From b8bc6978f31a75e7fb8f09c324038b749b5d07e7 Mon Sep 17 00:00:00 2001
From: Oleksii Serdiukov <oleksii.serdiukov@nordwhale.com>
Date: Tue, 20 Apr 2021 14:04:04 +0300
Subject: [PATCH] add separate env var for zoom production mode

---
 .env.example                                         |  4 ++--
 src/server/server-middlewares.js                     |  2 +-
 src/server/server.config.js                          | 12 ++++++------
 src/server/verification/__tests__/verificationAPI.js | 12 ++++++------
 src/server/verification/verificationAPI.js           |  2 +-
 5 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/.env.example b/.env.example
index c7f7c3bb..dc0b6140 100644
--- a/.env.example
+++ b/.env.example
@@ -35,12 +35,12 @@ ZOOM_SERVER_BASEURL=https://api.facetec.com/api/v3/biometrics
 # Minimal FaceTec Match Level threshold to mark enrollment as duplicate
 # https://dev.zoomlogin.com/#/matching-guide
 ZOOM_MINIMAL_MATCHLEVEL=1
+# Enables fetching production key and initializes Zoom in production mode
+ZOOM_PRODUCTION_MODE=
 GUN_PUBLIC_S3=
 GUN_PRIVATE_S3=
 #required for gundb to work with S3
 AWS_S3_BUCKET=1
-#Force allow any origin in the CORS middleware. Useful for the local debugging with production flag enabled
-CORS_FORCE_ANY_ORIGIN=
 #allow multiple users to register with same mobile/email - for testing
 ALLOW_DUPLICATE_USER_DATA=true
 SKIP_EMAIL_VERIFICATION=true
diff --git a/src/server/server-middlewares.js b/src/server/server-middlewares.js
index fd4ffb7d..7750737d 100644
--- a/src/server/server-middlewares.js
+++ b/src/server/server-middlewares.js
@@ -40,7 +40,7 @@ const stakingModelTasks = [
 export default async (app: Router) => {
   const corsConfig = {
     credentials: true,
-    origin: env === 'production' && !Config.corsForceAnyOrigin ? /\.gooddollar\.org$/ : true
+    origin: env === 'production' ? /\.gooddollar\.org$/ : true
   }
 
   // parse application/x-www-form-urlencoded
diff --git a/src/server/server.config.js b/src/server/server.config.js
index 99b89c4b..7f430f6f 100644
--- a/src/server/server.config.js
+++ b/src/server/server.config.js
@@ -290,6 +290,12 @@ const conf = convict({
     env: 'ZOOM_LICENSE_KEY',
     default: ''
   },
+  zoomProductionMode: {
+    doc: 'Enables fetching production key and initializes Zoom in production mode',
+    format: Boolean,
+    env: 'ZOOM_PRODUCTION_MODE',
+    default: false
+  },
   gunPrivateS3: {
     key: {
       format: '*',
@@ -318,12 +324,6 @@ const conf = convict({
       default: undefined
     }
   },
-  corsForceAnyOrigin: {
-    doc: 'Force allow any origin in the CORS middleware',
-    format: Boolean,
-    env: 'CORS_FORCE_ANY_ORIGIN',
-    default: false
-  },
   allowDuplicateUserData: {
     doc: 'Allow to register with existing mobile/email',
     format: Boolean,
diff --git a/src/server/verification/__tests__/verificationAPI.js b/src/server/verification/__tests__/verificationAPI.js
index 02cbc7a1..cf2e8eae 100644
--- a/src/server/verification/__tests__/verificationAPI.js
+++ b/src/server/verification/__tests__/verificationAPI.js
@@ -22,7 +22,7 @@ import { noopAsync } from '../../utils/async'
 
 describe('verificationAPI', () => {
   let server
-  const { skipEmailVerification, claimQueueAllowed, env } = Config
+  const { skipEmailVerification, claimQueueAllowed, zoomProductionMode } = Config
   const userIdentifier = '0x7ac080f6607405705aed79675789701a48c76f55'
 
   beforeAll(async done => {
@@ -38,12 +38,12 @@ describe('verificationAPI', () => {
 
   beforeEach(() => {
     // disable claim queue
-    Object.assign(Config, { env, claimQueueAllowed: 0 })
+    Object.assign(Config, { zoomProductionMode, claimQueueAllowed: 0 })
   })
 
   afterAll(async done => {
     // restore original config
-    Object.assign(Config, { skipEmailVerification, claimQueueAllowed, env })
+    Object.assign(Config, { skipEmailVerification, claimQueueAllowed, zoomProductionMode })
     await storage.model.deleteMany({ fullName: new RegExp('test_user_sendemail', 'i') })
 
     server.close(err => {
@@ -205,7 +205,7 @@ describe('verificationAPI', () => {
     })
 
     test('POST /verify/face/license/:licenseType returns 200, success: true and license', async () => {
-      Config.env = 'production'
+      Config.zoomProductionMode = true
       helper.mockSuccessLicenseKey(licenseType, licenseKey)
 
       await request(server)
@@ -221,7 +221,7 @@ describe('verificationAPI', () => {
     test('POST /verify/face/license/:licenseType returns 400, success: false if Zoom API fails', async () => {
       const message = 'No license found in the database for this platformID.'
 
-      Config.env = 'production'
+      Config.zoomProductionMode = true
       helper.mockFailedLicenseKey(licenseType, message)
 
       await request(server)
@@ -235,7 +235,7 @@ describe('verificationAPI', () => {
     })
 
     test("POST /verify/face/license/:licenseType returns 400, success: false when license type isn't valid", async () => {
-      Config.env = 'production'
+      Config.zoomProductionMode = true
 
       await request(server)
         .post(licenseUri('unknown'))
diff --git a/src/server/verification/verificationAPI.js b/src/server/verification/verificationAPI.js
index f801b7d7..a94bdb72 100644
--- a/src/server/verification/verificationAPI.js
+++ b/src/server/verification/verificationAPI.js
@@ -97,7 +97,7 @@ const setup = (app: Router, verifier: VerificationAPI, gunPublic: StorageAPI, st
       const { licenseType } = params
 
       try {
-        if (conf.env !== 'production') {
+        if (!conf.zoomProductionMode) {
           throw new Error('Cannot obtain production license running non-production mode.')
         }