feat: check chula email env

isd-sgcu · Jul 7, 2024 · 71ce02e · 71ce02e
1 parent 9893a20
commit 71ce02e
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 3 deletions.
diff --git a/.env.template b/.env.template
@@ -12,6 +12,8 @@ JWT_ACCESS_TTL=3600
 JWT_REFRESH_TTL=259200
 JWT_ISSUER=issuer
 
+AUTH_CHECK_CHULA_EMAIL=false
+
 OAUTH_CLIENT_ID=client_id
 OAUTH_CLIENT_SECRET=client_secret
 OAUTH_REDIRECT_URI=http://localhost:3000
diff --git a/cmd/main.go b/cmd/main.go
@@ -55,7 +55,7 @@ func main() {
 	tokenSvc := token.NewService(jwtSvc, cacheRepo, token.NewTokenUtils(), logger.Named("tokenSvc"))
 	oauthConfig := config.LoadOauthConfig(conf.Oauth)
 	oauthClient := oauth.NewGoogleOauthClient(oauthConfig, logger.Named("oauthClient"))
-	authSvc := auth.NewService(oauthConfig, oauthClient, userSvc, tokenSvc, auth.NewAuthUtils(), logger.Named("authSvc"))
+	authSvc := auth.NewService(&conf.Auth, oauthConfig, oauthClient, userSvc, tokenSvc, auth.NewAuthUtils(), logger.Named("authSvc"))
 
 	listener, err := net.Listen("tcp", fmt.Sprintf(":%v", conf.App.Port))
 	if err != nil {

diff --git a/config/config.go b/config/config.go
@@ -31,6 +31,10 @@ type JwtConfig struct {
 	Issuer     string
 }
 
+type AuthConfig struct {
+	CheckChulaEmail bool
+}
+
 type OauthConfig struct {
 	ClientId     string
 	ClientSecret string
@@ -42,6 +46,7 @@ type Config struct {
 	Db    DbConfig
 	Redis RedisConfig
 	Jwt   JwtConfig
+	Auth  AuthConfig
 	Oauth OauthConfig
 }
 
@@ -89,6 +94,10 @@ func LoadConfig() (*Config, error) {
 		Issuer:     os.Getenv("JWT_ISSUER"),
 	}
 
+	authConfig := AuthConfig{
+		CheckChulaEmail: os.Getenv("AUTH_CHECK_CHULA_EMAIL") == "true",
+	}
+
 	oauthConfig := OauthConfig{
 		ClientId:     os.Getenv("OAUTH_CLIENT_ID"),
 		ClientSecret: os.Getenv("OAUTH_CLIENT_SECRET"),
@@ -100,6 +109,7 @@ func LoadConfig() (*Config, error) {
 		Db:    dbConfig,
 		Redis: redisConfig,
 		Jwt:   jwtConfig,
+		Auth:  authConfig,
 		Oauth: oauthConfig,
 	}, nil
 }

diff --git a/internal/auth/auth.service.go b/internal/auth/auth.service.go
@@ -5,6 +5,7 @@ import (
 	"net/url"
 	"strings"
 
+	"github.com/isd-sgcu/rpkm67-auth/config"
 	"github.com/isd-sgcu/rpkm67-auth/internal/dto"
 	"github.com/isd-sgcu/rpkm67-auth/internal/oauth"
 	"github.com/isd-sgcu/rpkm67-auth/internal/token"
@@ -24,6 +25,7 @@ type Service interface {
 
 type serviceImpl struct {
 	proto.UnimplementedAuthServiceServer
+	conf        *config.AuthConfig
 	oauthConfig *oauth2.Config
 	oauthClient oauth.GoogleOauthClient
 	userSvc     user.Service
@@ -32,8 +34,9 @@ type serviceImpl struct {
 	log         *zap.Logger
 }
 
-func NewService(oauthConfig *oauth2.Config, oauthClient oauth.GoogleOauthClient, userSvc user.Service, tokenSvc token.Service, utils AuthUtils, log *zap.Logger) Service {
+func NewService(conf *config.AuthConfig, oauthConfig *oauth2.Config, oauthClient oauth.GoogleOauthClient, userSvc user.Service, tokenSvc token.Service, utils AuthUtils, log *zap.Logger) Service {
 	return &serviceImpl{
+		conf:        conf,
 		oauthConfig: oauthConfig,
 		oauthClient: oauthClient,
 		userSvc:     userSvc,
@@ -104,7 +107,7 @@ func (s *serviceImpl) VerifyGoogleLogin(_ context.Context, in *proto.VerifyGoogl
 		}
 	}
 
-	if !IsEmailChulaStudent(email) {
+	if s.conf.CheckChulaEmail && !IsEmailChulaStudent(email) {
 		return nil, status.Error(codes.Unauthenticated, "Email is not a Chula student")
 	}