ra/auditly
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ok

Browse Source
This commit is contained in:
Ra
2025-09-02 15:55:26 -07:00
parent 27dab3ca9a
commit 8922793188
2 changed files with 52 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
functions/index.js
View File

@@ -1,11 +1,10 @@
const { onRequest } = require("firebase-functions/v2/https"); const { onRequest } = require("firebase-functions/v2/https");
const { setGlobalOptions } = require("firebase-functions/v2"); const { setGlobalOptions, logger } = require("firebase-functions/v2");
const admin = require("firebase-admin"); const admin = require("firebase-admin");
const { VertexAI } = require('@google-cloud/vertexai'); const { VertexAI } = require('@google-cloud/vertexai');
const Stripe = require("stripe"); const Stripe = require("stripe");
// Set global options for all functions to use us-central1 region // Set global options for all functions to use us-central1 region
setGlobalOptions({ cors: true });
const serviceAccount = require("./auditly-consulting-firebase-adminsdk-fbsvc-e4b51ef5cf.json"); const serviceAccount = require("./auditly-consulting-firebase-adminsdk-fbsvc-e4b51ef5cf.json");
// const serviceAccount = require("./auditly-c0027-firebase-adminsdk-fbsvc-1db7c58141.json") // const serviceAccount = require("./auditly-c0027-firebase-adminsdk-fbsvc-1db7c58141.json")
@@ -433,8 +432,17 @@ const RESPONSE_FORMAT_COMPANY = {
//endregion Constants //endregion Constants
//region Helper Functions //region Helper Functions
const validateAuthAndGetContext = async (req) => { const validateAuthAndGetContext = async (req, res) => {
const authHeader = req.headers.authorization; const authHeader = req.headers.authorization;
if (req.method == "OPTIONS") {
res.headers['Access-Control-Allow-Origin'] = '*';
res.headers['Access-Control-Allow-Methods'] = 'GET, POST, OPTIONS';
res.headers['Access-Control-Allow-Headers'] = 'Authorization, Content-Type';
res.status(204).send('');
return false;
}
if (!authHeader || !authHeader.startsWith('Bearer ')) { if (!authHeader || !authHeader.startsWith('Bearer ')) {
throw new Error('Missing or invalid authorization header'); throw new Error('Missing or invalid authorization header');
} }
@@ -630,7 +638,7 @@ const verifyUserAuthorization = async (userId, orgId) => {
//endregion Helper Functions //endregion Helper Functions
//region Send OTP //region Send OTP
exports.sendOTP = onRequest(async (req, res) => { exports.sendOTP = onRequest({cors: true}, async (req, res) => {
if (req.method !== "POST") { if (req.method !== "POST") {
return res.status(405).json({ error: "Method not allowed" }); return res.status(405).json({ error: "Method not allowed" });
} }
@@ -672,7 +680,7 @@ exports.sendOTP = onRequest(async (req, res) => {
//endregion Send OTP //endregion Send OTP
//region Verify OTP //region Verify OTP
exports.verifyOTP = onRequest(async (req, res) => { exports.verifyOTP = onRequest({cors: true}, async (req, res) => {
if (req.method !== "POST") { if (req.method !== "POST") {
return res.status(405).json({ error: "Method not allowed" }); return res.status(405).json({ error: "Method not allowed" });
} }
@@ -811,7 +819,7 @@ exports.verifyOTP = onRequest(async (req, res) => {
//endregion Verify OTP //endregion Verify OTP
//region Create Invitation //region Create Invitation
exports.createInvitation = onRequest(async (req, res) => { exports.createInvitation = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
@@ -824,7 +832,7 @@ exports.createInvitation = onRequest(async (req, res) => {
try { try {
// Validate auth token and get user context // Validate auth token and get user context
const authContext = await validateAuthAndGetContext(req); const authContext = await validateAuthAndGetContext(req, res);
const { name, email, role = "employee", department } = req.body; const { name, email, role = "employee", department } = req.body;
if (!email || !name) { if (!email || !name) {
@@ -932,7 +940,7 @@ exports.createInvitation = onRequest(async (req, res) => {
//endregion Create Invitation //endregion Create Invitation
//region Get Invitation Status //region Get Invitation Status
exports.getInvitationStatus = onRequest(async (req, res) => { exports.getInvitationStatus = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -988,7 +996,7 @@ exports.getInvitationStatus = onRequest(async (req, res) => {
//endregion Get Invitation Status //endregion Get Invitation Status
//region Consume Invitation //region Consume Invitation
exports.consumeInvitation = onRequest(async (req, res) => { exports.consumeInvitation = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -1082,7 +1090,7 @@ exports.consumeInvitation = onRequest(async (req, res) => {
//endregion Consume Invitation //endregion Consume Invitation
//region Submit Employee Answers //region Submit Employee Answers
exports.submitEmployeeAnswers = onRequest(async (req, res) => { exports.submitEmployeeAnswers = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
@@ -1174,7 +1182,7 @@ exports.submitEmployeeAnswers = onRequest(async (req, res) => {
} }
} else { } else {
// Authenticated submission // Authenticated submission
const authContext = await validateAuthAndGetContext(req); const authContext = await validateAuthAndGetContext(req, res);
if (!employeeId || !answers) { if (!employeeId || !answers) {
return res.status(400).json({ error: "Employee ID and answers are required for authenticated submissions" }); return res.status(400).json({ error: "Employee ID and answers are required for authenticated submissions" });
@@ -1369,7 +1377,7 @@ Be thorough, professional, and focus on actionable insights.
//endregion Submit Employee Answers //endregion Submit Employee Answers
//region Generate Employee Report //region Generate Employee Report
exports.generateEmployeeReport = onRequest(async (req, res) => { exports.generateEmployeeReport = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
@@ -1489,7 +1497,7 @@ Be thorough, professional, and focus on actionable insights.
//endregion Generate Employee Report //endregion Generate Employee Report
//region Generate Company Report //region Generate Company Report
exports.generateCompanyReport = onRequest(async (req, res) => { exports.generateCompanyReport = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -1499,7 +1507,7 @@ exports.generateCompanyReport = onRequest(async (req, res) => {
return res.status(405).json({ error: "Method not allowed" }); return res.status(405).json({ error: "Method not allowed" });
} }
const authContext = await validateAuthAndGetContext(req); const authContext = await validateAuthAndGetContext(req, res);
const orgId = authContext.orgId; const orgId = authContext.orgId;
if (!orgId) { if (!orgId) {
@@ -1624,7 +1632,7 @@ Be thorough, professional, and focus on actionable insights.`;
//endregion Generate Company Report //endregion Generate Company Report
//region Chat //region Chat
exports.chat = onRequest(async (req, res) => { exports.chat = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
@@ -1716,7 +1724,7 @@ Instructions:
//endregion Chat //endregion Chat
//region Create Organization //region Create Organization
exports.createOrganization = onRequest(async (req, res) => { exports.createOrganization = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -1728,7 +1736,7 @@ exports.createOrganization = onRequest(async (req, res) => {
try { try {
// Validate auth token and get user context // Validate auth token and get user context
const authContext = await validateAuthAndGetContext(req); const authContext = await validateAuthAndGetContext(req, res);
const { name } = req.body; const { name } = req.body;
if (!name) { if (!name) {
@@ -1832,6 +1840,13 @@ exports.createOrganization = onRequest(async (req, res) => {
//region Get Organizations //region Get Organizations
exports.getUserOrganizations = onRequest(async (req, res) => { exports.getUserOrganizations = onRequest(async (req, res) => {
let authContext;
try {
authContext = await validateAuthAndGetContext(req, res);
} catch (error) {
logger.debug("Auth validation failed:", error);
return;
}
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
@@ -1844,7 +1859,6 @@ exports.getUserOrganizations = onRequest(async (req, res) => {
try { try {
// Validate auth token and get user context // Validate auth token and get user context
const authContext = await validateAuthAndGetContext(req);
// Get user's organizations // Get user's organizations
const userOrgsSnapshot = await db const userOrgsSnapshot = await db
@@ -1877,7 +1891,7 @@ exports.getUserOrganizations = onRequest(async (req, res) => {
//endregion Get Organizations //endregion Get Organizations
//region Join Organization //region Join Organization
exports.joinOrganization = onRequest(async (req, res) => { exports.joinOrganization = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -1889,7 +1903,7 @@ exports.joinOrganization = onRequest(async (req, res) => {
try { try {
// Validate auth token and get user context // Validate auth token and get user context
const authContext = await validateAuthAndGetContext(req); const authContext = await validateAuthAndGetContext(req, res);
const { inviteCode } = req.body; const { inviteCode } = req.body;
if (!inviteCode) { if (!inviteCode) {
@@ -2005,7 +2019,7 @@ exports.joinOrganization = onRequest(async (req, res) => {
// try { // try {
// // Validate auth token and get user context // // Validate auth token and get user context
// const authContext = await validateAuthAndGetContext(req); // const authContext = await validateAuthAndGetContext(req, res);
// const { userEmail, priceId } = req.body; // const { userEmail, priceId } = req.body;
// if (!userEmail) { // if (!userEmail) {
@@ -2154,7 +2168,7 @@ exports.joinOrganization = onRequest(async (req, res) => {
// try { // try {
// // Validate auth token and get user context // // Validate auth token and get user context
// const authContext = await validateAuthAndGetContext(req); // const authContext = await validateAuthAndGetContext(req, res);
// const orgId = authContext.orgId; // const orgId = authContext.orgId;
// if (!orgId) { // if (!orgId) {
@@ -2247,7 +2261,7 @@ exports.joinOrganization = onRequest(async (req, res) => {
//endregion Save Company Report //endregion Save Company Report
//region Get Org Data //region Get Org Data
exports.getOrgData = onRequest(async (req, res) => { exports.getOrgData = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -2259,7 +2273,7 @@ exports.getOrgData = onRequest(async (req, res) => {
try { try {
// Validate auth token and get user context // Validate auth token and get user context
const authContext = await validateAuthAndGetContext(req); const authContext = await validateAuthAndGetContext(req, res);
const orgId = authContext.orgId; const orgId = authContext.orgId;
if (!orgId) { if (!orgId) {
@@ -2290,7 +2304,7 @@ exports.getOrgData = onRequest(async (req, res) => {
//endregion Get Org Data //endregion Get Org Data
//region Update Organization Data //region Update Organization Data
exports.updateOrgData = onRequest(async (req, res) => { exports.updateOrgData = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -2302,7 +2316,7 @@ exports.updateOrgData = onRequest(async (req, res) => {
try { try {
// Validate auth token and get user context // Validate auth token and get user context
const authContext = await validateAuthAndGetContext(req); const authContext = await validateAuthAndGetContext(req, res);
const { data } = req.body; const { data } = req.body;
if (!data) { if (!data) {
@@ -2337,7 +2351,7 @@ exports.updateOrgData = onRequest(async (req, res) => {
//endregion Update Organization Data //endregion Update Organization Data
//region Get Employees //region Get Employees
exports.getEmployees = onRequest(async (req, res) => { exports.getEmployees = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -2349,7 +2363,7 @@ exports.getEmployees = onRequest(async (req, res) => {
try { try {
// Validate auth token and get user context // Validate auth token and get user context
const authContext = await validateAuthAndGetContext(req); const authContext = await validateAuthAndGetContext(req, res);
const orgId = authContext.orgId; const orgId = authContext.orgId;
if (!orgId) { if (!orgId) {
@@ -2384,7 +2398,7 @@ exports.getEmployees = onRequest(async (req, res) => {
//endregion Get Employees //endregion Get Employees
//region Get Submissions //region Get Submissions
exports.getSubmissions = onRequest(async (req, res) => { exports.getSubmissions = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -2396,7 +2410,7 @@ exports.getSubmissions = onRequest(async (req, res) => {
try { try {
// Validate auth token and get user context // Validate auth token and get user context
const authContext = await validateAuthAndGetContext(req); const authContext = await validateAuthAndGetContext(req, res);
const orgId = authContext.orgId; const orgId = authContext.orgId;
if (!orgId) { if (!orgId) {
@@ -2427,7 +2441,7 @@ exports.getSubmissions = onRequest(async (req, res) => {
//endregion Get Submissions //endregion Get Submissions
//region Get Reports //region Get Reports
exports.getReports = onRequest(async (req, res) => { exports.getReports = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -2439,7 +2453,7 @@ exports.getReports = onRequest(async (req, res) => {
try { try {
// Validate auth token and get user context // Validate auth token and get user context
const authContext = await validateAuthAndGetContext(req); const authContext = await validateAuthAndGetContext(req, res);
const orgId = authContext.orgId; const orgId = authContext.orgId;
if (!orgId) { if (!orgId) {
@@ -2523,7 +2537,7 @@ exports.getReports = onRequest(async (req, res) => {
//endregion Create/Update Employee //endregion Create/Update Employee
//region Save Report //region Save Report
exports.saveReport = onRequest(async (req, res) => { exports.saveReport = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -2574,7 +2588,7 @@ exports.saveReport = onRequest(async (req, res) => {
//endregion Save Report //endregion Save Report
//region Get Company Reports //region Get Company Reports
exports.getCompanyReports = onRequest(async (req, res) => { exports.getCompanyReports = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;
@@ -2585,7 +2599,7 @@ exports.getCompanyReports = onRequest(async (req, res) => {
} }
try { try {
const authContext = await validateAuthAndGetContext(req); const authContext = await validateAuthAndGetContext(req, res);
const orgId = authContext.orgId; const orgId = authContext.orgId;
if (!orgId) { if (!orgId) {
@@ -2617,7 +2631,7 @@ exports.getCompanyReports = onRequest(async (req, res) => {
//endregion Get Company Reports //endregion Get Company Reports
//region Upload Image //region Upload Image
exports.uploadImage = onRequest(async (req, res) => { exports.uploadImage = onRequest({cors: true}, async (req, res) => {
if (req.method === 'OPTIONS') { if (req.method === 'OPTIONS') {
res.status(204).send(''); res.status(204).send('');
return; return;

4
src/constants.ts
View File

@@ -16,8 +16,8 @@ const isLocalhost = typeof window !== 'undefined' &&
// ? 'http://127.0.0.1:5002/auditly-consulting/us-central1' // Firebase Functions Emulator // ? 'http://127.0.0.1:5002/auditly-consulting/us-central1' // Firebase Functions Emulator
// : 'https://us-central1-auditly-consulting.cloudfunctions.net'; // Production Firebase Functions // : 'https://us-central1-auditly-consulting.cloudfunctions.net'; // Production Firebase Functions
// export const API_URL = 'https://us-central1-auditly-c0027.cloudfunctions.net'; export const API_URL = 'https://us-central1-auditly-c0027.cloudfunctions.net';
export const API_URL = 'https://us-central1-auditly-consulting.cloudfunctions.net'; // export const API_URL = 'https://us-central1-auditly-consulting.cloudfunctions.net';
// export const API_URL = 'http://127.0.0.1:5002/auditly-consulting/us-central1'; // export const API_URL = 'http://127.0.0.1:5002/auditly-consulting/us-central1';
// Log URL configuration in development // Log URL configuration in development