diff --git a/API/Functions/Users/index.js b/API/Functions/Users/index.js index 8ce45c3..4f53e1c 100644 --- a/API/Functions/Users/index.js +++ b/API/Functions/Users/index.js @@ -1,5 +1,5 @@ const UserRepo = require("./../../../shared/database/repos/user.repo"); - +const { encrypt, decrypt } = require('../../../shared/utils/crypto') module.exports.getUserInformation = async () => { try { const result = await UserRepo.getUser( @@ -66,3 +66,41 @@ module.exports.addNewCategory = async (event) => { }; } }; + +module.exports.checkSecretKey = async (event) => { + const body = event.body ? JSON.parse(event.body) : {}; + + if (!body.secretKey) return { + statusCode: 400, + headers: { + "Access-Control-Allow-Origin": "*", + } + } + + const user = await UserRepo.getUser({ + emails: process.env.EMAIL_USERNAME, + }) + + if (!user.secretKey) return { + statusCode: 409, + headers: { + "Access-Control-Allow-Origin": "*", + } + } + + const userKey = decrypt(user.secretKey) + + if (userKey !== body.secretKey) return { + statusCode: 401, + headers: { + "Access-Control-Allow-Origin": "*", + } + } + + return { + statusCode: 200, + headers: { + "Access-Control-Allow-Origin": "*", + } + } +} \ No newline at end of file diff --git a/client/src/App.js b/client/src/App.js index 699a830..af7ac11 100644 --- a/client/src/App.js +++ b/client/src/App.js @@ -14,7 +14,7 @@ class App extends React.Component { constructor(props) { super(props); this.state = { - secret: "null", + secret: null, user: {}, banks: [], prepayments: [], @@ -37,12 +37,27 @@ class App extends React.Component { }; componentDidMount = () => { + if(!this.state.secretKey) return; + this.loadInitialData() + }; + + loadInitialData(){ this.getPrePayments(); this.getUserInformation() - }; + } + componentDidUpdate(prevProps, prevState){ + const { secret } = prevState + if(!secret && this.state.secret){ + this.loadInitialData() + } + } onLoginClick = (secret) => { - console.log(secret); + axios.post(constants.basepath + constants.routes.secret, { + secretKey: secret + }).then(result=>{ + this.setState({secret: true}) + }).catch(err=>console.error(err)) }; getUserInformation = () => { @@ -89,6 +104,7 @@ class App extends React.Component { } }) } + render() { const { prepayments, secret, user } = this.state; diff --git a/client/src/components/SecretCodeScreen.js b/client/src/components/SecretCodeScreen.js index 2bd88a8..e9c0565 100644 --- a/client/src/components/SecretCodeScreen.js +++ b/client/src/components/SecretCodeScreen.js @@ -2,29 +2,31 @@ import React from "react"; import { PasswordStrengthMeter, TextField, Icon, Button } from "emerald-ui/lib"; const SecretCodeScreen = (props) => { - const { - onLoginClick = ()=>null - } = props - const [secretPassword, setSecret] = React.useState('') + const { onLoginClick = () => null } = props; + const [secretPassword, setSecret] = React.useState(""); return (
- - console.log(evt.target)} - label="Ingrese su Llave de acceso: " - type="password" - style={{ width: "250px" }} - /> - -
diff --git a/client/src/constants.js b/client/src/constants.js index a2fe431..622c790 100644 --- a/client/src/constants.js +++ b/client/src/constants.js @@ -7,5 +7,6 @@ export default { datacredit: '/datacredit', user: '/user', categories: '/user/categories', + secret: '/user/secret', } } \ No newline at end of file diff --git a/devutils/generateDataCreditoCredentials.js b/devutils/generateDataCreditoCredentials.js index 12a5713..24e52b8 100644 --- a/devutils/generateDataCreditoCredentials.js +++ b/devutils/generateDataCreditoCredentials.js @@ -1,6 +1,6 @@ const { encrypt } = require('../shared/utils/crypto') -const username = "user"; +const username = "XXXXXXX"; const password = "passwprd"; const secondpass = "secondpass"; diff --git a/serverless.yml b/serverless.yml index d36b673..1275474 100644 --- a/serverless.yml +++ b/serverless.yml @@ -102,6 +102,20 @@ functions: - origin: "*" - headers: "Access-Control-Allow-Origin" + CheckUserSecret: + handler: API/Functions/Users.checkSecretKey + name: UserRepo-post-secretKey-${opt:stage} + environment: + EMAIL_USERNAME: ${file(./config/${opt:stage}.json):EMAIL_USERNAME} + events: + - http: + path: /user/secret + method: POST + cors: + - enabled: true + - origin: "*" + - headers: "Access-Control-Allow-Origin" + SaveCategory: handler: API/Functions/Users.addNewCategory name: UserRepo-Categories-POST-${opt:stage} diff --git a/shared/models/user.model.js b/shared/models/user.model.js index 9d5d0ad..502efa5 100644 --- a/shared/models/user.model.js +++ b/shared/models/user.model.js @@ -8,6 +8,10 @@ const userSchema = mongoose.Schema( index: true, required: false, }, + secretKey: { + iv: String, + content: String, + }, email: { type: String, required: true,