Database auth is fully fixed and functional except for outbound firebase.
This commit is contained in:
Patrick Fic
@@ -1,42 +1,31 @@
|
||||
// // Create and Deploy Your First Cloud Functions
|
||||
// // https://firebase.google.com/docs/functions/write-firebase-functions
|
||||
//
|
||||
// exports.helloWorld = functions.https.onRequest((request, response) => {
|
||||
// response.send("Hello from Firebase!");
|
||||
// });
|
||||
|
||||
// const functions = require("firebase-functions");
|
||||
// const admin = require("firebase-admin");
|
||||
// admin.initializeApp(functions.config().firebase);
|
||||
|
||||
// // On sign up.
|
||||
// exports.processSignUp = functions.auth.user().onCreate(user => {
|
||||
// const customClaims = {
|
||||
// "https://hasura.io/jwt/claims": {
|
||||
// "x-hasura-default-role": "user",
|
||||
// "x-hasura-allowed-roles": ["user"],
|
||||
// "x-hasura-user-id": user.uid
|
||||
// }
|
||||
// };
|
||||
|
||||
// return admin
|
||||
// .auth()
|
||||
// .setCustomUserClaims(user.uid, customClaims)
|
||||
// .then(() => {
|
||||
// // Update real-time database to notify client to force refresh.
|
||||
// const metadataRef = admin.database().ref("metadata/" + user.uid);
|
||||
// // Set the refresh time to the current UTC timestamp.
|
||||
// // This will be captured on the client to force a token refresh.
|
||||
// return metadataRef.set({ refreshTime: new Date().getTime() });
|
||||
// })
|
||||
// .catch(error => {
|
||||
// console.log(error);
|
||||
// });
|
||||
// });
|
||||
|
||||
const functions = require('firebase-functions');
|
||||
const admin = require('firebase-admin');
|
||||
const functions = require("firebase-functions");
|
||||
const admin = require("firebase-admin");
|
||||
admin.initializeApp(functions.config().firebase);
|
||||
const fetch = require("node-fetch");
|
||||
|
||||
//Todo: Move this to an environment parameter.
|
||||
const GRAPHQL_ENDPOINT = functions.config().auth.graphql_endpoint;
|
||||
const HASURA_SECRET_ADMIN_KEY = functions.config().auth.hasura_secret_admin_key;
|
||||
const UPSERT_USER = `
|
||||
mutation upsert_user($authEmail: String!, $authToken: String!) {
|
||||
insert_users(
|
||||
objects: [
|
||||
{
|
||||
email:$authEmail,
|
||||
authid:$authToken
|
||||
}
|
||||
],
|
||||
on_conflict: {
|
||||
constraint: users_pkey,
|
||||
update_columns: [authid]
|
||||
}
|
||||
) {
|
||||
returning {
|
||||
authid
|
||||
}
|
||||
}
|
||||
}
|
||||
`;
|
||||
|
||||
// On sign up.
|
||||
exports.processSignUp = functions.auth.user().onCreate(user => {
|
||||
@@ -44,34 +33,53 @@ exports.processSignUp = functions.auth.user().onCreate(user => {
|
||||
// Check if user meets role criteria:
|
||||
// Your custom logic here: to decide what roles and other `x-hasura-*` should the user get
|
||||
let customClaims;
|
||||
if (user.email && user.email.indexOf('@thinkimex.com') !== -1) {
|
||||
if (user.email && user.email.indexOf("@thinkimex.com") !== -1) {
|
||||
customClaims = {
|
||||
'https://hasura.io/jwt/claims': {
|
||||
'x-hasura-default-role': 'admin',
|
||||
'x-hasura-allowed-roles': ['user', 'admin'],
|
||||
'x-hasura-user-id': user.uid
|
||||
}
|
||||
};
|
||||
}
|
||||
else {
|
||||
customClaims = {
|
||||
'https://hasura.io/jwt/claims': {
|
||||
'x-hasura-default-role': 'user',
|
||||
'x-hasura-allowed-roles': ['user'],
|
||||
'x-hasura-user-id': user.uid
|
||||
"https://hasura.io/jwt/claims": {
|
||||
"x-hasura-default-role": "admin",
|
||||
"x-hasura-allowed-roles": ["user", "admin"],
|
||||
"x-hasura-user-id": user.uid
|
||||
}
|
||||
};
|
||||
} else {
|
||||
customClaims = {
|
||||
"https://hasura.io/jwt/claims": {
|
||||
"x-hasura-default-role": "user",
|
||||
"x-hasura-allowed-roles": ["user"],
|
||||
"x-hasura-user-id": user.uid
|
||||
}
|
||||
};
|
||||
}
|
||||
//update the AuthId in the graphql server.
|
||||
fetch(GRAPHQL_ENDPOINT, {
|
||||
method: "POST",
|
||||
headers: {
|
||||
"Content-Type": "application/json",
|
||||
Accept: "application/json",
|
||||
"x-hasura-admin-secret": HASURA_SECRET_ADMIN_KEY
|
||||
},
|
||||
body: JSON.stringify({
|
||||
query: UPSERT_USER,
|
||||
variables: { authEmail: user.email, authToken: user.uid }
|
||||
})
|
||||
});
|
||||
// .then(r => r.json())
|
||||
// .then(data => {
|
||||
// console.log("data returned:", data);
|
||||
// });
|
||||
|
||||
// Set custom user claims on this newly created user.
|
||||
return admin.auth().setCustomUserClaims(user.uid, customClaims)
|
||||
return admin
|
||||
.auth()
|
||||
.setCustomUserClaims(user.uid, customClaims)
|
||||
.then(() => {
|
||||
// Update real-time database to notify client to force refresh.
|
||||
const metadataRef = admin.database().ref("metadata/" + user.uid);
|
||||
// Set the refresh time to the current UTC timestamp.
|
||||
// This will be captured on the client to force a token refresh.
|
||||
return metadataRef.set({refreshTime: new Date().getTime()});
|
||||
return metadataRef.set({ refreshTime: new Date().getTime() });
|
||||
})
|
||||
.catch(error => {
|
||||
console.log(error);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
4
firebase/readme.md
Normal file
4
firebase/readme.md
Normal file
@@ -0,0 +1,4 @@
|
||||
|
||||
Must set the environment variables using:
|
||||
|
||||
firebase functions:config:set auth.graphql_endpoint="https://bodyshop-dev-db.herokuapp.com/v1/graphql" auth.hasura_secret_admin_key="Dev-BodyShopAppBySnaptSoftware!"
|
||||
Reference in New Issue
Block a user