popov/mwitnessing
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' into production

Browse Source
This commit is contained in:
Dobromir Popov
2024-06-03 19:23:13 +03:00
parent 5d5ad2dbc5 8ca0884acd
commit 79611d4b95
7 changed files with 42 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.env
View File

@@ -11,6 +11,7 @@ NODE_ENV=development
DATABASE=mysql://cart:cartpw@localhost:3306/cart DATABASE=mysql://cart:cartpw@localhost:3306/cart
# DATABASE=mysql://cart:cartpw@192.168.0.10:3306/cart_dev # DATABASE=mysql://cart:cartpw@192.168.0.10:3306/cart_dev
NEXT_PUBLIC_PUBLIC_URL=https://localhost:3003 NEXT_PUBLIC_PUBLIC_URL=https://localhost:3003
ADMIN_PASSWORD=123456
# // owner: dobromir.popov@gmail.com | Специално Свидетелстване София # // owner: dobromir.popov@gmail.com | Специално Свидетелстване София
# // https://console.cloud.google.com/apis/credentials/oauthclient/926212607479-d3m8hm8f8esp3rf1639prskn445sa01v.apps.googleusercontent.com?project=grand-forge-108716 # // https://console.cloud.google.com/apis/credentials/oauthclient/926212607479-d3m8hm8f8esp3rf1639prskn445sa01v.apps.googleusercontent.com?project=grand-forge-108716

1
_deploy/deoloy.azure.production.yml
View File

@@ -18,6 +18,7 @@ services:
- GIT_BRANCH=production - GIT_BRANCH=production
- GIT_USERNAME=deploy - GIT_USERNAME=deploy
- GIT_PASSWORD=L3Kr2R438u4F7 - GIT_PASSWORD=L3Kr2R438u4F7
- ADMIN_PASSWORD=changeme
command: sh -c " cd /app && npm install && npm run prod; tail -f /dev/null" command: sh -c " cd /app && npm install && npm run prod; tail -f /dev/null"
#command: sh -c " cd /app && tail -f /dev/null" #command: sh -c " cd /app && tail -f /dev/null"
tty: true tty: true

1
_deploy/deoloy.azure.staging.yml
View File

@@ -15,6 +15,7 @@ services:
- GIT_BRANCH=main - GIT_BRANCH=main
- GIT_USERNAME=deploy - GIT_USERNAME=deploy
- GIT_PASSWORD=L3Kr2R438u4F7 - GIT_PASSWORD=L3Kr2R438u4F7
- ADMIN_PASSWORD=kolichkisofia2024
command: sh -c " cd /app && npm install && npx next build && npm run start-env; tail -f /dev/null" command: sh -c " cd /app && npm install && npx next build && npm run start-env; tail -f /dev/null"
tty: true tty: true
stdin_open: true stdin_open: true

2
_doc/ToDo.md
View File

@@ -250,6 +250,7 @@ in schedule admin - if a publisher is always pair & family is not in the shift -
[] invalidate one/all user sessions [] invalidate one/all user sessions
[] log deletions [] log deletions
[] add user permissions [with logging when used] [] add user permissions [with logging when used]
[] ? store sessions in DB ?
[] improve reports page(s) [] improve reports page(s)
@@ -261,3 +262,4 @@ in schedule admin - if a publisher is always pair & family is not in the shift -
[] allow blocking of inputs (different from publishing) [] allow blocking of inputs (different from publishing)
[] user - add createdAt field [] user - add createdAt field
[] FIX insecure logins

3
components/PwaManager.tsx
View File

@@ -141,7 +141,8 @@ function PwaManager({ subs }) {
body: JSON.stringify({ subscription: sub, id: session.user.id }) body: JSON.stringify({ subscription: sub, id: session.user.id })
}).then(async response => { }).then(async response => {
if (!response.ok) { if (!response.ok) {
throw new Error('Failed to save subscription data on server.'); //throw new Error('Failed to save subscription data on server.');
console.log('Failed to save subscription data on server.');
} }
else { else {
console.log('Subscription data saved on server.'); console.log('Subscription data saved on server.');

3
components/PwaManagerNotifications.tsx
View File

@@ -102,7 +102,8 @@ function PwaManagerNotifications() {
body: JSON.stringify({ subscription: sub, id: session.user.id }) body: JSON.stringify({ subscription: sub, id: session.user.id })
}).then(async response => { }).then(async response => {
if (!response.ok) { if (!response.ok) {
throw new Error('Failed to save subscription data on server.'); // throw new Error('Failed to save subscription data on server.');
console.log('Failed to save subscription data on server.');
} }
else { else {
console.log('Subscription data saved on server.'); console.log('Subscription data saved on server.');

58
pages/api/auth/[...nextauth].ts
View File

@@ -72,10 +72,9 @@ export const authOptions: NextAuthOptions = {
password: { label: "Парола", type: "password" } password: { label: "Парола", type: "password" }
}, },
async authorize(credentials, req) { async authorize(credentials, req) {
const users = [ const users = [
{ id: "1", name: "admin", email: "admin@example.com", password: "admin123", role: "ADMIN", static: true }, { id: "1", name: "admin", email: "admin@example.com", password: process.env.ADMIN_PASSWORD, role: "ADMIN", static: true }
{ id: "2", name: "krasi", email: "krasi@example.com", password: "krasi123", role: "ADMIN", static: true },
{ id: "3", name: "popov", email: "popov@example.com", password: "popov123", role: "ADMIN", static: true }
]; ];
const user = users.find(user => const user = users.find(user =>
@@ -83,6 +82,11 @@ export const authOptions: NextAuthOptions = {
); );
if (user) { if (user) {
const remoteIP = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
const userAgent = req.headers['user-agent'];
const message = "login form built-in admin account from ip:" + remoteIP + " user-agent:" + userAgent;
console.log(message);
logger.info(message);
return user; return user;
} }
else { else {
@@ -118,31 +122,35 @@ export const authOptions: NextAuthOptions = {
} }
} }
else { else {
const pub = await prisma.publisher.findUnique({ where: { email: credentials.username } }); try {
if (pub) { const pub = await prisma.publisher.findUnique({ where: { email: credentials.username } });
const passHash = await bcrypt.hash(credentials.password, 10); if (pub) {
const mailVerifyToken = await bcrypt.hash(pub.email, 10); const passHash = await bcrypt.hash(credentials.password, 10);
const date = new Date().getTime(); const mailVerifyToken = await bcrypt.hash(pub.email, 10);
const emailVerifyToken = date + "_" + mailVerifyToken; const date = new Date().getTime();
const newUser = await prisma.user.create({ const emailVerifyToken = date + "_" + mailVerifyToken;
data: { const newUser = await prisma.user.create({
name: credentials.username, data: {
email: credentials.username, name: credentials.username,
passwordHashLocalAccount: passHash, email: credentials.username,
emailVerifyToken: emailVerifyToken passwordHashLocalAccount: passHash,
} emailVerifyToken: emailVerifyToken
}); }
console.log("New local credential user created for publisher ", pub.firstName, " ", pub.lastName, " (", pub.email, ")"); });
logger.info("New local credential user created for publisher ", pub.firstName, " ", pub.lastName, " (", pub.email, ")"); console.log("New local credential user created for publisher ", pub.firstName, " ", pub.lastName, " (", pub.email, ")");
emailHelper.SendEmail_ValidateTemplate(pub.email, emailVerifyToken, pub.firstName, pub.lastName); logger.info("New local credential user created for publisher ", pub.firstName, " ", pub.lastName, " (", pub.email, ")");
//return newUser; emailHelper.SendEmail_ValidateTemplate(pub.email, emailVerifyToken, pub.firstName, pub.lastName);
throw new Error("Моля проверете вашия имейл '" + credentials?.username + "' за да потвърдите регистрацията си."); //return newUser;
} throw new Error("Моля проверете вашия имейл '" + credentials?.username + "' за да потвърдите регистрацията си.");
else { }
else {
throw new Error("Не можем да намерим твоя имейл '" + credentials?.username + "' в участниците в ССОМ. Моля свържи се с нас за да те регистрираме ако искаш да ползваш този имейл.");
}
} catch (err) {
console.log("Error in credentials authorize:", err);
throw new Error("Не можем да намерим твоя имейл '" + credentials?.username + "' в участниците в ССОМ. Моля свържи се с нас за да те регистрираме ако искаш да ползваш този имейл."); throw new Error("Не можем да намерим твоя имейл '" + credentials?.username + "' в участниците в ССОМ. Моля свържи се с нас за да те регистрираме ако искаш да ползваш този имейл.");
} }
} }
} }
} }