Gate the app behind Google sign-in restricted to verified @theodo.com identities, and record the real reporter on filed defects (F9). - nuxt-auth-utils for sealed cookie sessions + the Google OAuth handler, mounted at /auth/google/callback to match the registered redirect URI. - isAllowedGoogleUser re-derives the domain from Google's verified email; the spoofable `hd` claim is deliberately ignored (DESIGN T9). - Default-deny: server middleware 401s unauthenticated /api calls (health and the session endpoint excepted); a global route middleware redirects unauthenticated page navigations to /login. - getReporter() now reads the session email instead of the dev stub. - Env contract moves to nuxt-auth-utils names (NUXT_SESSION_PASSWORD, NUXT_OAUTH_GOOGLE_*); .env.example, compose and README updated. Unit-tested: domain check (incl. hd-spoof + look-alike) and public-path matching. Live OAuth round-trip pending manual verification.
16 lines
667 B
TypeScript
16 lines
667 B
TypeScript
import { type } from 'arktype'
|
|
import { getDb } from '../db/client'
|
|
import { createDefect } from '../db/repositories/defects'
|
|
import { DefectInput } from '../utils/defectInput'
|
|
import { getReporter } from '../utils/getReporter'
|
|
|
|
// File a defect against a board section (F2). Reporter comes from the seam,
|
|
// not the client; the timestamp defaults in the DB.
|
|
export default defineEventHandler(async (event) => {
|
|
const input = DefectInput(await readBody(event))
|
|
if (input instanceof type.errors) {
|
|
throw createError({ statusCode: 400, statusMessage: input.summary })
|
|
}
|
|
return createDefect(getDb(), { ...input, reporterEmail: await getReporter(event) })
|
|
})
|