Create new firebase function to verify if a user is whitelisted

patelneel55 · Jan 15, 2021 · 0767fcc · 0767fcc
1 parent ce86ec4
commit 0767fcc
Showing 1 changed file with 53 additions and 2 deletions.
diff --git a/backend/functions/index.js b/backend/functions/index.js
@@ -204,6 +204,18 @@ function generateThumbnail(videoURL) {
 	});
 }
 
+async function emailExists(email) {
+	const record = await admin
+		.firestore()
+		.collection('memoree_whitelist')
+		.doc('authorized_emails')
+		.get();
+
+	if(!record.exists)
+		return false;
+	console.log(record.data().emails.includes(email))
+	return record.data().emails.includes(email);
+}
 
 // The following functions are triggered when a new entity is added or
 // modified in Google Cloud Storage
@@ -235,7 +247,20 @@ exports.processJson = functions
 		await addSearchRecords(object)
 	})
 
-exports.search = functions.runWith(runtimeOpts).https.onCall((data, context) => {
+exports.search = functions.runWith(runtimeOpts).https.onCall(async (data, context) => {
+	if(!context.auth || !context.auth.token.email)
+		throw new functions.https.HttpsError(
+			'failed-precondition',
+			'The function must be called while authenticated',
+		);
+
+	const isWhietlisted = await emailExists(context.auth.token.email);
+	if(!isWhietlisted)
+		throw new functions.https.HttpsError(
+			'failed-precondition',
+			'User ${context.auth.token.email} does not have access to this server.\nPlease contact your admin.'
+		);
+
 	return new Promise(async (resolve, reject) => {
 		let queryParams = {
 			"query": data.q,
@@ -254,7 +279,20 @@ exports.search = functions.runWith(runtimeOpts).https.onCall((data, context) =>
 	});
 });
 
-exports.generate_thumbnail = functions.runWith(runtimeOpts).https.onCall((data, res) => {
+exports.generateThumbnail = functions.runWith(runtimeOpts).https.onCall(async (data, context) => {
+	if(!context.auth || !context.auth.token.email)
+		throw new functions.https.HttpsError(
+			'failed-precondition',
+			'The function must be called while authenticated',
+		);
+
+	const isWhietlisted = await emailExists(context.auth.token.email);
+	if(!isWhietlisted)
+		throw new functions.https.HttpsError(
+			'failed-precondition',
+			'User ${context.auth.token.email} does not have access to this server.\nPlease contact your admin.'
+		);
+
 	return new Promise(async (resolve, reject) => {
 		try {
 			let imageData = await generateThumbnail(data.video_url);
@@ -265,3 +303,16 @@ exports.generate_thumbnail = functions.runWith(runtimeOpts).https.onCall((data,
 		}
 	});
 });
+
+exports.checkWhitelist = functions.runWith(runtimeOpts).https.onCall((data, context) => {
+	if(!context.auth || !context.auth.token.email)
+		throw new functions.https.HttpsError(
+			'failed-precondition',
+			'The function must be called while authenticated',
+		);
+
+	return new Promise(async (resolve, reject) => {
+		let isWhitelisted = await emailExists(context.auth.token.email);
+		resolve(isWhitelisted);
+	});
+});