From 93d821825bb0356d122c0c31bd3eac4169afc658 Mon Sep 17 00:00:00 2001
From: Gerald Michelant <gerald.michelant@gmail.com>
Date: Thu, 27 Dec 2018 17:21:18 -0500
Subject: [PATCH 1/3] capture error in readable format with try and catch

---
 src/graphql-schema.js | 46 ++++++++++++++++++++++---------------------
 1 file changed, 24 insertions(+), 22 deletions(-)

diff --git a/src/graphql-schema.js b/src/graphql-schema.js
index b52c9e232..7d2a8ce5f 100644
--- a/src/graphql-schema.js
+++ b/src/graphql-schema.js
@@ -5,6 +5,7 @@ import bcrypt from 'bcryptjs'
 import zipObject from 'lodash/zipObject'
 import generateJwt from './jwt/generateToken'
 import { fixUrl } from './middleware/fixImageUrlsMiddleware'
+import { AuthenticationError } from 'apollo-server'
 
 export const typeDefs =
   fs.readFileSync(process.env.GRAPHQL_SCHEMA || path.join(__dirname, 'schema.graphql'))
@@ -95,32 +96,33 @@ export const resolvers = {
       // if (user && user.id) {
       //   throw new Error('Already logged in.')
       // }
-
       const session = driver.session()
-      const res = await session.run('MATCH (u:User {email: "' + email + '"}) RETURN u.id, u.slug, u.name, u.avatar, u.email, u.password, u.role LIMIT 1')
-      let u = res.records[0]._fields ? zipObject([
-        'id',
-        'slug',
-        'name',
-        'avatar',
-        'email',
-        'password',
-        'role'
-      ], res.records[0]._fields) : null
-      if (u) {
-        if (await bcrypt.compareSync(password, u.password)) {
-          delete u.password
-          u.avatar = fixUrl(u.avatar)
-          return Object.assign(u, {
-            token: generateJwt(u)
-          })
+      try {
+        const res = await session.run('MATCH (u:User {email: "' + email + '"}) RETURN u.id, u.slug, u.name, u.avatar, u.email, u.password, u.role LIMIT 1')
+        const u = res.records[0]._fields ? zipObject([
+          'id',
+          'slug',
+          'name',
+          'avatar',
+          'email',
+          'password',
+          'role'
+        ], res.records[0]._fields) : null
+        if (u) {
+          if (await bcrypt.compareSync(password, u.password)) {
+            delete u.password
+            u.avatar = fixUrl(u.avatar)
+            return Object.assign(u, {
+              token: generateJwt(u)
+            })
+          }
+          session.close()
+          throw new Error('Incorrect username or password.')
         }
         session.close()
-        throw new Error('Incorrect password.')
+      } catch (error) {
+        throw new AuthenticationError('Incorrect username or password.')
       }
-
-      session.close()
-      throw new Error('No Such User exists.')
     }
   }
 }

From 1e949f3fde454f8ad4f279bf526c0900b70f0703 Mon Sep 17 00:00:00 2001
From: Gerald Michelant <gerald.michelant@gmail.com>
Date: Fri, 28 Dec 2018 22:17:28 -0500
Subject: [PATCH 2/3] throw new AuthenticationError on password error

---
 src/graphql-schema.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/graphql-schema.js b/src/graphql-schema.js
index 7d2a8ce5f..c298177c2 100644
--- a/src/graphql-schema.js
+++ b/src/graphql-schema.js
@@ -117,7 +117,7 @@ export const resolvers = {
             })
           }
           session.close()
-          throw new Error('Incorrect username or password.')
+          throw new AuthenticationError('Incorrect username or password.')
         }
         session.close()
       } catch (error) {

From 2959eeb931910f451e546811944196e79f4ed215 Mon Sep 17 00:00:00 2001
From: Gerald Michelant <gerald.michelant@gmail.com>
Date: Sun, 30 Dec 2018 16:44:08 -0500
Subject: [PATCH 3/3] rewritting of login method

---
 src/graphql-schema.js | 42 ++++++++++++++++--------------------------
 1 file changed, 16 insertions(+), 26 deletions(-)

diff --git a/src/graphql-schema.js b/src/graphql-schema.js
index c298177c2..830fda193 100644
--- a/src/graphql-schema.js
+++ b/src/graphql-schema.js
@@ -2,7 +2,6 @@
 import fs from 'fs'
 import path from 'path'
 import bcrypt from 'bcryptjs'
-import zipObject from 'lodash/zipObject'
 import generateJwt from './jwt/generateToken'
 import { fixUrl } from './middleware/fixImageUrlsMiddleware'
 import { AuthenticationError } from 'apollo-server'
@@ -97,32 +96,23 @@ export const resolvers = {
       //   throw new Error('Already logged in.')
       // }
       const session = driver.session()
-      try {
-        const res = await session.run('MATCH (u:User {email: "' + email + '"}) RETURN u.id, u.slug, u.name, u.avatar, u.email, u.password, u.role LIMIT 1')
-        const u = res.records[0]._fields ? zipObject([
-          'id',
-          'slug',
-          'name',
-          'avatar',
-          'email',
-          'password',
-          'role'
-        ], res.records[0]._fields) : null
-        if (u) {
-          if (await bcrypt.compareSync(password, u.password)) {
-            delete u.password
-            u.avatar = fixUrl(u.avatar)
-            return Object.assign(u, {
-              token: generateJwt(u)
-            })
-          }
+      return session.run(
+        'MATCH (user:User {email: "' + email + '"}) ' +
+        'RETURN user {.id, .slug, .name, .avatar, .email, .password, .role} as user LIMIT 1')
+        .then(async (result) => {
           session.close()
-          throw new AuthenticationError('Incorrect username or password.')
-        }
-        session.close()
-      } catch (error) {
-        throw new AuthenticationError('Incorrect username or password.')
-      }
+          const [currentUser] = await result.records.map(function (record) {
+            console.log(record.get('user'))
+            return record.get('user')
+          })
+          if (currentUser && await bcrypt.compareSync(password, currentUser.password)) {
+            delete currentUser.password
+            currentUser.avatar = fixUrl(currentUser.avatar)
+            return Object.assign(currentUser, {
+              token: generateJwt(currentUser)
+            })
+          } else throw new AuthenticationError('Incorrect username or password.')
+        })
     }
   }
 }