From 0e3242372be9ce4249b7fac12be660aac1629943 Mon Sep 17 00:00:00 2001
From: Jerebtw <jeremialp41@gmail.com>
Date: Tue, 27 Sep 2022 23:17:58 +0200
Subject: [PATCH] feat: add app & admin cookie secure variable to dashboard

Todo: Generate graphql (i don't work on my PC (Windows))
---
 .../src/components/EnvComponents/Features.tsx | 280 ++++++++++--------
 dashboard/src/constants.ts                    |   4 +
 dashboard/src/graphql/queries/index.ts        |   2 +
 dashboard/src/pages/Environment.tsx           |   2 +
 server/graph/schema.graphqls                  |  59 ++++
 5 files changed, 219 insertions(+), 128 deletions(-)

diff --git a/dashboard/src/components/EnvComponents/Features.tsx b/dashboard/src/components/EnvComponents/Features.tsx
index 6da3028..38477e9 100644
--- a/dashboard/src/components/EnvComponents/Features.tsx
+++ b/dashboard/src/components/EnvComponents/Features.tsx
@@ -1,133 +1,157 @@
-import React from 'react';
-import { Divider, Flex, Stack, Text } from '@chakra-ui/react';
-import InputField from '../InputField';
-import { SwitchInputType } from '../../constants';
+import React from "react";
+import { Divider, Flex, Stack, Text } from "@chakra-ui/react";
+import InputField from "../InputField";
+import { SwitchInputType } from "../../constants";
 
 const Features = ({ variables, setVariables }: any) => {
-	return (
-		<div>
-			{' '}
-			<Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
-				Disable Features
-			</Text>
-			<Stack spacing={6}>
-				<Flex>
-					<Flex w="100%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Disable Login Page:</Text>
-					</Flex>
-					<Flex justifyContent="start">
-						<InputField
-							variables={variables}
-							setVariables={setVariables}
-							inputType={SwitchInputType.DISABLE_LOGIN_PAGE}
-						/>
-					</Flex>
-				</Flex>
-				<Flex>
-					<Flex w="100%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Disable Email Verification:</Text>
-					</Flex>
-					<Flex justifyContent="start">
-						<InputField
-							variables={variables}
-							setVariables={setVariables}
-							inputType={SwitchInputType.DISABLE_EMAIL_VERIFICATION}
-						/>
-					</Flex>
-				</Flex>
-				<Flex>
-					<Flex w="100%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Disable Magic Login Link:</Text>
-					</Flex>
-					<Flex justifyContent="start">
-						<InputField
-							variables={variables}
-							setVariables={setVariables}
-							inputType={SwitchInputType.DISABLE_MAGIC_LINK_LOGIN}
-						/>
-					</Flex>
-				</Flex>
-				<Flex>
-					<Flex w="100%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Disable Basic Authentication:</Text>
-					</Flex>
-					<Flex justifyContent="start">
-						<InputField
-							variables={variables}
-							setVariables={setVariables}
-							inputType={SwitchInputType.DISABLE_BASIC_AUTHENTICATION}
-						/>
-					</Flex>
-				</Flex>
-				<Flex>
-					<Flex w="100%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Disable Sign Up:</Text>
-					</Flex>
-					<Flex justifyContent="start" mb={3}>
-						<InputField
-							variables={variables}
-							setVariables={setVariables}
-							inputType={SwitchInputType.DISABLE_SIGN_UP}
-						/>
-					</Flex>
-				</Flex>
-				<Flex>
-					<Flex w="100%" justifyContent="start" alignItems="center">
-						<Text fontSize="sm">Disable Strong Password:</Text>
-					</Flex>
-					<Flex justifyContent="start" mb={3}>
-						<InputField
-							variables={variables}
-							setVariables={setVariables}
-							inputType={SwitchInputType.DISABLE_STRONG_PASSWORD}
-						/>
-					</Flex>
-				</Flex>
-				<Flex alignItems="center">
-					<Flex w="100%" alignItems="baseline" flexDir="column">
-						<Text fontSize="sm">
-							Disable Multi Factor Authentication (MFA):
-						</Text>
-						<Text fontSize="x-small">
-							Note: Enabling this will ignore Enforcing MFA shown below and will
-							also ignore the user MFA setting.
-						</Text>
-					</Flex>
-					<Flex justifyContent="start" mb={3}>
-						<InputField
-							variables={variables}
-							setVariables={setVariables}
-							inputType={SwitchInputType.DISABLE_MULTI_FACTOR_AUTHENTICATION}
-						/>
-					</Flex>
-				</Flex>
-			</Stack>
-			<Divider paddingY={5} />
-			<Text fontSize="md" paddingTop={5} fontWeight="bold" mb={5}>
-				Enable Features
-			</Text>
-			<Stack spacing={6}>
-				<Flex alignItems="center">
-					<Flex w="100%" alignItems="baseline" flexDir="column">
-						<Text fontSize="sm">
-							Enforce Multi Factor Authentication (MFA):
-						</Text>
-						<Text fontSize="x-small">
-							Note: If you disable enforcing after it was enabled, it will still
-							keep MFA enabled for older users.
-						</Text>
-					</Flex>
-					<Flex justifyContent="start" mb={3}>
-						<InputField
-							variables={variables}
-							setVariables={setVariables}
-							inputType={SwitchInputType.ENFORCE_MULTI_FACTOR_AUTHENTICATION}
-						/>
-					</Flex>
-				</Flex>
-			</Stack>
-		</div>
-	);
+  return (
+    <div>
+      {" "}
+      <Text fontSize="md" paddingTop="2%" fontWeight="bold" mb={5}>
+        Disable Features
+      </Text>
+      <Stack spacing={6}>
+        <Flex>
+          <Flex w="100%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Disable secure app cookie:</Text>
+          </Flex>
+          <Flex justifyContent="start">
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={SwitchInputType.DISABLE_APP_COOKIE_SECURE}
+            />
+          </Flex>
+        </Flex>
+        <Flex>
+          <Flex w="100%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Disable secure admin cookie:</Text>
+          </Flex>
+          <Flex justifyContent="start">
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={SwitchInputType.DISABLE_ADMIN_COOKIE_SECURE}
+            />
+          </Flex>
+        </Flex>
+        <Flex>
+          <Flex w="100%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Disable Login Page:</Text>
+          </Flex>
+          <Flex justifyContent="start">
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={SwitchInputType.DISABLE_LOGIN_PAGE}
+            />
+          </Flex>
+        </Flex>
+        <Flex>
+          <Flex w="100%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Disable Email Verification:</Text>
+          </Flex>
+          <Flex justifyContent="start">
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={SwitchInputType.DISABLE_EMAIL_VERIFICATION}
+            />
+          </Flex>
+        </Flex>
+        <Flex>
+          <Flex w="100%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Disable Magic Login Link:</Text>
+          </Flex>
+          <Flex justifyContent="start">
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={SwitchInputType.DISABLE_MAGIC_LINK_LOGIN}
+            />
+          </Flex>
+        </Flex>
+        <Flex>
+          <Flex w="100%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Disable Basic Authentication:</Text>
+          </Flex>
+          <Flex justifyContent="start">
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={SwitchInputType.DISABLE_BASIC_AUTHENTICATION}
+            />
+          </Flex>
+        </Flex>
+        <Flex>
+          <Flex w="100%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Disable Sign Up:</Text>
+          </Flex>
+          <Flex justifyContent="start" mb={3}>
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={SwitchInputType.DISABLE_SIGN_UP}
+            />
+          </Flex>
+        </Flex>
+        <Flex>
+          <Flex w="100%" justifyContent="start" alignItems="center">
+            <Text fontSize="sm">Disable Strong Password:</Text>
+          </Flex>
+          <Flex justifyContent="start" mb={3}>
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={SwitchInputType.DISABLE_STRONG_PASSWORD}
+            />
+          </Flex>
+        </Flex>
+        <Flex alignItems="center">
+          <Flex w="100%" alignItems="baseline" flexDir="column">
+            <Text fontSize="sm">
+              Disable Multi Factor Authentication (MFA):
+            </Text>
+            <Text fontSize="x-small">
+              Note: Enabling this will ignore Enforcing MFA shown below and will
+              also ignore the user MFA setting.
+            </Text>
+          </Flex>
+          <Flex justifyContent="start" mb={3}>
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={SwitchInputType.DISABLE_MULTI_FACTOR_AUTHENTICATION}
+            />
+          </Flex>
+        </Flex>
+      </Stack>
+      <Divider paddingY={5} />
+      <Text fontSize="md" paddingTop={5} fontWeight="bold" mb={5}>
+        Enable Features
+      </Text>
+      <Stack spacing={6}>
+        <Flex alignItems="center">
+          <Flex w="100%" alignItems="baseline" flexDir="column">
+            <Text fontSize="sm">
+              Enforce Multi Factor Authentication (MFA):
+            </Text>
+            <Text fontSize="x-small">
+              Note: If you disable enforcing after it was enabled, it will still
+              keep MFA enabled for older users.
+            </Text>
+          </Flex>
+          <Flex justifyContent="start" mb={3}>
+            <InputField
+              variables={variables}
+              setVariables={setVariables}
+              inputType={SwitchInputType.ENFORCE_MULTI_FACTOR_AUTHENTICATION}
+            />
+          </Flex>
+        </Flex>
+      </Stack>
+    </div>
+  );
 };
 
 export default Features;
diff --git a/dashboard/src/constants.ts b/dashboard/src/constants.ts
index 3911a40..c15c5b2 100644
--- a/dashboard/src/constants.ts
+++ b/dashboard/src/constants.ts
@@ -63,6 +63,8 @@ export const TextAreaInputType = {
 };
 
 export const SwitchInputType = {
+	DISABLE_APP_COOKIE_SECURE: 'DISABLE_APP_COOKIE_SECURE',
+	DISABLE_ADMIN_COOKIE_SECURE: 'DISABLE_ADMIN_COOKIE_SECURE',
 	DISABLE_LOGIN_PAGE: 'DISABLE_LOGIN_PAGE',
 	DISABLE_MAGIC_LINK_LOGIN: 'DISABLE_MAGIC_LINK_LOGIN',
 	DISABLE_EMAIL_VERIFICATION: 'DISABLE_EMAIL_VERIFICATION',
@@ -133,6 +135,8 @@ export interface envVarTypes {
 	ORGANIZATION_LOGO: string;
 	CUSTOM_ACCESS_TOKEN_SCRIPT: string;
 	ADMIN_SECRET: string;
+	DISABLE_APP_COOKIE_SECURE: boolean;
+	DISABLE_ADMIN_COOKIE_SECURE: boolean;
 	DISABLE_LOGIN_PAGE: boolean;
 	DISABLE_MAGIC_LINK_LOGIN: boolean;
 	DISABLE_EMAIL_VERIFICATION: boolean;
diff --git a/dashboard/src/graphql/queries/index.ts b/dashboard/src/graphql/queries/index.ts
index 977cff8..8494a52 100644
--- a/dashboard/src/graphql/queries/index.ts
+++ b/dashboard/src/graphql/queries/index.ts
@@ -50,6 +50,8 @@ export const EnvVariablesQuery = `
       ORGANIZATION_NAME
       ORGANIZATION_LOGO
       ADMIN_SECRET
+      DISABLE_APP_COOKIE_SECURE
+      DISABLE_ADMIN_COOKIE_SECURE
       DISABLE_LOGIN_PAGE
       DISABLE_MAGIC_LINK_LOGIN
       DISABLE_EMAIL_VERIFICATION
diff --git a/dashboard/src/pages/Environment.tsx b/dashboard/src/pages/Environment.tsx
index 045b997..834e9a1 100644
--- a/dashboard/src/pages/Environment.tsx
+++ b/dashboard/src/pages/Environment.tsx
@@ -71,6 +71,8 @@ const Environment = () => {
 		ORGANIZATION_LOGO: '',
 		CUSTOM_ACCESS_TOKEN_SCRIPT: '',
 		ADMIN_SECRET: '',
+		DISABLE_APP_COOKIE_SECURE: false,
+		DISABLE_ADMIN_COOKIE_SECURE: false,
 		DISABLE_LOGIN_PAGE: false,
 		DISABLE_MAGIC_LINK_LOGIN: false,
 		DISABLE_EMAIL_VERIFICATION: false,
diff --git a/server/graph/schema.graphqls b/server/graph/schema.graphqls
index 5c2aa64..0234c98 100644
--- a/server/graph/schema.graphqls
+++ b/server/graph/schema.graphqls
@@ -94,6 +94,7 @@ type Response {
 }
 
 type Env {
+<<<<<<< HEAD
   ACCESS_TOKEN_EXPIRY_TIME: String
   ADMIN_SECRET: String
   DATABASE_NAME: String
@@ -146,6 +147,62 @@ type Env {
   TWITTER_CLIENT_SECRET: String
   ORGANIZATION_NAME: String
   ORGANIZATION_LOGO: String
+=======
+	ACCESS_TOKEN_EXPIRY_TIME: String
+	ADMIN_SECRET: String
+	DATABASE_NAME: String
+	DATABASE_URL: String
+	DATABASE_TYPE: String
+	DATABASE_USERNAME: String
+	DATABASE_PASSWORD: String
+	DATABASE_HOST: String
+	DATABASE_PORT: String
+	CLIENT_ID: String!
+	CLIENT_SECRET: String!
+	CUSTOM_ACCESS_TOKEN_SCRIPT: String
+	SMTP_HOST: String
+	SMTP_PORT: String
+	SMTP_USERNAME: String
+	SMTP_PASSWORD: String
+	SENDER_EMAIL: String
+	JWT_TYPE: String
+	JWT_SECRET: String
+	JWT_PRIVATE_KEY: String
+	JWT_PUBLIC_KEY: String
+	ALLOWED_ORIGINS: [String!]
+	APP_URL: String
+	REDIS_URL: String
+	RESET_PASSWORD_URL: String
+	DISABLE_APP_COOKIE_SECURE: Boolean!
+	DISABLE_ADMIN_COOKIE_SECURE: Boolean!
+	DISABLE_EMAIL_VERIFICATION: Boolean!
+	DISABLE_BASIC_AUTHENTICATION: Boolean!
+	DISABLE_MAGIC_LINK_LOGIN: Boolean!
+	DISABLE_LOGIN_PAGE: Boolean!
+	DISABLE_SIGN_UP: Boolean!
+	DISABLE_REDIS_FOR_ENV: Boolean!
+	DISABLE_STRONG_PASSWORD: Boolean!
+	DISABLE_MULTI_FACTOR_AUTHENTICATION: Boolean!
+	ENFORCE_MULTI_FACTOR_AUTHENTICATION: Boolean!
+	ROLES: [String!]
+	PROTECTED_ROLES: [String!]
+	DEFAULT_ROLES: [String!]
+	JWT_ROLE_CLAIM: String
+	GOOGLE_CLIENT_ID: String
+	GOOGLE_CLIENT_SECRET: String
+	GITHUB_CLIENT_ID: String
+	GITHUB_CLIENT_SECRET: String
+	FACEBOOK_CLIENT_ID: String
+	FACEBOOK_CLIENT_SECRET: String
+	LINKEDIN_CLIENT_ID: String
+	LINKEDIN_CLIENT_SECRET: String
+	APPLE_CLIENT_ID: String
+	APPLE_CLIENT_SECRET: String
+	TWITTER_CLIENT_ID: String
+	TWITTER_CLIENT_SECRET: String
+	ORGANIZATION_NAME: String
+	ORGANIZATION_LOGO: String
+>>>>>>> 238e4e8 (feat: add app & admin cookie secure variable to dashboard)
 }
 
 type ValidateJWTTokenResponse {
@@ -225,6 +282,8 @@ input UpdateEnvInput {
   ALLOWED_ORIGINS: [String!]
   APP_URL: String
   RESET_PASSWORD_URL: String
+	DISABLE_APP_COOKIE_SECURE: Boolean
+	DISABLE_ADMIN_COOKIE_SECURE: Boolean
   DISABLE_EMAIL_VERIFICATION: Boolean
   DISABLE_BASIC_AUTHENTICATION: Boolean
   DISABLE_MAGIC_LINK_LOGIN: Boolean