Merge pull request #149 from CodeForBaltimore/revjtanton/HOTFIX-sequelize-ssl

Revjtanton/hotfix sequelize ssl

Author: stoopidJSON

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "bmore-responsive",
-  "version": "1.1.0",
+  "version": "1.1.1",
   "description": "An API-driven CRM (Civic Relationship Management) system.",
   "main": "src/index.js",
   "directories": {
@@ -58,12 +58,12 @@
     "pg": "7.18.2",
     "random-words": "1.1.1",
     "sequelize": "5.21.6",
+    "snyk": "^1.316.1",
     "supertest": "4.0.2",
     "swagger-ui-express": "4.1.4",
     "tls": "0.0.1",
     "uuid4": "1.1.4",
-    "validator": "12.2.0",
-    "snyk": "^1.316.1"
+    "validator": "12.2.0"
   },
   "devDependencies": {
     "@babel/compat-data": "7.8.6",

package.json

@@ -3,7 +3,7 @@ publiccodeYmlVersion: "0.2"
 name: Bmore-Responsive
 url: "https://github.com/CodeForBaltimore/Bmore-Responsive.git"
 landingUrl: "https://github.com/CodeForBaltimore/Bmore-Responsive"
-softwareVersion: "1.1.0"   
+softwareVersion: "1.1.1"   
 releaseDate: "2020-04-06"
 platforms:
   - web

publiccode.yml

@@ -35,7 +35,7 @@ const sendMail = async (to, subject, html, text) => {
  * @param {string} resetPasswordToken temporary token for the reset password link
  */
 const sendForgotPassword = async (userEmail, resetPasswordToken) => {
-  const emailResetLink = `https://healthcare-rollcall.netlify.com/reset/${resetPasswordToken}`;
+  const emailResetLink = `https://healthcarerollcall.org/reset/${resetPasswordToken}`;
   await sendMail(
     userEmail,
     "Password Reset - Healthcare Roll Call",

src/email/index.js

@@ -77,10 +77,14 @@ app.use((error, req, res, next) => {
 });
 
 // Starting Express and connecting to PostgreSQL
-sequelize.sync().then(async () => {
-	app.listen(process.env.PORT || 3000, () => {
-		console.log(`Bmore Responsive is available at http://localhost:${process.env.PORT || 3000}`);
+try {
+	sequelize.sync().then(() => {
+		app.listen(process.env.PORT || 3000, () => {
+			console.log(`Bmore Responsive is available at http://localhost:${process.env.PORT || 3000}`);
+		});
 	});
-});
+} catch (e) {
+	console.error(e);
+}
 
 export default app;

src/index.js

@@ -98,7 +98,7 @@ router.put('/', async (req, res) => {
 	let message;
 	try {
 		if (validator.isUUID(req.body.id)) {
-			let { id, name, address, phone, email, checkIn, contacts } = req.body;
+			let { id, name, type, address, phone, email, checkIn, contacts } = req.body;
 
 			/** @todo validate emails */
 			// Validating emails 
@@ -111,6 +111,7 @@ router.put('/', async (req, res) => {
 			});
 
 			entity.name = (name) ? name : entity.name;
+			entity.type = (type) ? type : entity.type;
 			entity.address = (address) ? address : entity.address;
 			entity.phone = (phone) ? phone : entity.phone;
 			entity.email = (email) ? email : entity.email;

src/routes/entity.js

@@ -2,10 +2,12 @@
 
 import crypto from 'crypto';
 import validator from 'validator';
+import fs from 'fs';
 import { newEnforcer } from 'casbin';
 import { SequelizeAdapter } from 'casbin-sequelize-adapter';
 
 const casbinConf = `${__dirname}/casbin.conf`;
+const rdsCa = fs.readFileSync('./rds-combined-ca-bundle.pem');
 
 /**
  * Formats a timestamp to something readable by humans.
@@ -31,11 +33,26 @@ const formatTime = seconds => {
  * @returns {Object}
  */
 const loadCasbin = async () => {
-	const dbUrl = process.env.DATABASE_URL;
+	let dialectOptions;
+	if (process.env.NODE_ENV === 'production') {
+		dialectOptions = {
+			ssl: {
+				rejectUnauthorized: true,
+				ca: [rdsCa],
+				checkServerIdentity: (host, cert) => {
+					const error = tls.checkServerIdentity(host, cert);
+					if (error && !cert.subject.CN.endsWith('.rds.amazonaws.com')) {
+						return error;
+					}
+				}
+			}
+		};
+	}
 	const a = await SequelizeAdapter.newAdapter(
-		dbUrl,
+		dbUrl(),
 		{
-			dialect: 'postgres'
+			dialect: 'postgres',
+			dialectOptions: dialectOptions
 		}
 	);
 

src/utils/index.js

@@ -6,7 +6,7 @@
   } ],
   "info" : {
     "description" : "An emergency response and contact management API.",
-    "version" : "1.1.0",
+    "version" : "1.1.1",
     "title" : "Bmore Responsive",
     "contact" : {
       "email" : "[email protected]"