From b787b639c77845076d55e9c26c896886251e0cd5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Mon, 31 Dec 2018 19:19:28 +0000 Subject: [PATCH 1/7] Bump @babel/node from 7.2.0 to 7.2.2 Bumps [@babel/node](https://github.com/babel/babel) from 7.2.0 to 7.2.2. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md) - [Commits](https://github.com/babel/babel/compare/v7.2.0...v7.2.2) Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 41de1d7de..3c681d036 100644 --- a/package.json +++ b/package.json @@ -58,7 +58,7 @@ "devDependencies": { "@babel/cli": "~7.2.0", "@babel/core": "~7.2.0", - "@babel/node": "~7.2.0", + "@babel/node": "~7.2.2", "@babel/preset-env": "~7.2.0", "@babel/register": "~7.0.0", "apollo-server-testing": "~2.2.6", diff --git a/yarn.lock b/yarn.lock index f9d341118..26d375496 100644 --- a/yarn.lock +++ b/yarn.lock @@ -251,10 +251,10 @@ esutils "^2.0.2" js-tokens "^4.0.0" -"@babel/node@~7.2.0": - version "7.2.0" - resolved "https://registry.yarnpkg.com/@babel/node/-/node-7.2.0.tgz#0b601be8ef03897923e3908dc18129836d44e6fa" - integrity sha512-RFwVH5xWpwd4SfkOI0WsK9AnF5o+C9iMTvUkkTb7jUNaiDieV8BGK38t74bTPjgc4FCxSAWNKqaqgDW4fenkyA== +"@babel/node@~7.2.2": + version "7.2.2" + resolved "https://registry.yarnpkg.com/@babel/node/-/node-7.2.2.tgz#1557dd23545b38d7b1d030a9c0e8fb225dbf70ab" + integrity sha512-jPqgTycE26uFsuWpLika9Ohz9dmLQHWjOnMNxBOjYb1HXO+eLKxEr5FfKSXH/tBvFwwaw+pzke3gagnurGOfCA== dependencies: "@babel/polyfill" "^7.0.0" "@babel/register" "^7.0.0" From e9ec677527bee0f209405301d18b4994b137d028 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Wed, 2 Jan 2019 10:53:45 +0000 Subject: [PATCH 2/7] Bump @babel/cli from 7.2.0 to 7.2.3 Bumps [@babel/cli](https://github.com/babel/babel) from 7.2.0 to 7.2.3. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md) - [Commits](https://github.com/babel/babel/compare/v7.2.0...v7.2.3) Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 3c681d036..ec5f6c7c5 100644 --- a/package.json +++ b/package.json @@ -56,7 +56,7 @@ "wait-on": "~3.2.0" }, "devDependencies": { - "@babel/cli": "~7.2.0", + "@babel/cli": "~7.2.3", "@babel/core": "~7.2.0", "@babel/node": "~7.2.2", "@babel/preset-env": "~7.2.0", diff --git a/yarn.lock b/yarn.lock index 26d375496..bea817e14 100644 --- a/yarn.lock +++ b/yarn.lock @@ -23,10 +23,10 @@ resolved "https://registry.yarnpkg.com/@apollographql/graphql-playground-html/-/graphql-playground-html-1.6.6.tgz#022209e28a2b547dcde15b219f0c50f47aa5beb3" integrity sha512-lqK94b+caNtmKFs5oUVXlSpN3sm5IXZ+KfhMxOtr0LR2SqErzkoJilitjDvJ1WbjHlxLI7WtCjRmOLdOGJqtMQ== -"@babel/cli@~7.2.0": - version "7.2.0" - resolved "https://registry.yarnpkg.com/@babel/cli/-/cli-7.2.0.tgz#505ed8d351daee6a88918da02c046c18c8c5a24f" - integrity sha512-FLteTkEoony0DX8NbnT51CmwmLBzINdlXmiJCSqCLmqWCDA/xk8EITPWqwDnVLbuK0bsZONt/grqHnQzQ15j0Q== +"@babel/cli@~7.2.3": + version "7.2.3" + resolved "https://registry.yarnpkg.com/@babel/cli/-/cli-7.2.3.tgz#1b262e42a3e959d28ab3d205ba2718e1923cfee6" + integrity sha512-bfna97nmJV6nDJhXNPeEfxyMjWnt6+IjUAaDPiYRTBlm8L41n8nvw6UAqUCbvpFfU246gHPxW7sfWwqtF4FcYA== dependencies: commander "^2.8.1" convert-source-map "^1.1.0" From 1bd5b2a8d8a41a514cb40e4fcca2008f2fc6a405 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" Date: Wed, 2 Jan 2019 11:10:31 +0000 Subject: [PATCH 3/7] Bump @babel/preset-env from 7.2.0 to 7.2.3 Bumps [@babel/preset-env](https://github.com/babel/babel) from 7.2.0 to 7.2.3. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md) - [Commits](https://github.com/babel/babel/compare/v7.2.0...v7.2.3) Signed-off-by: dependabot[bot] --- package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index ec5f6c7c5..320af5981 100644 --- a/package.json +++ b/package.json @@ -59,7 +59,7 @@ "@babel/cli": "~7.2.3", "@babel/core": "~7.2.0", "@babel/node": "~7.2.2", - "@babel/preset-env": "~7.2.0", + "@babel/preset-env": "~7.2.3", "@babel/register": "~7.0.0", "apollo-server-testing": "~2.2.6", "babel-eslint": "~10.0.1", diff --git a/yarn.lock b/yarn.lock index bea817e14..5cb6126cb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -560,10 +560,10 @@ core-js "^2.5.7" regenerator-runtime "^0.11.1" -"@babel/preset-env@~7.2.0": - version "7.2.0" - resolved "https://registry.yarnpkg.com/@babel/preset-env/-/preset-env-7.2.0.tgz#a5030e7e4306af5a295dd5d7c78dc5464af3fee2" - integrity sha512-haGR38j5vOGVeBatrQPr3l0xHbs14505DcM57cbJy48kgMFvvHHoYEhHuRV+7vi559yyAUAVbTWzbK/B/pzJng== +"@babel/preset-env@~7.2.3": + version "7.2.3" + resolved "https://registry.yarnpkg.com/@babel/preset-env/-/preset-env-7.2.3.tgz#948c8df4d4609c99c7e0130169f052ea6a7a8933" + integrity sha512-AuHzW7a9rbv5WXmvGaPX7wADxFkZIqKlbBh1dmZUQp4iwiPpkE/Qnrji6SC4UQCQzvWY/cpHET29eUhXS9cLPw== dependencies: "@babel/helper-module-imports" "^7.0.0" "@babel/helper-plugin-utils" "^7.0.0" From 0b623cf0836c82379a8cd23c26902dca57e836b5 Mon Sep 17 00:00:00 2001 From: Gerald Michelant Date: Thu, 27 Dec 2018 17:21:18 -0500 Subject: [PATCH 4/7] capture error in readable format with try and catch --- src/graphql-schema.js | 46 ++++++++++++++++++++++--------------------- 1 file changed, 24 insertions(+), 22 deletions(-) diff --git a/src/graphql-schema.js b/src/graphql-schema.js index b52c9e232..7d2a8ce5f 100644 --- a/src/graphql-schema.js +++ b/src/graphql-schema.js @@ -5,6 +5,7 @@ import bcrypt from 'bcryptjs' import zipObject from 'lodash/zipObject' import generateJwt from './jwt/generateToken' import { fixUrl } from './middleware/fixImageUrlsMiddleware' +import { AuthenticationError } from 'apollo-server' export const typeDefs = fs.readFileSync(process.env.GRAPHQL_SCHEMA || path.join(__dirname, 'schema.graphql')) @@ -95,32 +96,33 @@ export const resolvers = { // if (user && user.id) { // throw new Error('Already logged in.') // } - const session = driver.session() - const res = await session.run('MATCH (u:User {email: "' + email + '"}) RETURN u.id, u.slug, u.name, u.avatar, u.email, u.password, u.role LIMIT 1') - let u = res.records[0]._fields ? zipObject([ - 'id', - 'slug', - 'name', - 'avatar', - 'email', - 'password', - 'role' - ], res.records[0]._fields) : null - if (u) { - if (await bcrypt.compareSync(password, u.password)) { - delete u.password - u.avatar = fixUrl(u.avatar) - return Object.assign(u, { - token: generateJwt(u) - }) + try { + const res = await session.run('MATCH (u:User {email: "' + email + '"}) RETURN u.id, u.slug, u.name, u.avatar, u.email, u.password, u.role LIMIT 1') + const u = res.records[0]._fields ? zipObject([ + 'id', + 'slug', + 'name', + 'avatar', + 'email', + 'password', + 'role' + ], res.records[0]._fields) : null + if (u) { + if (await bcrypt.compareSync(password, u.password)) { + delete u.password + u.avatar = fixUrl(u.avatar) + return Object.assign(u, { + token: generateJwt(u) + }) + } + session.close() + throw new Error('Incorrect username or password.') } session.close() - throw new Error('Incorrect password.') + } catch (error) { + throw new AuthenticationError('Incorrect username or password.') } - - session.close() - throw new Error('No Such User exists.') } } } From 57d9088c6cbc293a4ab01844ee68cd400cd0ca27 Mon Sep 17 00:00:00 2001 From: Gerald Michelant Date: Fri, 28 Dec 2018 22:17:28 -0500 Subject: [PATCH 5/7] throw new AuthenticationError on password error --- src/graphql-schema.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/graphql-schema.js b/src/graphql-schema.js index 7d2a8ce5f..c298177c2 100644 --- a/src/graphql-schema.js +++ b/src/graphql-schema.js @@ -117,7 +117,7 @@ export const resolvers = { }) } session.close() - throw new Error('Incorrect username or password.') + throw new AuthenticationError('Incorrect username or password.') } session.close() } catch (error) { From da1860bcd043c84ca2d925ea0b5b331b9730c2b7 Mon Sep 17 00:00:00 2001 From: Gerald Michelant Date: Sun, 30 Dec 2018 16:44:08 -0500 Subject: [PATCH 6/7] rewritting of login method --- src/graphql-schema.js | 42 ++++++++++++++++-------------------------- 1 file changed, 16 insertions(+), 26 deletions(-) diff --git a/src/graphql-schema.js b/src/graphql-schema.js index c298177c2..830fda193 100644 --- a/src/graphql-schema.js +++ b/src/graphql-schema.js @@ -2,7 +2,6 @@ import fs from 'fs' import path from 'path' import bcrypt from 'bcryptjs' -import zipObject from 'lodash/zipObject' import generateJwt from './jwt/generateToken' import { fixUrl } from './middleware/fixImageUrlsMiddleware' import { AuthenticationError } from 'apollo-server' @@ -97,32 +96,23 @@ export const resolvers = { // throw new Error('Already logged in.') // } const session = driver.session() - try { - const res = await session.run('MATCH (u:User {email: "' + email + '"}) RETURN u.id, u.slug, u.name, u.avatar, u.email, u.password, u.role LIMIT 1') - const u = res.records[0]._fields ? zipObject([ - 'id', - 'slug', - 'name', - 'avatar', - 'email', - 'password', - 'role' - ], res.records[0]._fields) : null - if (u) { - if (await bcrypt.compareSync(password, u.password)) { - delete u.password - u.avatar = fixUrl(u.avatar) - return Object.assign(u, { - token: generateJwt(u) - }) - } + return session.run( + 'MATCH (user:User {email: "' + email + '"}) ' + + 'RETURN user {.id, .slug, .name, .avatar, .email, .password, .role} as user LIMIT 1') + .then(async (result) => { session.close() - throw new AuthenticationError('Incorrect username or password.') - } - session.close() - } catch (error) { - throw new AuthenticationError('Incorrect username or password.') - } + const [currentUser] = await result.records.map(function (record) { + console.log(record.get('user')) + return record.get('user') + }) + if (currentUser && await bcrypt.compareSync(password, currentUser.password)) { + delete currentUser.password + currentUser.avatar = fixUrl(currentUser.avatar) + return Object.assign(currentUser, { + token: generateJwt(currentUser) + }) + } else throw new AuthenticationError('Incorrect username or password.') + }) } } } From 4f4b6e546900cbd913b930bbe025c0ed8fa8e0ba Mon Sep 17 00:00:00 2001 From: Gerald Michelant Date: Wed, 2 Jan 2019 10:04:45 -0500 Subject: [PATCH 7/7] changed method to inject variable to login --- src/graphql-schema.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/graphql-schema.js b/src/graphql-schema.js index 830fda193..eabde7a6b 100644 --- a/src/graphql-schema.js +++ b/src/graphql-schema.js @@ -97,8 +97,8 @@ export const resolvers = { // } const session = driver.session() return session.run( - 'MATCH (user:User {email: "' + email + '"}) ' + - 'RETURN user {.id, .slug, .name, .avatar, .email, .password, .role} as user LIMIT 1') + 'MATCH (user:User {email: $userEmail}) ' + + 'RETURN user {.id, .slug, .name, .avatar, .email, .password, .role} as user LIMIT 1', { userEmail: email }) .then(async (result) => { session.close() const [currentUser] = await result.records.map(function (record) {