Merge pull request #73 from Holo-Host/zt-auth

[B-06293] zt_registration checks if registrant is authorized
Holo-Host · Feb 27, 2024 · ef7eab5 · ef7eab5
2 parents 5e5622f + 6a5442c
commit ef7eab5
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 3 deletions.
diff --git a/server/src/routes/zt_registration.js b/server/src/routes/zt_registration.js
@@ -72,6 +72,45 @@ const cleanUpMembers = (address, apiToken, networkId) => {
     .catch((e) => console.log("Unable to deauthorize - Error: ", e))
 }
 
+/**
+ * Check if a given user (identified by email) is alredy registered and if registration parameters are correct
+ * @param email
+ */
+const isVerifiedUser = async (email) => {
+  const mongodbApiKey = await SETTINGS.get('mongodb_api_key')
+  const mongodbApiUrl = "https://eu-central-1.aws.data.mongodb-api.com/app/data-fcrur/endpoint/data/v1/action/findOne"
+
+  let headers = new Headers()
+  headers.append("Content-Type", "application/json")
+  headers.append("api-key", mongodbApiKey)
+
+  let filter = {
+    "collection":"registrations",
+    "database":"opsconsoledb",
+    "dataSource":"Cluster0",
+    "filter": {
+      "email": email
+    }
+  }
+
+  let resp = await fetch(mongodbApiUrl, {
+    headers,
+    method: "POST",
+    body: JSON.stringify(filter)
+  })
+
+  let user = await resp.json()
+
+  if (user.document && user.document.registrationCode.length > 0) {
+    let host = user.document.registrationCode.find(el => el.role === "host")
+
+    if (host.approved) return true
+  }
+
+  console.log(`user ${email} was not found in registration database`)
+  return false
+}
+
 /**
  * It adds a new member to the ZeroTier network.
  * @returns A 200 status code and a message.
@@ -82,7 +121,9 @@ const handle = async req => {
     const { data } = payload
     const { email, holochain_agent_id, zerotier_address, holoport_url } = data
 
-    return addZeroTierMember(zerotier_address, holochain_agent_id, email)
+    if (isVerifiedUser(email)) return addZeroTierMember(zerotier_address, holochain_agent_id, email)
+
+    respond(401)
   } catch (e) {
     console.log(e)
     return respond(401)

diff --git a/server/wrangler.toml b/server/wrangler.toml
@@ -13,7 +13,7 @@ command = "npm install && npm run build"
 name = "auth-server"
 route = "auth-server.holo.host/*"
 kv_namespaces = [
-    { binding = "SETTINGS", id = "5181f479e6d84fc9835c5195b08a7029"}
+    { binding = "SETTINGS", id = "56ecfe1cf54d43839e2c867798e5003b"}
 ]
 
-main = "dist/main.js"
+main = "dist/main.js"