Add simple CORS. Add permissions for SFLUV wrapping.

paulgoleary · Jul 9, 2023 · 93aead1 · 93aead1
1 parent 6715325
commit 93aead1
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 4 deletions.
diff --git a/backend/luv_server/server.go b/backend/luv_server/server.go
@@ -11,8 +11,25 @@ import (
 
 var db = make(map[string]string)
 
+func CORSMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
+		c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
+		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
+		c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT")
+
+		if c.Request.Method == "OPTIONS" {
+			c.AbortWithStatus(204)
+			return
+		}
+
+		c.Next()
+	}
+}
+
 func setupRouter() *gin.Engine {
 	r := gin.Default()
+	r.Use(CORSMiddleware())
 
 	// health test
 	r.GET("/health", func(c *gin.Context) {

diff --git a/backend/ratio/client.go b/backend/ratio/client.go
@@ -77,8 +77,8 @@ func (c *ratioClient) authWalletSignature(ba *swagger.AuthenticateCryptoWalletRe
 		handleApiError("V1AuthCryptoWalletauthenticatePost", err)
 	} else {
 		jwt = authResp.SessionJwt
-		if authResp.User != nil {
-			maybeUserId = authResp.User.Id
+		if authResp.UserMask != nil {
+			maybeUserId = authResp.UserMask.Id
 		}
 	}
 	return

diff --git a/contracts/src/SFLUVv1.sol b/contracts/src/SFLUVv1.sol
@@ -2,13 +2,28 @@ pragma solidity ^0.8.0;
 
 import "../lib/openzeppelin-contracts/contracts/token/ERC20/extensions/ERC20Wrapper.sol";
 import "../lib/openzeppelin-contracts/contracts/token/ERC20/extensions/draft-ERC20Permit.sol";
+import "../lib/openzeppelin-contracts/contracts/access/AccessControlDefaultAdminRules.sol";
 
-contract SFLUVv1 is ERC20Wrapper, ERC20Permit {
+contract SFLUVv1 is ERC20Wrapper, ERC20Permit, AccessControlDefaultAdminRules {
 
-    constructor(IERC20 underlyingToken) ERC20Wrapper(underlyingToken) ERC20Permit("SFLUV V1") ERC20("SFLUV V1", "SFLUV") {}
+    uint48 constant private initialDelay = 60 * 60 * 24 * 7; // 7 days?
+
+    constructor(IERC20 underlyingToken)
+        ERC20Wrapper(underlyingToken)
+        ERC20Permit("SFLUV V1")
+        ERC20("SFLUV V1", "SFLUV")
+        AccessControlDefaultAdminRules(initialDelay, msg.sender) {}
 
     function decimals() public pure override(ERC20, ERC20Wrapper) returns (uint8) {
         return 18;
     }
 
+    // this role allows the holder to mint (wrap) underlying USDC into SFLUV
+    bytes32 public constant MINTER_ROLE = keccak256("MINTER");
+
+    function depositFor(address account, uint256 amount) public override returns (bool) {
+        require(hasRole(MINTER_ROLE, _msgSender()));
+        return ERC20Wrapper.depositFor(account, amount);
+    }
+
 }
diff --git a/contracts/test/SFLUVv1.t.sol b/contracts/test/SFLUVv1.t.sol
@@ -32,9 +32,17 @@ contract SFLUVv1Test is Test {
         uint checkBalance = mockCoin.balanceOf(payer);
         assertEq(checkBalance, 100 * oneEther);
 
+        assertTrue(testCoin.owner() == address(this));
+        assertFalse(testCoin.hasRole(testCoin.MINTER_ROLE(), testCoin.owner()));
+        testCoin.grantRole(testCoin.MINTER_ROLE(), testCoin.owner());
+        assertTrue(testCoin.hasRole(testCoin.MINTER_ROLE(), testCoin.owner()));
+
         vm.expectRevert("ERC20: insufficient allowance");
         testCoin.depositFor(payer, 100 * oneEther);
 
+        // allow the payer to wrap (mint) SFLUV
+        testCoin.grantRole(testCoin.MINTER_ROLE(), payer);
+
         vm.startPrank(payer);
         mockCoin.approve(address(testCoin), 100 * oneEther);
         testCoin.depositFor(payer, 100 * oneEther);