introduce reset token, comment isAuthorized

2025-12-13 07:45:54 +00:00 · 2022-03-14 14:15:24 +01:00 · 2022-03-14 14:15:24 +01:00 · 35cc38ba7c
commit 35cc38ba7c
parent 095e6603ab
2 changed files with 7 additions and 1 deletions
--- a/backend/src/graphql/directive/isAuthorized.ts
+++ b/backend/src/graphql/directive/isAuthorized.ts
@ -14,6 +14,12 @@ const isAuthorized: AuthChecker<any> = async ({ context }, rights) => {
  context.role = ROLE_UNAUTHORIZED // unauthorized user

  // moriz: I think it is better to check the INALIENABLE_RIGHTS here
+  /* 
+  if ((<RIGHTS[]>rights).reduce(
+    (acc, right) => acc && INALIENABLE_RIGHTS.includes(right),
+    true,
+  )) return true
+  */

  // Do we have a token?
  if (context.token) {
--- a/backend/src/graphql/resolver/UserResolver.test.ts
+++ b/backend/src/graphql/resolver/UserResolver.test.ts
@ -373,7 +373,7 @@ describe('UserResolver', () => {

    describe('user is in database and wrong password', () => {
      beforeAll(async () => {
-        // resetToken()
+        resetToken()
        await createUser(mutate, {
          email: 'peter@lustig.de',
          firstName: 'Peter',