Merge branch 'main' into MNTOR-2248

.env

@@ -111,7 +111,8 @@ E2E_TEST_BASE_URL=
 E2E_TEST_ACCOUNT_EMAIL=
 E2E_TEST_ACCOUNT_PASSWORD=
 
-E2E_TEST_ACCOUNT_EMAIL_ZERO_BREACHES=
+E2E_TEST_ACCOUNT_EMAIL_ZERO_BROKERS=
+E2E_TEST_ACCOUNT_EMAIL_ZERO_BREACHES_ZERO_BROKERS=
 E2E_TEST_ACCOUNT_EMAIL_EXPOSURES_STARTED=
 
 E2E_TEST_PAYPAL_LOGIN =

.env.local.example

@@ -26,7 +26,8 @@ DATABASE_URL="postgres://blurts:blurts@localhost:5432/blurts"
 # Set these to be able to run end-to-end tests locally
 E2E_TEST_ACCOUNT_EMAIL=
 E2E_TEST_ACCOUNT_PASSWORD=
-E2E_TEST_ACCOUNT_EMAIL_ZERO_BREACHES=
+E2E_TEST_ACCOUNT_EMAIL_ZERO_BROKERS=
+E2E_TEST_ACCOUNT_EMAIL_ZERO_BREACHES_ZERO_BROKERS=
 E2E_TEST_ACCOUNT_EMAIL_EXPOSURES_STARTED=
 E2E_TEST_PAYPAL_LOGIN =
 E2E_TEST_PAYPAL_PASSWORD =

.github/workflows/build.yaml

@@ -12,7 +12,7 @@ jobs:
       - name: Use Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: '22.3.x'
+          node-version: '22.4.x'
       - run: npm ci
       - run: npm run build-glean
       # Verify that the build (incl. type-checking) succeeds

.github/workflows/e2e_cron.yml

@@ -21,7 +21,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: 22.3
+          node-version: 22.4
 
       - name: Install dependencies
         run: npm ci

.github/workflows/e2e_pr.yml

@@ -32,7 +32,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: 22.3
+          node-version: 22.4
 
       - name: Install dependencies
         run: npm ci
@@ -63,16 +63,17 @@ jobs:
         run: npm run e2e:smoke
         timeout-minutes: 10
         env:
-          E2E_TEST_ENV: ${{ inputs.environment != null && inputs.environment || 'local' }}
-          E2E_TEST_BASE_URL: ${{ secrets.E2E_TEST_BASE_URL }}
+          E2E_TEST_ENV: local
+          E2E_TEST_BASE_URL: http://localhost:6060
           E2E_TEST_ACCOUNT_EMAIL: ${{ secrets.E2E_TEST_ACCOUNT_EMAIL }}
           E2E_TEST_ACCOUNT_EMAIL_ZERO_BREACHES: ${{ secrets.E2E_TEST_ACCOUNT_EMAIL_ZERO_BREACHES }}
           E2E_TEST_ACCOUNT_EMAIL_EXPOSURES_STARTED: ${{ secrets.E2E_TEST_ACCOUNT_EMAIL_EXPOSURES_STARTED }}
           E2E_TEST_ACCOUNT_PASSWORD: ${{ secrets.E2E_TEST_ACCOUNT_PASSWORD }}
           E2E_TEST_PAYPAL_LOGIN:  ${{ secrets.E2E_TEST_PAYPAL_LOGIN }}
           E2E_TEST_PAYPAL_PASSWORD: ${{ secrets.E2E_TEST_PAYPAL_PASSWORD }}
           ADMINS: ${{ secrets.ADMINS }}
-          OAUTH_CLIENT_SECRET: ${{ secrets.OAUTH_CLIENT_SECRET }}
+          OAUTH_CLIENT_SECRET: ${{ secrets.OAUTH_CLIENT_SECRET_LOCAL }}
+          OAUTH_ACCOUNT_URI: ${{ secrets.OAUTH_ACCOUNT_URI }}
           ONEREP_API_KEY: ${{ secrets.ONEREP_API_KEY }}
           NEXTAUTH_SECRET: ${{ secrets.NEXTAUTH_SECRET }}
           NEXTAUTH_URL: ${{ secrets.NEXTAUTH_URL }}

.github/workflows/lint.yaml

@@ -12,7 +12,7 @@ jobs:
       - name: Use Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: '22.3.x'
+          node-version: '22.4.x'
       - run: npm ci
       - run: npm run build-glean
       - run: npm run build-nimbus

.github/workflows/unittests.yaml

@@ -12,7 +12,7 @@ jobs:
       - name: Use Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: '22.3.x'
+          node-version: '22.4.x'
       - run: npm ci
       - run: npm run build-glean
       - run: npm test

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:22.3-alpine
+FROM node:22.4-alpine
 
 RUN addgroup -g 10001 app && \
     adduser -D -G app -h /app -u 10001 app

Dockerfile.cloudrun

@@ -1,4 +1,4 @@
-FROM node:22.3-alpine
+FROM node:22.4-alpine
 
 RUN addgroup -g 10001 app && \
     adduser -D -G app -h /app -u 10001 app

esbuild.cronjobs.js

@@ -21,6 +21,6 @@ build({
   format: "esm",
   outdir: "dist/scripts/cronjobs/",
   sourcemap: true,
-  target: "node22.3",
+  target: "node22.4",
   packages: "external",
 });

netlify.toml

@@ -18,4 +18,4 @@
   # Default build command.
   command = "npm ci; npm run build-storybook"
 
-  environment = { NODE_VERSION = "22.3.0", NPM_VERSION = "10.8.0" }
+  environment = { NODE_VERSION = "22.4.1", NPM_VERSION = "10.8.1" }

package.json

@@ -3,7 +3,7 @@
   "version": "1.0.0",
   "description": "Firefox Monitor",
   "engines": {
-    "node": "22.3.x",
+    "node": "22.4.x",
     "npm": "10.8.x"
   },
   "type": "module",
@@ -56,8 +56,8 @@
   "homepage": "https://github.com/mozilla/blurts-server",
   "license": "MPL-2.0",
   "volta": {
-    "node": "22.3.0",
-    "npm": "10.8.0"
+    "node": "22.4.1",
+    "npm": "10.8.1"
   },
   "dependencies": {
     "@aws-sdk/client-s3": "^3.614.0",

src/app/(proper_react)/(redesign)/(authenticated)/user/(dashboard)/dashboard/[[...slug]]/page.tsx

@@ -57,7 +57,7 @@ type Props = {
 export default async function DashboardPage({ params, searchParams }: Props) {
   const session = await getServerSession();
   if (!checkSession(session) || !session?.user?.subscriber?.id) {
-    return redirect("/");
+    return redirect("/auth/logout");
   }
 
   const { slug } = params;

src/app/(proper_react)/(redesign)/(authenticated)/user/(dashboard)/settings/page.tsx

@@ -23,6 +23,7 @@ import { getExperiments } from "../../../../../../functions/server/getExperiment
 import { getLocale } from "../../../../../../functions/universal/getLocale";
 import { getCountryCode } from "../../../../../../functions/server/getCountryCode";
 import { getSubscriberById } from "../../../../../../../db/tables/subscribers";
+import { checkSession } from "../../../../../../functions/server/checkSession";
 import { checkUserHasMonthlySubscription } from "../../../../../../functions/universal/user";
 
 type Props = {
@@ -35,8 +36,8 @@ export default async function SettingsPage({ searchParams }: Props) {
   const session = await getServerSession();
   console.debug(searchParams);
 
-  if (!session?.user?.subscriber?.id) {
-    return redirect("/");
+  if (!session?.user?.subscriber?.id || !checkSession(session)) {
+    return redirect("/auth/logout");
   }
 
   const emailAddresses = await getUserEmails(session.user.subscriber.id);

src/app/api/mock/hibp/breaches/route.ts

@@ -0,0 +1,21 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+import { NextResponse } from "next/server";
+import { logger } from "../../../../functions/server/logging";
+import mockAllBreaches from "../mockData/mockAllBreaches.json";
+import { errorIfProduction } from "../../../utils/errorThrower";
+import { Breach } from "../../../../functions/universal/breach";
+import { HibpLikeDbBreach } from "../../../../../utils/hibp";
+
+type BreachesListResponse = (Breach | HibpLikeDbBreach)[];
+
+export function GET() {
+  const prodError = errorIfProduction();
+  if (prodError) return prodError;
+
+  logger.info("Mock endpoint: /breaches");
+
+  return NextResponse.json(mockAllBreaches.data as BreachesListResponse);
+}

src/app/api/mock/hibp/config/defaults.ts

@@ -0,0 +1,15 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+import mockBreaches from "../mockData/mockBreaches.json";
+import { hashToEmailKeyMap } from "../../../utils/mockUtils";
+
+export interface BreachMap {
+  [key: string]: string[];
+}
+
+export const getBreachesForHash = (hash: string) => {
+  const key = hashToEmailKeyMap[hash] || "default";
+  return (mockBreaches as BreachMap)[key] || [];
+};

src/app/api/mock/hibp/config/route.ts

@@ -0,0 +1,82 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+import { NextRequest, NextResponse } from "next/server";
+// import { isAdmin } from "../../../utils/auth";
+import fs from "fs";
+import path from "path";
+import { errorIfNotLocal } from "../../../utils/errorThrower";
+import mockBreaches from "../mockData/mockBreaches.json";
+import { logger } from "../../../../functions/server/logging";
+
+// type hibpConfigReq = {
+//   email: string;
+//   breachesNames: string[];
+//   erase?: boolean;
+// };
+
+export function PUT(req: NextRequest) {
+  const checks = errorIfNotLocal();
+  if (checks !== null) return checks;
+
+  logger.info(
+    `Mock OneRep endpoint: Attempted to access ${updateJsonFile.name}. (${req.bodyUsed})`,
+  );
+  return NextResponse.json(
+    { error: "Endpoint not available yet" },
+    { status: 403 },
+  );
+
+  // const data = await req.json();
+  // const { email, erase = false, breachesNames } = data as hibpConfigReq;
+
+  // if (!isAdmin(email)) {
+  //   return NextResponse.json(
+  //     { error: "Mock endpoint HIBP: Unauthorized to access the endpoint" },
+  //     { status: 401 },
+  //   );
+  // }
+  // return updateJsonFile(erase, breachesNames);
+}
+
+function updateJsonFile(erase: boolean, breachesNames: string[]) {
+  // Define the path to the JSON file
+  const jsonFilePath = path.join(
+    process.cwd(),
+    "./src/app/api/mock/hibp/data/mockBreaches.json",
+  );
+
+  // Read the current JSON from the file
+  const fileData = fs.readFileSync(jsonFilePath, "utf8");
+  const jsonData = JSON.parse(fileData);
+
+  try {
+    jsonData.data = [
+      {
+        hashSuffix: "",
+        websites: erase ? mockBreaches.default : breachesNames,
+      },
+    ];
+
+    fs.writeFileSync(
+      jsonFilePath,
+      JSON.stringify(jsonData, null, 2) + "\n",
+      "utf8",
+    );
+
+    return NextResponse.json(
+      {
+        message:
+          "Mock endpoint HIBP: default JSON data has been successfully updated.",
+      },
+      { status: 200 },
+    );
+  } catch (error) {
+    console.error("Mock endpoint HIBP: Failed to update JSON:", error);
+    return NextResponse.json(
+      { message: "Mock endpoint HIBP: Failed to update JSON data." },
+      { status: 500 },
+    );
+  }
+}