From 35da60c572fa5000a702536917b87cb605633ca7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Claus-Peter=20H=C3=BCbner?= Date: Tue, 9 Aug 2022 23:36:00 +0200 Subject: [PATCH] change User to create a gradidoID as uuidv4 during createUser --- backend/src/graphql/model/User.ts | 8 ++++++++ backend/src/graphql/resolver/UserResolver.ts | 21 +++++++++++++++++++- backend/src/util/communityUser.ts | 2 ++ 3 files changed, 30 insertions(+), 1 deletion(-) diff --git a/backend/src/graphql/model/User.ts b/backend/src/graphql/model/User.ts index 0642be630..1ec33b27d 100644 --- a/backend/src/graphql/model/User.ts +++ b/backend/src/graphql/model/User.ts @@ -8,6 +8,8 @@ import { FULL_CREATION_AVAILABLE } from '../resolver/const/const' export class User { constructor(user: dbUser, creation: Decimal[] = FULL_CREATION_AVAILABLE) { this.id = user.id + this.gradidoID = user.gradidoID + this.alias = user.alias this.email = user.email this.firstName = user.firstName this.lastName = user.lastName @@ -28,6 +30,12 @@ export class User { // `public_key` binary(32) DEFAULT NULL, // `privkey` binary(80) DEFAULT NULL, + @Field(() => String) + gradidoID: string + + @Field(() => String, { nullable: true }) + alias: string + // TODO privacy issue here @Field(() => String) email: string diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts index a89a8cb0b..03ed3043e 100644 --- a/backend/src/graphql/resolver/UserResolver.ts +++ b/backend/src/graphql/resolver/UserResolver.ts @@ -32,6 +32,8 @@ import { EventSendConfirmationEmail, } from '@/event/Event' import { getUserCreation } from './util/creations' +import { v4 as uuidv4 } from 'uuid' + // eslint-disable-next-line @typescript-eslint/no-var-requires const sodium = require('sodium-native') @@ -224,6 +226,19 @@ export const activationLink = (optInCode: LoginEmailOptIn): string => { return CONFIG.EMAIL_LINK_SETPASSWORD.replace(/{optin}/g, optInCode.verificationCode.toString()) } +const newGradidoID = async (): Promise => { + let gradidoId: string + let countIds: number + do { + gradidoId = uuidv4() + countIds = await DbUser.count({ where: { gradidoID: gradidoId } }) + if (countIds > 0) { + logger.info('Gradido-ID creation conflict...') + } + } while (countIds > 0) + return gradidoId +} + @Resolver() export class UserResolver { @Authorized([RIGHTS.VERIFY_LOGIN]) @@ -344,11 +359,13 @@ export class UserResolver { logger.info(`DbUser.findOne(email=${email}) = ${userFound}`) if (userFound) { - logger.info('User already exists with this email=' + email) + // ATTENTION: this logger-message will be exactly expected during tests + logger.info(`User already exists with this email=${email}`) // TODO: this is unsecure, but the current implementation of the login server. This way it can be queried if the user with given EMail is existent. const user = new User(communityDbUser) user.id = sodium.randombytes_random() % (2048 * 16) // TODO: for a better faking derive id from email so that it will be always the same id when the same email comes in? + user.gradidoID = '11111111-2222-4333-4444-55555555' user.email = email user.firstName = firstName user.lastName = lastName @@ -378,11 +395,13 @@ export class UserResolver { // const passwordHash = SecretKeyCryptographyCreateKey(email, password) // return short and long hash // const encryptedPrivkey = SecretKeyCryptographyEncrypt(keyPair[1], passwordHash[1]) const emailHash = getEmailHash(email) + const gradidoID = await newGradidoID() const eventRegister = new EventRegister() const eventRedeemRegister = new EventRedeemRegister() const eventSendConfirmEmail = new EventSendConfirmationEmail() const dbUser = new DbUser() + dbUser.gradidoID = gradidoID dbUser.email = email dbUser.firstName = firstName dbUser.lastName = lastName diff --git a/backend/src/util/communityUser.ts b/backend/src/util/communityUser.ts index 1a84c2cdf..d850c5382 100644 --- a/backend/src/util/communityUser.ts +++ b/backend/src/util/communityUser.ts @@ -6,6 +6,8 @@ import { User } from '@model/User' const communityDbUser: dbUser = { id: -1, + gradidoID: '11111111-2222-4333-4444-55555555', + alias: '', email: 'support@gradido.net', firstName: 'Gradido', lastName: 'Akademie',