diff --git a/.github/workflows/api.yaml b/.github/workflows/api.yaml index d2858be..685a452 100644 --- a/.github/workflows/api.yaml +++ b/.github/workflows/api.yaml @@ -79,3 +79,7 @@ jobs: run: yarn test env: MONGO_URL: ${{ secrets.MONGO_URL }} + GOOGLE_CLIENT_ID: ${{ secrets.GOOGLE_CLIENT_ID }} + GOOGLE_CLIENT_SECRET: ${{ secrets.GOOGLE_CLIENT_SECRET }} + OAUTH_CALLBACK_URI: ${{ secrets.OAUTH_CALLBACK_URI }} + SESSION_SECRET: ${{ secrets.SESSION_SECRET }} diff --git a/api/config/dev.env b/api/config/dev.env new file mode 100644 index 0000000..c74a452 --- /dev/null +++ b/api/config/dev.env @@ -0,0 +1,5 @@ +MONGO_URL= +GOOGLE_CLIENT_ID= +GOOGLE_CLIENT_SECRET= +SESSION_SECRET=keyboard cat +OAUTH_CALLBACK_URI=http://localhost:9000/api/auth/redirectURI \ No newline at end of file diff --git a/api/config/dev.env.example b/api/config/dev.env.example new file mode 100644 index 0000000..fd9cb77 --- /dev/null +++ b/api/config/dev.env.example @@ -0,0 +1,5 @@ +MONGO_URL=mongodb://localhost +GOOGLE_CLIENT_ID= +GOOGLE_CLIENT_SECRET= +SESSION_SECRET= +OAUTH_CALLBACK_URI=http://localhost:9000/api/auth/redirectURI \ No newline at end of file diff --git a/api/config/production.env b/api/config/production.env index a7552d1..e69de29 100644 --- a/api/config/production.env +++ b/api/config/production.env @@ -1 +0,0 @@ -MONGO_URL=production-mongo diff --git a/api/config/test.env b/api/config/test.env index 4ddcce8..4ebe874 100644 --- a/api/config/test.env +++ b/api/config/test.env @@ -1 +1,5 @@ -MONGO_URL=test-mongo +MONGO_URL= +GOOGLE_CLIENT_ID= +GOOGLE_CLIENT_SECRET= +SESSION_SECRET= +OAUTH_CALLBACK_URI=http://localhost:9000/api/auth/redirectURI \ No newline at end of file diff --git a/api/package.json b/api/package.json index d029684..dd982f9 100644 --- a/api/package.json +++ b/api/package.json @@ -16,13 +16,16 @@ "debug": "~2.6.9", "dotenv": "^8.2.0", "express": "~4.16.1", + "express-session": "^1.17.1", "helmet": "^3.21.1", "http-errors": "~1.6.3", "if-env": "^1.0.4", "isomorphic-unfetch": "^3.0.0", "mongodb": "^3.3.2", "mongoose": "^5.7.5", - "morgan": "~1.9.1" + "morgan": "~1.9.1", + "passport": "^0.4.1", + "passport-google-oauth20": "^2.0.0" }, "devDependencies": { "babel-eslint": "^10.0.3", diff --git a/api/src/api/auth.js b/api/src/api/auth.js new file mode 100644 index 0000000..94966d7 --- /dev/null +++ b/api/src/api/auth.js @@ -0,0 +1,89 @@ +const express = require('express'); +const router = express.Router(); +const passport = require('passport'); + +// Defines the callback endpoint which will be passed to LAH's redirect URI +// via Google OAuth's state parameter +const CALLBACK_ENDPOINT = '/api/auth/callback'; + +router.get('/user', (req, res) => { + res.json({ + result: req.user || null, + success: true, + }); +}); + +router.get('/login', (req, res, next) => { + // Get URLs to redirect to on success and failure + const { successRedirect = '/', failureRedirect = '/login' } = req.query; + // Construct the "callback" url by concatenating the current base URL (host) with the callback URL + // We do all this to use one single callback URL so it works with Vercel deploying on multiple + // domains. See LAH's api/auth/login.js for more details on how this works + const callbackUrl = `${req.protocol}://${req.get( + 'host', + )}${CALLBACK_ENDPOINT}`; + // State object that will be passed to OAuth and back to our callback + const state = { + callbackUrl, + successRedirect, + failureRedirect, + }; + + const auth = passport.authenticate('google', { + scope: ['profile', 'email'], + state: Buffer.from(JSON.stringify(state)).toString('base64'), + }); + auth(req, res, next); +}); + +router.get('/redirectURI', (req, res) => { + try { + // If we are here, this endpoint is likely being run on the MAIN deployment + const { state } = req.query; + // Grab the branch deployment (lah-branch-deploy.hack4impact.now.sh) for example + const { callbackUrl } = JSON.parse(Buffer.from(state, 'base64').toString()); + if (typeof callbackUrl === 'string') { + // Reconstruct the URL and redirect + const callbackURL = `${callbackUrl}?${req._parsedUrl.query}`; + return res.redirect(callbackURL); + } + // There was no base + return res.redirect(CALLBACK_ENDPOINT); + } catch (e) { + return res.status(400).json({ + message: 'Something went wrong with the URL redirection', + success: false, + }); + } +}); + +router.get( + '/callback', + (req, res, next) => { + const { state } = req.query; + const { successRedirect, failureRedirect } = JSON.parse( + Buffer.from(state, 'base64').toString(), + ); + + const auth = passport.authenticate('google', { + successRedirect, + failureRedirect, + failureFlash: true, + }); + auth(req, res, next); + }, + (req, res) => { + // Successful authentication, redirect home. + res.redirect(LOGIN_SUCCESS_REDIRECT); + }, +); + +router.post('/logout', (req, res) => { + req.logout(); + res.json({ + message: 'Logged out', + success: true, + }); +}); + +module.exports = router; diff --git a/api/src/api/home.js b/api/src/api/home.js index b641d3a..3fabc1f 100644 --- a/api/src/api/home.js +++ b/api/src/api/home.js @@ -1,6 +1,7 @@ const express = require('express'); const router = express.Router(); const { errorWrap } = require('../middleware'); +const { requireRegistered } = require('../middleware/auth'); const Home = require('../models/home'); @@ -16,4 +17,17 @@ router.get( }), ); +router.get( + '/registeredOnly', + [requireRegistered], + errorWrap(async (req, res) => { + const home = await Home.findOne(); + res.status(200).json({ + message: `Successfully returned home text`, + success: true, + result: home.text, + }); + }), +); + module.exports = router; diff --git a/api/src/api/index.js b/api/src/api/index.js index 7f5a1ec..f15c24d 100644 --- a/api/src/api/index.js +++ b/api/src/api/index.js @@ -1,5 +1,7 @@ const home = require('./home'); +const auth = require('./auth'); module.exports = { home, + auth, }; diff --git a/api/src/app.js b/api/src/app.js index f68d976..0e496ad 100644 --- a/api/src/app.js +++ b/api/src/app.js @@ -7,8 +7,10 @@ const helmet = require('helmet'); const logger = require('morgan'); const mongoose = require('mongoose'); const path = require('path'); -const routes = require('./routes'); +const session = require('express-session'); const bodyParser = require('body-parser'); +const passport = require('passport'); +const routes = require('./routes'); const app = express(); const { errorHandler } = require('./middleware'); @@ -40,6 +42,21 @@ app.use(logger('dev')); app.use(bodyParser.json({ limit: '2.1mb' })); app.use(bodyParser.urlencoded({ limit: '2.1mb', extended: false })); +// Session support, needed for authentication +app.use( + session({ + secret: process.env.SESSION_SECRET, + cookie: {}, + resave: false, + saveUninitialized: false, + }), +); + +// Passport setup +require('./passport-setup'); +app.use(passport.initialize()); +app.use(passport.session()); + app.use('/', routes); app.get('/', (req, res) => res.json('API working!')); diff --git a/api/src/middleware/auth.js b/api/src/middleware/auth.js new file mode 100644 index 0000000..b4bfd3d --- /dev/null +++ b/api/src/middleware/auth.js @@ -0,0 +1,41 @@ +const { levelEnum } = require('../models/member'); + +const requireLevel = (levels) => (req, res, next) => { + console.log(req.user); + if (!req.user || !levels.includes(req.user.level)) { + return res.status(401).json({ + success: false, + message: 'Unauthorized', + }); + } else { + next(); + } +}; + +const requireRegistered = requireLevel(Object.values(levelEnum)); + +const requireMember = requireLevel([ + levelEnum.ADMIN, + levelEnum.DIRECTOR, + levelEnum.LEAD, + levelEnum.MEMBER, +]); + +const requireLead = requireLevel([ + levelEnum.ADMIN, + levelEnum.DIRECTOR, + levelEnum.LEAD, +]); + +const requireDirector = requireLevel([levelEnum.ADMIN, levelEnum.DIRECTOR]); + +const requireAdmin = requireLevel([levelEnum.ADMIN]); + +module.exports = { + requireLevel, + requireRegistered, + requireMember, + requireLead, + requireDirector, + requireAdmin, +}; diff --git a/api/src/middleware/index.js b/api/src/middleware/index.js index 5027954..977feb3 100644 --- a/api/src/middleware/index.js +++ b/api/src/middleware/index.js @@ -1,7 +1,9 @@ const errorHandler = require('./errorHandler'); const errorWrap = require('./errorWrap'); +const auth = require('./auth'); module.exports = { errorHandler, errorWrap, + auth, }; diff --git a/api/src/models/member.js b/api/src/models/member.js index 1824b18..80c154e 100644 --- a/api/src/models/member.js +++ b/api/src/models/member.js @@ -53,50 +53,50 @@ const classStandingEnum = { }; const Member = new mongoose.Schema({ - firstName: { type: String, required: true }, - lastName: { type: String, required: true }, + firstName: { type: String, required: false }, + lastName: { type: String, required: false }, oauthID: { type: String, required: true, unique: true }, - email: { type: String, required: true, unique: true }, - phone: { type: String, required: true }, - netID: { type: String, required: true }, - UIN: { type: String, required: true }, - major: { type: String, required: true }, - birthdate: { type: Date, required: true }, + email: { type: String, required: false, unique: true }, + phone: { type: String, required: false }, + netID: { type: String, required: false }, + UIN: { type: String, required: false }, + major: { type: String, required: false }, + birthdate: { type: Date, required: false }, github: { type: String, required: false }, snapchat: { type: String, required: false }, instagram: { type: String, required: false }, - areDuesPaid: { type: Boolean, required: true }, + areDuesPaid: { type: Boolean, required: false }, - gradYear: { type: Number, required: true }, + gradYear: { type: Number, required: false }, gradSemester: { type: String, enum: Object.values(semesterEnum), - required: true, + required: false, }, classStanding: { type: String, enum: Object.values(classStandingEnum), - required: true, + required: false, }, - generationYear: { type: Number, required: true }, + generationYear: { type: Number, required: false }, generationSemester: { type: String, enum: Object.values(semesterEnum), - required: true, + required: false, }, location: { type: String, enum: Object.values(locationEnum), - required: true, + required: false, }, role: { type: String, enum: Object.values(roleEnum), - required: true, + required: false, }, level: { @@ -108,7 +108,7 @@ const Member = new mongoose.Schema({ status: { type: String, enum: Object.values(statusEnum), - required: true, + required: false, }, }); diff --git a/api/src/passport-setup.js b/api/src/passport-setup.js new file mode 100644 index 0000000..d788101 --- /dev/null +++ b/api/src/passport-setup.js @@ -0,0 +1,50 @@ +const GoogleStrategy = require('passport-google-oauth20').Strategy; +const passport = require('passport'); +const Member = require('./models/member'); + +// Defines the default level a user gets assigned with upon first sign-in +const DEFAULT_LEVEL = process.env.DEFAULT_LEVEL || Member.levelEnum.TBD; + +passport.serializeUser((user, done) => { + done(null, user._id); +}); + +passport.deserializeUser((id, done) => { + // Find in DB and return user + Member.findById(id, (err, user) => { + if (err) { + console.error('err'); + done(err); + } + done(null, user); + }); +}); + +passport.use( + new GoogleStrategy( + { + clientID: process.env.GOOGLE_CLIENT_ID, + clientSecret: process.env.GOOGLE_CLIENT_SECRET, + callbackURL: process.env.OAUTH_CALLBACK_URI, + }, + async (accessToken, refreshToken, profile, cb) => { + // find the user in the database based on their oauth id + const user = await Member.findOne({ oauthID: profile.id }); + + if (user) { + // user exists + return cb(null, user); + } else { + const newUser = await new Member({ + firstName: profile.name.givenName, + lastName: profile.name.familyName, + oauthID: profile.id, + email: profile.emails[0].value, + level: DEFAULT_LEVEL, + }).save(); + + cb(null, newUser); + } + }, + ), +); diff --git a/api/src/routes/index.js b/api/src/routes/index.js index f50d2a5..c9f7766 100644 --- a/api/src/routes/index.js +++ b/api/src/routes/index.js @@ -1,8 +1,9 @@ const express = require('express'); const router = express.Router(); -const { home } = require('../api'); +const { home, auth } = require('../api'); router.use('/api/home', home); +router.use('/api/auth', auth); module.exports = router; diff --git a/api/yarn.lock b/api/yarn.lock index 3776827..958098c 100644 --- a/api/yarn.lock +++ b/api/yarn.lock @@ -863,6 +863,11 @@ balanced-match@^1.0.0: resolved "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz#89b4d199ab2bee49de164ea02b89ce462d71b767" integrity sha1-ibTRmasr7kneFk6gK4nORi1xt2c= +base64url@3.x.x: + version "3.0.1" + resolved "https://registry.yarnpkg.com/base64url/-/base64url-3.0.1.tgz#6399d572e2bc3f90a9a8b22d5dbb0a32d33f788d" + integrity sha512-ir1UPr3dkwexU7FdV8qBBbNDRUhMmIekYMFZfi+C/sLNnRESKPl23nB9b2pltqfOQNnGzsDdId90AEtG5tCx4A== + base@^0.11.1: version "0.11.2" resolved "https://registry.yarnpkg.com/base/-/base-0.11.2.tgz#7bde5ced145b6d551a90db87f83c558b4eb48a8f" @@ -1259,6 +1264,11 @@ cookie@0.3.1: resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.3.1.tgz#e7e0a1f9ef43b4c8ba925c5c5a96e806d16873bb" integrity sha1-5+Ch+e9DtMi6klxcWpboBtFoc7s= +cookie@0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.4.0.tgz#beb437e7022b3b6d49019d088665303ebe9c14ba" + integrity sha512-+Hp8fLp57wnUSt0tY0tHEXh4voZRDnoIrZPqlo3DPiI4y9lwg/jqx+1Om94/W6ZaPDOUbnjOt/99w66zk+l1Xg== + cookiejar@^2.1.0: version "2.1.2" resolved "https://registry.yarnpkg.com/cookiejar/-/cookiejar-2.1.2.tgz#dd8a235530752f988f9a0844f3fc589e3111125c" @@ -1455,7 +1465,7 @@ denque@^1.4.1: resolved "https://registry.yarnpkg.com/denque/-/denque-1.4.1.tgz#6744ff7641c148c3f8a69c307e51235c1f4a37cf" integrity sha512-OfzPuSZKGcgr96rf1oODnfjqBFmr1DVoc/TrItj3Ohe0Ah1C5WX5Baquw/9U9KovnQ88EqmJbD66rKYUQYN1tQ== -depd@2.0.0: +depd@2.0.0, depd@~2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/depd/-/depd-2.0.0.tgz#b696163cc757560d09cf22cc8fad1571b79e76df" integrity sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw== @@ -1817,6 +1827,20 @@ expect@^25.5.0: jest-message-util "^25.5.0" jest-regex-util "^25.2.6" +express-session@^1.17.1: + version "1.17.1" + resolved "https://registry.yarnpkg.com/express-session/-/express-session-1.17.1.tgz#36ecbc7034566d38c8509885c044d461c11bf357" + integrity sha512-UbHwgqjxQZJiWRTMyhvWGvjBQduGCSBDhhZXYenziMFjxst5rMV+aJZ6hKPHZnPyHGsrqRICxtX8jtEbm/z36Q== + dependencies: + cookie "0.4.0" + cookie-signature "1.0.6" + debug "2.6.9" + depd "~2.0.0" + on-headers "~1.0.2" + parseurl "~1.3.3" + safe-buffer "5.2.0" + uid-safe "~2.1.5" + express@~4.16.1: version "4.16.4" resolved "https://registry.yarnpkg.com/express/-/express-4.16.4.tgz#fddef61926109e24c515ea97fd2f1bdbf62df12e" @@ -3688,6 +3712,11 @@ oauth-sign@~0.9.0: resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.9.0.tgz#47a7b016baa68b5fa0ecf3dee08a85c679ac6455" integrity sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ== +oauth@0.9.x: + version "0.9.15" + resolved "https://registry.yarnpkg.com/oauth/-/oauth-0.9.15.tgz#bd1fefaf686c96b75475aed5196412ff60cfb9c1" + integrity sha1-vR/vr2hslrdUda7VGWQS/2DPucE= + object-assign@^4: version "4.1.1" resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-4.1.1.tgz#2109adc7965887cfc05cbbd442cac8bfbb360863" @@ -3723,7 +3752,7 @@ on-finished@~2.3.0: dependencies: ee-first "1.1.1" -on-headers@~1.0.1: +on-headers@~1.0.1, on-headers@~1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/on-headers/-/on-headers-1.0.2.tgz#772b0ae6aaa525c399e489adfad90c403eb3c28f" integrity sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA== @@ -3830,7 +3859,7 @@ parse5@5.1.0: resolved "https://registry.yarnpkg.com/parse5/-/parse5-5.1.0.tgz#c59341c9723f414c452975564c7c00a68d58acd2" integrity sha512-fxNG2sQjHvlVAYmzBZS9YlDp6PTSSDwa98vkD4QgVDDCAo84z5X1t5XyJQ62ImdLXx5NdIIfihey6xpum9/gRQ== -parseurl@~1.3.2: +parseurl@~1.3.2, parseurl@~1.3.3: version "1.3.3" resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.3.tgz#9da19e7bee8d12dff0513ed5b76957793bc2e8d4" integrity sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ== @@ -3840,6 +3869,37 @@ pascalcase@^0.1.1: resolved "https://registry.yarnpkg.com/pascalcase/-/pascalcase-0.1.1.tgz#b363e55e8006ca6fe21784d2db22bd15d7917f14" integrity sha1-s2PlXoAGym/iF4TS2yK9FdeRfxQ= +passport-google-oauth20@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/passport-google-oauth20/-/passport-google-oauth20-2.0.0.tgz#0d241b2d21ebd3dc7f2b60669ec4d587e3a674ef" + integrity sha512-KSk6IJ15RoxuGq7D1UKK/8qKhNfzbLeLrG3gkLZ7p4A6DBCcv7xpyQwuXtWdpyR0+E0mwkpjY1VfPOhxQrKzdQ== + dependencies: + passport-oauth2 "1.x.x" + +passport-oauth2@1.x.x: + version "1.5.0" + resolved "https://registry.yarnpkg.com/passport-oauth2/-/passport-oauth2-1.5.0.tgz#64babbb54ac46a4dcab35e7f266ed5294e3c4108" + integrity sha512-kqBt6vR/5VlCK8iCx1/KpY42kQ+NEHZwsSyt4Y6STiNjU+wWICG1i8ucc1FapXDGO15C5O5VZz7+7vRzrDPXXQ== + dependencies: + base64url "3.x.x" + oauth "0.9.x" + passport-strategy "1.x.x" + uid2 "0.0.x" + utils-merge "1.x.x" + +passport-strategy@1.x.x: + version "1.0.0" + resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4" + integrity sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ= + +passport@^0.4.1: + version "0.4.1" + resolved "https://registry.yarnpkg.com/passport/-/passport-0.4.1.tgz#941446a21cb92fc688d97a0861c38ce9f738f270" + integrity sha512-IxXgZZs8d7uFSt3eqNjM9NQ3g3uQCW5avD8mRNoXV99Yig50vjuaez6dQK2qC0kVWPRTujxY0dWgGfT09adjYg== + dependencies: + passport-strategy "1.x.x" + pause "0.0.1" + path-exists@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-4.0.0.tgz#513bdbe2d3b95d7762e8c1137efa195c6c61b5b3" @@ -3877,6 +3937,11 @@ pause-stream@0.0.11: dependencies: through "~2.3" +pause@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/pause/-/pause-0.0.1.tgz#1d408b3fdb76923b9543d96fb4c9dfd535d9cb5d" + integrity sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10= + performance-now@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-2.1.0.tgz#6309f4e0e5fa913ec1c69307ae364b4b377c9e7b" @@ -4021,6 +4086,11 @@ qs@^6.5.1: resolved "https://registry.yarnpkg.com/qs/-/qs-6.9.4.tgz#9090b290d1f91728d3c22e54843ca44aea5ab687" integrity sha512-A1kFqHekCTM7cz0udomYUoYNWjBebHm/5wzU/XqrBRBNWectVH0QIiN+NEcZ0Dte5hvzHwbr8+XQmguPhJ6WdQ== +random-bytes@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/random-bytes/-/random-bytes-1.0.0.tgz#4f68a1dc0ae58bd3fb95848c30324db75d64360b" + integrity sha1-T2ih3Arli9P7lYSMMDJNt11kNgs= + range-parser@~1.2.0: version "1.2.1" resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.1.tgz#3cf37023d199e1c24d1a55b84800c2f3e6468031" @@ -4313,6 +4383,11 @@ safe-buffer@5.1.2, safe-buffer@~5.1.0, safe-buffer@~5.1.1: resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d" integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g== +safe-buffer@5.2.0: + version "5.2.0" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.0.tgz#b74daec49b1148f88c64b68d49b1e815c1f2f519" + integrity sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg== + safe-buffer@5.2.1, safe-buffer@^5.0.1, safe-buffer@^5.1.1, safe-buffer@^5.1.2: version "5.2.1" resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6" @@ -4980,6 +5055,18 @@ typedarray-to-buffer@^3.1.5: dependencies: is-typedarray "^1.0.0" +uid-safe@~2.1.5: + version "2.1.5" + resolved "https://registry.yarnpkg.com/uid-safe/-/uid-safe-2.1.5.tgz#2b3d5c7240e8fc2e58f8aa269e5ee49c0857bd3a" + integrity sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA== + dependencies: + random-bytes "~1.0.0" + +uid2@0.0.x: + version "0.0.3" + resolved "https://registry.yarnpkg.com/uid2/-/uid2-0.0.3.tgz#483126e11774df2f71b8b639dcd799c376162b82" + integrity sha1-SDEm4Rd03y9xuLY53NeZw3YWK4I= + undefsafe@^2.0.3: version "2.0.3" resolved "https://registry.yarnpkg.com/undefsafe/-/undefsafe-2.0.3.tgz#6b166e7094ad46313b2202da7ecc2cd7cc6e7aae" @@ -5070,7 +5157,7 @@ util-deprecate@~1.0.1: resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" integrity sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8= -utils-merge@1.0.1: +utils-merge@1.0.1, utils-merge@1.x.x: version "1.0.1" resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713" integrity sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM= diff --git a/vercel.json b/vercel.json index f857491..a83ef84 100644 --- a/vercel.json +++ b/vercel.json @@ -1,7 +1,11 @@ { "regions": ["iad1"], "env": { - "MONGO_URL": "@memberdb_tool_db_url" + "MONGO_URL": "@memberdb_tool_db_url", + "GOOGLE_CLIENT_ID": "@memberdb_tool_google_client_id", + "GOOGLE_CLIENT_SECRET": "@memberdb_tool_google_client_secret", + "SESSION_SECRET": "@memberdb_tool_session_secret", + "OAUTH_CALLBACK_URI": "https://memberdb-tool.vercel.app/api/auth/redirectURI" }, "builds": [ { "src": "api/src/app.js", "use": "@now/node" }, @@ -40,6 +44,3 @@ { "src": "/(.*)", "dest": "client/index.html" } ] } - - -