fix(donate): allow calls to the API without auth
This is also dependent on 170e3dbf4f
This commit is contained in:
Mrugesh Mohapatra
committed by
mrugesh
mrugesh
parent
b561599614
commit
ef39ab0e20
@ -20,6 +20,7 @@ const log = debug('fcc:boot:donate');
|
|||||||
|
|
||||||
export default function donateBoot(app, done) {
|
export default function donateBoot(app, done) {
|
||||||
let stripe = false;
|
let stripe = false;
|
||||||
|
const { User } = app.models;
|
||||||
const api = app.loopback.Router();
|
const api = app.loopback.Router();
|
||||||
const hooks = app.loopback.Router();
|
const hooks = app.loopback.Router();
|
||||||
const donateRouter = app.loopback.Router();
|
const donateRouter = app.loopback.Router();
|
||||||
@ -120,6 +121,22 @@ export default function donateBoot(app, done) {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const fccUser = user
|
||||||
|
? Promise.resolve(user)
|
||||||
|
: new Promise((resolve, reject) =>
|
||||||
|
User.findOrCreate(
|
||||||
|
{ where: { email } },
|
||||||
|
{ email },
|
||||||
|
(err, instance, isNew) => {
|
||||||
|
log('createing a new donating user instance: ', isNew);
|
||||||
|
if (err) {
|
||||||
|
return reject(err);
|
||||||
|
}
|
||||||
|
return resolve(instance);
|
||||||
|
}
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
let donatingUser = {};
|
let donatingUser = {};
|
||||||
let donation = {
|
let donation = {
|
||||||
email,
|
email,
|
||||||
@ -169,12 +186,12 @@ export default function donateBoot(app, done) {
|
|||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
return Promise.resolve(user)
|
return Promise.resolve(fccUser)
|
||||||
.then(nonDonatingUser => {
|
.then(nonDonatingUser => {
|
||||||
const { isDonating } = nonDonatingUser;
|
const { isDonating } = nonDonatingUser;
|
||||||
if (isDonating) {
|
if (isDonating && duration !== 'onetime') {
|
||||||
throw {
|
throw {
|
||||||
message: `User already has active donation(s).`,
|
message: `User already has active recurring donation(s).`,
|
||||||
type: 'AlreadyDonatingError'
|
type: 'AlreadyDonatingError'
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|||||||
@ -8,7 +8,12 @@ export default function() {
|
|||||||
});
|
});
|
||||||
return function csrf(req, res, next) {
|
return function csrf(req, res, next) {
|
||||||
const { path } = req;
|
const { path } = req;
|
||||||
if (/^\/hooks\/update-paypal$|^\/hooks\/update-stripe$/.test(path)) {
|
if (
|
||||||
|
// eslint-disable-next-line max-len
|
||||||
|
/^\/hooks\/update-paypal$|^\/hooks\/update-stripe$|^\/donate\/charge-stripe$/.test(
|
||||||
|
path
|
||||||
|
)
|
||||||
|
) {
|
||||||
return next();
|
return next();
|
||||||
}
|
}
|
||||||
return protection(req, res, next);
|
return protection(req, res, next);
|
||||||
|
|||||||
@ -25,6 +25,9 @@ const unsubscribedRE = /^\/unsubscribed\//;
|
|||||||
const unsubscribeRE = /^\/u\/|^\/unsubscribe\/|^\/ue\//;
|
const unsubscribeRE = /^\/u\/|^\/unsubscribe\/|^\/ue\//;
|
||||||
const updateHooksRE = /^\/hooks\/update-paypal$|^\/hooks\/update-stripe$/;
|
const updateHooksRE = /^\/hooks\/update-paypal$|^\/hooks\/update-stripe$/;
|
||||||
|
|
||||||
|
// note: this would be replaced by webhooks later
|
||||||
|
const donateRE = /^\/donate\/charge-stripe$/;
|
||||||
|
|
||||||
const _whiteListREs = [
|
const _whiteListREs = [
|
||||||
authRE,
|
authRE,
|
||||||
confirmEmailRE,
|
confirmEmailRE,
|
||||||
@ -37,7 +40,8 @@ const _whiteListREs = [
|
|||||||
statusRE,
|
statusRE,
|
||||||
unsubscribedRE,
|
unsubscribedRE,
|
||||||
unsubscribeRE,
|
unsubscribeRE,
|
||||||
updateHooksRE
|
updateHooksRE,
|
||||||
|
donateRE
|
||||||
];
|
];
|
||||||
|
|
||||||
export function isWhiteListedPath(path, whiteListREs = _whiteListREs) {
|
export function isWhiteListedPath(path, whiteListREs = _whiteListREs) {
|
||||||
|
|||||||
Reference in New Issue
Block a user