Skip to content

Commit f58fdae

Browse files
tylermenezestylermenezes
committed
Add evt to token
1 parent 0cf7cff commit f58fdae

File tree

2 files changed

+23
-8
lines changed

2 files changed

+23
-8
lines changed

src/pages/api/dashRedirect.gql

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,13 @@
1+
query NextEventQuery ($now: CmsDateTime!) {
2+
cms {
3+
events (where: { program: { webname: "labs" }, endsAt_gte: $now }, order: startsAt_DESC, limit: 1) {
4+
items {
5+
id
6+
}
7+
}
8+
}
9+
}
10+
111
query StudentMentorQuery ($username: String!) {
212
account {
313
getUser (where: { username: $username }) {

src/pages/api/dashRedirect.js

Lines changed: 13 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -3,13 +3,14 @@ import getConfig from 'next/config';
33
import { sign } from 'jsonwebtoken';
44
import { getSession } from 'next-auth/client';
55
import { apiFetch } from '@codeday/topo/utils';
6-
import { StudentMentorQuery } from './dashRedirect.gql';
6+
import { StudentMentorQuery, NextEventQuery } from './dashRedirect.gql';
7+
import { DateTime } from 'luxon';
78

89
const { serverRuntimeConfig } = getConfig();
910

10-
function makeToken ({ typ, sid, tgt }) {
11+
function makeToken ({ typ, sid, tgt, evt }) {
1112
return sign(
12-
{ typ, sid, tgt },
13+
{ typ, sid, tgt, evt },
1314
serverRuntimeConfig.gql.secret,
1415
{ audience: serverRuntimeConfig.gql.audience, expiresIn: '31d', noTimestamp: true }
1516
);
@@ -19,8 +20,12 @@ export default async function (req, res) {
1920
const session = await getSession({ req });
2021
if (!session?.user?.nickname) return res.send(null);
2122

23+
const { cms } = await apiFetch(print(NextEventQuery), { now: DateTime.now().toISO() });
24+
const evt = cms?.events?.items?.[0]?.id;
25+
if (!evt) return res.send(null);
26+
2227
const username = session.user.nickname;
23-
const adminToken = makeToken({ typ: 'a' });
28+
const adminToken = makeToken({ typ: 'a', evt });
2429
const accountToken = sign({ scopes: `read:users` }, serverRuntimeConfig.gql.accountSecret, { expiresIn: '5m' });
2530

2631
const { labs, account } = await apiFetch(
@@ -39,10 +44,10 @@ export default async function (req, res) {
3944

4045
const tokens = {
4146
a: isAdmin && adminToken,
42-
mm: (isAdmin || isManager) && makeToken({ typ: 'mm', sid: username, tgt: 'u' }),
43-
r: (isAdmin || isReviewer) && makeToken({ typ: 'r', sid: username, tgt: 'u' }),
44-
m: labs?.mentor?.id && makeToken({ typ: 'm', sid: labs.mentor.id, tgt: 'i' }),
45-
s: labs?.student?.id && makeToken({ typ: 's', sid: labs.student.id, tgt: 'i' }),
47+
mm: (isAdmin || isManager) && makeToken({ typ: 'mm', sid: username, tgt: 'u', evt }),
48+
r: (isAdmin || isReviewer) && makeToken({ typ: 'r', sid: username, tgt: 'u', evt }),
49+
m: labs?.mentor?.id && makeToken({ typ: 'm', sid: labs.mentor.id, tgt: 'i', evt }),
50+
s: labs?.student?.id && makeToken({ typ: 's', sid: labs.student.id, tgt: 'i', evt }),
4651
};
4752

4853
return res.send(Object.keys(tokens)

0 commit comments

Comments
 (0)