scandic/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in feat/masked-values (pull request #489)

Browse Source 
feat: handle masked values only based on MFA

Approved-by: Michael Zetterberg
Approved-by: Arvid Norlin
This commit is contained in:
Simon.Emanuelsson
2024-08-26 09:19:02 +00:00
committed by Michael Zetterberg
parent 63c3aa940c 61b722d9ad
commit 388060086e
3 changed files with 14 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/[lang]/(live)/(protected)/my-pages/profile/@profile/edit/page.tsx
View File

@@ -10,7 +10,7 @@ export default async function EditProfileSlot({
}: PageArgs<LangParams>) { }: PageArgs<LangParams>) {
setLang(params.lang) setLang(params.lang)
const user = await serverClient().user.get({ mask: false }) const user = await serverClient().user.get()
if (!user || "error" in user) { if (!user || "error" in user) {
return null return null
} }

6
server/routers/user/input.ts
View File

@@ -1,12 +1,6 @@
import { z } from "zod" import { z } from "zod"
// Query // Query
export const getUserInputSchema = z
.object({
mask: z.boolean().default(true),
})
.default({})
export const staysInput = z export const staysInput = z
.object({ .object({
cursor: z cursor: z

21
server/routers/user/query.ts
View File

@@ -12,11 +12,7 @@ import * as maskValue from "@/utils/maskValue"
import { getMembership, getMembershipCards } from "@/utils/user" import { getMembership, getMembershipCards } from "@/utils/user"
import encryptValue from "../utils/encryptValue" import encryptValue from "../utils/encryptValue"
import { import { friendTransactionsInput, staysInput } from "./input"
friendTransactionsInput,
getUserInputSchema,
staysInput,
} from "./input"
import { import {
creditCardsSchema, creditCardsSchema,
FriendTransaction, FriendTransaction,
@@ -192,8 +188,17 @@ async function updateStaysBookingUrl(
export const userQueryRouter = router({ export const userQueryRouter = router({
get: protectedProcedure get: protectedProcedure
.input(getUserInputSchema) .use(async function (opts) {
.query(async function getUser({ ctx, input }) { return opts.next({
ctx: {
...opts.ctx,
isMFA:
opts.ctx.session.token.mfa_scope &&
opts.ctx.session.token.mfa_expires_at > Date.now(),
},
})
})
.query(async function getUser({ ctx }) {
const data = await getVerifiedUser({ session: ctx.session }) const data = await getVerifiedUser({ session: ctx.session })
if (!data) { if (!data) {
@@ -230,7 +235,7 @@ export const userQueryRouter = router({
profileId: verifiedData.data.profileId, profileId: verifiedData.data.profileId,
} }
if (input.mask) { if (!ctx.isMFA) {
if (user.address.city) { if (user.address.city) {
user.address.city = maskValue.text(user.address.city) user.address.city = maskValue.text(user.address.city)
} }