From 772369d5258effaf00ddfef1b1b1bf21264b3a7c Mon Sep 17 00:00:00 2001 From: Michael Shihjay Chen Date: Wed, 25 Sep 2024 21:37:50 -0700 Subject: [PATCH] add notify --- components/magicLink/login.tsx | 2 +- pages/api/as/notify.ts | 63 ++++++++++++++++++++++++++++++++++ 2 files changed, 64 insertions(+), 1 deletion(-) create mode 100644 pages/api/as/notify.ts diff --git a/components/magicLink/login.tsx b/components/magicLink/login.tsx index 8f80f95d..0c207519 100644 --- a/components/magicLink/login.tsx +++ b/components/magicLink/login.tsx @@ -338,7 +338,7 @@ export default function Login({ challenge, clinical=false, authonly=false, clien {isChecking ? (Check your e-mail to verify...) : (
)} - {isTimeout ? (Verification Timed Out - Click on the link below to try again...) : (
)} + {isTimeout ? (Verification Timed Out - Click on the link below to try again...) : (
)} {authonly || clinical ? ( New to Trustee? Create your Passkey ) : ( diff --git a/pages/api/as/notify.ts b/pages/api/as/notify.ts new file mode 100644 index 00000000..2221aa55 --- /dev/null +++ b/pages/api/as/notify.ts @@ -0,0 +1,63 @@ +import { NextApiRequest, NextApiResponse } from 'next'; +import NextCors from 'nextjs-cors'; +import verifySig from '../../../lib/verifySig'; +import verifyJWT from '../../../lib/verifyJWT'; +import objectPath from 'object-path'; +import fs from 'fs'; +import path from 'path'; + +const domain: string = process.env.DOMAIN !== undefined ? process.env.DOMAIN: ''; + +async function handler(req: NextApiRequest, res: NextApiResponse) { + await NextCors(req, res, { + methods: ["POST"], + origin: '*', + optionsSuccessStatus: 200 + }); + if (await verifySig(req)) { + if (objectPath.has(req, 'body.to')) { + let proceed = false; + if (req.headers['authorization'] !== undefined) { + const jwt = req.headers['authorization'].split(' ')[1]; + if (await verifyJWT(jwt, objectPath.get(req, 'body.access.ro'))) { + proceed = true; + } + } + if (proceed) { + const access = req.body.access.join(', '); + const message = req.body.from + '(' + req.body.from_email + ') has invited you to ' + access + ' the folowing health record:'; + const htmlContent = fs.readFileSync(path.join(process.cwd(), 'public', 'email.html'), 'utf-8'); + const htmlFinal = htmlContent.replace(/[\r\n]+/gm, '') + .replace('@title', 'HIE of One - Health Record Shared With You') + .replace('@previewtext', 'HIE of One - Health Record Shared With You') + .replace('@paragraphtext', `

${req.body.from} shared a health record resource

${message}`) + .replace('@2paragraphtext', '') + .replaceAll('@link', req.body.url) + .replace('@buttonstyle', 'display:block') + .replace('@buttontext', 'Link to their Personal Health Record'); + const sendmail = await fetch(domain + "/api/sendmail", { + method: "POST", + headers: { + "Content-Type": "application/json", + }, + body: JSON.stringify({ + email: req.body.privilege, + subject: "HIE of One - Resource Privilege Approved", + html: htmlFinal, + }) + }); + const { error } = await sendmail.json(); + if (error) { + console.log(error); + } + res.status(200).json({success: true}); + } else { + res.status(401).send('Unauthorized - verify JWT failed'); + } + } + } else { + res.status(401).send('Unauthorized - verify signature failed'); + } +} + +export default handler;