gristlabs_grist-core/app/server/lib/TestLogin.ts
Paul Fitzpatrick ab3cdb62ac (core) make the support account configurable, and allow listing public sites
Summary:
This makes two small tweaks based on a user's questions about sharing
sites publicly for a self-managed installation:

 * The support user `support@getgrist.com` is made configurable with
   `GRIST_SUPPORT_EMAIL`. This came up because only the support user
   can share material with the special "everyone" user. This restriction
   was added to avoid spam.
 * Regardless of public sharing settings, for our SaaS we had
   decided not to list public sites to anonymous users. That is
   somewhat a question of taste, so a `GRIST_LIST_PUBLIC_SITES` flag
   is added to override this choice.

Public sharing isn't in a well polished state, and this diff doesn't
advance that, in fact it adds a new wrinkle :-/

Test Plan: existing tests pass; manual testing

Reviewers: jarek

Reviewed By: jarek

Subscribers: jarek

Differential Revision: https://phab.getgrist.com/D3663
2022-10-14 14:23:59 -04:00

42 lines
1.4 KiB
TypeScript

import {SUPPORT_EMAIL} from 'app/gen-server/lib/HomeDBManager';
import {GristLoginSystem, GristServer} from 'app/server/lib/GristServer';
import {Request} from 'express';
/**
* Return a login system for testing. Just enough to use the test/login endpoint
* available when GRIST_TEST_LOGIN=1 is set.
*/
export async function getTestLoginSystem(): Promise<GristLoginSystem> {
return {
async getMiddleware(gristServer: GristServer) {
async function getLoginRedirectUrl(req: Request, url: URL) {
const target = new URL(gristServer.getHomeUrl(req, 'test/login'));
target.searchParams.append('next', url.href);
return target.href || url.href;
}
return {
getLoginRedirectUrl,
async getLogoutRedirectUrl(req: Request, url: URL) {
return url.href;
},
getSignUpRedirectUrl: getLoginRedirectUrl,
async addEndpoints() {
// Make sure support user has a test api key if needed.
if (process.env.TEST_SUPPORT_API_KEY) {
const dbManager = gristServer.getHomeDBManager();
const user = await dbManager.getUserByLogin(SUPPORT_EMAIL);
if (user) {
user.apiKey = process.env.TEST_SUPPORT_API_KEY;
await user.save();
}
}
return "test-login";
},
};
},
async deleteUser() {
// nothing to do
},
};
}