From 5fd5795f39125daf422d055631a5c04af24c3fbd Mon Sep 17 00:00:00 2001
From: Daksh Miglani <hello@dak.sh>
Date: Mon, 7 Jan 2019 12:48:47 +0530
Subject: [PATCH 1/6] fix jwt strategy

---
 src/jwt/strategy.js | 31 +++++++++++++++++++++----------
 src/server.js       |  2 +-
 2 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/src/jwt/strategy.js b/src/jwt/strategy.js
index 0807c3fd1..e2dccc91f 100644
--- a/src/jwt/strategy.js
+++ b/src/jwt/strategy.js
@@ -1,4 +1,5 @@
 import { Strategy } from 'passport-jwt'
+import { fixUrl } from '../middleware/fixImageUrlsMiddleware'
 
 const cookieExtractor = (req) => {
   var token = null
@@ -8,7 +9,7 @@ const cookieExtractor = (req) => {
   return token
 }
 
-export default () => {
+export default (driver) => {
   const options = {
     jwtFromRequest: cookieExtractor,
     secretOrKey: process.env.JWT_SECRET,
@@ -17,16 +18,26 @@ export default () => {
   }
 
   return new Strategy(options,
-    (JWTPayload, next) => {
-      // usually this would be a database call:
-      // var user = users[_.findIndex(users, {id: JWTPayload.id})]
-      // TODO: fix https://github.com/Human-Connection/Nitro-Backend/issues/41
-      /* eslint-disable */
-      if (true) {
-      /* eslint-enable */
-        next(null, {})
+    async (JWTPayload, next) => {
+      const session = driver.session();
+      const result = await session.run(
+        'MATCH (user:User {id: $userId}) ' +
+        'RETURN user {.id, .slug, .name, .avatar, .email, .password, .role} as user LIMIT 1',
+        {
+          id: JWTPayload.id
+        }
+      );
+      session.close();
+      const [currentUser] = await result.records.map((record) => {
+        return record.get("user");
+      });
+
+      if (currentUser) {
+        delete currentUser.password;
+        currentUser.avatar = fixUrl(currentUser.avatar)
+        return next(null, currentUser);
       } else {
-        next(null, false)
+        return next(null, false);
       }
     })
 }
diff --git a/src/server.js b/src/server.js
index 3b0e0a561..860a4f8c4 100644
--- a/src/server.js
+++ b/src/server.js
@@ -56,7 +56,7 @@ const createServer = (options) => {
   }
   const server = new GraphQLServer(Object.assign({}, defaults, options))
 
-  passport.use('jwt', jwtStrategy())
+  passport.use('jwt', jwtStrategy(driver))
   server.express.use(passport.initialize())
 
   server.express.post('/graphql', passport.authenticate(['jwt'], { session: false }))

From 016119e7689e0af9ccf0ff9ffd1083ed71b3190a Mon Sep 17 00:00:00 2001
From: Daksh <hello@dak.sh>
Date: Mon, 7 Jan 2019 13:00:19 +0530
Subject: [PATCH 2/6] fix variableName from id to userId

---
 src/jwt/strategy.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/jwt/strategy.js b/src/jwt/strategy.js
index e2dccc91f..d08b7988f 100644
--- a/src/jwt/strategy.js
+++ b/src/jwt/strategy.js
@@ -24,7 +24,7 @@ export default (driver) => {
         'MATCH (user:User {id: $userId}) ' +
         'RETURN user {.id, .slug, .name, .avatar, .email, .password, .role} as user LIMIT 1',
         {
-          id: JWTPayload.id
+          userId: JWTPayload.id
         }
       );
       session.close();

From 2156b08e8fa0f79f94d87d0d2d0d6a4dadafdb43 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= <git@roschaefer.de>
Date: Tue, 8 Jan 2019 14:20:05 +0100
Subject: [PATCH 3/6] Run `yarn run lint --fix`

@DakshMiglani check the build server for any errors:
https://travis-ci.com/Human-Connection/Nitro-Backend/builds/96505757#L658

Here you can see the build was fine, only eslint complained. Eslint is a
quick fix :wink:
---
 src/jwt/strategy.js | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/jwt/strategy.js b/src/jwt/strategy.js
index d08b7988f..65e2d35c1 100644
--- a/src/jwt/strategy.js
+++ b/src/jwt/strategy.js
@@ -19,25 +19,25 @@ export default (driver) => {
 
   return new Strategy(options,
     async (JWTPayload, next) => {
-      const session = driver.session();
+      const session = driver.session()
       const result = await session.run(
         'MATCH (user:User {id: $userId}) ' +
         'RETURN user {.id, .slug, .name, .avatar, .email, .password, .role} as user LIMIT 1',
         {
           userId: JWTPayload.id
         }
-      );
-      session.close();
+      )
+      session.close()
       const [currentUser] = await result.records.map((record) => {
-        return record.get("user");
-      });
+        return record.get('user')
+      })
 
       if (currentUser) {
-        delete currentUser.password;
+        delete currentUser.password
         currentUser.avatar = fixUrl(currentUser.avatar)
-        return next(null, currentUser);
+        return next(null, currentUser)
       } else {
-        return next(null, false);
+        return next(null, false)
       }
     })
 }

From da19dee1f2318c96059a9118e13928e4fb322df2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 10 Jan 2019 04:19:47 +0000
Subject: [PATCH 4/6] Bump eslint-plugin-jest from 22.1.2 to 22.1.3

Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) from 22.1.2 to 22.1.3.
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v22.1.2...v22.1.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 package.json | 2 +-
 yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index 9d83da85b..dc75aca0f 100644
--- a/package.json
+++ b/package.json
@@ -74,7 +74,7 @@
     "eslint": "~5.11.1",
     "eslint-config-standard": "~12.0.0",
     "eslint-plugin-import": "~2.14.0",
-    "eslint-plugin-jest": "^22.1.2",
+    "eslint-plugin-jest": "^22.1.3",
     "eslint-plugin-node": "~8.0.0",
     "eslint-plugin-promise": "~4.0.1",
     "eslint-plugin-standard": "~4.0.0",
diff --git a/yarn.lock b/yarn.lock
index ee9b4a0df..9230961fb 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2728,10 +2728,10 @@ eslint-plugin-import@~2.14.0:
     read-pkg-up "^2.0.0"
     resolve "^1.6.0"
 
-eslint-plugin-jest@^22.1.2:
-  version "22.1.2"
-  resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-22.1.2.tgz#1ea36cc3faedbdb788e702ca633d635ca14e91e8"
-  integrity sha512-jSPT4rVmNetkeCIyrvvOM0wJtgoUSbKHIUDoOGzIISsg51eWN/nISPNKVM+jXMMDI9oowbyapOnpKSXlsLiDpQ==
+eslint-plugin-jest@^22.1.3:
+  version "22.1.3"
+  resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-22.1.3.tgz#4444108dfcddc5d2117ed6dc551f529d7e73a99e"
+  integrity sha512-JTZTI6WQoNruAugNyCO8fXfTONVcDd5i6dMRFA5g3rUFn1UDDLILY1bTL6alvNXbW2U7Sc2OSpi8m08pInnq0A==
 
 eslint-plugin-node@~8.0.0:
   version "8.0.0"

From ca38892322ab2f2910ff07e622d9b7412455e17d Mon Sep 17 00:00:00 2001
From: Daksh <hello@dak.sh>
Date: Thu, 10 Jan 2019 21:49:01 +0530
Subject: [PATCH 5/6] remove password from query.

---
 src/jwt/strategy.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/jwt/strategy.js b/src/jwt/strategy.js
index 65e2d35c1..5b1ea1231 100644
--- a/src/jwt/strategy.js
+++ b/src/jwt/strategy.js
@@ -22,7 +22,7 @@ export default (driver) => {
       const session = driver.session()
       const result = await session.run(
         'MATCH (user:User {id: $userId}) ' +
-        'RETURN user {.id, .slug, .name, .avatar, .email, .password, .role} as user LIMIT 1',
+        'RETURN user {.id, .slug, .name, .avatar, .email, .role} as user LIMIT 1',
         {
           userId: JWTPayload.id
         }
@@ -33,7 +33,6 @@ export default (driver) => {
       })
 
       if (currentUser) {
-        delete currentUser.password
         currentUser.avatar = fixUrl(currentUser.avatar)
         return next(null, currentUser)
       } else {

From 53044c4cf6687f23bfb5d8b4220dc5595935ced7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Sat, 12 Jan 2019 20:51:19 +0000
Subject: [PATCH 6/6] Bump apollo-cache-inmemory from 1.3.11 to 1.3.12

Bumps [apollo-cache-inmemory](https://github.com/apollographql/apollo-client) from 1.3.11 to 1.3.12.
- [Release notes](https://github.com/apollographql/apollo-client/releases)
- [Changelog](https://github.com/apollographql/apollo-client/blob/master/CHANGELOG.md)
- [Commits](https://github.com/apollographql/apollo-client/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 package.json |  2 +-
 yarn.lock    | 20 ++++++++++----------
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/package.json b/package.json
index dc75aca0f..ab2241a06 100644
--- a/package.json
+++ b/package.json
@@ -28,7 +28,7 @@
     "testMatch": ["**/src/**/?(*.)+(spec|test).js?(x)" ]
   },
   "dependencies": {
-    "apollo-cache-inmemory": "~1.3.11",
+    "apollo-cache-inmemory": "~1.3.12",
     "apollo-client": "~2.4.8",
     "apollo-link-http": "~1.5.9",
     "apollo-server": "~2.3.1",
diff --git a/yarn.lock b/yarn.lock
index 9230961fb..caf47bcca 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1014,16 +1014,16 @@ apollo-cache-control@^0.1.0:
   dependencies:
     graphql-extensions "^0.0.x"
 
-apollo-cache-inmemory@~1.3.11:
-  version "1.3.11"
-  resolved "https://registry.yarnpkg.com/apollo-cache-inmemory/-/apollo-cache-inmemory-1.3.11.tgz#6cb8f24ec812715169f9acbb0b67833f9a19ec90"
-  integrity sha512-fSoyjBV5RV57J3i/VHDDB74ZgXc0PFiogheNFHEhC0mL6rg5e/DjTx0Vg+csIBk23gvlzTvV+eypx7Q2NJ+dYg==
+apollo-cache-inmemory@~1.3.12:
+  version "1.3.12"
+  resolved "https://registry.yarnpkg.com/apollo-cache-inmemory/-/apollo-cache-inmemory-1.3.12.tgz#cf7ef7c15730d0b6787d79047d5c06087ac31991"
+  integrity sha512-jxWcW64QoYQZ09UH6v3syvCCl3MWr6bsxT3wYYL6ORi8svdJUpnNrHTcv5qXqJYVg/a+NHhfEt+eGjJUG2ytXA==
   dependencies:
-    apollo-cache "^1.1.21"
-    apollo-utilities "^1.0.26"
-    optimism "^0.6.6"
+    apollo-cache "^1.1.22"
+    apollo-utilities "^1.0.27"
+    optimism "^0.6.8"
 
-apollo-cache@1.1.22, apollo-cache@^1.1.21:
+apollo-cache@1.1.22, apollo-cache@^1.1.22:
   version "1.1.22"
   resolved "https://registry.yarnpkg.com/apollo-cache/-/apollo-cache-1.1.22.tgz#d4682ea6e8b2508a934f61c2fd9e36b4a65041d9"
   integrity sha512-8PoxhQLISj2oHwT7i/r4l+ly4y3RKZls+dtXzAewu3U77P9dNZKhYkRNAhx9iEfsrNoHgXBV8vMp64hb1uYh+g==
@@ -1307,7 +1307,7 @@ apollo-upload-server@^5.0.0:
     busboy "^0.2.14"
     object-path "^0.11.4"
 
-apollo-utilities@1.0.27, apollo-utilities@^1.0.0, apollo-utilities@^1.0.1, apollo-utilities@^1.0.26, apollo-utilities@^1.0.27:
+apollo-utilities@1.0.27, apollo-utilities@^1.0.0, apollo-utilities@^1.0.1, apollo-utilities@^1.0.27:
   version "1.0.27"
   resolved "https://registry.yarnpkg.com/apollo-utilities/-/apollo-utilities-1.0.27.tgz#77c550f9086552376eca3a48e234a1466b5b057e"
   integrity sha512-nzrMQ89JMpNmYnVGJ4t8zN75gQbql27UDhlxNi+3OModp0Masx5g+fQmQJ5B4w2dpRuYOsdwFLmj3lQbwOKV1Q==
@@ -5719,7 +5719,7 @@ opn@4.0.2:
     object-assign "^4.0.1"
     pinkie-promise "^2.0.0"
 
-optimism@^0.6.6:
+optimism@^0.6.8:
   version "0.6.8"
   resolved "https://registry.yarnpkg.com/optimism/-/optimism-0.6.8.tgz#0780b546da8cd0a72e5207e0c3706c990c8673a6"
   integrity sha512-bN5n1KCxSqwBDnmgDnzMtQTHdL+uea2HYFx1smvtE+w2AMl0Uy31g0aXnP/Nt85OINnMJPRpJyfRQLTCqn5Weg==