Merge pull request #171 from ufabc-next/fix/facebook-login

Fix/facebook login
ufabc-next · Feb 11, 2025 · 80e3efb · 80e3efb
2 parents 8c27c31 + 859b443
commit 80e3efb
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 6 deletions.
diff --git a/app/agenda/jobs.js b/app/agenda/jobs.js
@@ -4,7 +4,7 @@ const DEFAULT_OPTIONS = {
 
 module.exports = function (agenda) {
   agenda.on('ready', async function() {
-    agenda.every('2 minutes', 'syncMatriculas', {}, DEFAULT_OPTIONS)
-    agenda.start()
+    // agenda.every('2 minutes', 'syncMatriculas', {}, DEFAULT_OPTIONS)
+    // agenda.start()
   })
 }
diff --git a/app/api/facebook/func.js b/app/api/facebook/func.js
@@ -3,16 +3,28 @@ const app = require("@/app");
 module.exports = async (context) => {
   const { ra, email } = context.body;
 
-  const user = await app.models.users.findOne({
+  // Find user by RA first
+  const user = await app.models.users.findOne({ 
     ra,
-    $or: [{ "oauth.facebookEmail": email }, { "oauth.email": email }],
+    $or: [{ "oauth.facebookEmail": email }, { "oauth.email": email }], 
+    'oauth.facebook': { $exists: true } 
   });
 
   if (!user) {
-    throw new Error("User does not exists");
+    throw new Error('User does not exist');
   }
 
+  const userEmails = [
+    user.oauth?.emailFacebook,
+    user.oauth?.email,
+  ].filter(Boolean);
+
+  if (!userEmails.includes(email)) {
+    throw new Error('Email does not match the registered email for this RA');
+  }
+
+  // Generate JWT token only if email matches
   return {
-    token: user.generateJWT(),
+    token: user.generateJWT()
   };
 };