mirror of
https://github.com/freeCodeCamp/freeCodeCamp.git
synced 2026-01-07 00:03:44 -05:00
refactor: use process.env in node environments (#51110)
This commit is contained in:
Oliver Eyton-Williams
committed by
GitHub
GitHub
parent
c2fff83d41
commit
5f475cefa6
@@ -16,7 +16,6 @@ import uuid from 'uuid/v4';
|
||||
import { isEmail } from 'validator';
|
||||
|
||||
import { blocklistedUsernames } from '../../../../config/constants';
|
||||
import { apiLocation } from '../../../../config/env.json';
|
||||
|
||||
import { wrapHandledError } from '../../server/utils/create-handled-error.js';
|
||||
import {
|
||||
@@ -202,7 +201,7 @@ export default function initializeUser(User) {
|
||||
exists => {
|
||||
if (exists) {
|
||||
throw wrapHandledError(new Error('user already exists'), {
|
||||
redirectTo: `${apiLocation}/signin`,
|
||||
redirectTo: `${process.env.API_LOCATION}/signin`,
|
||||
message: dedent`
|
||||
The ${user.email} email address is already associated with an account.
|
||||
Try signing in with it here instead.
|
||||
@@ -502,7 +501,7 @@ export default function initializeUser(User) {
|
||||
}
|
||||
const { id: loginToken, created: emailAuthLinkTTL } = token;
|
||||
const loginEmail = getEncodedEmail(newEmail ? newEmail : null);
|
||||
const host = apiLocation;
|
||||
const host = process.env.API_LOCATION;
|
||||
const mailOptions = {
|
||||
type: 'email',
|
||||
to: newEmail ? newEmail : this.email,
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
import { allowedOrigins } from '../../../../config/cors-settings';
|
||||
import { homeLocation } from '../../../../config/env.json';
|
||||
|
||||
export default function constantHeaders() {
|
||||
return function (req, res, next) {
|
||||
@@ -10,7 +9,7 @@ export default function constantHeaders() {
|
||||
) {
|
||||
res.header('Access-Control-Allow-Origin', req.headers.origin);
|
||||
} else {
|
||||
res.header('Access-Control-Allow-Origin', homeLocation);
|
||||
res.header('Access-Control-Allow-Origin', process.env.HOME_LOCATION);
|
||||
}
|
||||
res.header('Access-Control-Allow-Credentials', true);
|
||||
res.header(
|
||||
|
||||
@@ -1,11 +1,9 @@
|
||||
import helmet from 'helmet';
|
||||
|
||||
import { homeLocation } from '../../../../config/env.json';
|
||||
|
||||
let trusted = [
|
||||
"'self'",
|
||||
'https://search.freecodecamp.org',
|
||||
homeLocation,
|
||||
process.env.HOME_LOCATION,
|
||||
'https://' + process.env.AUTH0_DOMAIN
|
||||
];
|
||||
|
||||
|
||||
@@ -1,11 +1,14 @@
|
||||
import path from 'path';
|
||||
import jwt from 'jsonwebtoken';
|
||||
import { config } from 'dotenv';
|
||||
|
||||
import { homeLocation } from '../../../../config/env.json';
|
||||
import { mockReq as mockRequest, mockRes } from '../boot_tests/challenge.test';
|
||||
import createRequestAuthorization, {
|
||||
isAllowedPath
|
||||
} from './request-authorization';
|
||||
|
||||
config({ path: path.resolve(__dirname, '../../../../.env') });
|
||||
|
||||
const validJWTSecret = 'this is a super secret string';
|
||||
const invalidJWTSecret = 'This is not correct secret';
|
||||
const now = new Date(Date.now());
|
||||
@@ -27,7 +30,7 @@ const mockGetUserById = id =>
|
||||
|
||||
const mockReq = args => {
|
||||
const mock = mockRequest(args);
|
||||
mock.header = () => homeLocation;
|
||||
mock.header = () => process.env.HOME_LOCATION;
|
||||
return mock;
|
||||
};
|
||||
|
||||
|
||||
@@ -1,11 +1,10 @@
|
||||
import { homeLocation, apiLocation } from '../../../config/env.json';
|
||||
import { auth0 } from '../../../config/secrets';
|
||||
|
||||
const { clientID, clientSecret, domain } = auth0;
|
||||
|
||||
// These don't seem to be used, can they go?
|
||||
const successRedirect = `${homeLocation}/learn`;
|
||||
const failureRedirect = `${homeLocation}/signin`;
|
||||
const successRedirect = `${process.env.HOME_LOCATION}/learn`;
|
||||
const failureRedirect = `${process.env.HOME_LOCATION}/signin`;
|
||||
|
||||
// TODO: can we remove passport-mock-strategy entirely in prod? That would let
|
||||
// us make passport-mock-strategy a dev dep, as it should be.
|
||||
@@ -33,7 +32,7 @@ const passportProviders = {
|
||||
clientSecret,
|
||||
domain,
|
||||
cookieDomain: process.env.COOKIE_DOMAIN || 'localhost',
|
||||
callbackURL: `${apiLocation}/auth/auth0/callback`,
|
||||
callbackURL: `${process.env.API_LOCATION}/auth/auth0/callback`,
|
||||
authPath: '/auth/auth0',
|
||||
callbackPath: '/auth/auth0/callback',
|
||||
useCustomCallback: true,
|
||||
|
||||
@@ -1,11 +1,14 @@
|
||||
const jwt = require('jsonwebtoken');
|
||||
const { allowedOrigins } = require('../../../../config/cors-settings');
|
||||
// homeLocation is being used as a fallback here. If the one provided by the
|
||||
// client is invalid we default to this.
|
||||
const { homeLocation } = require('../../../../config/env.json');
|
||||
// process.env.HOME_LOCATION is being used as a fallback here. If the one
|
||||
// provided by the client is invalid we default to this.
|
||||
const { availableLangs } = require('../../../../config/i18n');
|
||||
|
||||
function getReturnTo(encryptedParams, secret, _homeLocation = homeLocation) {
|
||||
function getReturnTo(
|
||||
encryptedParams,
|
||||
secret,
|
||||
_homeLocation = process.env.HOME_LOCATION
|
||||
) {
|
||||
let params;
|
||||
try {
|
||||
params = jwt.verify(encryptedParams, secret);
|
||||
@@ -25,7 +28,7 @@ function getReturnTo(encryptedParams, secret, _homeLocation = homeLocation) {
|
||||
|
||||
function normalizeParams(
|
||||
{ returnTo, origin, pathPrefix },
|
||||
_homeLocation = homeLocation
|
||||
_homeLocation = process.env.HOME_LOCATION
|
||||
) {
|
||||
// coerce to strings, just in case something weird and nefarious is happening
|
||||
returnTo = '' + returnTo;
|
||||
@@ -59,7 +62,7 @@ function getRedirectParams(req, _normalizeParams = normalizeParams) {
|
||||
const url = req.header('Referer');
|
||||
// since we do not always redirect the user back to the page they were on
|
||||
// we need client locale and origin to construct the redirect url.
|
||||
const returnUrl = new URL(url ? url : homeLocation);
|
||||
const returnUrl = new URL(url ? url : process.env.HOME_LOCATION);
|
||||
const origin = returnUrl.origin;
|
||||
// if this is not one of the client languages, validation will convert
|
||||
// this to '' before it is used.
|
||||
|
||||
@@ -67,7 +67,7 @@ describe('redirection', () => {
|
||||
expect(keys.length).toBe(3);
|
||||
expect(keys).toEqual(expect.arrayContaining(expectedKeys));
|
||||
});
|
||||
it('should default to homeLocation', () => {
|
||||
it('should default to process.env.HOME_LOCATION', () => {
|
||||
expect.assertions(1);
|
||||
expect(normalizeParams({}, defaultOrigin)).toEqual(defaultObject);
|
||||
});
|
||||
@@ -92,9 +92,9 @@ describe('redirection', () => {
|
||||
);
|
||||
});
|
||||
// we *could*, in principle, grab the path and send them to
|
||||
// homeLocation/path, but if the origin is wrong something unexpected is
|
||||
// process.env.HOME_LOCATION/path, but if the origin is wrong something unexpected is
|
||||
// going on. In that case it's probably best to just send them to
|
||||
// homeLocation/learn.
|
||||
// process.env.HOME_LOCATION/learn.
|
||||
it('should return default parameters if the origin is unknown', () => {
|
||||
expect.assertions(1);
|
||||
const exampleOrigin = {
|
||||
|
||||
Reference in New Issue
Block a user