Merge pull request #598 from mikefranze/main

Using client temp ID/user ID in open elections
Equal-Vote · Jul 13, 2024 · 731fec7 · 731fec7
2 parents e1b0331 + f89d2b1
commit 731fec7
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 6 deletions.
diff --git a/packages/backend/src/Controllers/voterRollUtils.ts b/packages/backend/src/Controllers/voterRollUtils.ts
@@ -17,8 +17,15 @@ export async function getOrCreateElectionRoll(req: IRequest, election: Election,
     // Get data that is used for voter authentication
     const require_ip_hash = election.settings.voter_authentication.ip_address ? ip_hash : null
     const email = election.settings.voter_authentication.email ? req.user?.email : null
-    let voter_id = election.settings.voter_authentication.voter_id ? req.cookies?.voter_id : null
-
+
+    // Get voter ID if required and available, otherwise set to null
+    let voter_id = null
+    if (election.settings.voter_authentication.voter_id && election.settings.voter_access == 'closed') {
+        voter_id = req.cookies?.voter_id 
+    } else if (election.settings.voter_authentication.voter_id && election.settings.voter_access == 'open') {
+        voter_id = req.user?.sub
+    }
+
     // Get all election roll entries that match any of the voter authentication fields
     // This is an odd way of going about this, rather than getting a roll that matches all three we get all that match any of the fields and
     // check the output for a number of edge cases.
@@ -37,7 +44,7 @@ export async function getOrCreateElectionRoll(req: IRequest, election: Election,
             return null
         }
         Logger.info(req, "Creating new roll");
-        const new_voter_id = randomUUID()
+        const new_voter_id = election.settings.voter_authentication.voter_id ? voter_id : randomUUID()
         const history = [{
             action_type: ElectionRollState.approved,
             actor: new_voter_id,
@@ -99,9 +106,12 @@ export async function getOrCreateElectionRoll(req: IRequest, election: Election,
 export function checkForMissingAuthenticationData(req: IRequest, election: Election, ctx: ILoggingContext): string | null {
     // Checks that user has provided all data needed for authentication
     Logger.info(req, `checkForMissingAuthenticationData`)
-    if (election.settings.voter_authentication.voter_id && !(req.cookies?.voter_id)) {
+    if ((election.settings.voter_authentication.voter_id && election.settings.voter_access == 'closed') && !(req.cookies?.voter_id)) {
         return 'Voter ID Required'
     }
+    if ((election.settings.voter_authentication.voter_id && election.settings.voter_access == 'open') && !(req.user)) {
+        return 'User ID Required'
+    }
     if (election.settings.voter_authentication.email && !(req.user?.email)) {
         return 'Email Validation Required'
     }

diff --git a/packages/frontend/src/components/Election/VoterAuth.tsx b/packages/frontend/src/components/Election/VoterAuth.tsx
@@ -35,7 +35,7 @@ const VoterAuth = () => {
 
   const isOpen = election.state === "open"
 
-  const voterIdRequired = election.settings?.voter_authentication?.voter_id
+  const voterIdRequired = election.settings?.voter_authentication?.voter_id && election.settings.voter_access === 'closed'
   const emailRequired = election.settings?.voter_authentication?.email
 
   const isAuthorized = voterAuth?.authorized_voter

diff --git a/packages/frontend/src/components/ElectionForm/QuickPoll.tsx b/packages/frontend/src/components/ElectionForm/QuickPoll.tsx
@@ -62,7 +62,7 @@ const QuickPoll = ({ authSession, methodName, methodKey, grow }) => {
         settings: {
             voter_access: 'open',
             voter_authentication: {
-                ip_address: true,
+                voter_id: true,
             },
             ballot_updates: false,
             public_results: true,