diff --git a/.env.example b/.env.example index 7c33df0c..6ebf31ec 100644 --- a/.env.example +++ b/.env.example @@ -6,10 +6,12 @@ # GOOGLE_CONSUMER_KEY=dlkjxaxxxxxxxxdlkfjalskjda9sokpopr.apps.googleusercontent.com # GOOGLE_CONSUMER_SECRET=XoDoijdasdj_ooPwerO # GOOGLE_CALLBACK=http://localhost/auth/google/callback +# GOOGLE_USERS=user1@domain.com,user2@domain.com # if you aim to contribute and run the project via npm then use : GOOGLE_CALLBACK=http://localhost:8080/auth/google/callback GOOGLE_CONSUMER_KEY= GOOGLE_CONSUMER_SECRET= GOOGLE_CALLBACK= +GOOGLE_USERS= # Postgres user and database information # - These variables should match your Postgres configuration diff --git a/server/config/passport/google.js b/server/config/passport/google.js index 9ee0fa85..f7c9de25 100644 --- a/server/config/passport/google.js +++ b/server/config/passport/google.js @@ -12,6 +12,11 @@ module.exports = (passport, secret) => { googleId: profile.id } }).then(userExists => { + let email = profile._json.emails[0].value + if (secret.users && secret.users.indexOf(email) == -1) { + throw new Error('User not found!'); + } + if (userExists) { done(null, userExists); } else { @@ -21,7 +26,7 @@ module.exports = (passport, secret) => { return db.user.create({ googleId: profile.id, token: token, - email: profile._json.emails[0].value, + email: email, name: profile.displayName, picture: profile._json.image.url }, { transaction: t }) diff --git a/server/config/secrets.js b/server/config/secrets.js index 59111cac..4f5bc009 100644 --- a/server/config/secrets.js +++ b/server/config/secrets.js @@ -18,7 +18,8 @@ module.exports = { google: { consumerKey: process.env.GOOGLE_CONSUMER_KEY, consumerSecret: process.env.GOOGLE_CONSUMER_SECRET, - callbackURL: process.env.GOOGLE_CALLBACK || 'http://localhost:8080/auth/google/callback' + callbackURL: process.env.GOOGLE_CALLBACK || 'http://localhost:8080/auth/google/callback', + users: process.env.GOOGLE_USERS }, };