Support Server

This is a private Node.js Express app that hosts the Support Server https://support.[domain]. It contains tools for the Support and Customer Service team to do their work, such as looking up user subscription information. All actions are logged, and every action taken on the Support Server involving a user sends an email notification to the user it affects. It is not viewable to the public and has strict security groups.

• Prerequisites
• Sign In
  • Sign In - Web
  • Sign In
  • Log Out (Delete Session)
• Create Support User
  • Create Support User With Email - Web
  • Create Support User With Email
  • Confirm Email to Complete Email Signup
  • Resend Confirmation Email - Web
  • Resend Confirmation Email
• Support User
  • Support - Web
  • Change Support User Password - Web
  • Change Support User Password
• Support Dashboard
  • Get Subscriptions With Email
  • Get User Info With Email
  • Get Hashed Email
  • Get Email With Stripe ID
  • Get Email With User ID
  • Get Stripe ID With Email
• Other APIs
  • Test Error Logging
  • Health Check
• Support

Prerequisites

• Run the Support CloudFormation and all its prerequisites

Sign In

The POST /signin API returns a session cookie. Use the cookie on requests that require authentication. Usually, your HTTP request framework will automatically save this cookie. If the cookie expires or server returns 401, request a new cookie.

Sign In - Web

Request

GET /signin

Sign In

Request

POST /signin

Name	Type	Description
email	string	Required User email.
password	string	Required User password.

Response

Set-Cookie: <Cookie with Expiration Time>

Log Out (Delete Session)

Request

GET /logout

Response

Redirects to /signin

Create Support User

Create Support User With Email - Web

Request

GET /signup

Create Support User With Email

Request

POST /signup

Name	Type	Description
email	string	Required Email to use to create the user. It must end in the same domain as the current service's domain.
password	string	Required User password.

Response

Redirect to /signup-success

Confirm Email to Complete Email Signup

Request

GET /confirm-email

Name	Type	Description
code	string	Required Code that confirms a user is the owner of an email address to complete email signup.

Response

Redirect to /signin

Resend Confirmation Email - Web

Request

GET /resend-confirm-code

Resend Confirmation Email

Request

POST /resend-confirm-code

Name	Type	Description
email	string	Required Email to resend confirmation code to.

Response

Redirect to /signin

Support User

Support - Web

Request

Authentication Required

GET /support

Change Support User Password - Web

Request

Authentication Required

GET /change-password

Change Support User Password

Request

Authentication Required

POST /change-password

Name	Type	Description
currentPassword	string	Required User's current password.
newPassword	string	Required User's new password.

Response

Redirect to /support

Support Dashboard

Get Subscriptions With Email

Request

Authentication Required

POST /get-subscriptions-with-email

Name	Type	Description
email	string	Required The email to look up.
reason	string	Required The reason you are looking upthis user's subscriptions.

Response

JSON-formatted user subscriptions, with sensitive info filtered out.

Get User Info With Email

Request

Authentication Required

POST /get-user-with-email

Name	Type	Description
email	string	Required The email to look up.
reason	string	Required The reason you are looking upthis user's subscriptions.

Response

JSON-formatted user's info, with sensitive info filtered out.

Get Hashed Email

This uses EMAIL_SALT to hash the email in the request.

Request

Authentication Required

POST /get-hashed-email

Name	Type	Description
email	string	Required The email to hash.
reason	string	Required The reason you are looking up the hash of this user's email.

Response

{
	hashedEmail: <email hash>
}

Get Email With Stripe ID

Request

Authentication Required

POST /get-email-with-stripe-id

Name	Type	Description
stripeId	string	Required The Stripe Id.
reason	string	Required The reason you are looking up the hash of this user's email.

Response

{
	email: <email>
}

Get Email With User ID

Request

Authentication Required

POST /get-email-with-user-id

Name	Type	Description
userId	string	Required The User Id.
reason	string	Required The reason you are looking up the user's email.

Response

{
	email: <email>
}

Get Stripe ID With Email

Request

Authentication Required

POST /get-stripe-id-with-email

Name	Type	Description
email	string	Required The user email.
reason	string	Required The reason you are looking up the user's Stripe ID.

Response

{
	stripeId: <Stripe ID>
}

Other APIs

Test Error Logging

Request

GET /error-test

Health Check

Request

GET /health

Response

Status 200
{
	message: "OK from Support"
}

Feedback

If you have any questions, concerns, or other feedback, please let us know any feedback in Github issues or by e-mail.

We also have a bug bounty program -- please email [email protected] for details.

License

This project is licensed under the GPL License - see the LICENSE.md file for details

Contact

[email protected]