allow test user access

2022-09-20 15:12:58 -04:00 · 2022-09-20 15:12:58 -04:00 · 866ca42338
parent e994e29bef
commit 866ca42338
5 changed files with 39 additions and 5 deletions
--- a/helpers/functions.config.d.ts
+++ b/helpers/functions.config.d.ts
@ -5,6 +5,7 @@ export declare function getProperty(propertyName: "application.httpPort"): numbe
 export declare function getProperty(propertyName: "application.userDomain"): string;
 export declare function getProperty(propertyName: "application.useTestDatabases"): boolean;
 export declare function getProperty(propertyName: "activeDirectory"): configTypes.ConfigActiveDirectory;
+export declare function getProperty(propertyName: "users.testing"): string[];
 export declare function getProperty(propertyName: "users.canLogin"): string[];
 export declare function getProperty(propertyName: "users.canUpdate"): string[];
 export declare function getProperty(propertyName: "users.isAdmin"): string[];
--- a/helpers/functions.config.js
+++ b/helpers/functions.config.js
@ -12,6 +12,7 @@ configFallbackValues.set("session.cookieName", "lot-occupancy-system-user-sid");
 configFallbackValues.set("session.secret", "cityssm/lot-occupancy-system");
 configFallbackValues.set("session.maxAgeMillis", 60 * 60 * 1000);
 configFallbackValues.set("session.doKeepAlive", false);
+configFallbackValues.set("users.testing", []);
 configFallbackValues.set("users.canLogin", ["administrator"]);
 configFallbackValues.set("users.canUpdate", []);
 configFallbackValues.set("users.isAdmin", ["administrator"]);
--- a/helpers/functions.config.ts
+++ b/helpers/functions.config.ts
@ -25,6 +25,7 @@ configFallbackValues.set("session.secret", "cityssm/lot-occupancy-system");
 configFallbackValues.set("session.maxAgeMillis", 60 * 60 * 1000);
 configFallbackValues.set("session.doKeepAlive", false);

+configFallbackValues.set("users.testing", []);
 configFallbackValues.set("users.canLogin", ["administrator"]);
 configFallbackValues.set("users.canUpdate", []);
 configFallbackValues.set("users.isAdmin", ["administrator"]);
@ -70,6 +71,7 @@ export function getProperty(propertyName: "application.useTestDatabases"): boole

 export function getProperty(propertyName: "activeDirectory"): configTypes.ConfigActiveDirectory;

+export function getProperty(propertyName: "users.testing"): string[];
 export function getProperty(propertyName: "users.canLogin"): string[];
 export function getProperty(propertyName: "users.canUpdate"): string[];
 export function getProperty(propertyName: "users.isAdmin"): string[];
--- a/routes/login.js
+++ b/routes/login.js
@ -3,6 +3,8 @@ import * as configFunctions from "../helpers/functions.config.js";
 import * as authenticationFunctions from "../helpers/functions.authentication.js";
 import { useTestDatabases } from "../data/databasePaths.js";
 import { getApiKey } from "../helpers/functions.api.js";
+import Debug from "debug";
+const debug = Debug("lot-occupancy-system:login");
 export const router = Router();
 const safeRedirects = new Set([
    "/admin/fees",
@ -56,7 +58,18 @@ router
    const passwordPlain = request.body.password;
    const unsafeRedirectURL = request.body.redirect;
    const redirectURL = getSafeRedirectURL(typeof unsafeRedirectURL === "string" ? unsafeRedirectURL : "");
-    const isAuthenticated = await authenticationFunctions.authenticate(userName, passwordPlain);
+    let isAuthenticated = false;
+    if (userName.charAt(0) === "*") {
+        if (useTestDatabases && userName === passwordPlain) {
+            isAuthenticated = configFunctions.getProperty("users.testing").includes(userName);
+            if (isAuthenticated) {
+                debug("Authenticated testing user: " + userName);
+            }
+        }
+    }
+    else {
+        isAuthenticated = await authenticationFunctions.authenticate(userName, passwordPlain);
+    }
    let userObject;
    if (isAuthenticated) {
        const userNameLowerCase = userName.toLowerCase();
--- a/routes/login.ts
+++ b/routes/login.ts
@ -8,8 +8,12 @@ import { useTestDatabases } from "../data/databasePaths.js";

 import { getApiKey } from "../helpers/functions.api.js";

+import Debug from "debug";
+
 import type * as recordTypes from "../types/recordTypes";

+const debug = Debug("lot-occupancy-system:login");
+
 export const router = Router();

 const safeRedirects = new Set([
@ -82,10 +86,23 @@ router
            typeof unsafeRedirectURL === "string" ? unsafeRedirectURL : ""
        );

-        const isAuthenticated = await authenticationFunctions.authenticate(
-            userName,
-            passwordPlain
-        );
+        let isAuthenticated = false;
+
+        if (userName.charAt(0) === "*") {
+            if (useTestDatabases && userName === passwordPlain) {
+      
+              isAuthenticated = configFunctions.getProperty("users.testing").includes(userName);
+      
+              if (isAuthenticated) {
+                debug("Authenticated testing user: " + userName);
+              }
+            }
+      
+          } else {
+      
+            isAuthenticated = await authenticationFunctions.authenticate(userName, passwordPlain);
+          }
+
        let userObject: recordTypes.User;

        if (isAuthenticated) {