Merge pull request #26 from FlavioAandres/secret-user

Adding secrets to user

API/Functions/Users/index.js

@@ -1,5 +1,5 @@
 const UserRepo = require("./../../../shared/database/repos/user.repo");
-
+const { encrypt, decrypt } = require('../../../shared/utils/crypto')
 module.exports.getUserInformation = async () => {
   try {
     const result = await UserRepo.getUser(
@@ -66,3 +66,41 @@ module.exports.addNewCategory = async (event) => {
     };
   }
 };
+
+module.exports.checkSecretKey = async (event) => {
+  const body = event.body ? JSON.parse(event.body) : {};
+
+  if (!body.secretKey) return {
+    statusCode: 400,
+    headers: {
+      "Access-Control-Allow-Origin": "*",
+    }
+  }
+
+  const user = await UserRepo.getUser({
+    emails: process.env.EMAIL_USERNAME,
+  })
+
+  if (!user.secretKey) return {
+    statusCode: 409,
+    headers: {
+      "Access-Control-Allow-Origin": "*",
+    }
+  }
+
+  const userKey = decrypt(user.secretKey)
+
+  if (userKey !== body.secretKey) return {
+    statusCode: 401,
+    headers: {
+      "Access-Control-Allow-Origin": "*",
+    }
+  }
+
+  return {
+    statusCode: 200,
+    headers: {
+      "Access-Control-Allow-Origin": "*",
+    }
+  }
+}

client/src/App.js

@@ -14,7 +14,7 @@ class App extends React.Component {
   constructor(props) {
     super(props);
     this.state = {
-      secret: "null",
+      secret: null,
       user: {},
       banks: [],
       prepayments: [],
@@ -37,12 +37,27 @@ class App extends React.Component {
   };
 
   componentDidMount = () => {
+    if(!this.state.secretKey) return; 
+    this.loadInitialData()
+  };
+
+  loadInitialData(){
     this.getPrePayments();
     this.getUserInformation()
-  };
+  }
+  componentDidUpdate(prevProps, prevState){
+    const { secret } = prevState
+    if(!secret && this.state.secret){
+      this.loadInitialData()
+    }
+  }
 
   onLoginClick = (secret) => {
-    console.log(secret);
+    axios.post(constants.basepath + constants.routes.secret, {
+      secretKey: secret
+    }).then(result=>{
+      this.setState({secret: true})
+    }).catch(err=>console.error(err))
   };
 
   getUserInformation = () => {
@@ -89,6 +104,7 @@ class App extends React.Component {
       }
     })
   }
+
   render() {
     const { prepayments, secret, user } = this.state;
 

client/src/components/SecretCodeScreen.js

@@ -2,29 +2,31 @@ import React from "react";
 import { PasswordStrengthMeter, TextField, Icon, Button } from "emerald-ui/lib";
 
 const SecretCodeScreen = (props) => {
-    const {
-        onLoginClick = ()=>null
-    } = props
- const [secretPassword, setSecret] = React.useState('')
+  const { onLoginClick = () => null } = props;
+  const [secretPassword, setSecret] = React.useState("");
   return (
     <div className="full-screen-secret-container">
       <div className="login-container">
         <img src="" alt="" />
         <div className="secret-key-input-container">
-          <PasswordStrengthMeter id="passwordmeter">
-            <TextField
-              value={secretPassword}
-              onChange={(evt)=> console.log(evt.target)}
-              label="Ingrese su Llave de acceso: "
-              type="password"
-              style={{ width: "250px" }}
-            />
-          </PasswordStrengthMeter>
-          <Button 
-          onClick={() => onLoginClick(secretPassword)}
-          color="danger" 
-          clearable="true"
-          className="sign-in-button">
+          <TextField
+            clearable
+            onClear={() => setSecret("")}
+            value={secretPassword}
+            onKeyPress={(evt) => {
+              if (evt.key === "Enter") onLoginClick(secretPassword);
+            }}
+            onChange={(evt) => setSecret(evt.target.value)}
+            label="Ingrese su Llave de acceso: "
+            type="password"
+            style={{ width: "250px" }}
+          />
+          <Button
+            onClick={() => onLoginClick(secretPassword)}
+            color="danger"
+            clearable="true"
+            className="sign-in-button"
+          >
             <Icon name="thumb_up" />
           </Button>
         </div>

client/src/constants.js

@@ -7,5 +7,6 @@ export default {
         datacredit: '/datacredit',
         user: '/user',
         categories: '/user/categories',
+        secret: '/user/secret',
     }
 }

devutils/generateDataCreditoCredentials.js

@@ -1,6 +1,6 @@
 const { encrypt } = require('../shared/utils/crypto')
 
-const username = "user";
+const username = "XXXXXXX";
 const password = "passwprd";
 const secondpass = "secondpass";
 

serverless.yml

@@ -102,6 +102,20 @@ functions:
             - origin: "*"
             - headers: "Access-Control-Allow-Origin"
 
+  CheckUserSecret:
+    handler: API/Functions/Users.checkSecretKey
+    name: UserRepo-post-secretKey-${opt:stage}
+    environment:
+      EMAIL_USERNAME: ${file(./config/${opt:stage}.json):EMAIL_USERNAME}
+    events:
+      - http:
+          path: /user/secret
+          method: POST
+          cors:
+            - enabled: true
+            - origin: "*"
+            - headers: "Access-Control-Allow-Origin"
+
   SaveCategory:
     handler: API/Functions/Users.addNewCategory
     name: UserRepo-Categories-POST-${opt:stage}

shared/models/user.model.js

@@ -8,6 +8,10 @@ const userSchema = mongoose.Schema(
             index: true,
             required: false,
         },
+        secretKey: {
+            iv: String, 
+            content: String, 
+        },
         email: {
             type: String,
             required: true,