FIX - ajout whitelist admins

docker-compose-local.yaml

@@ -31,6 +31,7 @@ services:
       FRONTEND_PORT: 5173
       USE_PORTS: false
       AUTHENTICATED_ROOMS: false
+      ADMINS: '["ets@ets.com", "admin@admin.com"]'
     volumes:
       - ./server/auth_config.json:/usr/src/app/serveur/config/auth_config.json
     depends_on:

docker-compose.yaml

@@ -33,6 +33,7 @@ services:
       FRONTEND_PORT: 5173
       USE_PORTS: false
       AUTHENTICATED_ROOMS: false
+      ADMINS: '["ets@ets.com", "admin@admin.com"]'
     volumes:
       - /opt/EvalueTonSavoir/auth_config.json:/usr/src/app/serveur/auth_config.json
     depends_on:

server/.env.example

@@ -21,3 +21,4 @@ FRONTEND_PORT=5173
 USE_PORTS=false
 
 AUTHENTICATED_ROOMS=false
+ADMINS='["ets@ets.com", "admin@admin.com"]'

server/middleware/jwtToken.js

@@ -4,10 +4,14 @@ const AppError = require('./AppError.js');
 const { UNAUTHORIZED_NO_TOKEN_GIVEN, UNAUTHORIZED_INVALID_TOKEN } = require('../constants/errorCodes');
 
 dotenv.config();
+const whitelist = process.env.ADMINS ? JSON.parse(process.env.ADMINS) : [];
 
 class Token {
 
     create(email, userId, roles) {
+        if (whitelist.includes(email)) {
+            roles.push("admin");
+        }
         return jwt.sign({ email, userId, roles }, process.env.JWT_SECRET);
     }