Add extra check to make sure the account isn't from a disallowed domain (#71)

Signed-off-by: Marquis Kurt <software@marquiskurt.net>
2019-09-22 14:23:11 -04:00 · 2019-09-22 14:23:11 -04:00 · cbb730b793
parent 474df9fb81
commit cbb730b793
2 changed files with 761 additions and 678 deletions
--- a/src/pages/Welcome.tsx
+++ b/src/pages/Welcome.tsx
--- a/src/utilities/login.tsx
+++ b/src/utilities/login.tsx
@ -8,35 +8,35 @@ import Mastodon from "megalodon";
 * @param redirect_uri The URL to redirect to when authorizing
 */
 export function createHyperspaceApp(
-  name: string,
-  scopes: string,
-  baseurl: string,
-  redirect_uri: string
+    name: string,
+    scopes: string,
+    baseurl: string,
+    redirect_uri: string
 ) {
-  let appName =
-    name === "Hyperspace" ? "Hyperspace" : `${name} (Hyperspace-like)`;
-  return Mastodon.createApp(
-    appName,
-    {
-      scopes: scopes,
-      redirect_uris: redirect_uri,
-      website: "https://hyperspace.marquiskurt.net"
-    },
-    baseurl
-  ).then(appData => {
-    return Mastodon.generateAuthUrl(
-      appData.clientId,
-      appData.clientSecret,
-      {
-        redirect_uri: redirect_uri,
-        scope: scopes
-      },
-      baseurl
-    ).then(url => {
-      appData.url = url;
-      return appData;
+    let appName =
+        name === "Hyperspace" ? "Hyperspace" : `${name} (Hyperspace-like)`;
+    return Mastodon.createApp(
+        appName,
+        {
+            scopes: scopes,
+            redirect_uris: redirect_uri,
+            website: "https://hyperspace.marquiskurt.net"
+        },
+        baseurl
+    ).then(appData => {
+        return Mastodon.generateAuthUrl(
+            appData.clientId,
+            appData.clientSecret,
+            {
+                redirect_uri: redirect_uri,
+                scope: scopes
+            },
+            baseurl
+        ).then(url => {
+            appData.url = url;
+            return appData;
+        });
    });
-  });
 }

 /**
@ -44,14 +44,24 @@ export function createHyperspaceApp(
 * @param type The address or configuration to use
 */
 export function getRedirectAddress(
-  type: "desktop" | "dynamic" | string
+    type: "desktop" | "dynamic" | string
 ): string {
-  switch (type) {
-    case "desktop":
-      return "hyperspace://hyperspace/app/";
-    case "dynamic":
-      return `https://${window.location.host}`;
-    default:
-      return type;
-  }
+    switch (type) {
+        case "desktop":
+            return "hyperspace://hyperspace/app/";
+        case "dynamic":
+            return `https://${window.location.host}`;
+        default:
+            return type;
+    }
+}
+
+/**
+ * Determine whether a base URL is in the 'disallowed' domains section.
+ * @param domain The URL to test
+ * @returns Boolean dictating the URL's presence in disallowed domains
+ */
+export function inDisallowedDomains(domain: string): boolean {
+    let disallowed = ["gab.com"];
+    return disallowed.includes(domain);
 }