1
0
Fork 1
impress/app/javascript/wardrobe-2020/WardrobePage/support/useSupport.js
Emi Matchu 4fff8d88f2 Add support_staff flag to user record; they can use Support tools
A little architecture trick here! DTI 2020 authorizes support staff
requests by means of a secret token, instead of user account stuff. And
our support tools still all call DTI 2020 APIs.

So here, we bridge the gap: we copy DTI 2020's support secret to this
app's environment variables (I needed to update
`deploy/files/production.env` and run `bin/deploy:setup` for this!),
then users with the new `support_secret` flag have it added to their
HTML documents in the meta tags. Then, the JS reads the meta tag.

I also fixed an issue in the `deploy/setup.yml` playbook, where I had
temporarily commented some stuff out to skip steps one time, and forgot
to uncomment them after oops lol!
2024-01-29 04:21:19 -08:00

35 lines
1.3 KiB
JavaScript

import * as React from "react";
import { getSupportSecret } from "../../impress-2020-config";
/**
* useSupport returns the Support secret that the server requires for Support
* actions... if the user has it set. For most users, this returns nothing!
*
* This is specifically for communications for Impress 2020, which authorizes
* support requests using a shared support secret instead of user accounts.
* (This isn't a great model, we should abandon it in favor of true authorized
* requests as we deprecate Impress 2020!)
*
* Specifically, we return an object of:
* - isSupportUser: true iff the `supportSecret` is set
* - supportSecret: the secret saved to this device, or null if not set
*
* To become a Support user, get the `support_staff` flag set on your user
* account. Then, `getSupportSecret` will read the support secret from the HTML
* document. (If the flag is off, the HTML document does not contain the
* secret.)
*
* Note that this hook doesn't check that the secret is *correct*, so it's
* possible that it will return an invalid secret. That's okay, because
* the server checks the provided secret for each Support request.
*/
function useSupport() {
const supportSecret = getSupportSecret();
const isSupportUser = supportSecret != null;
return { isSupportUser, supportSecret };
}
export default useSupport;