Merge pull request #1647 from gradido/1559-frontend-transport-redeem-link-through-register

1559 frontend transport redeem link through register
2025-12-13 07:45:54 +00:00 · 2022-03-23 20:13:33 +01:00 · 2022-03-23 20:13:33 +01:00 · 1f3a3835b1
commit 1f3a3835b1
parent ff8c71cf7f 9cda1c5bb2
12 changed files with 86 additions and 33 deletions
--- a/backend/.env.dist
+++ b/backend/.env.dist
@ -38,8 +38,8 @@ EMAIL_SENDER=info@gradido.net
 EMAIL_PASSWORD=xxx
 EMAIL_SMTP_URL=gmail.com
 EMAIL_SMTP_PORT=587
-EMAIL_LINK_VERIFICATION=http://localhost/checkEmail/{code}
-EMAIL_LINK_SETPASSWORD=http://localhost/reset/{code}
+EMAIL_LINK_VERIFICATION=http://localhost/checkEmail/{optin}{code}
+EMAIL_LINK_SETPASSWORD=http://localhost/reset/{optin}
 EMAIL_CODE_VALID_TIME=10

 # Webhook
--- a/backend/src/config/index.ts
+++ b/backend/src/config/index.ts
@ -62,9 +62,9 @@ const email = {
  EMAIL_SMTP_URL: process.env.EMAIL_SMTP_URL || 'gmail.com',
  EMAIL_SMTP_PORT: process.env.EMAIL_SMTP_PORT || '587',
  EMAIL_LINK_VERIFICATION:
-    process.env.EMAIL_LINK_VERIFICATION || 'http://localhost/checkEmail/{code}',
+    process.env.EMAIL_LINK_VERIFICATION || 'http://localhost/checkEmail/{optin}{code}',
  EMAIL_LINK_SETPASSWORD:
-    process.env.EMAIL_LINK_SETPASSWORD || 'http://localhost/reset-password/{code}',
+    process.env.EMAIL_LINK_SETPASSWORD || 'http://localhost/reset-password/{optin}',
  EMAIL_CODE_VALID_TIME: process.env.EMAIL_CODE_VALID_TIME
    ? parseInt(process.env.EMAIL_CODE_VALID_TIME) || 10
    : 10,
--- a/backend/src/graphql/arg/CreateUserArgs.ts
+++ b/backend/src/graphql/arg/CreateUserArgs.ts
@ -16,4 +16,7 @@ export default class CreateUserArgs {

  @Field(() => Int, { nullable: true })
  publisherId: number
+
+  @Field(() => String, { nullable: true })
+  redeemCode?: string | null
 }
--- a/backend/src/graphql/resolver/UserResolver.test.ts
+++ b/backend/src/graphql/resolver/UserResolver.test.ts
@ -124,7 +124,10 @@ describe('UserResolver', () => {

    describe('account activation email', () => {
      it('sends an account activation email', () => {
-        const activationLink = CONFIG.EMAIL_LINK_VERIFICATION.replace(/{code}/g, emailOptIn)
+        const activationLink = CONFIG.EMAIL_LINK_VERIFICATION.replace(
+          /{optin}/g,
+          emailOptIn,
+        ).replace(/{code}/g, '')
        expect(sendAccountActivationEmail).toBeCalledWith({
          link: activationLink,
          firstName: 'Peter',
--- a/backend/src/graphql/resolver/UserResolver.ts
+++ b/backend/src/graphql/resolver/UserResolver.ts
@ -7,6 +7,7 @@ import { getConnection, getCustomRepository, QueryRunner } from '@dbTools/typeor
 import CONFIG from '@/config'
 import { User } from '@model/User'
 import { User as DbUser } from '@entity/User'
+import { TransactionLink as dbTransactionLink } from '@entity/TransactionLink'
 import { encode } from '@/auth/JWT'
 import CreateUserArgs from '@arg/CreateUserArgs'
 import UnsecureLoginArgs from '@arg/UnsecureLoginArgs'
@ -305,7 +306,8 @@ export class UserResolver {
  @Authorized([RIGHTS.CREATE_USER])
  @Mutation(() => User)
  async createUser(
-    @Args() { email, firstName, lastName, language, publisherId }: CreateUserArgs,
+    @Args()
+    { email, firstName, lastName, language, publisherId, redeemCode = null }: CreateUserArgs,
  ): Promise<User> {
    // TODO: wrong default value (should be null), how does graphql work here? Is it an required field?
    // default int publisher_id = 0;
@ -338,6 +340,12 @@ export class UserResolver {
    dbUser.language = language
    dbUser.publisherId = publisherId
    dbUser.passphrase = passphrase.join(' ')
+    if (redeemCode) {
+      const transactionLink = await dbTransactionLink.findOne({ code: redeemCode })
+      if (transactionLink) {
+        dbUser.referrerId = transactionLink.userId
+      }
+    }
    // TODO this field has no null allowed unlike the loginServer table
    // dbUser.pubKey = Buffer.from(randomBytes(32)) // Buffer.alloc(32, 0) default to 0000...
    // dbUser.pubkey = keyPair[0]
@ -360,9 +368,9 @@ export class UserResolver {
      const emailOptIn = await createEmailOptIn(dbUser.id, queryRunner)

      const activationLink = CONFIG.EMAIL_LINK_VERIFICATION.replace(
-        /{code}/g,
+        /{optin}/g,
        emailOptIn.verificationCode.toString(),
-      )
+      ).replace(/{code}/g, redeemCode ? '/' + redeemCode : '')

      // eslint-disable-next-line @typescript-eslint/no-unused-vars
      const emailSent = await sendAccountActivationEmail({
@ -379,6 +387,7 @@ export class UserResolver {
        console.log(`Account confirmation link: ${activationLink}`)
      }
      */
+
      await queryRunner.commitTransaction()
    } catch (e) {
      await queryRunner.rollbackTransaction()
@ -404,7 +413,7 @@ export class UserResolver {
      const emailOptIn = await createEmailOptIn(user.id, queryRunner)

      const activationLink = CONFIG.EMAIL_LINK_VERIFICATION.replace(
-        /{code}/g,
+        /{optin}/g,
        emailOptIn.verificationCode.toString(),
      )

@ -443,7 +452,7 @@ export class UserResolver {
    const optInCode = await getOptInCode(user.id)

    const link = CONFIG.EMAIL_LINK_SETPASSWORD.replace(
-      /{code}/g,
+      /{optin}/g,
      optInCode.verificationCode.toString(),
    )

--- a/backend/src/seeds/graphql/mutations.ts
+++ b/backend/src/seeds/graphql/mutations.ts
@ -45,6 +45,7 @@ export const createUser = gql`
    $email: String!
    $language: String!
    $publisherId: Int
+    $redeemCode: String
  ) {
    createUser(
      email: $email
@ -52,6 +53,7 @@ export const createUser = gql`
      lastName: $lastName
      language: $language
      publisherId: $publisherId
+      redeemCode: $redeemCode
    ) {
      id
    }
--- a/frontend/src/graphql/mutations.js
+++ b/frontend/src/graphql/mutations.js
@ -45,6 +45,7 @@ export const createUser = gql`
    $email: String!
    $language: String!
    $publisherId: Int
+    $redeemCode: String
  ) {
    createUser(
      email: $email
@ -52,6 +53,7 @@ export const createUser = gql`
      lastName: $lastName
      language: $language
      publisherId: $publisherId
+      redeemCode: $redeemCode
    ) {
      id
    }
--- a/frontend/src/pages/ResetPassword.spec.js
+++ b/frontend/src/pages/ResetPassword.spec.js
@ -54,25 +54,27 @@ describe('ResetPassword', () => {

  describe('mount', () => {
    beforeEach(() => {
+      jest.clearAllMocks()
      wrapper = Wrapper()
    })

-    describe('No valid optin', () => {
-      it.skip('does not render the Reset Password form when not authenticated', () => {
-        expect(wrapper.find('form').exists()).toBeFalsy()
+    describe('no valid optin', () => {
+      beforeEach(() => {
+        jest.clearAllMocks()
+        apolloQueryMock.mockRejectedValue({ message: 'Your time is up!' })
+        wrapper = Wrapper()
      })

-      it.skip('toasts an error when no valid optin is given', () => {
-        expect(toastErrorSpy).toHaveBeenCalledWith('error')
+      it('toasts an error when no valid optin is given', () => {
+        expect(toastErrorSpy).toHaveBeenCalledWith('Your time is up!')
      })

-      it.skip('has a message suggesting to contact the support', () => {
-        expect(wrapper.find('div.header').text()).toContain('settings.password.reset')
-        expect(wrapper.find('div.header').text()).toContain('settings.password.not-authenticated')
+      it('redirects to /forgot-password/resetPassword', () => {
+        expect(routerPushMock).toBeCalledWith('/forgot-password/resetPassword')
      })
    })

-    describe('is authenticated', () => {
+    describe('valid optin', () => {
      it('renders the Reset Password form when authenticated', () => {
        expect(wrapper.find('div.resetpwd-form').exists()).toBeTruthy()
      })
@ -148,7 +150,6 @@ describe('ResetPassword', () => {

        describe('server response with error code > 10min', () => {
          beforeEach(async () => {
-            jest.clearAllMocks()
            apolloMutationMock.mockRejectedValue({ message: '...Code is older than 10 minutes' })
            await wrapper.find('form').trigger('submit')
            await flushPromises()
@ -163,7 +164,7 @@ describe('ResetPassword', () => {
          })
        })

-        describe('server response with error code > 10min', () => {
+        describe('server response with error', () => {
          beforeEach(async () => {
            jest.clearAllMocks()
            apolloMutationMock.mockRejectedValueOnce({ message: 'Error' })
@ -178,6 +179,7 @@ describe('ResetPassword', () => {

        describe('server response with success on /checkEmail', () => {
          beforeEach(async () => {
+            jest.clearAllMocks()
            mocks.$route.path.mock = 'checkEmail'
            apolloMutationMock.mockResolvedValue({
              data: {
@ -204,6 +206,28 @@ describe('ResetPassword', () => {
          it('redirects to "/thx/checkEmail"', () => {
            expect(routerPushMock).toHaveBeenCalledWith('/thx/checkEmail')
          })
+
+          describe('with param code', () => {
+            beforeEach(async () => {
+              mocks.$route.params.code = 'the-most-secret-code-ever'
+              apolloMutationMock.mockResolvedValue({
+                data: {
+                  resetPassword: 'success',
+                },
+              })
+              wrapper = Wrapper()
+              await wrapper.findAll('input').at(0).setValue('Aa123456_')
+              await wrapper.findAll('input').at(1).setValue('Aa123456_')
+              await wrapper.find('form').trigger('submit')
+              await flushPromises()
+            })
+
+            it('redirects to "/thx/checkEmail/the-most-secret-code-ever"', () => {
+              expect(routerPushMock).toHaveBeenCalledWith(
+                '/thx/checkEmail/the-most-secret-code-ever',
+              )
+            })
+          })
        })

        describe('server response with success on /reset-password', () => {
--- a/frontend/src/pages/ResetPassword.vue
+++ b/frontend/src/pages/ResetPassword.vue
@ -6,11 +6,11 @@
          <b-row class="justify-content-center">
            <b-col xl="5" lg="6" md="8" class="px-2">
              <!-- eslint-disable-next-line @intlify/vue-i18n/no-dynamic-keys-->
-              <h1>{{ $t(displaySetup.authenticated) }}</h1>
+              <h1>{{ $t(displaySetup.title) }}</h1>
              <div class="pb-4">
                <span>
                  <!-- eslint-disable-next-line @intlify/vue-i18n/no-dynamic-keys-->
-                  {{ $t(displaySetup.notAuthenticated) }}
+                  {{ $t(displaySetup.text) }}
                </span>
              </div>
            </b-col>
@ -53,14 +53,14 @@ import { queryOptIn } from '@/graphql/queries'

 const textFields = {
  reset: {
-    authenticated: 'settings.password.change-password',
-    notAuthenticated: 'settings.password.reset-password.text',
+    title: 'settings.password.change-password',
+    text: 'settings.password.reset-password.text',
    button: 'settings.password.change-password',
    linkTo: '/login',
  },
  checkEmail: {
-    authenticated: 'settings.password.set',
-    notAuthenticated: 'settings.password.set-password.text',
+    title: 'settings.password.set',
+    text: 'settings.password.set-password.text',
    button: 'settings.password.set',
    linkTo: '/login',
  },
@ -97,7 +97,11 @@ export default {
        .then(() => {
          this.form.password = ''
          if (this.$route.path.includes('checkEmail')) {
-            this.$router.push('/thx/checkEmail')
+            if (this.$route.params.code) {
+              this.$router.push('/thx/checkEmail/' + this.$route.params.code)
+            } else {
+              this.$router.push('/thx/checkEmail')
+            }
          } else {
            this.$router.push('/thx/resetPassword')
          }
--- a/frontend/src/pages/thx.vue
+++ b/frontend/src/pages/thx.vue
@ -9,7 +9,11 @@
          <!-- eslint-disable-next-line @intlify/vue-i18n/no-dynamic-keys-->
          <p class="h4">{{ $t(displaySetup.subtitle) }}</p>
          <hr />
-          <b-button v-if="displaySetup.linkTo" :to="displaySetup.linkTo">
+          <b-button v-if="$route.params.code" :to="`/redeem/${$route.params.code}`">
+            <!-- eslint-disable-next-line @intlify/vue-i18n/no-dynamic-keys-->
+            {{ $t(displaySetup.button) }}
+          </b-button>
+          <b-button v-else :to="displaySetup.linkTo">
            <!-- eslint-disable-next-line @intlify/vue-i18n/no-dynamic-keys-->
            {{ $t(displaySetup.button) }}
          </b-button>
--- a/frontend/src/routes/router.test.js
+++ b/frontend/src/routes/router.test.js
@ -112,7 +112,7 @@ describe('router', () => {
      })

      describe('thx', () => {
-        const thx = routes.find((r) => r.path === '/thx/:comingFrom')
+        const thx = routes.find((r) => r.path === '/thx/:comingFrom/:code?')

        it('loads the "Thx" page', async () => {
          const component = await thx.component()
@ -177,7 +177,9 @@ describe('router', () => {

      describe('checkEmail', () => {
        it('loads the "CheckEmail" page', async () => {
-          const component = await routes.find((r) => r.path === '/checkEmail/:optin').component()
+          const component = await routes
+            .find((r) => r.path === '/checkEmail/:optin/:code?')
+            .component()
          expect(component.default.name).toBe('ResetPassword')
        })
      })
--- a/frontend/src/routes/routes.js
+++ b/frontend/src/routes/routes.js
@ -47,7 +47,7 @@ const routes = [
    component: () => import('@/pages/Register.vue'),
  },
  {
-    path: '/thx/:comingFrom',
+    path: '/thx/:comingFrom/:code?',
    component: () => import('@/pages/thx.vue'),
    beforeEnter: (to, from, next) => {
      const validFrom = ['forgot-password', 'reset-password', 'register', 'login', 'checkEmail']
@ -79,7 +79,7 @@ const routes = [
    component: () => import('@/pages/ResetPassword.vue'),
  },
  {
-    path: '/checkEmail/:optin',
+    path: '/checkEmail/:optin/:code?',
    component: () => import('@/pages/ResetPassword.vue'),
  },
  {