Merge branch 'master' into mass_creation_do_not_show_unactivated

.github/workflows/test.yml

@@ -528,7 +528,7 @@ jobs:
           report_name: Coverage Backend
           type: lcov
           result_path: ./backend/coverage/lcov.info
-          min_coverage: 54
+          min_coverage: 55
           token: ${{ github.token }}
 
   ##########################################################################

backend/.env.dist

@@ -1,4 +1,4 @@
-CONFIG_VERSION=v1.2022-03-18
+CONFIG_VERSION=v3.2022-03-29
 
 # Server
 PORT=4000
@@ -41,8 +41,10 @@ EMAIL_PASSWORD=xxx
 EMAIL_SMTP_URL=gmail.com
 EMAIL_SMTP_PORT=587
 EMAIL_LINK_VERIFICATION=http://localhost/checkEmail/{optin}{code}
-EMAIL_LINK_SETPASSWORD=http://localhost/reset/{optin}
+EMAIL_LINK_SETPASSWORD=http://localhost/reset/{code}
-EMAIL_CODE_VALID_TIME=10
+EMAIL_LINK_FORGOTPASSWORD=http://localhost/forgot-password
+EMAIL_CODE_VALID_TIME=1440
+EMAIL_CODE_REQUEST_TIME=10
 
 # Webhook
 WEBHOOK_ELOPAGE_SECRET=secret

backend/src/auth/RIGHTS.ts

@@ -24,6 +24,7 @@ export enum RIGHTS {
   QUERY_TRANSACTION_LINK = 'QUERY_TRANSACTION_LINK',
   REDEEM_TRANSACTION_LINK = 'REDEEM_TRANSACTION_LINK',
   LIST_TRANSACTION_LINKS = 'LIST_TRANSACTION_LINKS',
+  GDT_BALANCE = 'GDT_BALANCE',
   // Admin
   SEARCH_USERS = 'SEARCH_USERS',
   CREATE_PENDING_CREATION = 'CREATE_PENDING_CREATION',

backend/src/auth/ROLES.ts

@@ -22,6 +22,7 @@ export const ROLE_USER = new Role('user', [
   RIGHTS.DELETE_TRANSACTION_LINK,
   RIGHTS.REDEEM_TRANSACTION_LINK,
   RIGHTS.LIST_TRANSACTION_LINKS,
+  RIGHTS.GDT_BALANCE,
 ])
 export const ROLE_ADMIN = new Role('admin', Object.values(RIGHTS)) // all rights
 

backend/src/config/index.ts

@@ -14,7 +14,7 @@ const constants = {
   DECAY_START_TIME: new Date('2021-05-13 17:46:31'), // GMT+0
   CONFIG_VERSION: {
     DEFAULT: 'DEFAULT',
-    EXPECTED: 'v1.2022-03-18',
+    EXPECTED: 'v3.2022-03-29',
     CURRENT: '',
   },
 }
@@ -70,8 +70,15 @@ const email = {
     process.env.EMAIL_LINK_VERIFICATION || 'http://localhost/checkEmail/{optin}{code}',
   EMAIL_LINK_SETPASSWORD:
     process.env.EMAIL_LINK_SETPASSWORD || 'http://localhost/reset-password/{optin}',
+  EMAIL_LINK_FORGOTPASSWORD:
+    process.env.EMAIL_LINK_FORGOTPASSWORD || 'http://localhost/forgot-password',
+  // time in minutes a optin code is valid
   EMAIL_CODE_VALID_TIME: process.env.EMAIL_CODE_VALID_TIME
-    ? parseInt(process.env.EMAIL_CODE_VALID_TIME) || 10
+    ? parseInt(process.env.EMAIL_CODE_VALID_TIME) || 1440
+    : 1440,
+  // time in minutes that must pass to request a new optin code
+  EMAIL_CODE_REQUEST_TIME: process.env.EMAIL_CODE_REQUEST_TIME
+    ? parseInt(process.env.EMAIL_CODE_REQUEST_TIME) || 10
     : 10,
 }
 

backend/src/graphql/enum/OptInType.ts

@@ -0,0 +1,11 @@
+import { registerEnumType } from 'type-graphql'
+
+export enum OptInType {
+  EMAIL_OPT_IN_REGISTER = 1,
+  EMAIL_OPT_IN_RESET_PASSWORD = 2,
+}
+
+registerEnumType(OptInType, {
+  name: 'OptInType', // this one is mandatory
+  description: 'Type of the email optin', // this one is optional
+})

backend/src/graphql/model/Balance.ts

@@ -1,22 +1,55 @@
-/* eslint-disable @typescript-eslint/no-explicit-any */
-/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
 import { ObjectType, Field } from 'type-graphql'
 import Decimal from 'decimal.js-light'
+import CONFIG from '@/config'
 
 @ObjectType()
 export class Balance {
-  constructor(json: any) {
+  constructor(data: {
-    this.balance = json.balance
+    balance: Decimal
-    this.decay = json.decay
+    decay: Decimal
-    this.decayDate = json.decay_date
+    lastBookedBalance: Decimal
+    balanceGDT: number | null
+    count: number
+    linkCount: number
+    decayStartBlock?: Date
+    lastBookedDate?: Date | null
+  }) {
+    this.balance = data.balance
+    this.decay = data.decay
+    this.lastBookedBalance = data.lastBookedBalance
+    this.balanceGDT = data.balanceGDT || null
+    this.count = data.count
+    this.linkCount = data.linkCount
+    this.decayStartBlock = data.decayStartBlock || CONFIG.DECAY_START_TIME
+    this.lastBookedDate = data.lastBookedDate || null
   }
 
+  // the actual balance, decay included
   @Field(() => Decimal)
   balance: Decimal
 
+  // the decay since the last booked balance
   @Field(() => Decimal)
   decay: Decimal
 
+  @Field(() => Decimal)
+  lastBookedBalance: Decimal
+
+  @Field(() => Number, { nullable: true })
+  balanceGDT: number | null
+
+  // the count of all transactions
+  @Field(() => Number)
+  count: number
+
+  // the count of transaction links
+  @Field(() => Number)
+  linkCount: number
+
   @Field(() => Date)
-  decayDate: Date
+  decayStartBlock: Date
+
+  // may be null as there may be no transaction
+  @Field(() => Date, { nullable: true })
+  lastBookedDate: Date | null
 }

backend/src/graphql/model/TransactionList.ts

@@ -1,40 +1,16 @@
 import { ObjectType, Field } from 'type-graphql'
-import CONFIG from '@/config'
-import Decimal from 'decimal.js-light'
 import { Transaction } from './Transaction'
+import { Balance } from './Balance'
 
 @ObjectType()
 export class TransactionList {
-  constructor(
+  constructor(balance: Balance, transactions: Transaction[]) {
-    balance: Decimal,
-    transactions: Transaction[],
-    count: number,
-    linkCount: number,
-    balanceGDT?: number | null,
-    decayStartBlock: Date = CONFIG.DECAY_START_TIME,
-  ) {
     this.balance = balance
     this.transactions = transactions
-    this.count = count
-    this.linkCount = linkCount
-    this.balanceGDT = balanceGDT || null
-    this.decayStartBlock = decayStartBlock
   }
 
-  @Field(() => Number, { nullable: true })
+  @Field(() => Balance)
-  balanceGDT: number | null
+  balance: Balance
-
-  @Field(() => Number)
-  count: number
-
-  @Field(() => Number)
-  linkCount: number
-
-  @Field(() => Decimal)
-  balance: Decimal
-
-  @Field(() => Date)
-  decayStartBlock: Date
 
   @Field(() => [Transaction])
   transactions: Transaction[]

backend/src/graphql/resolver/AdminResolver.ts

@@ -39,6 +39,9 @@ import Paginated from '@arg/Paginated'
 import TransactionLinkFilters from '@arg/TransactionLinkFilters'
 import { Order } from '@enum/Order'
 import { communityUser } from '@/util/communityUser'
+import { checkOptInCode, activationLink, printTimeDuration } from './UserResolver'
+import { sendAccountActivationEmail } from '@/mailer/sendAccountActivationEmail'
+import CONFIG from '@/config'
 
 // const EMAIL_OPT_IN_REGISTER = 1
 // const EMAIL_OPT_UNKNOWN = 3 // elopage?
@@ -375,6 +378,40 @@ export class AdminResolver {
     return userTransactions.map((t) => new Transaction(t, new User(user), communityUser))
   }
 
+  @Authorized([RIGHTS.SEND_ACTIVATION_EMAIL])
+  @Mutation(() => Boolean)
+  async sendActivationEmail(@Arg('email') email: string): Promise<boolean> {
+    email = email.trim().toLowerCase()
+    const user = await dbUser.findOneOrFail({ email: email })
+
+    // can be both types: REGISTER and RESET_PASSWORD
+    let optInCode = await LoginEmailOptIn.findOne({
+      where: { userId: user.id },
+      order: { updatedAt: 'DESC' },
+    })
+
+    optInCode = await checkOptInCode(optInCode, user.id)
+
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    const emailSent = await sendAccountActivationEmail({
+      link: activationLink(optInCode),
+      firstName: user.firstName,
+      lastName: user.lastName,
+      email,
+      duration: printTimeDuration(CONFIG.EMAIL_CODE_VALID_TIME),
+    })
+
+    /*  uncomment this, when you need the activation link on the console
+    // In case EMails are disabled log the activation link for the user
+    if (!emailSent) {
+    // eslint-disable-next-line no-console
+    console.log(`Account confirmation link: ${activationLink}`)
+    }
+    */
+
+    return true
+  }
+
   @Authorized([RIGHTS.LIST_TRANSACTION_LINKS_ADMIN])
   @Query(() => TransactionLinkResult)
   async listTransactionLinksAdmin(

backend/src/graphql/resolver/BalanceResolver.ts

@@ -5,36 +5,74 @@ import { Resolver, Query, Ctx, Authorized } from 'type-graphql'
 import { Balance } from '@model/Balance'
 import { calculateDecay } from '@/util/decay'
 import { RIGHTS } from '@/auth/RIGHTS'
-import { Transaction } from '@entity/Transaction'
+import { Transaction as dbTransaction } from '@entity/Transaction'
 import Decimal from 'decimal.js-light'
+import { GdtResolver } from './GdtResolver'
+import { TransactionLink as dbTransactionLink } from '@entity/TransactionLink'
+import { MoreThan, getCustomRepository } from '@dbTools/typeorm'
+import { TransactionLinkRepository } from '@repository/TransactionLink'
 
 @Resolver()
 export class BalanceResolver {
   @Authorized([RIGHTS.BALANCE])
   @Query(() => Balance)
   async balance(@Ctx() context: any): Promise<Balance> {
-    // load user and balance
     const { user } = context
     const now = new Date()
 
-    const lastTransaction = await Transaction.findOne(
+    const gdtResolver = new GdtResolver()
-      { userId: user.id },
+    const balanceGDT = await gdtResolver.gdtBalance(context)
-      { order: { balanceDate: 'DESC' } },
+
-    )
+    const lastTransaction = context.lastTransaction
+      ? context.lastTransaction
+      : await dbTransaction.findOne({ userId: user.id }, { order: { balanceDate: 'DESC' } })
 
     // No balance found
     if (!lastTransaction) {
       return new Balance({
         balance: new Decimal(0),
         decay: new Decimal(0),
-        decay_date: now.toString(),
+        lastBookedBalance: new Decimal(0),
+        balanceGDT,
+        count: 0,
+        linkCount: 0,
       })
     }
 
+    const count =
+      context.transactionCount || context.transactionCount === 0
+        ? context.transactionCount
+        : await dbTransaction.count({ where: { userId: user.id } })
+    const linkCount =
+      context.linkCount || context.linkCount === 0
+        ? context.linkCount
+        : await dbTransactionLink.count({
+            where: {
+              userId: user.id,
+              redeemedAt: null,
+              validUntil: MoreThan(new Date()),
+            },
+          })
+
+    const transactionLinkRepository = getCustomRepository(TransactionLinkRepository)
+    const { sumHoldAvailableAmount } = context.sumHoldAvailableAmount
+      ? { sumHoldAvailableAmount: context.sumHoldAvailableAmount }
+      : await transactionLinkRepository.summary(user.id, now)
+
+    const calculatedDecay = calculateDecay(
+      lastTransaction.balance.minus(sumHoldAvailableAmount.toString()),
+      lastTransaction.balanceDate,
+      now,
+    )
+
     return new Balance({
-      balance: lastTransaction.balance,
+      balance: calculatedDecay.balance.toDecimalPlaces(2, Decimal.ROUND_DOWN), // round towards zero
-      decay: calculateDecay(lastTransaction.balance, lastTransaction.balanceDate, now).balance,
+      decay: calculatedDecay.decay.toDecimalPlaces(2, Decimal.ROUND_FLOOR), // round towards - infinity
-      decay_date: now.toString(),
+      lastBookedBalance: lastTransaction.balance.toDecimalPlaces(2, Decimal.ROUND_DOWN),
+      balanceGDT,
+      count,
+      linkCount,
+      lastBookedDate: lastTransaction.balanceDate,
     })
   }
 }

backend/src/graphql/resolver/GdtResolver.ts

@@ -5,7 +5,7 @@ import { Resolver, Query, Args, Ctx, Authorized, Arg } from 'type-graphql'
 import CONFIG from '@/config'
 import { GdtEntryList } from '@model/GdtEntryList'
 import Paginated from '@arg/Paginated'
-import { apiGet } from '@/apis/HttpRequest'
+import { apiGet, apiPost } from '@/apis/HttpRequest'
 import { Order } from '@enum/Order'
 import { RIGHTS } from '@/auth/RIGHTS'
 
@@ -13,13 +13,11 @@ import { RIGHTS } from '@/auth/RIGHTS'
 export class GdtResolver {
   @Authorized([RIGHTS.LIST_GDT_ENTRIES])
   @Query(() => GdtEntryList)
-  // eslint-disable-next-line @typescript-eslint/no-explicit-any
   async listGDTEntries(
     @Args()
     { currentPage = 1, pageSize = 5, order = Order.DESC }: Paginated,
     @Ctx() context: any,
   ): Promise<GdtEntryList> {
-    // load user
     const userEntity = context.user
 
     try {
@@ -35,6 +33,25 @@ export class GdtResolver {
     }
   }
 
+  @Authorized([RIGHTS.GDT_BALANCE])
+  @Query(() => Number)
+  async gdtBalance(@Ctx() context: any): Promise<number | null> {
+    const { user } = context
+    try {
+      const resultGDTSum = await apiPost(`${CONFIG.GDT_API_URL}/GdtEntries/sumPerEmailApi`, {
+        email: user.email,
+      })
+      if (!resultGDTSum.success) {
+        throw new Error('Call not successful')
+      }
+      return Number(resultGDTSum.data.sum) || 0
+    } catch (err: any) {
+      // eslint-disable-next-line no-console
+      console.log('Could not query GDT Server', err)
+      return null
+    }
+  }
+
   @Authorized([RIGHTS.EXIST_PID])
   @Query(() => Number)
   // eslint-disable-next-line @typescript-eslint/no-explicit-any

backend/src/graphql/resolver/TransactionResolver.ts

@@ -6,7 +6,6 @@
 import { Resolver, Query, Args, Authorized, Ctx, Mutation } from 'type-graphql'
 import { getCustomRepository, getConnection } from '@dbTools/typeorm'
 
-import CONFIG from '@/config'
 import { sendTransactionReceivedEmail } from '@/mailer/sendTransactionReceivedEmail'
 
 import { Transaction } from '@model/Transaction'
@@ -24,7 +23,6 @@ import { User as dbUser } from '@entity/User'
 import { Transaction as dbTransaction } from '@entity/Transaction'
 import { TransactionLink as dbTransactionLink } from '@entity/TransactionLink'
 
-import { apiPost } from '@/apis/HttpRequest'
 import { TransactionTypeId } from '@enum/TransactionTypeId'
 import { calculateBalance, isHexPublicKey } from '@/util/validate'
 import { RIGHTS } from '@/auth/RIGHTS'
@@ -32,7 +30,8 @@ import { User } from '@model/User'
 import { communityUser } from '@/util/communityUser'
 import { virtualLinkTransaction, virtualDecayTransaction } from '@/util/virtualTransactions'
 import Decimal from 'decimal.js-light'
-import { calculateDecay } from '@/util/decay'
+
+import { BalanceResolver } from './BalanceResolver'
 
 const MEMO_MAX_CHARS = 255
 const MEMO_MIN_CHARS = 5
@@ -154,23 +153,11 @@ export class TransactionResolver {
       { order: { balanceDate: 'DESC' } },
     )
 
-    // get GDT
+    const balanceResolver = new BalanceResolver()
-    let balanceGDT = null
+    context.lastTransaction = lastTransaction
-    try {
-      const resultGDTSum = await apiPost(`${CONFIG.GDT_API_URL}/GdtEntries/sumPerEmailApi`, {
-        email: user.email,
-      })
-      if (!resultGDTSum.success) {
-        throw new Error('Call not successful')
-      }
-      balanceGDT = Number(resultGDTSum.data.sum) || 0
-    } catch (err: any) {
-      // eslint-disable-next-line no-console
-      console.log('Could not query GDT Server', err)
-    }
 
     if (!lastTransaction) {
-      return new TransactionList(new Decimal(0), [], 0, 0, balanceGDT)
+      return new TransactionList(await balanceResolver.balance(context), [])
     }
 
     // find transactions
@@ -183,6 +170,7 @@ export class TransactionResolver {
       offset,
       order,
     )
+    context.transactionCount = userTransactionsCount
 
     // find involved users; I am involved
     const involvedUserIds: number[] = [user.id]
@@ -205,6 +193,8 @@ export class TransactionResolver {
     const transactionLinkRepository = getCustomRepository(TransactionLinkRepository)
     const { sumHoldAvailableAmount, sumAmount, lastDate, firstDate, transactionLinkcount } =
       await transactionLinkRepository.summary(user.id, now)
+    context.linkCount = transactionLinkcount
+    context.sumHoldAvailableAmount = sumHoldAvailableAmount
 
     // decay & link transactions
     if (currentPage === 1 && order === Order.DESC) {
@@ -237,15 +227,7 @@ export class TransactionResolver {
     })
 
     // Construct Result
-    return new TransactionList(
+    return new TransactionList(await balanceResolver.balance(context), transactions)
-      calculateDecay(lastTransaction.balance, lastTransaction.balanceDate, now).balance.minus(
-        sumHoldAvailableAmount.toString(),
-      ),
-      transactions,
-      userTransactionsCount,
-      transactionLinkcount,
-      balanceGDT,
-    )
   }
 
   @Authorized([RIGHTS.SEND_COINS])

backend/src/graphql/resolver/UserResolver.test.ts

@@ -11,6 +11,7 @@ import { LoginEmailOptIn } from '@entity/LoginEmailOptIn'
 import { User } from '@entity/User'
 import CONFIG from '@/config'
 import { sendAccountActivationEmail } from '@/mailer/sendAccountActivationEmail'
+import { printTimeDuration } from './UserResolver'
 
 // import { klicktippSignIn } from '@/apis/KlicktippController'
 
@@ -133,6 +134,7 @@ describe('UserResolver', () => {
           firstName: 'Peter',
           lastName: 'Lustig',
           email: 'peter@lustig.de',
+          duration: expect.any(String),
         })
       })
     })
@@ -220,10 +222,6 @@ describe('UserResolver', () => {
         expect(newUser[0].password).toEqual('3917921995996627700')
       })
 
-      it('removes the optin', async () => {
-        await expect(LoginEmailOptIn.find()).resolves.toHaveLength(0)
-      })
-
       /*
       it('calls the klicktipp API', () => {
         expect(klicktippSignIn).toBeCalledWith(
@@ -415,3 +413,17 @@ describe('UserResolver', () => {
     })
   })
 })
+
+describe('printTimeDuration', () => {
+  it('works with 10 minutes', () => {
+    expect(printTimeDuration(10)).toBe('10 minutes')
+  })
+
+  it('works with 1440 minutes', () => {
+    expect(printTimeDuration(1440)).toBe('24 hours')
+  })
+
+  it('works with 1410 minutes', () => {
+    expect(printTimeDuration(1410)).toBe('23 hours and 30 minutes')
+  })
+})

backend/src/graphql/resolver/UserResolver.ts

@@ -3,7 +3,7 @@
 
 import fs from 'fs'
 import { Resolver, Query, Args, Arg, Authorized, Ctx, UseMiddleware, Mutation } from 'type-graphql'
-import { getConnection, getCustomRepository, QueryRunner } from '@dbTools/typeorm'
+import { getConnection, getCustomRepository } from '@dbTools/typeorm'
 import CONFIG from '@/config'
 import { User } from '@model/User'
 import { User as DbUser } from '@entity/User'
@@ -15,8 +15,9 @@ import UpdateUserInfosArgs from '@arg/UpdateUserInfosArgs'
 import { klicktippNewsletterStateMiddleware } from '@/middleware/klicktippMiddleware'
 import { UserSettingRepository } from '@repository/UserSettingRepository'
 import { Setting } from '@enum/Setting'
+import { OptInType } from '@enum/OptInType'
 import { LoginEmailOptIn } from '@entity/LoginEmailOptIn'
-import { sendResetPasswordEmail } from '@/mailer/sendResetPasswordEmail'
+import { sendResetPasswordEmail as sendResetPasswordEmailMailer } from '@/mailer/sendResetPasswordEmail'
 import { sendAccountActivationEmail } from '@/mailer/sendAccountActivationEmail'
 import { klicktippSignIn } from '@/apis/KlicktippController'
 import { RIGHTS } from '@/auth/RIGHTS'
@@ -24,9 +25,6 @@ import { ROLE_ADMIN } from '@/auth/ROLES'
 import { hasElopageBuys } from '@/util/hasElopageBuys'
 import { ServerUser } from '@entity/ServerUser'
 
-const EMAIL_OPT_IN_RESET_PASSWORD = 2
-const EMAIL_OPT_IN_REGISTER = 1
-
 // eslint-disable-next-line @typescript-eslint/no-var-requires
 const sodium = require('sodium-native')
 // eslint-disable-next-line @typescript-eslint/no-var-requires
@@ -148,57 +146,47 @@ const SecretKeyCryptographyDecrypt = (encryptedMessage: Buffer, encryptionKey: B
 
   return message
 }
-const createEmailOptIn = async (
+
-  loginUserId: number,
+const newEmailOptIn = (userId: number): LoginEmailOptIn => {
-  queryRunner: QueryRunner,
+  const emailOptIn = new LoginEmailOptIn()
-): Promise<LoginEmailOptIn> => {
+  emailOptIn.verificationCode = random(64)
-  let emailOptIn = await LoginEmailOptIn.findOne({
+  emailOptIn.userId = userId
-    userId: loginUserId,
+  emailOptIn.emailOptInTypeId = OptInType.EMAIL_OPT_IN_REGISTER
-    emailOptInTypeId: EMAIL_OPT_IN_REGISTER,
-  })
-  if (emailOptIn) {
-    if (isOptInCodeValid(emailOptIn)) {
-      throw new Error(`email already sent less than $(CONFIG.EMAIL_CODE_VALID_TIME} minutes ago`)
-    }
-    emailOptIn.updatedAt = new Date()
-    emailOptIn.resendCount++
-  } else {
-    emailOptIn = new LoginEmailOptIn()
-    emailOptIn.verificationCode = random(64)
-    emailOptIn.userId = loginUserId
-    emailOptIn.emailOptInTypeId = EMAIL_OPT_IN_REGISTER
-  }
-  await queryRunner.manager.save(emailOptIn).catch((error) => {
-    // eslint-disable-next-line no-console
-    console.log('Error while saving emailOptIn', error)
-    throw new Error('error saving email opt in')
-  })
   return emailOptIn
 }
 
-const getOptInCode = async (loginUserId: number): Promise<LoginEmailOptIn> => {
+// needed by AdminResolver
-  let optInCode = await LoginEmailOptIn.findOne({
+// checks if given code exists and can be resent
-    userId: loginUserId,
+// if optIn does not exits, it is created
-    emailOptInTypeId: EMAIL_OPT_IN_RESET_PASSWORD,
+export const checkOptInCode = async (
-  })
+  optInCode: LoginEmailOptIn | undefined,
-
+  userId: number,
-  // Check for `CONFIG.EMAIL_CODE_VALID_TIME` minute delay
+  optInType: OptInType = OptInType.EMAIL_OPT_IN_REGISTER,
+): Promise<LoginEmailOptIn> => {
   if (optInCode) {
-    if (isOptInCodeValid(optInCode)) {
+    if (!canResendOptIn(optInCode)) {
-      throw new Error(`email already sent less than $(CONFIG.EMAIL_CODE_VALID_TIME} minutes ago`)
+      throw new Error(
+        `email already sent less than ${printTimeDuration(
+          CONFIG.EMAIL_CODE_REQUEST_TIME,
+        )} minutes ago`,
+      )
     }
     optInCode.updatedAt = new Date()
     optInCode.resendCount++
   } else {
-    optInCode = new LoginEmailOptIn()
+    optInCode = newEmailOptIn(userId)
-    optInCode.verificationCode = random(64)
-    optInCode.userId = loginUserId
-    optInCode.emailOptInTypeId = EMAIL_OPT_IN_RESET_PASSWORD
   }
-  await LoginEmailOptIn.save(optInCode)
+  optInCode.emailOptInTypeId = optInType
+  await LoginEmailOptIn.save(optInCode).catch(() => {
+    throw new Error('Unable to save optin code.')
+  })
   return optInCode
 }
 
+export const activationLink = (optInCode: LoginEmailOptIn): string => {
+  return CONFIG.EMAIL_LINK_SETPASSWORD.replace(/{optin}/g, optInCode.verificationCode.toString())
+}
+
 @Resolver()
 export class UserResolver {
   @Authorized([RIGHTS.VERIFY_LOGIN])
@@ -363,9 +351,12 @@ export class UserResolver {
         throw new Error('error saving user')
       })
 
-      // Store EmailOptIn in DB
+      const emailOptIn = newEmailOptIn(dbUser.id)
-      // TODO: this has duplicate code with sendResetPasswordEmail
+      await queryRunner.manager.save(emailOptIn).catch((error) => {
-      const emailOptIn = await createEmailOptIn(dbUser.id, queryRunner)
+        // eslint-disable-next-line no-console
+        console.log('Error while saving emailOptIn', error)
+        throw new Error('error saving email opt in')
+      })
 
       const activationLink = CONFIG.EMAIL_LINK_VERIFICATION.replace(
         /{optin}/g,
@@ -378,6 +369,7 @@ export class UserResolver {
         firstName,
         lastName,
         email,
+        duration: printTimeDuration(CONFIG.EMAIL_CODE_VALID_TIME),
       })
 
       /* uncomment this, when you need the activation link on the console
@@ -398,70 +390,26 @@ export class UserResolver {
     return new User(dbUser)
   }
 
-  // THis is used by the admin only - should we move it to the admin resolver?
-  @Authorized([RIGHTS.SEND_ACTIVATION_EMAIL])
-  @Mutation(() => Boolean)
-  async sendActivationEmail(@Arg('email') email: string): Promise<boolean> {
-    email = email.trim().toLowerCase()
-    const user = await DbUser.findOneOrFail({ email: email })
-
-    const queryRunner = getConnection().createQueryRunner()
-    await queryRunner.connect()
-    await queryRunner.startTransaction('READ UNCOMMITTED')
-
-    try {
-      const emailOptIn = await createEmailOptIn(user.id, queryRunner)
-
-      const activationLink = CONFIG.EMAIL_LINK_VERIFICATION.replace(
-        /{optin}/g,
-        emailOptIn.verificationCode.toString(),
-      )
-
-      // eslint-disable-next-line @typescript-eslint/no-unused-vars
-      const emailSent = await sendAccountActivationEmail({
-        link: activationLink,
-        firstName: user.firstName,
-        lastName: user.lastName,
-        email,
-      })
-
-      /*  uncomment this, when you need the activation link on the console
-      // In case EMails are disabled log the activation link for the user
-      if (!emailSent) {
-        // eslint-disable-next-line no-console
-        console.log(`Account confirmation link: ${activationLink}`)
-      }
-      */
-      await queryRunner.commitTransaction()
-    } catch (e) {
-      await queryRunner.rollbackTransaction()
-      throw e
-    } finally {
-      await queryRunner.release()
-    }
-    return true
-  }
-
   @Authorized([RIGHTS.SEND_RESET_PASSWORD_EMAIL])
   @Query(() => Boolean)
   async sendResetPasswordEmail(@Arg('email') email: string): Promise<boolean> {
-    // TODO: this has duplicate code with createUser
     email = email.trim().toLowerCase()
     const user = await DbUser.findOneOrFail({ email })
 
-    const optInCode = await getOptInCode(user.id)
+    // can be both types: REGISTER and RESET_PASSWORD
+    let optInCode = await LoginEmailOptIn.findOne({
+      userId: user.id,
+    })
 
-    const link = CONFIG.EMAIL_LINK_SETPASSWORD.replace(
+    optInCode = await checkOptInCode(optInCode, user.id, OptInType.EMAIL_OPT_IN_RESET_PASSWORD)
-      /{optin}/g,
-      optInCode.verificationCode.toString(),
-    )
 
     // eslint-disable-next-line @typescript-eslint/no-unused-vars
-    const emailSent = await sendResetPasswordEmail({
+    const emailSent = await sendResetPasswordEmailMailer({
-      link,
+      link: activationLink(optInCode),
       firstName: user.firstName,
       lastName: user.lastName,
       email,
+      duration: printTimeDuration(CONFIG.EMAIL_CODE_VALID_TIME),
     })
 
     /*  uncomment this, when you need the activation link on the console
@@ -494,8 +442,10 @@ export class UserResolver {
     })
 
     // Code is only valid for `CONFIG.EMAIL_CODE_VALID_TIME` minutes
-    if (!isOptInCodeValid(optInCode)) {
+    if (!isOptInValid(optInCode)) {
-      throw new Error(`email already more than $(CONFIG.EMAIL_CODE_VALID_TIME} minutes ago`)
+      throw new Error(
+        `email was sent more than ${printTimeDuration(CONFIG.EMAIL_CODE_VALID_TIME)} ago`,
+      )
     }
 
     // load user
@@ -538,11 +488,6 @@ export class UserResolver {
         throw new Error('error saving user: ' + error)
       })
 
-      // Delete Code
-      await queryRunner.manager.remove(optInCode).catch((error) => {
-        throw new Error('error deleting code: ' + error)
-      })
-
       await queryRunner.commitTransaction()
     } catch (e) {
       await queryRunner.rollbackTransaction()
@@ -553,7 +498,7 @@ export class UserResolver {
 
     // Sign into Klicktipp
     // TODO do we always signUp the user? How to handle things with old users?
-    if (optInCode.emailOptInTypeId === EMAIL_OPT_IN_REGISTER) {
+    if (optInCode.emailOptInTypeId === OptInType.EMAIL_OPT_IN_REGISTER) {
       try {
         await klicktippSignIn(user.email, user.language, user.firstName, user.lastName)
       } catch {
@@ -573,8 +518,10 @@ export class UserResolver {
   async queryOptIn(@Arg('optIn') optIn: string): Promise<boolean> {
     const optInCode = await LoginEmailOptIn.findOneOrFail({ verificationCode: optIn })
     // Code is only valid for `CONFIG.EMAIL_CODE_VALID_TIME` minutes
-    if (!isOptInCodeValid(optInCode)) {
+    if (!isOptInValid(optInCode)) {
-      throw new Error(`email was sent more than $(CONFIG.EMAIL_CODE_VALID_TIME} minutes ago`)
+      throw new Error(
+        `email was sent more than ${printTimeDuration(CONFIG.EMAIL_CODE_VALID_TIME)} ago`,
+      )
     }
     return true
   }
@@ -680,7 +627,34 @@ export class UserResolver {
     return hasElopageBuys(userEntity.email)
   }
 }
-function isOptInCodeValid(optInCode: LoginEmailOptIn) {
+
-  const timeElapsed = Date.now() - new Date(optInCode.updatedAt).getTime()
+const isTimeExpired = (optIn: LoginEmailOptIn, duration: number): boolean => {
-  return timeElapsed <= CONFIG.EMAIL_CODE_VALID_TIME * 60 * 1000
+  const timeElapsed = Date.now() - new Date(optIn.updatedAt).getTime()
+  // time is given in minutes
+  return timeElapsed <= duration * 60 * 1000
+}
+
+const isOptInValid = (optIn: LoginEmailOptIn): boolean => {
+  return isTimeExpired(optIn, CONFIG.EMAIL_CODE_VALID_TIME)
+}
+
+const canResendOptIn = (optIn: LoginEmailOptIn): boolean => {
+  return !isTimeExpired(optIn, CONFIG.EMAIL_CODE_REQUEST_TIME)
+}
+
+const getTimeDurationObject = (time: number): { hours?: number; minutes: number } => {
+  if (time > 60) {
+    return {
+      hours: Math.floor(time / 60),
+      minutes: time % 60,
+    }
+  }
+  return { minutes: time }
+}
+
+export const printTimeDuration = (duration: number): string => {
+  const time = getTimeDurationObject(duration)
+  const result = time.minutes > 0 ? `${time.minutes} minutes` : ''
+  if (time.hours) return `${time.hours} hours` + (result !== '' ? ` and ${result}` : '')
+  return result
 }

backend/src/mailer/sendAccountActivationEmail.test.ts

@@ -15,6 +15,7 @@ describe('sendAccountActivationEmail', () => {
       firstName: 'Peter',
       lastName: 'Lustig',
       email: 'peter@lustig.de',
+      duration: '23 hours and 30 minutes',
     })
   })
 
@@ -23,7 +24,9 @@ describe('sendAccountActivationEmail', () => {
       to: `Peter Lustig <peter@lustig.de>`,
       subject: 'Gradido: E-Mail Überprüfung',
       text:
-        expect.stringContaining('Hallo Peter Lustig') && expect.stringContaining('activationLink'),
+        expect.stringContaining('Hallo Peter Lustig') &&
+        expect.stringContaining('activationLink') &&
+        expect.stringContaining('23 Stunden und 30 Minuten'),
     })
   })
 })

backend/src/mailer/sendAccountActivationEmail.ts

@@ -1,15 +1,17 @@
 import { sendEMail } from './sendEMail'
 import { accountActivation } from './text/accountActivation'
+import CONFIG from '@/config'
 
 export const sendAccountActivationEmail = (data: {
   link: string
   firstName: string
   lastName: string
   email: string
+  duration: string
 }): Promise<boolean> => {
   return sendEMail({
     to: `${data.firstName} ${data.lastName} <${data.email}>`,
     subject: accountActivation.de.subject,
-    text: accountActivation.de.text(data),
+    text: accountActivation.de.text({ ...data, resendLink: CONFIG.EMAIL_LINK_FORGOTPASSWORD }),
   })
 }

backend/src/mailer/sendResetPasswordEmail.test.ts

@@ -15,6 +15,7 @@ describe('sendResetPasswordEmail', () => {
       firstName: 'Peter',
       lastName: 'Lustig',
       email: 'peter@lustig.de',
+      duration: '23 hours and 30 minutes',
     })
   })
 
@@ -22,7 +23,10 @@ describe('sendResetPasswordEmail', () => {
     expect(sendEMail).toBeCalledWith({
       to: `Peter Lustig <peter@lustig.de>`,
       subject: 'Gradido: Passwort zurücksetzen',
-      text: expect.stringContaining('Hallo Peter Lustig') && expect.stringContaining('resetLink'),
+      text:
+        expect.stringContaining('Hallo Peter Lustig') &&
+        expect.stringContaining('resetLink') &&
+        expect.stringContaining('23 Stunden und 30 Minuten'),
     })
   })
 })

backend/src/mailer/sendResetPasswordEmail.ts

@@ -1,15 +1,17 @@
 import { sendEMail } from './sendEMail'
 import { resetPassword } from './text/resetPassword'
+import CONFIG from '@/config'
 
 export const sendResetPasswordEmail = (data: {
   link: string
   firstName: string
   lastName: string
   email: string
+  duration: string
 }): Promise<boolean> => {
   return sendEMail({
     to: `${data.firstName} ${data.lastName} <${data.email}>`,
     subject: resetPassword.de.subject,
-    text: resetPassword.de.text(data),
+    text: resetPassword.de.text({ ...data, resendLink: CONFIG.EMAIL_LINK_FORGOTPASSWORD }),
   })
 }

backend/src/mailer/text/accountActivation.ts

@@ -1,7 +1,14 @@
 export const accountActivation = {
   de: {
     subject: 'Gradido: E-Mail Überprüfung',
-    text: (data: { link: string; firstName: string; lastName: string; email: string }): string =>
+    text: (data: {
+      link: string
+      firstName: string
+      lastName: string
+      email: string
+      duration: string
+      resendLink: string
+    }): string =>
       `Hallo ${data.firstName} ${data.lastName},
 
 Deine E-Mail-Adresse wurde soeben bei Gradido registriert.
@@ -10,6 +17,15 @@ Klicke bitte auf diesen Link, um die Registrierung abzuschließen und dein Gradi
 ${data.link}
 oder kopiere den obigen Link in dein Browserfenster.
 
+Der Link hat eine Gültigkeit von ${data.duration
+        .replace('hours', 'Stunden')
+        .replace('minutes', 'Minuten')
+        .replace(
+          ' and ',
+          ' und ',
+        )}. Sollte die Gültigkeit des Links bereits abgelaufen sein, kannst du dir hier einen neuen Link schicken lassen, in dem du deine E-Mail-Adresse eingibst:
+${data.resendLink}
+
 Mit freundlichen Grüßen,
 dein Gradido-Team`,
   },

backend/src/mailer/text/resetPassword.ts

@@ -1,13 +1,29 @@
 export const resetPassword = {
   de: {
     subject: 'Gradido: Passwort zurücksetzen',
-    text: (data: { link: string; firstName: string; lastName: string; email: string }): string =>
+    text: (data: {
+      link: string
+      firstName: string
+      lastName: string
+      email: string
+      duration: string
+      resendLink: string
+    }): string =>
       `Hallo ${data.firstName} ${data.lastName},
 
 Du oder jemand anderes hat für dieses Konto ein Zurücksetzen des Passworts angefordert.
 Wenn du es warst, klicke bitte auf den Link: ${data.link}
 oder kopiere den obigen Link in Dein Browserfenster.
 
+Der Link hat eine Gültigkeit von ${data.duration
+        .replace('hours', 'Stunden')
+        .replace('minutes', 'Minuten')
+        .replace(
+          ' and ',
+          ' und ',
+        )}. Sollte die Gültigkeit des Links bereits abgelaufen sein, kannst du dir hier einen neuen Link schicken lassen, in dem du deine E-Mail-Adresse eingibst:
+${data.resendLink}
+
 Mit freundlichen Grüßen,
 dein Gradido-Team`,
   },

deployment/bare_metal/.env.dist

@@ -18,7 +18,7 @@ WEBHOOK_GITHUB_SECRET=secret
 WEBHOOK_GITHUB_BRANCH=master
 
 # backend
-BACKEND_CONFIG_VERSION=v1.2022-03-18
+BACKEND_CONFIG_VERSION=v3.2022-03-29
 
 EMAIL=true
 EMAIL_USERNAME=peter@lustig.de

frontend/src/graphql/queries.js

@@ -45,11 +45,16 @@ export const logout = gql`
 export const transactionsQuery = gql`
   query($currentPage: Int = 1, $pageSize: Int = 25, $order: Order = DESC) {
     transactionList(currentPage: $currentPage, pageSize: $pageSize, order: $order) {
-      balanceGDT
+      balance {
-      count
+        balance
-      linkCount
+        decay
-      balance
+        lastBookedBalance
-      decayStartBlock
+        balanceGDT
+        count
+        linkCount
+        decayStartBlock
+        lastBookedDate
+      }
       transactions {
         id
         typeId

frontend/src/layouts/DashboardLayout_gdd.spec.js

@@ -145,11 +145,13 @@ describe('DashboardLayoutGdd', () => {
           apolloMock.mockResolvedValue({
             data: {
               transactionList: {
-                balanceGDT: 100,
+                balance: {
-                count: 4,
+                  balanceGDT: 100,
-                linkCount: 8,
+                  count: 4,
-                balance: 1450,
+                  linkCount: 8,
-                decay: 1250,
+                  balance: 1450,
+                  decay: 1250,
+                },
                 transactions: ['transaction', 'transaction', 'transaction', 'transaction'],
               },
             },

frontend/src/layouts/DashboardLayout_gdd.vue

@@ -103,12 +103,14 @@ export default {
             data: { transactionList },
           } = result
           this.GdtBalance =
-            transactionList.balanceGDT === null ? null : Number(transactionList.balanceGDT)
+            transactionList.balance.balanceGDT === null
+              ? null
+              : Number(transactionList.balance.balanceGDT)
           this.transactions = transactionList.transactions
-          this.balance = Number(transactionList.balance)
+          this.balance = Number(transactionList.balance.balance)
-          this.transactionCount = transactionList.count
+          this.transactionCount = transactionList.balance.count
-          this.transactionLinkCount = transactionList.linkCount
+          this.transactionLinkCount = transactionList.balance.linkCount
-          this.decayStartBlock = new Date(transactionList.decayStartBlock)
+          this.decayStartBlock = new Date(transactionList.balance.decayStartBlock)
           this.pending = false
         })
         .catch((error) => {

frontend/src/pages/ResetPassword.spec.js

@@ -150,13 +150,18 @@ describe('ResetPassword', () => {
 
         describe('server response with error code > 10min', () => {
           beforeEach(async () => {
-            apolloMutationMock.mockRejectedValue({ message: '...Code is older than 10 minutes' })
+            jest.clearAllMocks()
+            apolloMutationMock.mockRejectedValue({
+              message: '...email was sent more than 23 hours and 10 minutes ago',
+            })
             await wrapper.find('form').trigger('submit')
             await flushPromises()
           })
 
           it('toasts an error message', () => {
-            expect(toastErrorSpy).toHaveBeenCalledWith('...Code is older than 10 minutes')
+            expect(toastErrorSpy).toHaveBeenCalledWith(
+              '...email was sent more than 23 hours and 10 minutes ago',
+            )
           })
 
           it('router pushes to /forgot-password/resetPassword', () => {

frontend/src/pages/ResetPassword.vue

@@ -108,7 +108,11 @@ export default {
         })
         .catch((error) => {
           this.toastError(error.message)
-          if (error.message.includes('Code is older than 10 minutes'))
+          if (
+            error.message.match(
+              /email was sent more than ([0-9]+ hours)?( and )?([0-9]+ minutes)? ago/,
+            )
+          )
             this.$router.push('/forgot-password/resetPassword')
         })
     },