From 362bf2b63e75efc6d6d1588d01e29a4b2dfe4268 Mon Sep 17 00:00:00 2001 From: Vins Date: Mon, 26 Feb 2024 11:07:12 +0100 Subject: [PATCH 1/2] Insensitive mode on get by email for case-sensitive problem --- src/common/repositories/ContactRepository.ts | 5 ++++- src/common/repositories/WhitelistRepository.ts | 7 +++++-- src/services/customer/CustomersService/CustomersService.ts | 7 +++++-- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/src/common/repositories/ContactRepository.ts b/src/common/repositories/ContactRepository.ts index b1784291..279819d8 100644 --- a/src/common/repositories/ContactRepository.ts +++ b/src/common/repositories/ContactRepository.ts @@ -21,7 +21,10 @@ export default class ContactRepository extends BaseRepository { public async findSomeByEmail(email: string): Promise<(Contacts & {customers: Customers | null})[] | null> { return this.model.findMany({ where: { - email: email, + email: { + equals: email, + mode: "insensitive" + } }, include: { customers: true } }); diff --git a/src/common/repositories/WhitelistRepository.ts b/src/common/repositories/WhitelistRepository.ts index 5f26c087..5ecee085 100644 --- a/src/common/repositories/WhitelistRepository.ts +++ b/src/common/repositories/WhitelistRepository.ts @@ -27,9 +27,12 @@ export default class WhitelistRepository extends BaseRepository { * @description : find unique by email */ public async findOneByEmail(email: string) { - return this.model.findUnique({ + return this.model.findMany({ where: { - email: email, + email: { + equals: email, + mode: "insensitive" + } }, }); } diff --git a/src/services/customer/CustomersService/CustomersService.ts b/src/services/customer/CustomersService/CustomersService.ts index 234238c8..fcc02d17 100644 --- a/src/services/customer/CustomersService/CustomersService.ts +++ b/src/services/customer/CustomersService/CustomersService.ts @@ -91,7 +91,7 @@ export default class CustomersService extends BaseService { public async verifyEmail2FASms(email: string): Promise<{ customer: Customer; totpCode: TotpCodesResource } | null> { // 1: Check if the customer exists const customer = await this.getByEmail(email); - if (!customer) return null; + if (!customer) return null; const now = new Date().getTime(); const customerHydrated = Customer.hydrate(customer); @@ -316,7 +316,10 @@ export default class CustomersService extends BaseService { return this.customerRepository.findOne({ where: { contact: { - email, + email:{ + equals: email, + mode: 'insensitive' + } }, }, include: { From 63a728db946d9580484935d2627ba67de742e112 Mon Sep 17 00:00:00 2001 From: Vins Date: Wed, 28 Feb 2024 12:06:26 +0100 Subject: [PATCH 2/2] Fixed whitelist --- src/app/api/idnot/UserController.ts | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/app/api/idnot/UserController.ts b/src/app/api/idnot/UserController.ts index 6aeabb4b..0521a747 100644 --- a/src/app/api/idnot/UserController.ts +++ b/src/app/api/idnot/UserController.ts @@ -25,6 +25,7 @@ export default class UserController extends ApiController { protected async getUserInfosFromIdnot(req: Request, response: Response) { try { const code = req.params["code"]; + if (!code) throw new Error("code is required"); const idNotToken = await this.idNotService.getIdNotToken(code); @@ -34,16 +35,19 @@ export default class UserController extends ApiController { return; } - const user = await this.idNotService.getOrCreateUser(idNotToken); + const user = await this.idNotService.getOrCreateUser(idNotToken); if(!user) { this.httpUnauthorized(response, "Email not found"); return; } + await this.idNotService.updateUser(user.uid); + //Whitelist feature //Get user with contact const prismaUser = await this.userService.getByUid(user.uid, {contact: true }); + if (!prismaUser) { this.httpNotFoundRequest(response, "user not found"); return; @@ -58,15 +62,16 @@ export default class UserController extends ApiController { } //Check if user is whitelisted - const isWhitelisted = await this.whitelistService.getByEmail(userHydrated.contact!.email); + + const isWhitelisted = await this.whitelistService.getByEmail(userHydrated.contact!.email); //If not whitelisted, return 409 Not whitelisted - if (!isWhitelisted) { + if (!isWhitelisted || isWhitelisted.length === 0) { this.httpNotWhitelisted(response); return; } - await this.idNotService.updateUser(user.uid); + await this.idNotService.updateOffice(user.office_uid); const payload = await this.authService.getUserJwtPayload(user.idNot);