fix membership

Author: devksingh4

src/api/functions/membership.ts

@@ -60,7 +60,11 @@ export async function checkPaidMembershipFromEntra(
   paidMemberGroup: string,
 ): Promise<boolean> {
   try {
-    return isUserInGroup(entraToken, `${netId}@illinois.edu`, paidMemberGroup);
+    return await isUserInGroup(
+      entraToken,
+      `${netId}@illinois.edu`,
+      paidMemberGroup,
+    );
   } catch (e) {
     if (e instanceof EntraGroupError) {
       return false;

src/api/functions/validation.ts

@@ -8,5 +8,5 @@ export function validateEmail(email: string): boolean {
 
 export function validateNetId(netId: string): boolean {
   const regex = /^[a-zA-Z]{2}[a-zA-Z\-]*(?:[2-9]|[1-9][0-9]{1,2})?$/;
-  return netId.length <= 8 && regex.test(netId);
+  return netId.length >= 3 && netId.length <= 8 && regex.test(netId);
 }

src/api/routes/membership.ts

@@ -12,6 +12,9 @@ import { getRoleCredentials } from "api/functions/sts.js";
 import { SecretsManagerClient } from "@aws-sdk/client-secrets-manager";
 import { DynamoDBClient } from "@aws-sdk/client-dynamodb";
 
+const NONMEMBER_CACHE_SECONDS = 1800; // 30 minutes
+const MEMBER_CACHE_SECONDS = 43200; // 12 hours
+
 const membershipPlugin: FastifyPluginAsync = async (fastify, _options) => {
   const getAuthorizedClients = async () => {
     if (roleArns.Entra) {
@@ -67,12 +70,19 @@ const membershipPlugin: FastifyPluginAsync = async (fastify, _options) => {
           message: `${netId} is not a valid Illinois NetID!`,
         });
       }
+      if (fastify.nodeCache.get(`isMember_${netId}`) !== undefined) {
+        return reply.header("X-ACM-Data-Source", "cache").send({
+          netId,
+          isPaidMember: fastify.nodeCache.get(`isMember_${netId}`),
+        });
+      }
       const isDynamoMember = await checkPaidMembershipFromTable(
         netId,
         fastify.dynamoClient,
       );
       // check Dynamo cache first
       if (isDynamoMember) {
+        fastify.nodeCache.set(`isMember_${netId}`, true, MEMBER_CACHE_SECONDS);
         return reply
           .header("X-ACM-Data-Source", "dynamo")
           .send({ netId, isPaidMember: true });
@@ -89,12 +99,18 @@ const membershipPlugin: FastifyPluginAsync = async (fastify, _options) => {
         paidMemberGroup,
       );
       if (isAadMember) {
+        fastify.nodeCache.set(`isMember_${netId}`, true, MEMBER_CACHE_SECONDS);
         reply
           .header("X-ACM-Data-Source", "aad")
           .send({ netId, isPaidMember: true });
         await setPaidMembershipInTable(netId, fastify.dynamoClient);
         return;
       }
+      fastify.nodeCache.set(
+        `isMember_${netId}`,
+        false,
+        NONMEMBER_CACHE_SECONDS,
+      );
       return reply
         .header("X-ACM-Data-Source", "aad")
         .send({ netId, isPaidMember: false });

tests/live/membership.test.ts

@@ -15,7 +15,10 @@ describe("Membership API basic checks", async () => {
       netId: "dsingh14",
       isPaidMember: true,
     });
-    expect(response.headers.get("x-acm-data-source")).toBe("dynamo");
+
+    const wasCached = (value: string | null) => value && value !== "aad";
+
+    expect(wasCached(response.headers.get("x-acm-data-source"))).toBe(true);
   });
   test(
     "Test that getting non-members succeeds",
@@ -32,10 +35,9 @@ describe("Membership API basic checks", async () => {
         netId: "zzzz",
         isPaidMember: false,
       });
-      expect(response.headers.get("x-acm-data-source")).toBe("aad");
     },
   );
-  test("Test that invalid NetID is rejected", { timeout: 3000 }, async () => {
+  test("Test that too long NetID is rejected", { timeout: 3000 }, async () => {
     const response = await fetch(
       `${baseEndpoint}/api/v1/membership/dsafdsfdsfsdafsfsdfasfsfsfds`,
       {
@@ -44,5 +46,14 @@ describe("Membership API basic checks", async () => {
     );
 
     expect(response.status).toBe(400);
+    expect(response.headers.get("x-acm-data-source")).toBeUndefined();
+  });
+  test("Test that too short NetID is rejected", { timeout: 3000 }, async () => {
+    const response = await fetch(`${baseEndpoint}/api/v1/membership/ds`, {
+      method: "GET",
+    });
+
+    expect(response.status).toBe(400);
+    expect(response.headers.get("x-acm-data-source")).toBeUndefined();
   });
 });