Use id token for role check (#923)

maffin-io · May 28, 2024 · a9f3e08 · a9f3e08
1 parent c4676ed
commit a9f3e08
Show file tree

Hide file tree

Showing 8 changed files with 14 additions and 17 deletions.
diff --git a/src/__tests__/app/actions/getTodayPrices.test.ts b/src/__tests__/app/actions/getTodayPrices.test.ts
@@ -30,7 +30,7 @@ describe('getTodayPrices', () => {
   });
 
   it('returns empty when not premium user', async () => {
-    jest.spyOn(jwt, 'getRoles').mockResolvedValue({ isPremium: false, isBeta: true });
+    jest.spyOn(jwt, 'getRoles').mockReturnValue({ isPremium: false, isBeta: true });
     jest.spyOn(yahoo, 'default').mockImplementation();
 
     const prices = await getTodayPrices({
@@ -42,7 +42,7 @@ describe('getTodayPrices', () => {
   });
 
   it('calls getPrices when premium user', async () => {
-    jest.spyOn(jwt, 'getRoles').mockResolvedValue({ isPremium: true, isBeta: true });
+    jest.spyOn(jwt, 'getRoles').mockReturnValue({ isPremium: true, isBeta: true });
 
     const yahooPrices = {
       A: {

diff --git a/src/__tests__/app/actions/plaid.test.ts b/src/__tests__/app/actions/plaid.test.ts
@@ -19,7 +19,7 @@ describe('createLinkToken', () => {
       },
     } as AxiosResponse);
     jest.spyOn(jwt, 'verify').mockImplementation();
-    jest.spyOn(jwt, 'getRoles').mockResolvedValue({ isPremium: true, isBeta: true });
+    jest.spyOn(jwt, 'getRoles').mockReturnValue({ isPremium: true, isBeta: true });
   });
 
   afterEach(() => {
@@ -35,7 +35,7 @@ describe('createLinkToken', () => {
   });
 
   it('returns empty when not beta user', async () => {
-    jest.spyOn(jwt, 'getRoles').mockResolvedValue({ isPremium: true, isBeta: false });
+    jest.spyOn(jwt, 'getRoles').mockReturnValue({ isPremium: true, isBeta: false });
 
     const token = await createLinkToken({
       userId: 'user-id',

diff --git a/src/__tests__/hooks/useSession.test.ts b/src/__tests__/hooks/useSession.test.ts
@@ -2,7 +2,6 @@ import { renderHook, waitFor } from '@testing-library/react';
 import * as auth0 from '@auth0/auth0-react';
 
 import useSession from '@/hooks/useSession';
-import * as jwt from '@/lib/jwt';
 
 jest.mock('next/navigation');
 
@@ -20,9 +19,7 @@ describe('useSession', () => {
   beforeEach(() => {
     jest.spyOn(auth0, 'useAuth0').mockReturnValue({
       isAuthenticated: false,
-      getAccessTokenSilently: jest.fn() as Function,
     } as auth0.Auth0ContextInterface<auth0.User>);
-    jest.spyOn(jwt, 'getRoles').mockResolvedValue({ isPremium: true, isBeta: true });
   });
 
   it('returns emptyUser when no user', async () => {
@@ -42,11 +39,11 @@ describe('useSession', () => {
       email: '[email protected]',
       name: 'name',
       accessToken: 'accessToken',
+      'https://maffin/roles': ['premium', 'beta'],
     } as auth0.User;
     jest.spyOn(auth0, 'useAuth0').mockReturnValue({
       isAuthenticated: true,
       user,
-      getAccessTokenSilently: jest.fn() as Function,
     } as auth0.Auth0ContextInterface<auth0.User>);
 
     const { result } = renderHook(() => useSession());

diff --git a/src/__tests__/lib/jwt.test.ts b/src/__tests__/lib/jwt.test.ts
@@ -35,14 +35,14 @@ describe('getRoles', () => {
       'https://maffin/roles': ['premium', 'beta'],
     });
 
-    expect(await getRoles('token')).toEqual({ isPremium: true, isBeta: true });
+    expect(getRoles('token')).toEqual({ isPremium: true, isBeta: true });
   });
 
   it('returns false', async () => {
     jest.spyOn(jwt, 'decode').mockReturnValue({
       'https://maffin/roles': [],
     });
 
-    expect(await getRoles('token')).toEqual({ isPremium: false, isBeta: false });
+    expect(getRoles('token')).toEqual({ isPremium: false, isBeta: false });
   });
 });
diff --git a/src/app/actions/getTodayPrices.ts b/src/app/actions/getTodayPrices.ts
@@ -18,7 +18,7 @@ export default async function getTodayPrices({
   accessToken: string,
 }): Promise<{ [ticker: string]: Price }> {
   await verify(accessToken);
-  if (!(await getRoles(accessToken)).isPremium) {
+  if (!getRoles(accessToken).isPremium) {
     return {};
   }
 

diff --git a/src/app/actions/plaid.ts b/src/app/actions/plaid.ts
@@ -31,7 +31,7 @@ export async function createLinkToken({
   accessToken: string,
 }): Promise<string> {
   await verify(accessToken);
-  if (!(await getRoles(accessToken)).isBeta) {
+  if (!getRoles(accessToken).isBeta) {
     return '';
   }
 

diff --git a/src/hooks/useSession.tsx b/src/hooks/useSession.tsx
@@ -2,8 +2,6 @@ import React from 'react';
 import { useAuth0 } from '@auth0/auth0-react';
 import type { User, Auth0ContextInterface } from '@auth0/auth0-react';
 
-import { getRoles } from '@/lib/jwt';
-
 const emptyUser: User = {
   name: '',
   email: '',
@@ -53,8 +51,10 @@ export default function useSession(): SessionReturn {
    */
   React.useEffect(() => {
     async function load() {
-      const accessToken = await auth0.getAccessTokenSilently();
-      setRoles(await getRoles(accessToken));
+      setRoles({
+        isPremium: (auth0.user as User)['https://maffin/roles'].includes('premium'),
+        isBeta: (auth0.user as User)['https://maffin/roles'].includes('beta'),
+      });
     }
 
     if (auth0.isAuthenticated) {

diff --git a/src/lib/jwt.ts b/src/lib/jwt.ts
@@ -27,7 +27,7 @@ export async function verify(token: string): Promise<JwtPayload> {
   return verified;
 }
 
-export async function getRoles(token: string): Promise<{ isPremium: boolean, isBeta: boolean }> {
+export function getRoles(token: string): { isPremium: boolean, isBeta: boolean } {
   const decoded = jwt.decode(token) as JwtPayload;
   return {
     isPremium: decoded['https://maffin/roles'].includes('premium'),