Fix/missing secret env (#402)

MugemaneBertin2001 · ceelogre · web-flow · commit ba775e7e4ee0 · 2024-11-11T17:52:35.000+02:00
* Added missing secret in env

* test: deployment

* feat: run the action on push

---------

Co-authored-by: ceelogre &lt;sam.nishimwe@yahoo.com&gt;
diff --git a/.github/workflows/deployments.yml b/.github/workflows/deployments.yml
@@ -3,6 +3,7 @@ on:
   push:
     branches:
       - develop
+  
   workflow_dispatch:
 
 jobs:
diff --git a/src/context.ts b/src/context.ts
@@ -4,7 +4,7 @@ import { Request } from 'express'
 import * as jwt from 'jsonwebtoken'
 import requestIp from 'request-ip'
 
-const SECRET = process.env.SECRET
+const SECRET = (process.env.SECRET as string) || 'mysq_unique_secret'
 
 export interface AuthTokenPayload {
   userId: string
diff --git a/src/helpers/generateInvitationToken.helper.ts b/src/helpers/generateInvitationToken.helper.ts
@@ -1,5 +1,5 @@
 import jwt from 'jsonwebtoken'
-const SECRET: string = process.env.SECRET as string
+const SECRET = (process.env.SECRET as string) || 'mysq_unique_secret'
 
 export default async function generateInvitationTokenAndLink(
   email: string,
diff --git a/src/helpers/organization.helper.ts b/src/helpers/organization.helper.ts
@@ -4,7 +4,7 @@ import { JwtPayload, verify } from 'jsonwebtoken'
 import { Organization } from '../models/organization.model'
 
 export async function checkLoggedInOrganization(token?: string) {
-  const SECRET = process.env.SECRET as string
+  const SECRET = (process.env.SECRET as string) || 'mysq_unique_secret'
 
   if (!token) {
     throw new GraphQLError('Not logged in an organization', {
diff --git a/src/helpers/sendEventEmails.ts b/src/helpers/sendEventEmails.ts
@@ -18,7 +18,7 @@ export async function sendEventInvitations(
   eventTimeToEnd: string
 ) {
   try {
-    const secret = process.env.SECRET!
+    const secret = (process.env.SECRET as string) || 'mysq_unique_secret'
     const acceptedEventToken = jwt.sign(
       {
         email,
diff --git a/src/helpers/sendInvitaitonEmail.ts b/src/helpers/sendInvitaitonEmail.ts
@@ -11,7 +11,7 @@ interface Payload {
   orgToken: string
 }
 
-const SECRET: string = process.env.SECRET as string
+const SECRET = (process.env.SECRET as string) || 'mysq_unique_secret'
 export default async function sendInvitationEmail(
   email: string,
   orgName: string,
diff --git a/src/helpers/user.helpers.ts b/src/helpers/user.helpers.ts
@@ -3,7 +3,7 @@ import { RoleOfUser, User } from '../models/user'
 import { Context } from './../context'
 import * as jwt from 'jsonwebtoken'
 
-const SECRET: string = process.env.SECRET as string
+const SECRET = (process.env.SECRET as string) || 'mysq_unique_secret'
 
 export const generateToken = (userId: string, role: string) => {
   return jwt.sign({ userId, role }, SECRET, { expiresIn: '2h' })
diff --git a/src/resolvers/cohort.resolvers.ts b/src/resolvers/cohort.resolvers.ts
@@ -318,12 +318,16 @@ const resolvers = {
 
       if (
         endDate &&
-        (isAfter(new Date(startDate.toString()),
-          new Date(endDate.toString())) ||
-        isAfter(new Date(cohort?.startDate?.toString() || ''),
-          new Date(endDate)))
+        (isAfter(
+          new Date(startDate.toString()),
+          new Date(endDate.toString())
+        ) ||
+          isAfter(
+            new Date(cohort?.startDate?.toString() || ''),
+            new Date(endDate)
+          ))
       ) {
-        throw new GraphQLError('End Date can\'t be before Start Date', {
+        throw new GraphQLError("End Date can't be before Start Date", {
           extensions: {
             code: 'VALIDATION_ERROR',
           },
@@ -402,9 +406,8 @@ const resolvers = {
         cohort.name = name
         notificationChanges.push('Name')
       }
-      if (phaseName && cohort.phase.toString() !== phase.id.toString()) {
-        cohort.phase = phase.id;
-        addNewAttendanceWeek();
+      if (phaseName && cohort?.phase?.toString() !== phase?.id?.toString()) {
+        cohort.phase = phase.id
         notificationChanges.push('Phase')
       }
 
diff --git a/src/resolvers/coordinatorResolvers.ts b/src/resolvers/coordinatorResolvers.ts
@@ -19,7 +19,7 @@ import RemoveTraineeTemplate from '../utils/templates/removeTraineeTamplete'
 import { Context } from './../context'
 import { Document, ObjectId } from 'mongoose'
 
-const SECRET: string = process.env.SECRET as string
+const SECRET = (process.env.SECRET as string) || 'mysq_unique_secret'
 
 interface TraineeStatus {
   days: string
diff --git a/src/resolvers/eventResolver.ts b/src/resolvers/eventResolver.ts
@@ -61,7 +61,10 @@ const validateTime = (
 
 const decodeEventResponseToken = (token: string) => {
   try {
-    return jwt.verify(token, process.env.SECRET!) as EventResponse
+    return jwt.verify(
+      token,
+      (process.env.SECRET as string) || 'mysq_unique_secret'
+    ) as EventResponse
   } catch (err: any) {
     throw new GraphQLError('Invalid Token', {
       extensions: {
diff --git a/src/resolvers/invitation.resolvers.ts b/src/resolvers/invitation.resolvers.ts
@@ -13,7 +13,7 @@ import inviteUserTemplate from '../utils/templates/inviteUserTemplate'
 import { extractFileData } from '../utils/extractFileData'
 import generateInvitationTokenAndLink from '../helpers/generateInvitationToken.helper'
 
-const SECRET: string = process.env.SECRET as string
+const SECRET = (process.env.SECRET as string) || 'mysq_unique_secret'
 
 const ROLE = {
   TRAINEE: RoleOfUser.TRAINEE,
diff --git a/src/resolvers/ratingsResolvers.ts b/src/resolvers/ratingsResolvers.ts
@@ -602,9 +602,7 @@ const ratingResolvers: any = {
               approved: false,
               organization: org,
             })
-            await Rating.findOneAndUpdate(
-              { user: user, sprint: sprint }
-            )
+            await Rating.findOneAndUpdate({ user: user, sprint: sprint })
 
             // Send a notification to the admin
             const admin = await User.findOne({ role: RoleOfUser.ADMIN })
@@ -684,11 +682,7 @@ const ratingResolvers: any = {
       validateRole('trainee')(
         async (
           root,
-          {
-            user,
-            sprint,
-            orgToken,
-          },
+          { user, sprint, orgToken },
           context: { userId: string }
         ) => {
           org = await checkLoggedInOrganization(orgToken)
diff --git a/src/resolvers/resolver.ts b/src/resolvers/resolver.ts
@@ -7,7 +7,7 @@ import { emailExpression, generateToken } from '../helpers/user.helpers'
 import { checkloginAttepmts } from '../helpers/logintracker'
 import { GraphQLError } from 'graphql/error'
 
-const SECRET = process.env.SECRET as string
+const SECRET = (process.env.SECRET as string) || 'mysq_unique_secret'
 
 const resolvers = {
   Query: {
diff --git a/src/resolvers/userResolver.ts b/src/resolvers/userResolver.ts
@@ -38,7 +38,7 @@ import { Context } from './../context'
 import { UserInputError } from 'apollo-server'
 const octokit = new Octokit({ auth: `${process.env.Org_Repo_Access}` })
 
-const SECRET: string = process.env.SECRET as string
+const SECRET = (process.env.SECRET as string) || 'mysq_unique_secret'
 export type OrganizationType = InstanceType<typeof Organization>
 export type UserType = InstanceType<typeof User>
 

Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@ export async function sendEventInvitations(`
`18`	`18`	`eventTimeToEnd: string`
`19`	`19`	`) {`
`20`	`20`	`try {`
`21`		`- const secret = process.env.SECRET!`
	`21`	`+ const secret = (process.env.SECRET as string) \|\| 'mysq_unique_secret'`
`22`	`22`	`const acceptedEventToken = jwt.sign(`
`23`	`23`	`{`
`24`	`24`	`email,`
Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,7 @@ interface Payload {`
`11`	`11`	`orgToken: string`
`12`	`12`	`}`
`13`	`13`
`14`		`-const SECRET: string = process.env.SECRET as string`
	`14`	`+const SECRET = (process.env.SECRET as string) \|\| 'mysq_unique_secret'`
`15`	`15`	`export default async function sendInvitationEmail(`
`16`	`16`	`email: string,`
`17`	`17`	`orgName: string,`