Merge pull request 'Probably not...' (#2) from feature/updated_compose into main

Reviewed-on: #2

.drone.yml

@@ -210,3 +210,5 @@ depends_on:
 trigger:
   event:
   - promote
+  target:
+  - production

docker-compose.staging_image.yml

@@ -0,0 +1,39 @@
+version: '3.8'
+
+services:
+    auth-service_mongo:
+        container_name: ${CONTAINER_PREFIX}-auth-service_mongo
+        env_file:
+            - staging.env
+        networks:
+            - docknet
+        volumes:
+            - '/volume1/docker/labs/auth/mongo:/data/db'
+            # - ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
+        restart: unless-stopped
+        image: mongo:latest
+    auth-service:
+        env_file:
+            - staging.env
+        build: .
+        container_name: ${CONTAINER_PREFIX}-auth-service
+        environment:
+            - DB_HOST=${CONTAINER_PREFIX}-auth-service_mongo
+        labels:
+            - 'traefik.enable=true'
+            - 'traefik.http.routers.grow.rule=Host(`${HOST}`) && Path(`${ROUTE_PREFIX}`)'
+            - 'traefik.http.routers.grow.entrypoints=websecure'
+            - 'traefik.http.routers.grow.tls=true'
+            - 'traefik.http.routers.grow.tls.certresolver=letsencrypt'
+            - 'traefik.http.routers.grow.service=grow-service'
+            - 'traefik.http.services.grow-service.loadbalancer.server.port=${PORT}'
+        networks:
+            - docknet
+        restart: unless-stopped
+        image: node:20-alpine
+        depends_on:
+            - auth-service_mongo
+networks:
+    docknet:
+        name: docknet
+        external: true

lib/server/controllers/auth.ts

@@ -45,6 +45,9 @@ router.post(process.env.RESET_ROUTE || RESET_ROUTE, async (ctx, next) => {
 });
 
 router.patch('/:record', authenticated(), (ctx: Koa.Context) => {
+    if (ctx.user !== ctx.param.record) {
+        ctx.throw(StatusCodes.UNAUTHORIZED);
+    }
     const data = Auth.findOneAndUpdate({ record: ctx.params.record });
     if (!data) {
         ctx.throw(StatusCodes.NOT_FOUND);