admin/bodyshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

IO-1269

Browse Source
This commit is contained in:
Patrick Fic
2021-08-19 17:31:32 -07:00
parent 61a5e180f4
commit 5a4d6d3e8c
21 changed files with 301 additions and 610 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
server/firebase/firebase-handler.js
View File

@@ -1,5 +1,5 @@
var admin = require("firebase-admin");
const logger = require("../utils/logger");
const path = require("path");
require("dotenv").config({
path: path.resolve(
@@ -26,8 +26,20 @@ const adminEmail = [
];
exports.updateUser = (req, res) => {
console.log("USer Requesting", req.user);
logger.log("admin-update-user", "WARN", req.user.email, null, {
request: req.body,
});
if (!adminEmail.includes(req.user.email)) {
logger.log(
"admin-update-user-unauthorized",
"ERROR",
req.user.email,
null,
{
request: req.body,
user: req.user,
}
);
res.sendStatus(404);
}
@@ -48,11 +60,16 @@ exports.updateUser = (req, res) => {
)
.then((userRecord) => {
// See the UserRecord reference doc for the contents of userRecord.
console.log("Successfully updated user", userRecord.toJSON());
logger.log("admin-update-user-success", "DEBUG", req.user.email, null, {
userRecord,
});
res.json(userRecord);
})
.catch((error) => {
console.log("Error updating user:", error);
logger.log("admin-update-user-error", "ERROR", req.user.email, null, {
error,
});
res.status(500).json(error);
});
};
@@ -85,8 +102,6 @@ exports.sendNotification = (req, res) => {
};
exports.validateFirebaseIdToken = async (req, res, next) => {
console.log("Check if request is authorized with Firebase ID token");
if (
(!req.headers.authorization ||
!req.headers.authorization.startsWith("Bearer ")) &&
@@ -112,7 +127,10 @@ exports.validateFirebaseIdToken = async (req, res, next) => {
} else {
// No cookie
console.error("Unauthorized attempt. No cookie provided.");
logger.log("api-unauthorized-call", "WARN", null, null, {
req,
type: "no-cookie",
});
res.status(403).send("Unauthorized");
return;
}
@@ -124,7 +142,12 @@ exports.validateFirebaseIdToken = async (req, res, next) => {
next();
return;
} catch (error) {
console.error("Error while verifying Firebase ID token:", error);
logger.log("api-unauthorized-call", "WARN", null, null, {
req,
type: "unauthroized",
error,
});
res.status(403).send("Unauthorized");
return;
}