diff --git a/.github/workflows/production.yaml b/.github/workflows/production.yaml index b3ef881a..59addff8 100644 --- a/.github/workflows/production.yaml +++ b/.github/workflows/production.yaml @@ -37,11 +37,13 @@ jobs: run: | printf "${{ secrets.MONGODB_URI }}" | vercel env add MONGODB_URI production --force --token=${{ secrets.VERCEL_TOKEN }} printf "${{ secrets.AUTH_SECRET }}" | vercel env add AUTH_SECRET production --force --token=${{ secrets.VERCEL_TOKEN }} - printf "${{ secrets.TITO_AUTH_TOKEN }}" | vercel env add TITO_AUTH_TOKEN production --force --token=${{ secrets.VERCEL_TOKEN }} - printf "${{ secrets.HUB_ADMIN_PASSWORD }}" | vercel env add HUB_ADMIN_PASSWORD production --force --token=${{ secrets.VERCEL_TOKEN }} printf "${{ secrets.HMAC_INVITE_SECRET }}" | vercel env add HMAC_INVITE_SECRET production --force --token=${{ secrets.VERCEL_TOKEN }} printf "${{ secrets.SENDER_PWD }}" | vercel env add SENDER_PWD production --force --token=${{ secrets.VERCEL_TOKEN }} printf "${{ secrets.CHECK_IN_CODE }}" | vercel env add CHECK_IN_CODE production --force --token=${{ secrets.VERCEL_TOKEN }} + + printf "${{ vars.INVITE_DEADLINE }}" | vercel env add INVITE_DEADLINE production --force --token=${{ secrets.VERCEL_TOKEN }} + printf "${{ vars.SENDER_EMAIL }}" | vercel env add SENDER_EMAIL production --force --token=${{ secrets.VERCEL_TOKEN }} + env: VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }} @@ -64,8 +66,7 @@ jobs: CHECK_IN_CODE: ${{ secrets.CHECK_IN_CODE }} BASE_URL: ${{ vars.ENV_URL }} - INVITE_TIMEOUT: ${{ vars.INVITE_TIMEOUT }} - RESET_TIMEOUT: ${{ vars.RESET_TIMEOUT }} + INVITE_DEADLINE: ${{ vars.INVITE_DEADLINE }} SENDER_EMAIL: ${{ vars.SENDER_EMAIL }} diff --git a/.github/workflows/staging.yaml b/.github/workflows/staging.yaml index a58dce79..3edcc074 100644 --- a/.github/workflows/staging.yaml +++ b/.github/workflows/staging.yaml @@ -39,11 +39,12 @@ jobs: run: | printf "${{ secrets.MONGODB_URI }}" | vercel env add MONGODB_URI production --force --token=${{ secrets.VERCEL_TOKEN }} printf "${{ secrets.AUTH_SECRET }}" | vercel env add AUTH_SECRET production --force --token=${{ secrets.VERCEL_TOKEN }} - printf "${{ secrets.TITO_AUTH_TOKEN }}" | vercel env add TITO_AUTH_TOKEN production --force --token=${{ secrets.VERCEL_TOKEN }} - printf "${{ secrets.HUB_ADMIN_PASSWORD }}" | vercel env add HUB_ADMIN_PASSWORD production --force --token=${{ secrets.VERCEL_TOKEN }} printf "${{ secrets.HMAC_INVITE_SECRET }}" | vercel env add HMAC_INVITE_SECRET production --force --token=${{ secrets.VERCEL_TOKEN }} printf "${{ secrets.SENDER_PWD }}" | vercel env add SENDER_PWD production --force --token=${{ secrets.VERCEL_TOKEN }} printf "${{ secrets.CHECK_IN_CODE }}" | vercel env add CHECK_IN_CODE production --force --token=${{ secrets.VERCEL_TOKEN }} + + printf "${{ vars.INVITE_DEADLINE }}" | vercel env add INVITE_DEADLINE production --force --token=${{ secrets.VERCEL_TOKEN }} + printf "${{ vars.SENDER_EMAIL }}" | vercel env add SENDER_EMAIL production --force --token=${{ secrets.VERCEL_TOKEN }} env: VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }} VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }} @@ -66,8 +67,7 @@ jobs: CHECK_IN_CODE: ${{ secrets.CHECK_IN_CODE }} BASE_URL: ${{ vars.ENV_URL }} - INVITE_TIMEOUT: ${{ vars.INVITE_TIMEOUT }} - RESET_TIMEOUT: ${{ vars.RESET_TIMEOUT }} + INVITE_DEADLINE: ${{ vars.INVITE_DEADLINE }} SENDER_EMAIL: ${{ vars.SENDER_EMAIL }} - name: Deploy Project to Vercel diff --git a/app/(api)/_datalib/invite/generateInvite.ts b/app/(api)/_datalib/invite/generateInvite.ts index 7d61ce91..3321dbb3 100644 --- a/app/(api)/_datalib/invite/generateInvite.ts +++ b/app/(api)/_datalib/invite/generateInvite.ts @@ -20,14 +20,18 @@ export default async function GenerateInvite( const emailSchema = z.string().email('Invalid email address.'); emailSchema.parse(data.email); - const exp = - type === 'invite' - ? (process.env.INVITE_TIMEOUT as string) - : (process.env.RESET_TIMEOUT as string); + if (type === 'invite') { + // Invite link valid until specified deadline (DOE) + const expiration = process.env.INVITE_DEADLINE; + if (!expiration) throw new Error('INVITE_DEADLINE is not set.'); + data['exp'] = new Date(expiration).getTime(); + } else { + // Reset password link valid for 1 day + const resetTimeoutDays = 1; + data['exp'] = Date.now() + 1000 * 60 * 60 * 24 * resetTimeoutDays; + } - data['exp'] = Date.now() + 1000 * 60 * 60 * 24 * (parseInt(exp) ?? 7); const data_encoded = btoa(JSON.stringify(data)); - const hmac_sig = generateHMACSignature(data_encoded); const hmac_url = `${process.env.BASE_URL}/${type}/${data_encoded}&${hmac_sig}`; console.log(hmac_url);