time-tracker-azure-functions/SignUpValidation/index.js at master · ioet/time-tracker-azure-functions · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
module.exports = async function (context, req) {
  context.log("JavaScript HTTP trigger function processed a request v1.");
  const API_VERSION = "1.0.0";

  // Parse Basic Auth username and password
  var header = req.headers["authorization"] || "", // get the header
    token = header.split(/\s+/).pop() || "", // and the encoded auth token
    auth = new Buffer.from(token, "base64").toString(), // convert from base64
    parts = auth.split(/:/), // split on colon
    username = parts[0],
    password = parts[1];

  // Check for HTTP Basic Authentication, return HTTP 401 error if invalid credentials.
  if (
    username !== process.env["BASIC_AUTH_USERNAME"] ||
    password !== process.env["BASIC_AUTH_PASSWORD"]
  ) {
    context.res = {
      status: 401,
    };
    context.log("Invalid Authentication");
    return;
  }

  // If input data is null, return error.
  const INVALID_REQUEST = {
    status: 400,
    body: {
      version: API_VERSION,
      code: "INVALID_REQUEST",
    },
  };

  if (!(req.body && req.body.email)) {
    context.res = INVALID_REQUEST;
    context.log("Invalid Request");
    return;
  }

  // Log the request body
  context.log(`Request body: ${JSON.stringify(req.body)}`);

  // Get domain of email address
  const domain = req.body.email.split("@")[1];
  const allowedDomains = ["ioet.com"];
  const allowedEmail = process.env["EMAIL_ENABLED_FOR_REGISTRATION"];

  context.log("Validation: ", allowedDomains.includes(domain.toLowerCase()));
  // Check that the domain of the email is from a specific other tenant
  if (
    !allowedDomains.includes(domain.toLowerCase()) &&
    allowedEmail !== req.body.email.toLowerCase()
  ) {
    context.res = {
      body: {
        version: API_VERSION,
        action: "ShowBlockPage",
        userMessage:
          "You must have an account from a valid domain to register as an user for ioet Inc.",
        code: "SignUp-BlockByEmailDomain-0",
      },
    };
    context.log(context.res);
    return;
  }

  // Email domain and user collected attribute are valid, return continuation response.
  context.res = {
    body: { version: API_VERSION, action: "Continue" },
  };

  context.log(context.res);
  return;
};