IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

HasElopage has been called, search loginUser catch instead of if no user, context get's the pubKey at the end of the login call instead of the start.

Browse Source
This commit is contained in:
elweyn 2021-11-11 06:31:00 +01:00
parent 7655a647fe
commit 1baf756c08
1 changed files with 10 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
backend/src/graphql/resolver/UserResolver.ts
View File

@ -31,6 +31,7 @@ import { LoginElopageBuys } from '@entity/LoginElopageBuys'
import { LoginUserBackup } from '@entity/LoginUserBackup' import { LoginUserBackup } from '@entity/LoginUserBackup'
import { LoginEmailOptIn } from '@entity/LoginEmailOptIn' import { LoginEmailOptIn } from '@entity/LoginEmailOptIn'
import { sendEMail } from '../../util/sendEMail' import { sendEMail } from '../../util/sendEMail'
import { LoginElopageBuysRepository } from '../../typeorm/repository/LoginElopageBuys'
// eslint-disable-next-line @typescript-eslint/no-var-requires // eslint-disable-next-line @typescript-eslint/no-var-requires
const sodium = require('sodium-native') const sodium = require('sodium-native')
@ -195,14 +196,9 @@ export class UserResolver {
// const result = await apiPost(CONFIG.LOGIN_API_URL + 'unsecureLogin', { email, password }) // const result = await apiPost(CONFIG.LOGIN_API_URL + 'unsecureLogin', { email, password })
// UnsecureLogin // UnsecureLogin
const loginUserRepository = getCustomRepository(LoginUserRepository) const loginUserRepository = getCustomRepository(LoginUserRepository)
const loginUser = await loginUserRepository.findByEmail(email) const loginUser = await loginUserRepository.findByEmail(email).catch(() => {
if (!loginUser) {
throw new Error('No user with this credentials') throw new Error('No user with this credentials')
} })
if (!isPassword(password)) {
throw new Error('No user with this credentials')
}
const passwordHash = SecretKeyCryptographyCreateKey(email, password) // return short and long hash const passwordHash = SecretKeyCryptographyCreateKey(email, password) // return short and long hash
const loginUserPassword = BigInt(loginUser.password.toString()) const loginUserPassword = BigInt(loginUser.password.toString())
if (loginUserPassword !== passwordHash[0].readBigUInt64LE()) { if (loginUserPassword !== passwordHash[0].readBigUInt64LE()) {
@ -210,11 +206,6 @@ export class UserResolver {
} }
// TODO: If user has no pubKey Create it again and update user. // TODO: If user has no pubKey Create it again and update user.
context.setHeaders.push({
key: 'token',
value: encode(loginUser.pubKey),
})
const userRepository = getCustomRepository(UserRepository) const userRepository = getCustomRepository(UserRepository)
let userEntity: void | DbUser let userEntity: void | DbUser
const loginUserPubKey = loginUser.pubKey const loginUserPubKey = loginUser.pubKey
@ -244,11 +235,7 @@ export class UserResolver {
user.description = loginUser.description user.description = loginUser.description
user.pubkey = loginUserPubKeyString user.pubkey = loginUserPubKeyString
user.language = loginUser.language user.language = loginUser.language
// TODO: Get Method from PR (hasElopage) user.hasElopage = await this.hasElopage({ pubkey: loginUser.pubKey })
// auto elopage_buy = Poco::AutoPtr<model::table::ElopageBuy>(new model::table::ElopageBuy);
// mHasElopage = elopage_buy->isExistInDB("payer_email", mEmail);
// else undefined
// user.hasElopage = result.data.hasElopage
// TODO: Get Method from PR (publisherId) // TODO: Get Method from PR (publisherId)
// Hack: Database Field is not validated properly and not nullable // Hack: Database Field is not validated properly and not nullable
@ -272,6 +259,12 @@ export class UserResolver {
throw new Error(error) throw new Error(error)
}) })
user.coinanimation = coinanimation user.coinanimation = coinanimation
context.setHeaders.push({
key: 'token',
value: encode(loginUser.pubKey),
})
return user return user
} }