coop-cloud-chaos-patchs/outline
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Dropped whitelisting

Browse Source
This commit is contained in:
Jori Lallo
2017-10-04 01:12:57 -07:00
parent 77a38fc3d3
commit 34dd1f1409
4 changed files with 9 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.env.sample
View File

@ -1,6 +1,5 @@
# Copy this file to .env, remove this comment and change the keys # Copy this file to .env, remove this comment and change the keys
ALLOWED_SLACK_DOMAINS=mytestslackdomain
DATABASE_URL=postgres://user:pass@example.com:5432/atlas DATABASE_URL=postgres://user:pass@example.com:5432/atlas
DATABASE_URL_TEST=postgres://user:pass@example.com:5432/atlas-test DATABASE_URL_TEST=postgres://user:pass@example.com:5432/atlas-test
PORT=3000 PORT=3000

11
app.json
View File

@ -4,9 +4,6 @@
"postdeploy": "yarn build && yarn sequelize:migrate" "postdeploy": "yarn build && yarn sequelize:migrate"
}, },
"env": { "env": {
"ALLOWED_SLACK_DOMAINS": {
"required": true
},
"AWS_ACCESS_KEY_ID": { "AWS_ACCESS_KEY_ID": {
"required": true "required": true
}, },
@ -50,12 +47,8 @@
"required": true "required": true
} }
}, },
"formation": { "formation": {},
}, "addons": ["heroku-postgresql", "heroku-redis"],
"addons": [
"heroku-postgresql",
"heroku-redis"
],
"buildpacks": [ "buildpacks": [
{ {
"url": "heroku/nodejs" "url": "heroku/nodejs"

9
frontend/scenes/Dashboard/Dashboard.js
View File

@ -49,8 +49,13 @@ type Props = {
<h1>Home</h1> <h1>Home</h1>
{this.isLoaded {this.isLoaded
? <Flex column> ? <Flex column>
<Subheading>Recently viewed</Subheading> {this.props.documents.recentlyViewed.length > 0 &&
<DocumentList documents={this.props.documents.recentlyViewed} /> <Flex column>
<Subheading>Recently viewed</Subheading>
<DocumentList
documents={this.props.documents.recentlyViewed}
/>
</Flex>}
<Subheading>Recently edited</Subheading> <Subheading>Recently edited</Subheading>
<DocumentList documents={this.props.documents.recentlyEdited} /> <DocumentList documents={this.props.documents.recentlyEdited} />
</Flex> </Flex>

87
server/api/auth.js
View File

@ -1,104 +1,17 @@
// @flow // @flow
import Router from 'koa-router'; import Router from 'koa-router';
import apiError from '../errors';
import { presentUser, presentTeam } from '../presenters'; import { presentUser, presentTeam } from '../presenters';
import { User, Team } from '../models'; import { User, Team } from '../models';
import * as Slack from '../slack'; import * as Slack from '../slack';
const router = new Router(); const router = new Router();
// router.post('auth.signup', async ctx => {
// const { username, name, email, password } = ctx.request.body;
// ctx.assertPresent(username, 'name is required');
// ctx.assertPresent(name, 'name is required');
// ctx.assertPresent(email, 'email is required');
// ctx.assertEmail(email, 'email is invalid');
// ctx.assertPresent(password, 'password is required');
// if (await User.findOne({ where: { email } })) {
// throw apiError(
// 400,
// 'user_exists_with_email',
// 'User already exists with this email'
// );
// }
// if (await User.findOne({ where: { username } })) {
// throw apiError(
// 400,
// 'user_exists_with_username',
// 'User already exists with this username'
// );
// }
// const user = await User.create({
// username,
// name,
// email,
// password,
// });
// ctx.body = {
// data: {
// user: await presentUser(ctx, user),
// accessToken: user.getJwtToken(),
// },
// };
// });
// router.post('auth.login', async ctx => {
// const { username, password } = ctx.request.body;
// ctx.assertPresent(username, 'username/email is required');
// ctx.assertPresent(password, 'password is required');
// let user;
// if (username) {
// user = await User.findOne({
// where: Sequelize.or({ email: username }, { username }),
// });
// } else {
// throw apiError(400, 'invalid_credentials', 'username or email is invalid');
// }
// if (!user) {
// throw apiError(400, 'username or email is invalid');
// }
// if (!user.passwordDigest) {
// throw apiError(400, 'no_password', 'No password set');
// }
// if (!await user.verifyPassword(password)) {
// throw apiError(400, 'invalid_password', 'Invalid password');
// }
// ctx.body = {
// data: {
// user: await presentUser(ctx, user),
// accessToken: user.getJwtToken(),
// },
// };
// });
router.post('auth.slack', async ctx => { router.post('auth.slack', async ctx => {
const { code } = ctx.body; const { code } = ctx.body;
ctx.assertPresent(code, 'code is required'); ctx.assertPresent(code, 'code is required');
const data = await Slack.oauthAccess(code); const data = await Slack.oauthAccess(code);
// Temp to block
const allowedSlackDomains = (process.env.ALLOWED_SLACK_DOMAINS || '')
.split(',');
if (!allowedSlackDomains.includes(data.team.domain)) {
throw apiError(
400,
'invalid_slack_team',
'Atlas is currently in private beta'
);
}
let user = await User.findOne({ where: { slackId: data.user.id } }); let user = await User.findOne({ where: { slackId: data.user.id } });
let team = await Team.findOne({ where: { slackId: data.team.id } }); let team = await Team.findOne({ where: { slackId: data.team.id } });
const teamExisted = !!team; const teamExisted = !!team;