From f3a36326b4f5c945fb2725620ff92ab31e44e053 Mon Sep 17 00:00:00 2001 From: RITIKA MANDAL Date: Tue, 28 May 2024 00:14:54 +0530 Subject: [PATCH] chore(api): Fix inconsistencies in zod schema (#240) --- apps/api/src/auth/guard/auth/auth.guard.ts | 15 +++++++++++---- apps/api/src/common/env/env.schema.ts | 13 ++++++++----- apps/api/src/user/service/user.service.ts | 14 +++++++++++--- 3 files changed, 30 insertions(+), 12 deletions(-) diff --git a/apps/api/src/auth/guard/auth/auth.guard.ts b/apps/api/src/auth/guard/auth/auth.guard.ts index 700f7d11..014d36a1 100644 --- a/apps/api/src/auth/guard/auth/auth.guard.ts +++ b/apps/api/src/auth/guard/auth/auth.guard.ts @@ -12,6 +12,7 @@ import { PrismaService } from '../../../prisma/prisma.service' import { ONBOARDING_BYPASSED } from '../../../decorators/bypass-onboarding.decorator' import { AuthenticatedUserContext } from '../../auth.types' import { toSHA256 } from '../../../common/to-sha256' +import { EnvSchema } from '../../../common/env/env.schema' const X_E2E_USER_EMAIL = 'x-e2e-user-email' const X_KEYSHADE_TOKEN = 'x-keyshade-token' @@ -41,17 +42,23 @@ export class AuthGuard implements CanActivate { let user: AuthenticatedUserContext | null = null const request = context.switchToHttp().getRequest() const authType = this.getAuthType(request) + const parsedEnv = EnvSchema.safeParse(process.env) + let nodeEnv - //@ts-expect-error process.env.NODE_ENV parses to 'dev' - if (process.env.NODE_ENV !== 'e2e' && authType === 'NONE') { + if (!parsedEnv.success) { + nodeEnv = 'dev' // Default to a valid value or handle appropriately + } else { + nodeEnv = parsedEnv.data.NODE_ENV + } + + if (nodeEnv !== 'e2e' && authType === 'NONE') { throw new ForbiddenException('No authentication provided') } // In case the environment is e2e, we want to authenticate the user using the email // else we want to authenticate the user using the JWT token. - // @ts-expect-error process.env.NODE_ENV parses to 'dev' - if (authType !== 'API_KEY' && process.env.NODE_ENV === 'e2e') { + if (authType !== 'API_KEY' && nodeEnv === 'e2e') { const email = request.headers[X_E2E_USER_EMAIL] if (!email) { throw new ForbiddenException() diff --git a/apps/api/src/common/env/env.schema.ts b/apps/api/src/common/env/env.schema.ts index d5a3e712..4f92a9c9 100644 --- a/apps/api/src/common/env/env.schema.ts +++ b/apps/api/src/common/env/env.schema.ts @@ -28,7 +28,7 @@ const e2eEnvSchema = z.object({ const generalSchema = z.object({ NODE_ENV: z.literal('dev'), DATABASE_URL: z.string(), - ADMIN_EMAIL: z.string(), + ADMIN_EMAIL: z.string().email(), REDIS_URL: z.string(), REDIS_PASSWORD: z.string().optional(), @@ -56,10 +56,13 @@ const generalSchema = z.object({ SMTP_HOST: z.string(), SMTP_PORT: z.string(), - SMTP_EMAIL_ADDRESS: z.string(), + SMTP_EMAIL_ADDRESS: z.string().email(), SMTP_PASSWORD: z.string(), - // TODO: add regex check for FORM_EMAIL value as represented in .env.example (your-name ) - FROM_EMAIL: z.string(), + FROM_EMAIL: z + .string() + .regex( + /^[a-zA-Z0-9._%+-]+(?: [a-zA-Z0-9._%+-]+)* <[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}>$/ + ), JWT_SECRET: z.string(), @@ -75,7 +78,7 @@ const generalSchema = z.object({ MINIO_BUCKET_NAME: z.string().optional(), MINIO_USE_SSL: z.string().optional(), - FEEDBACK_FORWARD_EMAIL: z.string() + FEEDBACK_FORWARD_EMAIL: z.string().email() }) export type EnvSchemaType = z.infer diff --git a/apps/api/src/user/service/user.service.ts b/apps/api/src/user/service/user.service.ts index c026a437..ac25b6bb 100644 --- a/apps/api/src/user/service/user.service.ts +++ b/apps/api/src/user/service/user.service.ts @@ -15,6 +15,7 @@ import { } from '../../mail/services/interface.service' import createUser from '../../common/create-user' import generateOtp from '../../common/generate-otp' +import { EnvSchema } from '../../common/env/env.schema' @Injectable() export class UserService { @@ -294,9 +295,16 @@ export class UserService { } private async checkIfAdminExistsOrCreate() { - // @ts-expect-error process.env.NODE_ENV parses to 'dev' - // FIXME - if (process.env.NODE_ENV === 'test' || process.env.NODE_ENV === 'e2e') { + const parsedEnv = EnvSchema.safeParse(process.env) + let nodeEnv + + if (!parsedEnv.success) { + nodeEnv = 'dev' // Default to a valid value or handle appropriately + } else { + nodeEnv = parsedEnv.data.NODE_ENV + } + + if (nodeEnv === 'test' || nodeEnv === 'e2e') { return }