diff --git a/.circleci/config.yml b/.circleci/config.yml index 36b63b8eb..eff69d7be 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -3,6 +3,7 @@ jobs: build: docker: - image: circleci/node + working_directory: ~/twilio-video-react-app steps: - checkout @@ -11,4 +12,50 @@ jobs: - run: npm test -- --runInBand - - run: npm run build \ No newline at end of file + - run: npm run build + + - persist_to_workspace: + root: . + paths: + - . + + deploy: + docker: + - image: google/cloud-sdk + working_directory: ~/twilio-video-react-app + + steps: + - attach_workspace: + at: ~/twilio-video-react-app + + - run: | + echo $GCLOUD_SERVICE_KEY | gcloud auth activate-service-account --key-file=- + gcloud --quiet config set project ${GOOGLE_PROJECT_ID} + + - run: | + echo ACCOUNT_SID=$TWILIO_ACCOUNT_SID >> .env + echo API_KEY=$TWILIO_API_KEY >> .env + echo API_SECRET=$TWILIO_API_SECRET >> .env + echo BASIC_AUTH_USERNAME=$BASIC_AUTH_USERNAME >> .env + echo BASIC_AUTH_PASSWORD=$BASIC_AUTH_PASSWORD >> .env + + - run: echo $CIRCLE_TAG > build/version.txt + + - run: gcloud app deploy -q + +workflows: + version: 2 + build-and-deploy: + jobs: + - build: + filters: + tags: + only: /.*/ + - deploy: + requires: + - build + filters: + tags: + only: /^v.*/ + branches: + ignore: /.*/ \ No newline at end of file diff --git a/.gcloudignore b/.gcloudignore new file mode 100644 index 000000000..a3f0c7667 --- /dev/null +++ b/.gcloudignore @@ -0,0 +1,17 @@ +# This file specifies files that are *not* uploaded to Google Cloud Platform +# using gcloud. It follows the same syntax as .gitignore, with the addition of +# "#!include" directives (which insert the entries of the given .gitignore-style +# file at that point). +# +# For more information, run: +# $ gcloud topic gcloudignore +# +.gcloudignore +# If you would like to upload your .git directory, .gitignore file or files +# from your .gitignore file, remove the corresponding line +# below: +.git +.gitignore + +# Node.js dependencies: +node_modules/ \ No newline at end of file diff --git a/app.yaml b/app.yaml new file mode 100644 index 000000000..d631af741 --- /dev/null +++ b/app.yaml @@ -0,0 +1,19 @@ +runtime: nodejs12 + +entrypoint: node server.js + +env_variables: + USE_BASIC_AUTH: "true" + +handlers: +- url: /token + secure: always + script: auto + +- url: / + static_files: build/index.html + upload: build/index.html + +- url: /(.*) + static_files: build/\1 + upload: build/(.*) diff --git a/package.json b/package.json index cded1099d..6c917cf50 100644 --- a/package.json +++ b/package.json @@ -71,5 +71,5 @@ "pre-commit": "lint-staged" } }, - "proxy": "http://localhost:4000/" + "proxy": "http://localhost:8080/" } diff --git a/server.js b/server.js index 6d8c654b2..862cf924f 100644 --- a/server.js +++ b/server.js @@ -11,14 +11,26 @@ const twilioApiSecret = process.env.API_SECRET; app.use(bodyParser.json()); +if (process.env.USE_BASIC_AUTH === 'true') { + app.use((req, res, next) => { + const USER_NAME = process.env.BASIC_AUTH_USERNAME; + const PASSWORD = process.env.BASIC_AUTH_PASSWORD; + + const b64auth = (req.headers.authorization || '').split(' ')[1] || ''; + const [login, password] = new Buffer.from(b64auth, 'base64').toString().split(':'); + + if (login && password && login === USER_NAME && password === PASSWORD) { + return next(); + } + + res.set('WWW-Authenticate', 'Basic realm="Restricted"'); + res.status(401).send('Authentication required.'); + }); +} + app.post('/token', (req, res) => { const { name, room } = req.body; - const token = new AccessToken( - twilioAccountSid, - twilioApiKey, - twilioApiSecret, - { ttl: MAX_ALLOWED_SESSION_DURATION } - ); + const token = new AccessToken(twilioAccountSid, twilioApiKey, twilioApiSecret, { ttl: MAX_ALLOWED_SESSION_DURATION }); token.identity = name; const videoGrant = new VideoGrant({ room }); token.addGrant(videoGrant); @@ -26,4 +38,4 @@ app.post('/token', (req, res) => { console.log(`issued token for ${token.identity} in room ${req.body.room}`); }); -app.listen(4000, () => console.log('token server running on 4000')); +app.listen(8080, () => console.log('token server running on 8080'));