get email by handle using ADMIN_API_KEY

Author: thabofletcher

actions/user.js

@@ -440,6 +440,72 @@ exports.getUserIdentityByAuth0Id = {
     }
 };
 
+function getEmailByHandle(api, connection, next) {
+    var helper = api.helper,
+        handle = connection.params.handle,
+        dbConnectionMap = connection.dbConnectionMap,
+        apikey = connection.params.apiKey,
+        notfound = new NotFoundError('Feelin lucky, punk?'),
+        response;
+
+    async.waterfall([
+        function (cb) {
+            if (process.env.ADMIN_API_KEY && apikey === process.env.ADMIN_API_KEY) {
+                api.dataAccess.executeQuery('get_user_email_by_handle',
+                    { handle: handle },
+                    dbConnectionMap, cb);
+            } else {
+                cb(notfound);
+            }
+        },
+        function (rs, cb) {
+            if (!rs[0]) {
+                cb(notfound);
+            } else {
+                response = {
+                    email: rs[0].address
+                };
+                cb();
+            }
+        }
+    ], function (err) {
+        if (err) {
+            helper.handleError(api, connection, err);
+        } else {
+            connection.response = response;
+        }
+        next(connection, true);
+    });
+
+}
+
+/**
+ * The API for activate user
+ * @since 1.2
+ */
+exports.getEmailByHandle = {
+    name: 'getEmailByHandle',
+    description: 'Get email for user (private)',
+    inputs: {
+        required: ['handle'],
+        optional: ['apiKey']
+    },
+    blockedConnectionTypes: [],
+    outputExample: {},
+    version: 'v2',
+    transaction: 'read',
+    databases: ['common_oltp'],
+    cacheEnabled: false,
+    run: function (api, connection, next) {
+        if (connection.dbConnectionMap) {
+            api.log('getEmailByHandle#run', 'debug');
+            getEmailByHandle(api, connection, next);
+        } else {
+            api.helper.handleNoConnection(api, connection, next);
+        }
+    }
+};
+
 /**
  * Handle the get marathon matches that user participated to.
  * @param {Object} api - The api object.

config/api.js

@@ -28,7 +28,7 @@ exports.default = {
             // disables the whitelisting of client params
             disableParamScrubbing: false,
             // params you would like hidden from any logs
-            filteredParams: ['password', 'oldPassword', 'newPassword', 'fileData'],
+            filteredParams: ['password', 'oldPassword', 'newPassword', 'fileData', 'apiKey'],
             // The default filetype to server when a user requests a directory
             directoryFileType : 'index.html',
             // configuration for your actionhero project structure

deploy/development.sh

@@ -98,3 +98,5 @@ export WKHTMLTOIMAGE_IMAGE_WIDTH=1024
 export HIGHLIGHT_STYLE_LINK=http://cdnjs.cloudflare.com/ajax/libs/highlight.js/8.3/styles/%OVERRIDE_STYLE_NAME%.min.css
 
 export JWT_TOKEN_COOKIE_KEY="tcjwt_vm"
+
+export ADMIN_API_KEY=1234567

queries/get_user_email_by_handle

@@ -0,0 +1,8 @@
+SELECT 
+  u.handle
+, e.address 
+FROM user u
+, email e
+WHERE u.handle = '@handle@'
+AND e.primary_ind = 1
+AND u.user_id = e.user_id

queries/get_user_email_by_handle.json

@@ -0,0 +1,5 @@
+{
+  "name"    : "get_user_email_by_handle",
+  "db"      : "common_oltp",
+  "sqlfile" : "get_user_email_by_handle"
+}

routes.js

@@ -277,6 +277,7 @@ exports.routes = {
         { path: "/:apiVersion/user/challenges", action: "getMyChallenges" },
         { path: "/:apiVersion/user/activation-email", action: "userActivationEmail" },
         { path: "/:apiVersion/user/tcid/:id", action: "getUserIdentityByAuth0Id" },
+        { path: "/:apiVersion/user/email/:handle", action: "getEmailByHandle" },
         { path: "/:apiVersion/user/identity", action: "getUserIdentity" },
         { path: "/:apiVersion/user/:handle/challenges/marathon", action: "getUserMarathonMatches" },
         { path: "/:apiVersion/user/:handle/challenges/algo", action: "getUserAlgorithmChallenges" },