same token for dev

2022-03-02 20:03:32 -05:00 · 2022-03-02 20:03:32 -05:00 · 9324aa589b
parent f82d569671
commit 9324aa589b
2 changed files with 10 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -89,3 +89,11 @@ The athena websockets interface is not implemented yet, so the comma app and ath
 ![image](https://user-images.githubusercontent.com/48515354/118385075-2a459c80-b60c-11eb-976c-bc331a609391.png)

 ![image](https://user-images.githubusercontent.com/48515354/118385084-37fb2200-b60c-11eb-8d3e-6db458827808.png)
+
+
+## UAT
+
+Launch with:
+```
+docker-compose -f docker-compose.yml -f docker-compose.uat.yml up -d
+```
--- a/routes/useradmin.js
+++ b/routes/useradmin.js
@ -104,14 +104,14 @@ router.post('/useradmin/register/token', bodyParser.urlencoded({ extended: true
    return res.redirect(`/useradmin/register?status=${encodeURIComponent('Email is already registered')}`);
  }

-  const token = crypto.createHmac('sha256', process.env.APP_SALT).update(email.trim()).digest('hex');
+  const token = (process.env.NODE_ENV === 'development') ? 'verysecrettoken' : crypto.createHmac('sha256', process.env.APP_SALT).update(email.trim()).digest('hex');

  let infoText = '';

  if (req.body.token === undefined) { // email entered, token request
    infoText = 'Please check your inbox (<b>SPAM</b>) for an email with the registration token.<br>If the token was not delivered, please ask the administrator to check the <i>server.log</i> for the token generated for your email.<br><br>';

-    const emailStatus = await mailingController.sendEmailVerification(token, email);
+    await mailingController.sendEmailVerification(token, email);
  } else if (req.body.token !== token) {
    infoText = 'The registration token you entered was incorrect, please try again.<br><br>';
  } else if (req.body.password !== req.body.password2 || req.body.password.length < 3) {