CaseHawk is an internal management tool for a medium sized law firm.
- Clone this repo
$ npm i- Create a project on Google's Developer console and create a client secret and client id for OAuth.
- Set environment variables for:
GOOGLE_CLIENT_ID- from Google
GOOGLE_CLIENT_SECRET- from Google
PORT- the port for your server
SECRET- the signature string for JWT
CLIENT_URL- the url for your CaseHawk front end - Set up a Prisma Databse Client
- Seed the database
$ npm run seedDB - Start the server
$node index.js
Currently, the back end of CaseHawk requires a user to create an account using Google's Oauth service. There are no additional restrictions on who can create an account at this time.
All routes are protected with authorization middleware that expects a valid JWT to be sent along with any requests.
We would recommend that users be created with roles. An admin role should be given privileges to create a white-list of users who can sign up for an account by using the /users endpoint. User creation would then need to be updated to check the whitelist before allowing a user to auth with Google and receive a valid JWT.
In addition to a white list, functionality to support multi-tenancy should be implemented. Organizations should be created, and an account id should be added to all database models. Queries will then need to be updated to contain an account id that can be checked on all requests and used to filter search results from the database.
- 401d31
- Austin Hedeen
- Benjamin Clark
- Bradley G. Elliott
- Corey Chang
- Evan BC
- Hanna Alemu
- Jessica Walters
- Leyla Li
- Lillian Gales
- Joanna Arroyo
- Trae Bennett