
Block a user