IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into 1078-GDD-Calculate-Decay-Tool-clear

Browse Source
This commit is contained in:
Hannes Heine 2021-12-13 04:31:33 +01:00 committed by GitHub
commit 7d62db39bb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
71 changed files with 1723 additions and 1024 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.github/workflows/test.yml vendored
View File

@ -380,7 +380,7 @@ jobs:
##########################################################################
- name: frontend | Unit tests
run: |
docker run -v ~/coverage:/app/coverage --rm gradido/frontend:test yarn run test
docker run --env NODE_ENV=test -v ~/coverage:/app/coverage --rm gradido/frontend:test yarn run test
cp -r ~/coverage ./coverage
##########################################################################
# COVERAGE REPORT FRONTEND ###############################################
@ -399,7 +399,7 @@ jobs:
report_name: Coverage Frontend
type: lcov
result_path: ./coverage/lcov.info
min_coverage: 87
min_coverage: 90
token: ${{ github.token }}
##############################################################################
@ -441,7 +441,7 @@ jobs:
report_name: Coverage Admin Interface
type: lcov
result_path: ./coverage/lcov.info
min_coverage: 60
min_coverage: 69
token: ${{ github.token }}
##############################################################################
@ -491,7 +491,7 @@ jobs:
report_name: Coverage Backend
type: lcov
result_path: ./backend/coverage/lcov.info
min_coverage: 39
min_coverage: 37
token: ${{ github.token }}
##############################################################################

35
admin/src/main.js
View File

@ -11,11 +11,8 @@ import addNavigationGuards from './router/guards'
import i18n from './i18n'
import { ApolloClient, ApolloLink, InMemoryCache, HttpLink } from 'apollo-boost'
import VueApollo from 'vue-apollo'
import CONFIG from './config'
import { BootstrapVue, IconsPlugin } from 'bootstrap-vue'
import 'bootstrap/dist/css/bootstrap.css'
import 'bootstrap-vue/dist/bootstrap-vue.css'
@ -23,37 +20,7 @@ import 'bootstrap-vue/dist/bootstrap-vue.css'
import moment from 'vue-moment'
import Toasted from 'vue-toasted'
const httpLink = new HttpLink({ uri: CONFIG.GRAPHQL_URI })
const authLink = new ApolloLink((operation, forward) => {
const token = store.state.token
operation.setContext({
headers: {
Authorization: token && token.length > 0 ? `Bearer ${token}` : '',
},
})
return forward(operation).map((response) => {
if (response.errors && response.errors[0].message === '403.13 - Client certificate revoked') {
response.errors[0].message = i18n.t('error.session-expired')
store.dispatch('logout', null)
if (router.currentRoute.path !== '/logout') router.push('/logout')
return response
}
const newToken = operation.getContext().response.headers.get('token')
if (newToken) store.commit('token', newToken)
return response
})
})
const apolloClient = new ApolloClient({
link: authLink.concat(httpLink),
cache: new InMemoryCache(),
})
const apolloProvider = new VueApollo({
defaultClient: apolloClient,
})
import { apolloProvider } from './plugins/apolloProvider'
Vue.use(BootstrapVue)

73
admin/src/main.test.js
View File

@ -101,77 +101,4 @@ describe('main', () => {
}),
)
})
describe('ApolloLink', () => {
// mock store
const storeDispatchMock = jest.fn()
store.state = {
token: 'some-token',
}
store.dispatch = storeDispatchMock
// mock i18n.t
i18n.t = jest.fn((t) => t)
// mock apllo response
const responseMock = {
errors: [{ message: '403.13 - Client certificate revoked' }],
}
// mock router
const routerPushMock = jest.fn()
router.push = routerPushMock
router.currentRoute = {
path: '/overview',
}
// mock context
const setContextMock = jest.fn()
const getContextMock = jest.fn(() => {
return {
response: {
headers: {
get: jest.fn(),
},
},
}
})
// mock apollo link function params
const operationMock = {
setContext: setContextMock,
getContext: getContextMock,
}
const forwardMock = jest.fn(() => {
return [responseMock]
})
// get apollo link callback
const middleware = ApolloLink.mock.calls[0][0]
beforeEach(() => {
jest.clearAllMocks()
// run the callback with mocked params
middleware(operationMock, forwardMock)
})
it('sets authorization header', () => {
expect(setContextMock).toBeCalledWith({
headers: {
Authorization: 'Bearer some-token',
},
})
})
describe('apollo response is 403.13', () => {
it.skip('dispatches logout', () => {
expect(storeDispatchMock).toBeCalledWith('logout', null)
})
it.skip('redirects to logout', () => {
expect(routerPushMock).toBeCalledWith('/logout')
})
})
})
})

1
admin/src/pages/CreationConfirm.vue
View File

@ -76,6 +76,7 @@ export default {
this.$apollo
.query({
query: getPendingCreations,
fetchPolicy: 'network-only',
})
.then((result) => {
this.$store.commit('resetOpenCreations')

1
admin/src/pages/Overview.vue
View File

@ -62,6 +62,7 @@ export default {
this.$apollo
.query({
query: getPendingCreations,
fetchPolicy: 'network-only',
})
.then((result) => {
this.$store.commit('setOpenCreations', result.data.getPendingCreations.length)

37
admin/src/plugins/apolloProvider.js Normal file
View File

@ -0,0 +1,37 @@
import { ApolloClient, ApolloLink, InMemoryCache, HttpLink } from 'apollo-boost'
import VueApollo from 'vue-apollo'
import CONFIG from '../config'
import store from '../store/store'
import router from '../router/router'
import i18n from '../i18n'
const httpLink = new HttpLink({ uri: CONFIG.GRAPHQL_URI })
const authLink = new ApolloLink((operation, forward) => {
const token = store.state.token
operation.setContext({
headers: {
Authorization: token && token.length > 0 ? `Bearer ${token}` : '',
},
})
return forward(operation).map((response) => {
if (response.errors && response.errors[0].message === '403.13 - Client certificate revoked') {
response.errors[0].message = i18n.t('error.session-expired')
store.dispatch('logout', null)
if (router.currentRoute.path !== '/logout') router.push('/logout')
return response
}
const newToken = operation.getContext().response.headers.get('token')
if (newToken) store.commit('token', newToken)
return response
})
})
const apolloClient = new ApolloClient({
link: authLink.concat(httpLink),
cache: new InMemoryCache(),
})
export const apolloProvider = new VueApollo({
defaultClient: apolloClient,
})

178
admin/src/plugins/apolloProvider.test.js Normal file
View File

@ -0,0 +1,178 @@
import { ApolloClient, ApolloLink, HttpLink } from 'apollo-boost'
import './apolloProvider'
import CONFIG from '../config'
import VueApollo from 'vue-apollo'
import store from '../store/store'
import router from '../router/router'
import i18n from '../i18n'
jest.mock('vue-apollo')
jest.mock('../store/store')
jest.mock('../router/router')
jest.mock('../i18n')
jest.mock('apollo-boost', () => {
return {
__esModule: true,
ApolloClient: jest.fn(),
ApolloLink: jest.fn(() => {
return { concat: jest.fn() }
}),
InMemoryCache: jest.fn(),
HttpLink: jest.fn(),
}
})
describe('apolloProvider', () => {
it('calls the HttpLink', () => {
expect(HttpLink).toBeCalledWith({ uri: CONFIG.GRAPHQL_URI })
})
it('calls the ApolloLink', () => {
expect(ApolloLink).toBeCalled()
})
it('calls the ApolloClient', () => {
expect(ApolloClient).toBeCalled()
})
it('calls the VueApollo', () => {
expect(VueApollo).toBeCalled()
})
describe('ApolloLink', () => {
// mock store
const storeDispatchMock = jest.fn()
const storeCommitMock = jest.fn()
store.state = {
token: 'some-token',
}
store.dispatch = storeDispatchMock
store.commit = storeCommitMock
// mock i18n.t
i18n.t = jest.fn((t) => t)
// mock apllo response
const responseMock = {
errors: [{ message: '403.13 - Client certificate revoked' }],
}
// mock router
const routerPushMock = jest.fn()
router.push = routerPushMock
router.currentRoute = {
path: '/overview',
}
// mock context
const setContextMock = jest.fn()
const getContextMock = jest.fn(() => {
return {
response: {
headers: {
get: jest.fn(() => 'another-token'),
},
},
}
})
// mock apollo link function params
const operationMock = {
setContext: setContextMock,
getContext: getContextMock,
}
const forwardMock = jest.fn(() => {
return [responseMock]
})
// get apollo link callback
const middleware = ApolloLink.mock.calls[0][0]
describe('with token in store', () => {
it('sets authorization header with token', () => {
// run the apollo link callback with mocked params
middleware(operationMock, forwardMock)
expect(setContextMock).toBeCalledWith({
headers: {
Authorization: 'Bearer some-token',
},
})
})
})
describe('without token in store', () => {
beforeEach(() => {
store.state.token = null
})
it('sets authorization header empty', () => {
middleware(operationMock, forwardMock)
expect(setContextMock).toBeCalledWith({
headers: {
Authorization: '',
},
})
})
})
describe('apollo response is 403.13', () => {
beforeEach(() => {
// run the apollo link callback with mocked params
middleware(operationMock, forwardMock)
})
it('dispatches logout', () => {
expect(storeDispatchMock).toBeCalledWith('logout', null)
})
describe('current route is not logout', () => {
it('redirects to logout', () => {
expect(routerPushMock).toBeCalledWith('/logout')
})
})
describe('current route is logout', () => {
beforeEach(() => {
jest.clearAllMocks()
router.currentRoute.path = '/logout'
})
it('does not redirect to logout', () => {
expect(routerPushMock).not.toBeCalled()
})
})
})
describe('apollo response is with new token', () => {
beforeEach(() => {
delete responseMock.errors
middleware(operationMock, forwardMock)
})
it('commits new token to store', () => {
expect(storeCommitMock).toBeCalledWith('token', 'another-token')
})
})
describe('apollo response is without new token', () => {
beforeEach(() => {
jest.clearAllMocks()
getContextMock.mockReturnValue({
response: {
headers: {
get: jest.fn(() => null),
},
},
})
middleware(operationMock, forwardMock)
})
it('does not commit token to store', () => {
expect(storeCommitMock).not.toBeCalled()
})
})
})
})

2
backend/.env.dist
View File

@ -2,8 +2,6 @@ PORT=4000
JWT_SECRET=secret123
JWT_EXPIRES_IN=10m
GRAPHIQL=false
LOGIN_API_URL=http://login-server:1201/
COMMUNITY_API_URL=http://nginx/api/
GDT_API_URL=https://gdt.gradido.net
DB_HOST=localhost
DB_PORT=3306

4
backend/src/auth/INALIENABLE_RIGHTS.ts
View File

@ -4,10 +4,8 @@ export const INALIENABLE_RIGHTS = [
RIGHTS.LOGIN,
RIGHTS.GET_COMMUNITY_INFO,
RIGHTS.COMMUNITIES,
RIGHTS.LOGIN_VIA_EMAIL_VERIFICATION_CODE,
RIGHTS.CREATE_USER,
RIGHTS.SEND_RESET_PASSWORD_EMAIL,
RIGHTS.RESET_PASSWORD,
RIGHTS.SET_PASSWORD,
RIGHTS.CHECK_USERNAME,
RIGHTS.CHECK_EMAIL,
]

4
backend/src/auth/RIGHTS.ts
View File

@ -12,14 +12,12 @@ export enum RIGHTS {
SUBSCRIBE_NEWSLETTER = 'SUBSCRIBE_NEWSLETTER',
TRANSACTION_LIST = 'TRANSACTION_LIST',
SEND_COINS = 'SEND_COINS',
LOGIN_VIA_EMAIL_VERIFICATION_CODE = 'LOGIN_VIA_EMAIL_VERIFICATION_CODE',
LOGOUT = 'LOGOUT',
CREATE_USER = 'CREATE_USER',
SEND_RESET_PASSWORD_EMAIL = 'SEND_RESET_PASSWORD_EMAIL',
RESET_PASSWORD = 'RESET_PASSWORD',
SET_PASSWORD = 'SET_PASSWORD',
UPDATE_USER_INFOS = 'UPDATE_USER_INFOS',
CHECK_USERNAME = 'CHECK_USERNAME',
CHECK_EMAIL = 'CHECK_EMAIL',
HAS_ELOPAGE = 'HAS_ELOPAGE',
// Admin
SEARCH_USERS = 'SEARCH_USERS',

3
backend/src/config/index.ts
View File

@ -8,8 +8,6 @@ const server = {
JWT_SECRET: process.env.JWT_SECRET || 'secret123',
JWT_EXPIRES_IN: process.env.JWT_EXPIRES_IN || '10m',
GRAPHIQL: process.env.GRAPHIQL === 'true' || false,
LOGIN_API_URL: process.env.LOGIN_API_URL || 'http://login-server:1201/',
COMMUNITY_API_URL: process.env.COMMUNITY_API_URL || 'http://nginx/api/',
GDT_API_URL: process.env.GDT_API_URL || 'https://gdt.gradido.net',
PRODUCTION: process.env.NODE_ENV === 'production' || false,
}
@ -53,6 +51,7 @@ const email = {
EMAIL_SMTP_PORT: process.env.EMAIL_SMTP_PORT || '587',
EMAIL_LINK_VERIFICATION:
process.env.EMAIL_LINK_VERIFICATION || 'http://localhost/vue/checkEmail/$1',
EMAIL_LINK_SETPASSWORD: process.env.EMAIL_LINK_SETPASSWORD || 'http://localhost/vue/reset/$1',
}
const webhook = {

13
backend/src/graphql/arg/ChangePasswordArgs.ts
View File

@ -1,13 +0,0 @@
import { ArgsType, Field } from 'type-graphql'
@ArgsType()
export default class ChangePasswordArgs {
@Field(() => Number)
sessionId: number
@Field(() => String)
email: string
@Field(() => String)
password: string
}

29
backend/src/graphql/model/CheckEmailResponse.ts
View File

@ -1,29 +0,0 @@
/* eslint-disable @typescript-eslint/no-explicit-any */
/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
import { ObjectType, Field } from 'type-graphql'
@ObjectType()
export class CheckEmailResponse {
constructor(json: any) {
this.sessionId = json.session_id
this.email = json.user.email
this.language = json.user.language
this.firstName = json.user.first_name
this.lastName = json.user.last_name
}
@Field(() => Number)
sessionId: number
@Field(() => String)
email: string
@Field(() => String)
firstName: string
@Field(() => String)
lastName: string
@Field(() => String)
language: string
}

17
backend/src/graphql/model/LoginViaVerificationCode.ts
View File

@ -1,17 +0,0 @@
/* eslint-disable @typescript-eslint/no-explicit-any */
/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
import { ObjectType, Field } from 'type-graphql'
@ObjectType()
export class LoginViaVerificationCode {
constructor(json: any) {
this.sessionId = json.session_id
this.email = json.user.email
}
@Field(() => Number)
sessionId: number
@Field(() => String)
email: string
}

17
backend/src/graphql/model/SendPasswordResetEmailResponse.ts
View File

@ -1,17 +0,0 @@
/* eslint-disable @typescript-eslint/no-explicit-any */
/* eslint-disable @typescript-eslint/explicit-module-boundary-types */
import { ObjectType, Field } from 'type-graphql'
@ObjectType()
export class SendPasswordResetEmailResponse {
constructor(json: any) {
this.state = json.state
this.msg = json.msg
}
@Field(() => String)
state: string
@Field(() => String)
msg?: string
}

44
backend/src/graphql/resolver/AdminResolver.ts
View File

@ -6,7 +6,7 @@ import { UpdatePendingCreation } from '../model/UpdatePendingCreation'
import { RIGHTS } from '../../auth/RIGHTS'
import { TransactionRepository } from '../../typeorm/repository/Transaction'
import { TransactionCreationRepository } from '../../typeorm/repository/TransactionCreation'
import { PendingCreationRepository } from '../../typeorm/repository/PendingCreation'
import { LoginPendingTasksAdminRepository } from '../../typeorm/repository/LoginPendingTasksAdmin'
import { UserRepository } from '../../typeorm/repository/User'
import CreatePendingCreationArgs from '../arg/CreatePendingCreationArgs'
import UpdatePendingCreationArgs from '../arg/UpdatePendingCreationArgs'
@ -48,8 +48,8 @@ export class AdminResolver {
const creations = await getUserCreations(user.id)
const creationDateObj = new Date(creationDate)
if (isCreationValid(creations, amount, creationDateObj)) {
const pendingCreationRepository = getCustomRepository(PendingCreationRepository)
const loginPendingTaskAdmin = pendingCreationRepository.create()
const loginPendingTasksAdminRepository = getCustomRepository(LoginPendingTasksAdminRepository)
const loginPendingTaskAdmin = loginPendingTasksAdminRepository.create()
loginPendingTaskAdmin.userId = user.id
loginPendingTaskAdmin.amount = BigInt(amount * 10000)
loginPendingTaskAdmin.created = new Date()
@ -57,7 +57,7 @@ export class AdminResolver {
loginPendingTaskAdmin.memo = memo
loginPendingTaskAdmin.moderator = moderator
pendingCreationRepository.save(loginPendingTaskAdmin)
loginPendingTasksAdminRepository.save(loginPendingTaskAdmin)
}
return await getUserCreations(user.id)
}
@ -70,8 +70,8 @@ export class AdminResolver {
const userRepository = getCustomRepository(UserRepository)
const user = await userRepository.findByEmail(email)
const pendingCreationRepository = getCustomRepository(PendingCreationRepository)
const updatedCreation = await pendingCreationRepository.findOneOrFail({ id })
const loginPendingTasksAdminRepository = getCustomRepository(LoginPendingTasksAdminRepository)
const updatedCreation = await loginPendingTasksAdminRepository.findOneOrFail({ id })
if (updatedCreation.userId !== user.id)
throw new Error('user of the pending creation and send user does not correspond')
@ -81,9 +81,9 @@ export class AdminResolver {
updatedCreation.date = new Date(creationDate)
updatedCreation.moderator = moderator
await pendingCreationRepository.save(updatedCreation)
await loginPendingTasksAdminRepository.save(updatedCreation)
const result = new UpdatePendingCreation()
result.amount = parseInt(updatedCreation.amount.toString())
result.amount = parseInt(amount.toString())
result.memo = updatedCreation.memo
result.date = updatedCreation.date
result.moderator = updatedCreation.moderator
@ -110,8 +110,8 @@ export class AdminResolver {
@Query(() => [PendingCreation])
async getPendingCreations(): Promise<PendingCreation[]> {
const pendingCreationRepository = getCustomRepository(PendingCreationRepository)
const pendingCreations = await pendingCreationRepository.find()
const loginPendingTasksAdminRepository = getCustomRepository(LoginPendingTasksAdminRepository)
const pendingCreations = await loginPendingTasksAdminRepository.find()
const pendingCreationsPromise = await Promise.all(
pendingCreations.map(async (pendingCreation) => {
@ -137,16 +137,16 @@ export class AdminResolver {
@Mutation(() => Boolean)
async deletePendingCreation(@Arg('id') id: number): Promise<boolean> {
const pendingCreationRepository = getCustomRepository(PendingCreationRepository)
const entity = await pendingCreationRepository.findOneOrFail(id)
const res = await pendingCreationRepository.delete(entity)
const loginPendingTasksAdminRepository = getCustomRepository(LoginPendingTasksAdminRepository)
const entity = await loginPendingTasksAdminRepository.findOneOrFail(id)
const res = await loginPendingTasksAdminRepository.delete(entity)
return !!res
}
@Mutation(() => Boolean)
async confirmPendingCreation(@Arg('id') id: number): Promise<boolean> {
const pendingCreationRepository = getCustomRepository(PendingCreationRepository)
const pendingCreation = await pendingCreationRepository.findOneOrFail(id)
const loginPendingTasksAdminRepository = getCustomRepository(LoginPendingTasksAdminRepository)
const pendingCreation = await loginPendingTasksAdminRepository.findOneOrFail(id)
const transactionRepository = getCustomRepository(TransactionRepository)
let transaction = new Transaction()
@ -176,7 +176,7 @@ export class AdminResolver {
} else {
newBalance = lastUserTransaction.balance
}
newBalance = Number(newBalance) + Number(parseInt(pendingCreation.amount.toString()) / 10000)
newBalance = Number(newBalance) + Number(parseInt(pendingCreation.amount.toString()))
const newUserTransaction = new UserTransaction()
newUserTransaction.userId = pendingCreation.userId
@ -194,11 +194,11 @@ export class AdminResolver {
if (!userBalance) userBalance = balanceRepository.create()
userBalance.userId = pendingCreation.userId
userBalance.amount = Number(newBalance * 10000)
userBalance.amount = Number(newBalance)
userBalance.modified = new Date()
userBalance.recordDate = userBalance.recordDate ? userBalance.recordDate : new Date()
await balanceRepository.save(userBalance)
await pendingCreationRepository.delete(pendingCreation)
await loginPendingTasksAdminRepository.delete(pendingCreation)
return true
}
@ -247,8 +247,8 @@ async function getUserCreations(id: number): Promise<number[]> {
})
.getRawOne()
const pendingCreationRepository = getCustomRepository(PendingCreationRepository)
const pendingAmountMounth = await pendingCreationRepository
const loginPendingTasksAdminRepository = getCustomRepository(LoginPendingTasksAdminRepository)
const pendingAmountMounth = await loginPendingTasksAdminRepository
.createQueryBuilder('login_pending_tasks_admin')
.select('SUM(login_pending_tasks_admin.amount)', 'sum')
.where('login_pending_tasks_admin.userId = :id', { id })
@ -260,7 +260,7 @@ async function getUserCreations(id: number): Promise<number[]> {
})
.getRawOne()
const pendingAmountLastMounth = await pendingCreationRepository
const pendingAmountLastMounth = await loginPendingTasksAdminRepository
.createQueryBuilder('login_pending_tasks_admin')
.select('SUM(login_pending_tasks_admin.amount)', 'sum')
.where('login_pending_tasks_admin.userId = :id', { id })
@ -272,7 +272,7 @@ async function getUserCreations(id: number): Promise<number[]> {
})
.getRawOne()
const pendingAmountBeforeLastMounth = await pendingCreationRepository
const pendingAmountBeforeLastMounth = await loginPendingTasksAdminRepository
.createQueryBuilder('login_pending_tasks_admin')
.select('SUM(login_pending_tasks_admin.amount)', 'sum')
.where('login_pending_tasks_admin.userId = :id', { id })

2
backend/src/graphql/resolver/TransactionResolver.ts
View File

@ -428,7 +428,7 @@ async function addUserTransaction(
if (lastUserTransaction) {
newBalance += Number(
await calculateDecay(
Number(lastUserTransaction.balance * 10000),
Number(lastUserTransaction.balance),
lastUserTransaction.balanceDate,
transaction.received,
).catch(() => {

315
backend/src/graphql/resolver/UserResolver.ts
View File

@ -3,24 +3,16 @@
import fs from 'fs'
import { Resolver, Query, Args, Arg, Authorized, Ctx, UseMiddleware, Mutation } from 'type-graphql'
import { getConnection, getCustomRepository } from 'typeorm'
import { getConnection, getCustomRepository, getRepository } from 'typeorm'
import CONFIG from '../../config'
import { LoginViaVerificationCode } from '../model/LoginViaVerificationCode'
import { SendPasswordResetEmailResponse } from '../model/SendPasswordResetEmailResponse'
import { User } from '../model/User'
import { User as DbUser } from '@entity/User'
import { encode } from '../../auth/JWT'
import ChangePasswordArgs from '../arg/ChangePasswordArgs'
import CheckUsernameArgs from '../arg/CheckUsernameArgs'
import CreateUserArgs from '../arg/CreateUserArgs'
import UnsecureLoginArgs from '../arg/UnsecureLoginArgs'
import UpdateUserInfosArgs from '../arg/UpdateUserInfosArgs'
import { apiPost, apiGet } from '../../apis/HttpRequest'
import {
klicktippRegistrationMiddleware,
klicktippNewsletterStateMiddleware,
} from '../../middleware/klicktippMiddleware'
import { CheckEmailResponse } from '../model/CheckEmailResponse'
import { klicktippNewsletterStateMiddleware } from '../../middleware/klicktippMiddleware'
import { UserSettingRepository } from '../../typeorm/repository/UserSettingRepository'
import { LoginUserRepository } from '../../typeorm/repository/LoginUser'
import { Setting } from '../enum/Setting'
@ -30,10 +22,14 @@ import { LoginUserBackup } from '@entity/LoginUserBackup'
import { LoginEmailOptIn } from '@entity/LoginEmailOptIn'
import { sendEMail } from '../../util/sendEMail'
import { LoginElopageBuysRepository } from '../../typeorm/repository/LoginElopageBuys'
import { signIn } from '../../apis/KlicktippController'
import { RIGHTS } from '../../auth/RIGHTS'
import { ServerUserRepository } from '../../typeorm/repository/ServerUser'
import { ROLE_ADMIN } from '../../auth/ROLES'
const EMAIL_OPT_IN_RESET_PASSWORD = 2
const EMAIL_OPT_IN_REGISTER = 1
// eslint-disable-next-line @typescript-eslint/no-var-requires
const sodium = require('sodium-native')
// eslint-disable-next-line @typescript-eslint/no-var-requires
@ -58,50 +54,8 @@ const PassphraseGenerate = (): string[] => {
result.push(WORDS[sodium.randombytes_random() % 2048])
}
return result
/*
return [
'behind',
'salmon',
'fluid',
'orphan',
'frost',
'elder',
'amateur',
'always',
'panel',
'palm',
'leopard',
'essay',
'punch',
'title',
'fun',
'annual',
'page',
'hundred',
'journey',
'select',
'figure',
'tunnel',
'casual',
'bar',
]
*/
}
/*
Test results:
INSERT INTO `login_users` (`id`, `email`, `first_name`, `last_name`, `username`, `description`, `password`, `pubkey`, `privkey`, `email_hash`, `created`, `email_checked`, `passphrase_shown`, `language`, `disabled`, `group_id`, `publisher_id`) VALUES
// old
(1, 'peter@lustig.de', 'peter', 'lustig', '', '', 4747956395458240931, 0x8c75edd507f470e5378f927489374694d68f3d155523f1c4402c36affd35a7ed, 0xb0e310655726b088631ccfd31ad6470ee50115c161dde8559572fa90657270ff13dc1200b2d3ea90dfbe92f3a4475ee4d9cee4989e39736a0870c33284bc73a8ae690e6da89f241a121eb3b500c22885, 0x9f700e6f6ec351a140b674c0edd4479509697b023bd8bee8826915ef6c2af036, '2021-11-03 20:05:04', 0, 0, 'de', 0, 1, 0);
// new
(2, 'peter@lustig.de', 'peter', 'lustig', '', '', 4747956395458240931, 0x8c75edd507f470e5378f927489374694d68f3d155523f1c4402c36affd35a7ed, 0xb0e310655726b088631ccfd31ad6470ee50115c161dde8559572fa90657270ff13dc1200b2d3ea90dfbe92f3a4475ee4d9cee4989e39736a0870c33284bc73a8ae690e6da89f241a121eb3b500c22885, 0x9f700e6f6ec351a140b674c0edd4479509697b023bd8bee8826915ef6c2af036, '2021-11-03 20:22:15', 0, 0, 'de', 0, 1, 0);
INSERT INTO `login_user_backups` (`id`, `user_id`, `passphrase`, `mnemonic_type`) VALUES
// old
(1, 1, 'behind salmon fluid orphan frost elder amateur always panel palm leopard essay punch title fun annual page hundred journey select figure tunnel casual bar ', 2);
// new
(2, 2, 'behind salmon fluid orphan frost elder amateur always panel palm leopard essay punch title fun annual page hundred journey select figure tunnel casual bar ', 2);
*/
const KeyPairEd25519Create = (passphrase: string[]): Buffer[] => {
if (!passphrase.length || passphrase.length < PHRASE_WORD_COUNT) {
throw new Error('passphrase empty or to short')
@ -240,13 +194,21 @@ export class UserResolver {
@Ctx() context: any,
): Promise<User> {
email = email.trim().toLowerCase()
// const result = await apiPost(CONFIG.LOGIN_API_URL + 'unsecureLogin', { email, password })
// UnsecureLogin
const loginUserRepository = getCustomRepository(LoginUserRepository)
const loginUser = await loginUserRepository.findByEmail(email).catch(() => {
throw new Error('No user with this credentials')
})
if (!loginUser.emailChecked) throw new Error('user email not validated')
if (!loginUser.emailChecked) {
throw new Error('User email not validated')
}
if (loginUser.password === BigInt(0)) {
// TODO we want to catch this on the frontend and ask the user to check his emails or resend code
throw new Error('User has no password set yet')
}
if (!loginUser.pubKey || !loginUser.privKey) {
// TODO we want to catch this on the frontend and ask the user to check his emails or resend code
throw new Error('User has no private or publicKey')
}
const passwordHash = SecretKeyCryptographyCreateKey(email, password) // return short and long hash
const loginUserPassword = BigInt(loginUser.password.toString())
if (loginUserPassword !== passwordHash[0].readBigUInt64LE()) {
@ -320,22 +282,6 @@ export class UserResolver {
return user
}
@Authorized([RIGHTS.LOGIN_VIA_EMAIL_VERIFICATION_CODE])
@Query(() => LoginViaVerificationCode)
async loginViaEmailVerificationCode(
@Arg('optin') optin: string,
): Promise<LoginViaVerificationCode> {
// I cannot use number as type here.
// The value received is not the same as sent by the query
const result = await apiGet(
CONFIG.LOGIN_API_URL + 'loginViaEmailVerificationCode?emailVerificationCode=' + optin,
)
if (!result.success) {
throw new Error(result.data)
}
return new LoginViaVerificationCode(result.data)
}
@Authorized([RIGHTS.LOGOUT])
@Query(() => String)
async logout(): Promise<boolean> {
@ -350,7 +296,7 @@ export class UserResolver {
@Authorized([RIGHTS.CREATE_USER])
@Mutation(() => String)
async createUser(
@Args() { email, firstName, lastName, password, language, publisherId }: CreateUserArgs,
@Args() { email, firstName, lastName, language, publisherId }: CreateUserArgs,
): Promise<string> {
// TODO: wrong default value (should be null), how does graphql work here? Is it an required field?
// default int publisher_id = 0;
@ -360,13 +306,6 @@ export class UserResolver {
language = DEFAULT_LANGUAGE
}
// Validate Password
if (!isPassword(password)) {
throw new Error(
'Please enter a valid password with at least 8 characters, upper and lower case letters, at least one number and one special character!',
)
}
// Validate username
// TODO: never true
const username = ''
@ -384,10 +323,10 @@ export class UserResolver {
}
const passphrase = PassphraseGenerate()
const keyPair = KeyPairEd25519Create(passphrase) // return pub, priv Key
const passwordHash = SecretKeyCryptographyCreateKey(email, password) // return short and long hash
// const keyPair = KeyPairEd25519Create(passphrase) // return pub, priv Key
// const passwordHash = SecretKeyCryptographyCreateKey(email, password) // return short and long hash
// const encryptedPrivkey = SecretKeyCryptographyEncrypt(keyPair[1], passwordHash[1])
const emailHash = getEmailHash(email)
const encryptedPrivkey = SecretKeyCryptographyEncrypt(keyPair[1], passwordHash[1])
// Table: login_users
const loginUser = new LoginUser()
@ -396,13 +335,13 @@ export class UserResolver {
loginUser.lastName = lastName
loginUser.username = username
loginUser.description = ''
loginUser.password = passwordHash[0].readBigUInt64LE() // using the shorthash
// loginUser.password = passwordHash[0].readBigUInt64LE() // using the shorthash
loginUser.emailHash = emailHash
loginUser.language = language
loginUser.groupId = 1
loginUser.publisherId = publisherId
loginUser.pubKey = keyPair[0]
loginUser.privKey = encryptedPrivkey
// loginUser.pubKey = keyPair[0]
// loginUser.privKey = encryptedPrivkey
const queryRunner = getConnection().createQueryRunner()
await queryRunner.connect()
@ -428,11 +367,13 @@ export class UserResolver {
// Table: state_users
const dbUser = new DbUser()
dbUser.pubkey = keyPair[0]
dbUser.email = email
dbUser.firstName = firstName
dbUser.lastName = lastName
dbUser.username = username
// TODO this field has no null allowed unlike the loginServer table
dbUser.pubkey = Buffer.alloc(32, 0) // default to 0000...
// dbUser.pubkey = keyPair[0]
await queryRunner.manager.save(dbUser).catch((er) => {
// eslint-disable-next-line no-console
@ -441,10 +382,11 @@ export class UserResolver {
})
// Store EmailOptIn in DB
// TODO: this has duplicate code with sendResetPasswordEmail
const emailOptIn = new LoginEmailOptIn()
emailOptIn.userId = loginUserId
emailOptIn.verificationCode = random(64)
emailOptIn.emailOptInTypeId = 2
emailOptIn.emailOptInTypeId = EMAIL_OPT_IN_REGISTER
await queryRunner.manager.save(emailOptIn).catch((error) => {
// eslint-disable-next-line no-console
@ -489,38 +431,172 @@ export class UserResolver {
}
@Authorized([RIGHTS.SEND_RESET_PASSWORD_EMAIL])
@Query(() => SendPasswordResetEmailResponse)
async sendResetPasswordEmail(
@Arg('email') email: string,
): Promise<SendPasswordResetEmailResponse> {
const payload = {
email,
email_text: 7,
email_verification_code_type: 'resetPassword',
@Query(() => Boolean)
async sendResetPasswordEmail(@Arg('email') email: string): Promise<boolean> {
// TODO: this has duplicate code with createUser
// TODO: Moriz: I think we do not need this variable.
let emailAlreadySend = false
const loginUserRepository = await getCustomRepository(LoginUserRepository)
const loginUser = await loginUserRepository.findOneOrFail({ email })
const loginEmailOptInRepository = await getRepository(LoginEmailOptIn)
let optInCode = await loginEmailOptInRepository.findOne({
userId: loginUser.id,
emailOptInTypeId: EMAIL_OPT_IN_RESET_PASSWORD,
})
if (optInCode) {
emailAlreadySend = true
} else {
optInCode = new LoginEmailOptIn()
optInCode.verificationCode = random(64)
optInCode.userId = loginUser.id
optInCode.emailOptInTypeId = EMAIL_OPT_IN_RESET_PASSWORD
await loginEmailOptInRepository.save(optInCode)
}
const response = await apiPost(CONFIG.LOGIN_API_URL + 'sendEmail', payload)
if (!response.success) {
throw new Error(response.data)
const link = CONFIG.EMAIL_LINK_SETPASSWORD.replace(
/\$1/g,
optInCode.verificationCode.toString(),
)
if (emailAlreadySend) {
const timeElapsed = Date.now() - new Date(optInCode.updatedAt).getTime()
if (timeElapsed <= 10 * 60 * 1000) {
throw new Error('email already sent less than 10 minutes before')
}
}
return new SendPasswordResetEmailResponse(response.data)
const emailSent = await sendEMail({
from: `Gradido (nicht antworten) <${CONFIG.EMAIL_SENDER}>`,
to: `${loginUser.firstName} ${loginUser.lastName} <${email}>`,
subject: 'Gradido: Reset Password',
text: `Hallo ${loginUser.firstName} ${loginUser.lastName},
Du oder jemand anderes hat für dieses Konto ein Zurücksetzen des Passworts angefordert.
Wenn du es warst, klicke bitte auf den Link: ${link}
oder kopiere den obigen Link in Dein Browserfenster.
Mit freundlichen Grüßen,
dein Gradido-Team`,
})
// In case EMails are disabled log the activation link for the user
if (!emailSent) {
// eslint-disable-next-line no-console
console.log(`Reset password link: ${link}`)
}
return true
}
@Authorized([RIGHTS.RESET_PASSWORD])
@Mutation(() => String)
async resetPassword(
@Args()
{ sessionId, email, password }: ChangePasswordArgs,
): Promise<string> {
const payload = {
session_id: sessionId,
email,
password,
@Authorized([RIGHTS.SET_PASSWORD])
@Mutation(() => Boolean)
async setPassword(
@Arg('code') code: string,
@Arg('password') password: string,
): Promise<boolean> {
// Validate Password
if (!isPassword(password)) {
throw new Error(
'Please enter a valid password with at least 8 characters, upper and lower case letters, at least one number and one special character!',
)
}
const result = await apiPost(CONFIG.LOGIN_API_URL + 'resetPassword', payload)
if (!result.success) {
throw new Error(result.data)
// Load code
const loginEmailOptInRepository = await getRepository(LoginEmailOptIn)
const optInCode = await loginEmailOptInRepository
.findOneOrFail({ verificationCode: code })
.catch(() => {
throw new Error('Could not login with emailVerificationCode')
})
// Code is only valid for 10minutes
const timeElapsed = Date.now() - new Date(optInCode.updatedAt).getTime()
if (timeElapsed > 10 * 60 * 1000) {
throw new Error('Code is older than 10 minutes')
}
return 'success'
// load loginUser
const loginUserRepository = await getCustomRepository(LoginUserRepository)
const loginUser = await loginUserRepository
.findOneOrFail({ id: optInCode.userId })
.catch(() => {
throw new Error('Could not find corresponding Login User')
})
// load user
const dbUserRepository = await getCustomRepository(UserRepository)
const dbUser = await dbUserRepository.findOneOrFail({ email: loginUser.email }).catch(() => {
throw new Error('Could not find corresponding User')
})
const loginUserBackupRepository = await getRepository(LoginUserBackup)
const loginUserBackup = await loginUserBackupRepository
.findOneOrFail({ userId: loginUser.id })
.catch(() => {
throw new Error('Could not find corresponding BackupUser')
})
const passphrase = loginUserBackup.passphrase.slice(0, -1).split(' ')
if (passphrase.length < PHRASE_WORD_COUNT) {
// TODO if this can happen we cannot recover from that
throw new Error('Could not load a correct passphrase')
}
// Activate EMail
loginUser.emailChecked = true
// Update Password
const passwordHash = SecretKeyCryptographyCreateKey(loginUser.email, password) // return short and long hash
const keyPair = KeyPairEd25519Create(passphrase) // return pub, priv Key
const encryptedPrivkey = SecretKeyCryptographyEncrypt(keyPair[1], passwordHash[1])
loginUser.password = passwordHash[0].readBigUInt64LE() // using the shorthash
loginUser.pubKey = keyPair[0]
loginUser.privKey = encryptedPrivkey
dbUser.pubkey = keyPair[0]
const queryRunner = getConnection().createQueryRunner()
await queryRunner.connect()
await queryRunner.startTransaction('READ UNCOMMITTED')
try {
// Save loginUser
await queryRunner.manager.save(loginUser).catch((error) => {
throw new Error('error saving loginUser: ' + error)
})
// Save user
await queryRunner.manager.save(dbUser).catch((error) => {
throw new Error('error saving user: ' + error)
})
// Delete Code
await queryRunner.manager.remove(optInCode).catch((error) => {
throw new Error('error deleting code: ' + error)
})
await queryRunner.commitTransaction()
} catch (e) {
await queryRunner.rollbackTransaction()
throw e
} finally {
await queryRunner.release()
}
// Sign into Klicktipp
// TODO do we always signUp the user? How to handle things with old users?
if (optInCode.emailOptInTypeId === EMAIL_OPT_IN_REGISTER) {
try {
await signIn(loginUser.email, loginUser.language, loginUser.firstName, loginUser.lastName)
} catch {
// TODO is this a problem?
// eslint-disable-next-line no-console
console.log('Could not subscribe to klicktipp')
}
}
return true
}
@Authorized([RIGHTS.UPDATE_USER_INFOS])
@ -656,19 +732,6 @@ export class UserResolver {
return true
}
@Authorized([RIGHTS.CHECK_EMAIL])
@Query(() => CheckEmailResponse)
@UseMiddleware(klicktippRegistrationMiddleware)
async checkEmail(@Arg('optin') optin: string): Promise<CheckEmailResponse> {
const result = await apiGet(
CONFIG.LOGIN_API_URL + 'loginViaEmailVerificationCode?emailVerificationCode=' + optin,
)
if (!result.success) {
throw new Error(result.data)
}
return new CheckEmailResponse(result.data)
}
@Authorized([RIGHTS.HAS_ELOPAGE])
@Query(() => Boolean)
async hasElopage(@Ctx() context: any): Promise<boolean> {

26
backend/src/middleware/klicktippMiddleware.ts
View File

@ -1,20 +1,20 @@
import { MiddlewareFn } from 'type-graphql'
import { signIn, getKlickTippUser } from '../apis/KlicktippController'
import { /* signIn, */ getKlickTippUser } from '../apis/KlicktippController'
import { KlickTipp } from '../graphql/model/KlickTipp'
import CONFIG from '../config/index'
export const klicktippRegistrationMiddleware: MiddlewareFn = async (
// Only for demo
/* eslint-disable-next-line @typescript-eslint/no-unused-vars */
{ root, args, context, info },
next,
) => {
// Do Something here before resolver is called
const result = await next()
// Do Something here after resolver is completed
await signIn(result.email, result.language, result.firstName, result.lastName)
return result
}
// export const klicktippRegistrationMiddleware: MiddlewareFn = async (
// // Only for demo
// /* eslint-disable-next-line @typescript-eslint/no-unused-vars */
// { root, args, context, info },
// next,
// ) => {
// // Do Something here before resolver is called
// const result = await next()
// // Do Something here after resolver is completed
// await signIn(result.email, result.language, result.firstName, result.lastName)
// return result
// }
export const klicktippNewsletterStateMiddleware: MiddlewareFn = async (
/* eslint-disable-next-line @typescript-eslint/no-unused-vars */

2
backend/src/typeorm/repository/PendingCreation.ts → backend/src/typeorm/repository/LoginPendingTasksAdmin.ts
View File

@ -2,4 +2,4 @@ import { EntityRepository, Repository } from 'typeorm'
import { LoginPendingTasksAdmin } from '@entity/LoginPendingTasksAdmin'
@EntityRepository(LoginPendingTasksAdmin)
export class PendingCreationRepository extends Repository<LoginPendingTasksAdmin> {}
export class LoginPendingTasksAdminRepository extends Repository<LoginPendingTasksAdmin> {}

10
database/Dockerfile
View File

@ -1,7 +1,7 @@
##################################################################################
# BASE ###########################################################################
##################################################################################
FROM node:12.19.0-alpine3.10 as base
FROM node:17-alpine as base
# ENVs (available in production aswell, can be overwritten by commandline or env file)
## DOCKER_WORKDIR would be a classical ARG, but that is not multi layer persistent - shame
@ -14,8 +14,6 @@ ENV BUILD_VERSION="0.0.0.0"
ENV BUILD_COMMIT="0000000"
## SET NODE_ENV
ENV NODE_ENV="production"
## App relevant Envs
#ENV PORT="4000"
# Labels
LABEL org.label-schema.build-date="${BUILD_DATE}"
@ -34,10 +32,6 @@ LABEL maintainer="support@gradido.net"
## install: git
#RUN apk --no-cache add git
# Settings
## Expose Container Port
# EXPOSE ${PORT}
## Workdir
RUN mkdir -p ${DOCKER_WORKDIR}
WORKDIR ${DOCKER_WORKDIR}
@ -99,7 +93,7 @@ FROM base as production
# Copy "binary"-files from build image
COPY --from=build ${DOCKER_WORKDIR}/build ./build
# We also copy the node_modules express and serve-static for the run script
COPY --from=build ${DOCKER_WORKDIR}/node_modules ./node_modules
COPY --from=build ${DOCKER_WORKDIR}/node_modules ./node_modules
# Copy static files
# COPY --from=build ${DOCKER_WORKDIR}/public ./public
# Copy package.json for script definitions (lock file should not be needed)

20
database/migrations/0004-login_server_data.ts
View File

@ -25,34 +25,34 @@ export async function upgrade(queryFn: (query: string, values?: any[]) => Promis
}
await queryFn(`
INSERT INTO \`login_app_access_tokens\` SELECT * FROM ${LOGIN_SERVER_DB}.\`app_access_tokens\`;
INSERT IGNORE INTO \`login_app_access_tokens\` SELECT * FROM ${LOGIN_SERVER_DB}.\`app_access_tokens\`;
`)
await queryFn(`
INSERT INTO \`login_elopage_buys\` SELECT * FROM ${LOGIN_SERVER_DB}.\`elopage_buys\`;
INSERT IGNORE INTO \`login_elopage_buys\` SELECT * FROM ${LOGIN_SERVER_DB}.\`elopage_buys\`;
`)
await queryFn(`
INSERT INTO \`login_email_opt_in_types\` SELECT * FROM ${LOGIN_SERVER_DB}.\`email_opt_in_types\`;
INSERT IGNORE INTO \`login_email_opt_in_types\` SELECT * FROM ${LOGIN_SERVER_DB}.\`email_opt_in_types\`;
`)
await queryFn(`
INSERT INTO \`login_email_opt_in\` SELECT * FROM ${LOGIN_SERVER_DB}.\`email_opt_in\`;
INSERT IGNORE INTO \`login_email_opt_in\` SELECT * FROM ${LOGIN_SERVER_DB}.\`email_opt_in\`;
`)
await queryFn(`
INSERT INTO \`login_groups\` SELECT * FROM ${LOGIN_SERVER_DB}.\`groups\`;
INSERT IGNORE INTO \`login_groups\` SELECT * FROM ${LOGIN_SERVER_DB}.\`groups\`;
`)
await queryFn(`
INSERT INTO \`login_pending_tasks\` SELECT * FROM ${LOGIN_SERVER_DB}.\`pending_tasks\`;
INSERT IGNORE INTO \`login_pending_tasks\` SELECT * FROM ${LOGIN_SERVER_DB}.\`pending_tasks\`;
`)
await queryFn(`
INSERT INTO \`login_roles\` SELECT * FROM ${LOGIN_SERVER_DB}.\`roles\`;
INSERT IGNORE INTO \`login_roles\` SELECT * FROM ${LOGIN_SERVER_DB}.\`roles\`;
`)
await queryFn(`
INSERT INTO \`login_user_backups\` SELECT * FROM ${LOGIN_SERVER_DB}.\`user_backups\`;
INSERT IGNORE INTO \`login_user_backups\` SELECT * FROM ${LOGIN_SERVER_DB}.\`user_backups\`;
`)
await queryFn(`
INSERT INTO \`login_user_roles\` SELECT * FROM ${LOGIN_SERVER_DB}.\`user_roles\`;
INSERT IGNORE INTO \`login_user_roles\` SELECT * FROM ${LOGIN_SERVER_DB}.\`user_roles\`;
`)
await queryFn(`
INSERT INTO \`login_users\` SELECT * FROM ${LOGIN_SERVER_DB}.\`users\`;
INSERT IGNORE INTO \`login_users\` SELECT * FROM ${LOGIN_SERVER_DB}.\`users\`;
`)
// TODO clarify if we need this on non docker environment?

3
docker-compose.override.yml
View File

@ -68,9 +68,6 @@ services:
image: gradido/database:test_up
build:
target: test_up
#networks:
# - external-net
# - internal-net
environment:
- NODE_ENV="development"
volumes:

4
docker-compose.yml
View File

@ -116,12 +116,10 @@ services:
- mariadb
networks:
- internal-net
#ports:
# - 4000:4000
- external-net # this is required to fetch the packages
environment:
# Envs used in Dockerfile
# - DOCKER_WORKDIR="/app"
# - PORT=4000
- BUILD_DATE
- BUILD_VERSION
- BUILD_COMMIT

19
frontend/babel.config.js
View File

@ -1,11 +1,22 @@
module.exports = {
presets: ['@babel/preset-env'],
plugins: [
module.exports = function (api) {
api.cache(true)
const presets = ['@babel/preset-env']
const plugins = [
[
'component',
{
styleLibraryName: 'theme-chalk',
},
],
],
]
if (process.env.NODE_ENV === 'test') {
plugins.push('transform-require-context')
}
return {
presets,
plugins,
}
}

1
frontend/jest.config.js
View File

@ -22,4 +22,5 @@ module.exports = {
testMatch: ['**/?(*.)+(spec|test).js?(x)'],
// snapshotSerializers: ['jest-serializer-vue'],
transformIgnorePatterns: ['<rootDir>/node_modules/(?!vee-validate/dist/rules)'],
testEnvironment: 'jest-environment-jsdom-sixteen',
}

5
frontend/package.json
View File

@ -22,8 +22,7 @@
"apollo-boost": "^0.4.9",
"axios": "^0.21.1",
"babel-core": "^7.0.0-bridge.0",
"babel-jest": "^26.6.3",
"babel-plugin-require-context-hook": "^1.0.0",
"babel-jest": "^27.3.1",
"babel-preset-vue": "^2.0.2",
"bootstrap": "4.3.1",
"bootstrap-vue": "^2.5.0",
@ -51,6 +50,7 @@
"identity-obj-proxy": "^3.0.0",
"jest": "^26.6.3",
"jest-canvas-mock": "^2.3.1",
"jest-environment-jsdom-sixteen": "^2.0.0",
"nouislider": "^12.1.0",
"particles-bg-vue": "1.2.3",
"perfect-scrollbar": "^1.3.0",
@ -88,6 +88,7 @@
"@vue/eslint-config-prettier": "^4.0.1",
"babel-eslint": "^10.1.0",
"babel-plugin-component": "^1.1.0",
"babel-plugin-transform-require-context": "^0.1.1",
"dotenv-webpack": "^7.0.3",
"node-sass": "^6.0.1",
"sass-loader": "^10",

5
frontend/src/components/SidebarPlugin/SideBar.spec.js
View File

@ -167,7 +167,10 @@ describe('SideBar', () => {
beforeEach(async () => {
mocks.$store.state.isAdmin = true
mocks.$store.state.token = 'valid-token'
window.location.assign = assignLocationSpy
delete window.location
window.location = {
assign: assignLocationSpy,
}
wrapper = Wrapper()
})

10
frontend/src/graphql/mutations.js
View File

@ -12,9 +12,9 @@ export const unsubscribeNewsletter = gql`
}
`
export const resetPassword = gql`
mutation($sessionId: Float!, $email: String!, $password: String!) {
resetPassword(sessionId: $sessionId, email: $email, password: $password)
export const setPassword = gql`
mutation($code: String!, $password: String!) {
setPassword(code: $code, password: $password)
}
`
@ -42,12 +42,11 @@ export const updateUserInfos = gql`
}
`
export const registerUser = gql`
export const createUser = gql`
mutation(
$firstName: String!
$lastName: String!
$email: String!
$password: String!
$language: String!
$publisherId: Int
) {
@ -55,7 +54,6 @@ export const registerUser = gql`
email: $email
firstName: $firstName
lastName: $lastName
password: $password
language: $language
publisherId: $publisherId
)

22
frontend/src/graphql/queries.js
View File

@ -46,15 +46,6 @@ export const logout = gql`
}
`
export const loginViaEmailVerificationCode = gql`
query($optin: String!) {
loginViaEmailVerificationCode(optin: $optin) {
sessionId
email
}
}
`
export const transactionsQuery = gql`
query($currentPage: Int = 1, $pageSize: Int = 25, $order: Order = DESC) {
transactionList(currentPage: $currentPage, pageSize: $pageSize, order: $order) {
@ -88,9 +79,7 @@ export const transactionsQuery = gql`
export const sendResetPasswordEmail = gql`
query($email: String!) {
sendResetPasswordEmail(email: $email) {
state
}
sendResetPasswordEmail(email: $email)
}
`
@ -118,15 +107,6 @@ export const listGDTEntriesQuery = gql`
}
`
export const checkEmailQuery = gql`
query($optin: String!) {
checkEmail(optin: $optin) {
email
sessionId
}
}
`
export const communityInfo = gql`
query {
getCommunityInfo {

9
frontend/src/locales/de.json
View File

@ -48,7 +48,7 @@
"error": "Fehler",
"no-account": "Leider konnten wir keinen Account finden mit diesen Daten!",
"no-email-verify": "Die Email wurde noch nicht bestätigt, bitte überprüfe deine Emails und klicke auf den Aktivierungslink!",
"session-expired": "Sitzung abgelaufen!"
"session-expired": "Die Sitzung wurde aus Sicherheitsgründen beendet."
},
"form": {
"amount": "Betrag",
@ -148,12 +148,17 @@
"password": {
"change-password": "Passwort ändern",
"forgot_pwd": "Passwort vergessen?",
"not-authenticated": "Leider konnten wir dich nicht authentifizieren. Bitte wende dich an den Support.",
"resend_subtitle": "Dein Aktivierungslink ist abgelaufen, Du kannst hier ein neuen anfordern.",
"reset": "Passwort zurücksetzen",
"reset-password": {
"not-authenticated": "Leider konnten wir dich nicht authentifizieren. Bitte wende dich an den Support.",
"text": "Jetzt kannst du ein neues Passwort speichern, mit dem du dich zukünftig in der Gradido-App anmelden kannst."
},
"send_now": "Jetzt senden",
"set": "Passwort festlegen",
"set-password": {
"text": "Jetzt kannst du ein neues Passwort speichern, mit dem du dich zukünftig in der Gradido-App anmelden kannst."
},
"subtitle": "Wenn du dein Passwort vergessen hast, kannst du es hier zurücksetzen."
}
},

9
frontend/src/locales/en.json
View File

@ -48,7 +48,7 @@
"error": "Error",
"no-account": "Unfortunately we could not find an account to the given data!",
"no-email-verify": "Your email is not activated yet, please check your emails and click the activation link!",
"session-expired": "The session expired"
"session-expired": "The session was closed for security reasons."
},
"form": {
"amount": "Amount",
@ -148,12 +148,17 @@
"password": {
"change-password": "Change password",
"forgot_pwd": "Forgot password?",
"not-authenticated": "Unfortunately we could not authenticate you. Please contact the support.",
"resend_subtitle": "Your activation link is expired, here you can order a new one.",
"reset": "Reset password",
"reset-password": {
"not-authenticated": "Unfortunately we could not authenticate you. Please contact the support.",
"text": "Now you can save a new password to login to the Gradido-App in the future."
},
"send_now": "Send now",
"set": "Set password",
"set-password": {
"text": "Now you can save a new password to login to the Gradido-App in the future."
},
"subtitle": "If you have forgotten your password, you can reset it here."
}
},

45
frontend/src/main.js
View File

@ -3,9 +3,6 @@ import DashboardPlugin from './plugins/dashboard-plugin'
import App from './App.vue'
import i18n from './i18n.js'
import { loadAllRules } from './validation-rules'
import { ApolloClient, ApolloLink, InMemoryCache, HttpLink } from 'apollo-boost'
import VueApollo from 'vue-apollo'
import CONFIG from './config'
import addNavigationGuards from './routes/guards'
@ -13,42 +10,22 @@ import { store } from './store/store'
import router from './routes/router'
const httpLink = new HttpLink({ uri: CONFIG.GRAPHQL_URI })
const authLink = new ApolloLink((operation, forward) => {
const token = store.state.token
operation.setContext({
headers: {
Authorization: token && token.length > 0 ? `Bearer ${token}` : '',
},
})
return forward(operation).map((response) => {
if (response.errors && response.errors[0].message === '403.13 - Client certificate revoked') {
response.errors[0].message = i18n.t('error.session-expired')
store.dispatch('logout', null)
if (router.currentRoute.path !== '/login') router.push('/login')
return response
}
const newToken = operation.getContext().response.headers.get('token')
if (newToken) store.commit('token', newToken)
return response
})
})
const apolloClient = new ApolloClient({
link: authLink.concat(httpLink),
cache: new InMemoryCache(),
uri: CONFIG.GRAPHQL_URI,
})
const apolloProvider = new VueApollo({
defaultClient: apolloClient,
})
import { apolloProvider } from './plugins/apolloProvider'
// plugin setup
Vue.use(DashboardPlugin)
Vue.config.productionTip = false
Vue.toasted.register(
'error',
(payload) => {
return payload.replace(/^GraphQL error: /, '')
},
{
type: 'error',
},
)
loadAllRules(i18n)
addNavigationGuards(router, store, apolloProvider.defaultClient)

2
frontend/src/mixins/getCommunityInfo.js
View File

@ -13,7 +13,7 @@ export const getCommunityInfoMixin = {
return result.data.getCommunityInfo
})
.catch((error) => {
this.$toasted.error(error.message)
this.$toasted.global.error(error.message)
})
}
},

37
frontend/src/plugins/apolloProvider.js Normal file
View File

@ -0,0 +1,37 @@
import { ApolloClient, ApolloLink, InMemoryCache, HttpLink } from 'apollo-boost'
import VueApollo from 'vue-apollo'
import CONFIG from '../config'
import { store } from '../store/store'
import router from '../routes/router'
import i18n from '../i18n'
const httpLink = new HttpLink({ uri: CONFIG.GRAPHQL_URI })
const authLink = new ApolloLink((operation, forward) => {
const token = store.state.token
operation.setContext({
headers: {
Authorization: token && token.length > 0 ? `Bearer ${token}` : '',
},
})
return forward(operation).map((response) => {
if (response.errors && response.errors[0].message === '403.13 - Client certificate revoked') {
response.errors[0].message = i18n.t('error.session-expired')
store.dispatch('logout', null)
if (router.currentRoute.path !== '/login') router.push('/login')
return response
}
const newToken = operation.getContext().response.headers.get('token')
if (newToken) store.commit('token', newToken)
return response
})
})
const apolloClient = new ApolloClient({
link: authLink.concat(httpLink),
cache: new InMemoryCache(),
})
export const apolloProvider = new VueApollo({
defaultClient: apolloClient,
})

178
frontend/src/plugins/apolloProvider.test.js Normal file
View File

@ -0,0 +1,178 @@
import { ApolloClient, ApolloLink, HttpLink } from 'apollo-boost'
import './apolloProvider'
import CONFIG from '../config'
import VueApollo from 'vue-apollo'
import { store } from '../store/store.js'
import router from '../routes/router'
import i18n from '../i18n'
jest.mock('vue-apollo')
jest.mock('../store/store')
jest.mock('../routes/router')
jest.mock('../i18n')
jest.mock('apollo-boost', () => {
return {
__esModule: true,
ApolloClient: jest.fn(),
ApolloLink: jest.fn(() => {
return { concat: jest.fn() }
}),
InMemoryCache: jest.fn(),
HttpLink: jest.fn(),
}
})
describe('apolloProvider', () => {
it('calls the HttpLink', () => {
expect(HttpLink).toBeCalledWith({ uri: CONFIG.GRAPHQL_URI })
})
it('calls the ApolloLink', () => {
expect(ApolloLink).toBeCalled()
})
it('calls the ApolloClient', () => {
expect(ApolloClient).toBeCalled()
})
it('calls the VueApollo', () => {
expect(VueApollo).toBeCalled()
})
describe('ApolloLink', () => {
// mock store
const storeDispatchMock = jest.fn()
const storeCommitMock = jest.fn()
store.state = {
token: 'some-token',
}
store.dispatch = storeDispatchMock
store.commit = storeCommitMock
// mock i18n.t
i18n.t = jest.fn((t) => t)
// mock apllo response
const responseMock = {
errors: [{ message: '403.13 - Client certificate revoked' }],
}
// mock router
const routerPushMock = jest.fn()
router.push = routerPushMock
router.currentRoute = {
path: '/overview',
}
// mock context
const setContextMock = jest.fn()
const getContextMock = jest.fn(() => {
return {
response: {
headers: {
get: jest.fn(() => 'another-token'),
},
},
}
})
// mock apollo link function params
const operationMock = {
setContext: setContextMock,
getContext: getContextMock,
}
const forwardMock = jest.fn(() => {
return [responseMock]
})
// get apollo link callback
const middleware = ApolloLink.mock.calls[0][0]
describe('with token in store', () => {
it('sets authorization header with token', () => {
// run the apollo link callback with mocked params
middleware(operationMock, forwardMock)
expect(setContextMock).toBeCalledWith({
headers: {
Authorization: 'Bearer some-token',
},
})
})
})
describe('without token in store', () => {
beforeEach(() => {
store.state.token = null
})
it('sets authorization header empty', () => {
middleware(operationMock, forwardMock)
expect(setContextMock).toBeCalledWith({
headers: {
Authorization: '',
},
})
})
})
describe('apollo response is 403.13', () => {
beforeEach(() => {
// run the apollo link callback with mocked params
middleware(operationMock, forwardMock)
})
it('dispatches logout', () => {
expect(storeDispatchMock).toBeCalledWith('logout', null)
})
describe('current route is not login', () => {
it('redirects to logout', () => {
expect(routerPushMock).toBeCalledWith('/login')
})
})
describe('current route is login', () => {
beforeEach(() => {
jest.clearAllMocks()
router.currentRoute.path = '/login'
})
it('does not redirect to login', () => {
expect(routerPushMock).not.toBeCalled()
})
})
})
describe('apollo response is with new token', () => {
beforeEach(() => {
delete responseMock.errors
middleware(operationMock, forwardMock)
})
it('commits new token to store', () => {
expect(storeCommitMock).toBeCalledWith('token', 'another-token')
})
})
describe('apollo response is without new token', () => {
beforeEach(() => {
jest.clearAllMocks()
getContextMock.mockReturnValue({
response: {
headers: {
get: jest.fn(() => null),
},
},
})
middleware(operationMock, forwardMock)
})
it('does not commit token to store', () => {
expect(storeCommitMock).not.toBeCalled()
})
})
})
})

20
frontend/src/plugins/dashboard-plugin.test.js
View File

@ -4,8 +4,11 @@ import Vue from 'vue'
import GlobalComponents from './globalComponents'
import GlobalDirectives from './globalDirectives'
import Toasted from 'vue-toasted'
jest.mock('./globalComponents')
jest.mock('./globalDirectives')
jest.mock('vue-toasted')
jest.mock('vue')
@ -22,4 +25,21 @@ describe('dashboard plugin', () => {
it('installs the global directives', () => {
expect(vueUseMock).toBeCalledWith(GlobalDirectives)
})
describe('vue toasted', () => {
const toastedAction = vueUseMock.mock.calls[11][1].action.onClick
const goAwayMock = jest.fn()
const toastObject = {
goAway: goAwayMock,
}
it('installs vue toasted', () => {
expect(vueUseMock).toBeCalledWith(Toasted, expect.anything())
})
it('onClick calls goAway(0)', () => {
toastedAction({}, toastObject)
expect(goAwayMock).toBeCalledWith(0)
})
})
})

13
frontend/src/routes/router.test.js
View File

@ -49,8 +49,8 @@ describe('router', () => {
expect(routes.find((r) => r.path === '/').redirect()).toEqual({ path: '/login' })
})
it('has fifteen routes defined', () => {
expect(routes).toHaveLength(15)
it('has sixteen routes defined', () => {
expect(routes).toHaveLength(16)
})
describe('overview', () => {
@ -143,6 +143,13 @@ describe('router', () => {
})
})
describe('password with param comingFrom', () => {
it('loads the "Password" component', async () => {
const component = await routes.find((r) => r.path === '/password/:comingFrom').component()
expect(component.default.name).toBe('password')
})
})
describe('register-community', () => {
it('loads the "registerCommunity" component', async () => {
const component = await routes.find((r) => r.path === '/register-community').component()
@ -167,7 +174,7 @@ describe('router', () => {
describe('checkEmail', () => {
it('loads the "CheckEmail" component', async () => {
const component = await routes.find((r) => r.path === '/checkEmail/:optin').component()
expect(component.default.name).toBe('CheckEmail')
expect(component.default.name).toBe('ResetPassword')
})
})

8
frontend/src/routes/routes.js
View File

@ -50,7 +50,7 @@ const routes = [
path: '/thx/:comingFrom',
component: () => import('../views/Pages/thx.vue'),
beforeEnter: (to, from, next) => {
const validFrom = ['password', 'reset', 'register', 'login']
const validFrom = ['password', 'reset', 'register', 'login', 'Login']
if (!validFrom.includes(from.path.split('/')[1])) {
next({ path: '/login' })
} else {
@ -62,6 +62,10 @@ const routes = [
path: '/password',
component: () => import('../views/Pages/ForgotPassword.vue'),
},
{
path: '/password/:comingFrom',
component: () => import('../views/Pages/ForgotPassword.vue'),
},
{
path: '/register-community',
component: () => import('../views/Pages/RegisterCommunity.vue'),
@ -76,7 +80,7 @@ const routes = [
},
{
path: '/checkEmail/:optin',
component: () => import('../views/Pages/CheckEmail.vue'),
component: () => import('../views/Pages/ResetPassword.vue'),
},
{ path: '*', component: NotFound },
]

6
frontend/src/views/Layout/DashboardLayout_gdd.spec.js
View File

@ -39,7 +39,9 @@ describe('DashboardLayoutGdd', () => {
},
},
$toasted: {
error: toasterMock,
global: {
error: toasterMock,
},
},
$apollo: {
query: apolloMock,
@ -266,7 +268,7 @@ describe('DashboardLayoutGdd', () => {
expect(wrapper.vm.pending).toBeTruthy()
})
it('calls $toasted.error method', () => {
it('calls $toasted.global.error method', () => {
expect(toasterMock).toBeCalledWith('Ouch!')
})
})

2
frontend/src/views/Layout/DashboardLayout_gdd.vue
View File

@ -133,7 +133,7 @@ export default {
})
.catch((error) => {
this.pending = true
this.$toasted.error(error.message)
this.$toasted.global.error(error.message)
// what to do when loading balance fails?
})
},

4
frontend/src/views/Pages/AccountOverview/GdtTransactionList.spec.js
View File

@ -37,7 +37,9 @@ describe('GdtTransactionList ', () => {
$n: jest.fn((n) => n),
$d: jest.fn((d) => d),
$toasted: {
error: toastErrorMock,
global: {
error: toastErrorMock,
},
},
$apollo: {
query: apolloMock,

2
frontend/src/views/Pages/AccountOverview/GdtTransactionList.vue
View File

@ -71,7 +71,7 @@ export default {
window.scrollTo(0, 0)
})
.catch((error) => {
this.$toasted.error(error.message)
this.$toasted.global.error(error.message)
})
},
},

105
frontend/src/views/Pages/CheckEmail.spec.js
View File

@ -1,105 +0,0 @@
import { mount, RouterLinkStub } from '@vue/test-utils'
import CheckEmail from './CheckEmail'
const localVue = global.localVue
const apolloQueryMock = jest.fn().mockRejectedValue({ message: 'error' })
const toasterMock = jest.fn()
const routerPushMock = jest.fn()
describe('CheckEmail', () => {
let wrapper
const mocks = {
$i18n: {
locale: 'en',
},
$t: jest.fn((t) => t),
$route: {
params: {
optin: '123',
},
},
$toasted: {
error: toasterMock,
},
$router: {
push: routerPushMock,
},
$loading: {
show: jest.fn(() => {
return { hide: jest.fn() }
}),
},
$apollo: {
query: apolloQueryMock,
},
}
const stubs = {
RouterLink: RouterLinkStub,
}
const Wrapper = () => {
return mount(CheckEmail, { localVue, mocks, stubs })
}
describe('mount', () => {
beforeEach(() => {
wrapper = Wrapper()
})
it('calls the checkEmail when created', async () => {
expect(apolloQueryMock).toBeCalledWith(
expect.objectContaining({ variables: { optin: '123' } }),
)
})
describe('No valid optin', () => {
it('toasts an error when no valid optin is given', () => {
expect(toasterMock).toHaveBeenCalledWith('error')
})
it('has a message suggesting to contact the support', () => {
expect(wrapper.find('div.header').text()).toContain('checkEmail.title')
expect(wrapper.find('div.header').text()).toContain('checkEmail.errorText')
})
})
describe('is authenticated', () => {
beforeEach(() => {
apolloQueryMock.mockResolvedValue({
data: {
checkEmail: {
sessionId: 1,
email: 'user@example.org',
language: 'de',
},
},
})
})
it.skip('Has sessionId from API call', async () => {
await wrapper.vm.$nextTick()
expect(wrapper.vm.sessionId).toBe(1)
})
describe('Register header', () => {
it('has a welcome message', async () => {
expect(wrapper.find('div.header').text()).toContain('checkEmail.title')
})
})
describe('links', () => {
it('has a link "Back"', async () => {
expect(wrapper.findAllComponents(RouterLinkStub).at(0).text()).toEqual('back')
})
it('links to /login when clicking "Back"', async () => {
expect(wrapper.findAllComponents(RouterLinkStub).at(0).props().to).toBe('/Login')
})
})
})
})
})

72
frontend/src/views/Pages/CheckEmail.vue
View File

@ -1,72 +0,0 @@
<template>
<div class="checkemail-form">
<b-container>
<div class="header p-4" ref="header">
<div class="header-body text-center mb-7">
<b-row class="justify-content-center">
<b-col xl="5" lg="6" md="8" class="px-2">
<h1>{{ $t('site.checkEmail.title') }}</h1>
<div class="pb-4" v-if="!pending">
<span v-if="!authenticated">
{{ $t('site.checkEmail.errorText') }}
</span>
</div>
</b-col>
</b-row>
</div>
</div>
</b-container>
<b-container class="mt--8 p-1">
<b-row>
<b-col class="text-center py-lg-4">
<router-link to="/Login" class="mt-3">{{ $t('back') }}</router-link>
</b-col>
</b-row>
</b-container>
</div>
</template>
<script>
import { checkEmailQuery } from '../../graphql/queries'
export default {
name: 'CheckEmail',
data() {
return {
authenticated: false,
sessionId: null,
email: null,
pending: true,
}
},
methods: {
async authenticate() {
const loader = this.$loading.show({
container: this.$refs.header,
})
const optin = this.$route.params.optin
this.$apollo
.query({
query: checkEmailQuery,
variables: {
optin: optin,
},
})
.then((result) => {
this.authenticated = true
this.sessionId = result.data.checkEmail.sessionId
this.email = result.data.checkEmail.email
this.$router.push('/thx/checkEmail')
})
.catch((error) => {
this.$toasted.error(error.message)
})
loader.hide()
this.pending = false
},
},
mounted() {
this.authenticate()
},
}
</script>
<style></style>

55
frontend/src/views/Pages/ForgotPassword.spec.js
View File

@ -8,30 +8,41 @@ const localVue = global.localVue
const mockRouterPush = jest.fn()
const stubs = {
RouterLink: RouterLinkStub,
}
const createMockObject = (comingFrom) => {
return {
localVue,
mocks: {
$t: jest.fn((t) => t),
$router: {
push: mockRouterPush,
},
$apollo: {
query: mockAPIcall,
},
$route: {
params: {
comingFrom,
},
},
},
stubs,
}
}
describe('ForgotPassword', () => {
let wrapper
const mocks = {
$t: jest.fn((t) => t),
$router: {
push: mockRouterPush,
},
$apollo: {
query: mockAPIcall,
},
}
const stubs = {
RouterLink: RouterLinkStub,
}
const Wrapper = () => {
return mount(ForgotPassword, { localVue, mocks, stubs })
const Wrapper = (functionN) => {
return mount(ForgotPassword, functionN)
}
describe('mount', () => {
beforeEach(() => {
wrapper = Wrapper()
wrapper = Wrapper(createMockObject())
})
it('renders the component', () => {
@ -144,5 +155,15 @@ describe('ForgotPassword', () => {
})
})
})
describe('comingFrom login', () => {
beforeEach(() => {
wrapper = Wrapper(createMockObject('reset'))
})
it('has another subtitle', () => {
expect(wrapper.find('p.text-lead').text()).toEqual('settings.password.resend_subtitle')
})
})
})
})

29
frontend/src/views/Pages/ForgotPassword.vue
View File

@ -5,8 +5,8 @@
<div class="header-body text-center mb-7">
<b-row class="justify-content-center">
<b-col xl="5" lg="6" md="8" class="px-2">
<h1>{{ $t('settings.password.reset') }}</h1>
<p class="text-lead">{{ $t('settings.password.subtitle') }}</p>
<h1>{{ $t(displaySetup.headline) }}</h1>
<p class="text-lead">{{ $t(displaySetup.subtitle) }}</p>
</b-col>
</b-row>
</div>
@ -22,7 +22,7 @@
<input-email v-model="form.email"></input-email>
<div class="text-center">
<b-button type="submit" variant="primary">
{{ $t('settings.password.send_now') }}
{{ $t(displaySetup.button) }}
</b-button>
</div>
</b-form>
@ -41,6 +41,21 @@
import { sendResetPasswordEmail } from '../../graphql/queries'
import InputEmail from '../../components/Inputs/InputEmail'
const textFields = {
reset: {
headline: 'settings.password.reset',
subtitle: 'settings.password.resend_subtitle',
button: 'settings.password.send_now',
cancel: 'back',
},
login: {
headline: 'settings.password.reset',
subtitle: 'settings.password.subtitle',
button: 'settings.password.send_now',
cancel: 'back',
},
}
export default {
name: 'password',
components: {
@ -52,6 +67,7 @@ export default {
form: {
email: '',
},
displaySetup: {},
}
},
methods: {
@ -71,6 +87,13 @@ export default {
})
},
},
created() {
if (this.$route.params.comingFrom) {
this.displaySetup = textFields[this.$route.params.comingFrom]
} else {
this.displaySetup = textFields.login
}
},
}
</script>
<style></style>

6
frontend/src/views/Pages/Login.spec.js
View File

@ -52,7 +52,9 @@ describe('Login', () => {
push: mockRouterPush,
},
$toasted: {
error: toastErrorMock,
global: {
error: toastErrorMock,
},
},
$apollo: {
query: apolloQueryMock,
@ -238,7 +240,7 @@ describe('Login', () => {
describe('login fails', () => {
beforeEach(() => {
apolloQueryMock.mockRejectedValue({
message: 'Ouch!',
message: '..No user with this credentials',
})
})

6
frontend/src/views/Pages/Login.vue
View File

@ -105,11 +105,11 @@ export default {
loader.hide()
})
.catch((error) => {
if (!error.message.includes('user email not validated')) {
this.$toasted.error(this.$t('error.no-account'))
if (error.message.includes('No user with this credentials')) {
this.$toasted.global.error(this.$t('error.no-account'))
} else {
// : this.$t('error.no-email-verify')
this.$router.push('/thx/login')
this.$router.push('/reset/login')
}
loader.hide()
})

15
frontend/src/views/Pages/Register.spec.js
View File

@ -49,7 +49,9 @@ describe('Register', () => {
},
},
$toasted: {
error: toastErrorMock,
global: {
error: toastErrorMock,
},
},
}
@ -151,16 +153,10 @@ describe('Register', () => {
expect(wrapper.find('#Email-input-field').exists()).toBeTruthy()
})
it('has password input fields', () => {
expect(wrapper.find('input[name="form.password"]').exists()).toBeTruthy()
})
it('has password repeat input fields', () => {
expect(wrapper.find('input[name="form.passwordRepeat"]').exists()).toBeTruthy()
})
it('has Language selected field', () => {
expect(wrapper.find('.selectedLanguage').exists()).toBeTruthy()
})
it('selects Language value en', async () => {
wrapper.find('.selectedLanguage').findAll('option').at(1).setSelected()
expect(wrapper.find('.selectedLanguage').element.value).toBe('en')
@ -223,8 +219,6 @@ describe('Register', () => {
wrapper.find('#registerFirstname').setValue('Max')
wrapper.find('#registerLastname').setValue('Mustermann')
wrapper.find('#Email-input-field').setValue('max.mustermann@gradido.net')
wrapper.find('input[name="form.password"]').setValue('Aa123456_')
wrapper.find('input[name="form.passwordRepeat"]').setValue('Aa123456_')
wrapper.find('.language-switch-select').findAll('option').at(1).setSelected()
wrapper.find('#publisherid').setValue('12345')
})
@ -280,7 +274,6 @@ describe('Register', () => {
email: 'max.mustermann@gradido.net',
firstName: 'Max',
lastName: 'Mustermann',
password: 'Aa123456_',
language: 'en',
publisherId: 12345,
},

18
frontend/src/views/Pages/Register.vue
View File

@ -85,10 +85,6 @@
<input-email v-model="form.email"></input-email>
<hr />
<input-password-confirmation
v-model="form.password"
:register="register"
></input-password-confirmation>
<b-row>
<b-col cols="12">
@ -194,14 +190,13 @@
</template>
<script>
import InputEmail from '../../components/Inputs/InputEmail.vue'
import InputPasswordConfirmation from '../../components/Inputs/InputPasswordConfirmation.vue'
import LanguageSwitchSelect from '../../components/LanguageSwitchSelect.vue'
import { registerUser } from '../../graphql/mutations'
import { createUser } from '../../graphql/mutations'
import { localeChanged } from 'vee-validate'
import { getCommunityInfoMixin } from '../../mixins/getCommunityInfo'
export default {
components: { InputPasswordConfirmation, InputEmail, LanguageSwitchSelect },
components: { InputEmail, LanguageSwitchSelect },
name: 'register',
mixins: [getCommunityInfoMixin],
data() {
@ -211,10 +206,6 @@ export default {
lastname: '',
email: '',
agree: false,
password: {
password: '',
passwordRepeat: '',
},
},
language: '',
submitted: false,
@ -240,12 +231,11 @@ export default {
async onSubmit() {
this.$apollo
.mutate({
mutation: registerUser,
mutation: createUser,
variables: {
email: this.form.email,
firstName: this.form.firstname,
lastName: this.form.lastname,
password: this.form.password.password,
language: this.language,
publisherId: this.$store.state.publisherId,
},
@ -264,8 +254,6 @@ export default {
this.form.email = ''
this.form.firstname = ''
this.form.lastname = ''
this.form.password.password = ''
this.form.password.passwordRepeat = ''
},
},
computed: {

4
frontend/src/views/Pages/RegisterCommunity.spec.js
View File

@ -37,7 +37,9 @@ describe('RegisterCommunity', () => {
},
},
$toasted: {
error: toastErrorMock,
global: {
error: toastErrorMock,
},
},
}

4
frontend/src/views/Pages/RegisterSelectCommunity.spec.js
View File

@ -79,7 +79,9 @@ describe('RegisterSelectCommunity', () => {
show: spinnerMock,
},
$toasted: {
error: toasterMock,
global: {
error: toasterMock,
},
},
}

2
frontend/src/views/Pages/RegisterSelectCommunity.vue
View File

@ -76,7 +76,7 @@ export default {
)
})
.catch((error) => {
this.$toasted.error(error.message)
this.$toasted.global.error(error.message)
})
loader.hide()
this.pending = false

157
frontend/src/views/Pages/ResetPassword.spec.js
View File

@ -6,95 +6,78 @@ import flushPromises from 'flush-promises'
const localVue = global.localVue
const apolloQueryMock = jest.fn().mockRejectedValue({ message: 'error' })
const apolloMutationMock = jest.fn()
const toasterMock = jest.fn()
const routerPushMock = jest.fn()
const stubs = {
RouterLink: RouterLinkStub,
}
const createMockObject = (comingFrom) => {
return {
localVue,
mocks: {
$i18n: {
locale: 'en',
},
$t: jest.fn((t) => t),
$route: {
params: {
optin: '123',
comingFrom,
},
},
$toasted: {
global: {
error: toasterMock,
},
},
$router: {
push: routerPushMock,
},
$loading: {
show: jest.fn(() => {
return { hide: jest.fn() }
}),
},
$apollo: {
mutate: apolloMutationMock,
},
},
stubs,
}
}
describe('ResetPassword', () => {
let wrapper
const mocks = {
$i18n: {
locale: 'en',
},
$t: jest.fn((t) => t),
$route: {
params: {
optin: '123',
},
},
$toasted: {
error: toasterMock,
},
$router: {
push: routerPushMock,
},
$loading: {
show: jest.fn(() => {
return { hide: jest.fn() }
}),
},
$apollo: {
mutate: apolloMutationMock,
query: apolloQueryMock,
},
}
const stubs = {
RouterLink: RouterLinkStub,
}
const Wrapper = () => {
return mount(ResetPassword, { localVue, mocks, stubs })
const Wrapper = (functionName) => {
return mount(ResetPassword, functionName)
}
describe('mount', () => {
beforeEach(() => {
wrapper = Wrapper()
})
it('calls the email verification when created', async () => {
expect(apolloQueryMock).toBeCalledWith(
expect.objectContaining({ variables: { optin: '123' } }),
)
wrapper = Wrapper(createMockObject())
})
describe('No valid optin', () => {
it('does not render the Reset Password form when not authenticated', () => {
it.skip('does not render the Reset Password form when not authenticated', () => {
expect(wrapper.find('form').exists()).toBeFalsy()
})
it('toasts an error when no valid optin is given', () => {
it.skip('toasts an error when no valid optin is given', () => {
expect(toasterMock).toHaveBeenCalledWith('error')
})
it('has a message suggesting to contact the support', () => {
it.skip('has a message suggesting to contact the support', () => {
expect(wrapper.find('div.header').text()).toContain('settings.password.reset')
expect(wrapper.find('div.header').text()).toContain(
'settings.password.reset-password.not-authenticated',
)
expect(wrapper.find('div.header').text()).toContain('settings.password.not-authenticated')
})
})
describe('is authenticated', () => {
beforeEach(() => {
apolloQueryMock.mockResolvedValue({
data: {
loginViaEmailVerificationCode: {
sessionId: 1,
email: 'user@example.org',
},
},
})
})
it.skip('Has sessionId from API call', async () => {
await wrapper.vm.$nextTick()
expect(wrapper.vm.sessionId).toBe(1)
})
it('renders the Reset Password form when authenticated', () => {
expect(wrapper.find('div.resetpwd-form').exists()).toBeTruthy()
})
@ -114,7 +97,7 @@ describe('ResetPassword', () => {
})
it('links to /login when clicking "Back"', async () => {
expect(wrapper.findAllComponents(RouterLinkStub).at(0).props().to).toBe('/Login')
expect(wrapper.findAllComponents(RouterLinkStub).at(0).props().to).toBe('/login')
})
})
@ -128,7 +111,7 @@ describe('ResetPassword', () => {
})
it('toggles the first input field to text when eye icon is clicked', async () => {
wrapper.findAll('button').at(0).trigger('click')
await wrapper.findAll('button').at(0).trigger('click')
await wrapper.vm.$nextTick()
expect(wrapper.findAll('input').at(0).attributes('type')).toBe('text')
})
@ -142,37 +125,61 @@ describe('ResetPassword', () => {
describe('submit form', () => {
beforeEach(async () => {
await wrapper.setData({ authenticated: true, sessionId: 1 })
await wrapper.vm.$nextTick()
// wrapper = Wrapper(createMockObject())
await wrapper.findAll('input').at(0).setValue('Aa123456_')
await wrapper.findAll('input').at(1).setValue('Aa123456_')
await flushPromises()
await wrapper.find('form').trigger('submit')
})
describe('server response with error', () => {
beforeEach(() => {
apolloMutationMock.mockRejectedValue({ message: 'error' })
describe('server response with error code > 10min', () => {
beforeEach(async () => {
jest.clearAllMocks()
apolloMutationMock.mockRejectedValue({ message: '...Code is older than 10 minutes' })
await wrapper.find('form').trigger('submit')
await flushPromises()
})
it('toasts an error message', () => {
expect(toasterMock).toHaveBeenCalledWith('error')
expect(toasterMock).toHaveBeenCalledWith('...Code is older than 10 minutes')
})
it('router pushes to /password/reset', () => {
expect(routerPushMock).toHaveBeenCalledWith('/password/reset')
})
})
describe('server response with error code > 10min', () => {
beforeEach(async () => {
jest.clearAllMocks()
apolloMutationMock.mockRejectedValueOnce({ message: 'Error' })
await wrapper.find('form').trigger('submit')
await flushPromises()
})
it('toasts an error message', () => {
expect(toasterMock).toHaveBeenCalledWith('Error')
})
})
describe('server response with success', () => {
beforeEach(() => {
beforeEach(async () => {
apolloMutationMock.mockResolvedValue({
data: {
resetPassword: 'success',
},
})
wrapper = Wrapper(createMockObject('checkEmail'))
await wrapper.findAll('input').at(0).setValue('Aa123456_')
await wrapper.findAll('input').at(1).setValue('Aa123456_')
await wrapper.find('form').trigger('submit')
await flushPromises()
})
it('calls the API', () => {
expect(apolloMutationMock).toBeCalledWith(
expect.objectContaining({
variables: {
sessionId: 1,
email: 'user@example.org',
code: '123',
password: 'Aa123456_',
},
}),

89
frontend/src/views/Pages/ResetPassword.vue
View File

@ -6,13 +6,10 @@
<b-row class="justify-content-center">
<b-col xl="5" lg="6" md="8" class="px-2">
<h1>{{ $t('settings.password.reset') }}</h1>
<div class="pb-4" v-if="!pending">
<span v-if="authenticated">
<div class="pb-4">
<span>
{{ $t('settings.password.reset-password.text') }}
</span>
<span v-else>
{{ $t('settings.password.reset-password.not-authenticated') }}
</span>
</div>
</b-col>
</b-row>
@ -20,16 +17,16 @@
</div>
</b-container>
<b-container class="mt--8 p-1">
<b-row class="justify-content-center" v-if="authenticated">
<b-row class="justify-content-center">
<b-col lg="6" md="8">
<b-card no-body class="border-0" style="background-color: #ebebeba3 !important">
<b-card-body class="p-4">
<validation-observer ref="observer" v-slot="{ handleSubmit }">
<b-form role="form" @submit.prevent="handleSubmit(onSubmit)">
<input-password-confirmation v-model="form" :register="register" />
<input-password-confirmation v-model="form" />
<div class="text-center">
<b-button type="submit" variant="primary" class="mt-4">
{{ $t('settings.password.reset') }}
{{ $t(displaySetup.button) }}
</b-button>
</div>
</b-form>
@ -38,9 +35,9 @@
</b-card>
</b-col>
</b-row>
<b-row>
<b-row v-if="displaySetup.linkTo">
<b-col class="text-center py-lg-4">
<router-link to="/Login" class="mt-3">{{ $t('back') }}</router-link>
<router-link :to="displaySetup.linkTo" class="mt-3">{{ $t('back') }}</router-link>
</b-col>
</b-row>
</b-container>
@ -48,8 +45,26 @@
</template>
<script>
import InputPasswordConfirmation from '../../components/Inputs/InputPasswordConfirmation'
import { loginViaEmailVerificationCode } from '../../graphql/queries'
import { resetPassword } from '../../graphql/mutations'
import { setPassword } from '../../graphql/mutations'
const textFields = {
reset: {
authenticated: 'settings.password.reset-password.text',
notAuthenticated: 'settings.password.not-authenticated',
button: 'settings.password.reset',
linkTo: '/login',
},
checkEmail: {
authenticated: 'settings.password.set-password.text',
notAuthenticated: 'settings.password.not-authenticated',
button: 'settings.password.set',
linkTo: '/login',
},
login: {
headline: 'site.thx.errorTitle',
subtitle: 'site.thx.activateEmail',
},
}
export default {
name: 'ResetPassword',
@ -62,21 +77,16 @@ export default {
password: '',
passwordRepeat: '',
},
authenticated: false,
sessionId: null,
email: null,
pending: true,
register: false,
displaySetup: {},
}
},
methods: {
async onSubmit() {
this.$apollo
.mutate({
mutation: resetPassword,
mutation: setPassword,
variables: {
sessionId: this.sessionId,
email: this.email,
code: this.$route.params.optin,
password: this.form.password,
},
})
@ -85,35 +95,24 @@ export default {
this.$router.push('/thx/reset')
})
.catch((error) => {
this.$toasted.error(error.message)
if (error.message.includes('Code is older than 10 minutes')) {
this.$toasted.global.error(error.message)
this.$router.push('/password/reset')
} else {
this.$toasted.global.error(error.message)
}
})
},
async authenticate() {
const loader = this.$loading.show({
container: this.$refs.header,
})
const optin = this.$route.params.optin
this.$apollo
.query({
query: loginViaEmailVerificationCode,
variables: {
optin: optin,
},
})
.then((result) => {
this.authenticated = true
this.sessionId = result.data.loginViaEmailVerificationCode.sessionId
this.email = result.data.loginViaEmailVerificationCode.email
})
.catch((error) => {
this.$toasted.error(error.message)
})
loader.hide()
this.pending = false
setDisplaySetup() {
if (!this.$route.params.comingFrom) {
this.displaySetup = textFields.reset
} else {
this.displaySetup = textFields[this.$route.params.comingFrom]
}
},
},
mounted() {
this.authenticate()
created() {
this.setDisplaySetup()
},
}
</script>

4
frontend/src/views/Pages/UserProfile/UserCard_CoinAnimation.spec.js
View File

@ -24,7 +24,9 @@ describe('UserCard_CoinAnimation', () => {
},
$toasted: {
success: toastSuccessMock,
error: toastErrorMock,
global: {
error: toastErrorMock,
},
},
$apollo: {
mutate: mockAPIcall,

2
frontend/src/views/Pages/UserProfile/UserCard_CoinAnimation.vue
View File

@ -58,7 +58,7 @@ export default {
})
.catch((error) => {
this.CoinAnimationStatus = this.$store.state.coinanimation
this.$toasted.error(error.message)
this.$toasted.global.error(error.message)
})
},
},

4
frontend/src/views/Pages/UserProfile/UserCard_FormUserData.spec.js
View File

@ -25,7 +25,9 @@ describe('UserCard_FormUserData', () => {
},
$toasted: {
success: toastSuccessMock,
error: toastErrorMock,
global: {
error: toastErrorMock,
},
},
$apollo: {
mutate: mockAPIcall,

2
frontend/src/views/Pages/UserProfile/UserCard_FormUserData.vue
View File

@ -124,7 +124,7 @@ export default {
this.$toasted.success(this.$t('settings.name.change-success'))
})
.catch((error) => {
this.$toasted.error(error.message)
this.$toasted.global.error(error.message)
})
},
},

4
frontend/src/views/Pages/UserProfile/UserCard_FormUserPasswort.spec.js
View File

@ -17,7 +17,9 @@ describe('UserCard_FormUserPasswort', () => {
$t: jest.fn((t) => t),
$toasted: {
success: toastSuccessMock,
error: toastErrorMock,
global: {
error: toastErrorMock,
},
},
$apollo: {
mutate: changePasswordProfileMock,

2
frontend/src/views/Pages/UserProfile/UserCard_FormUserPasswort.vue
View File

@ -85,7 +85,7 @@ export default {
this.cancelEdit()
})
.catch((error) => {
this.$toasted.error(error.message)
this.$toasted.global.error(error.message)
})
},
},

4
frontend/src/views/Pages/UserProfile/UserCard_FormUsername.spec.js
View File

@ -31,7 +31,9 @@ describe('UserCard_FormUsername', () => {
},
$toasted: {
success: toastSuccessMock,
error: toastErrorMock,
global: {
error: toastErrorMock,
},
},
$apollo: {
mutate: mockAPIcall,

2
frontend/src/views/Pages/UserProfile/UserCard_FormUsername.vue
View File

@ -100,7 +100,7 @@ export default {
this.$toasted.success(this.$t('settings.name.change-success'))
})
.catch((error) => {
this.$toasted.error(error.message)
this.$toasted.global.error(error.message)
this.showUsername = true
this.username = this.$store.state.username
this.form.username = this.$store.state.username

4
frontend/src/views/Pages/UserProfile/UserCard_Language.spec.js
View File

@ -28,7 +28,9 @@ describe('UserCard_Language', () => {
},
$toasted: {
success: toastSuccessMock,
error: toastErrorMock,
global: {
error: toastErrorMock,
},
},
$apollo: {
mutate: mockAPIcall,

2
frontend/src/views/Pages/UserProfile/UserCard_Language.vue
View File

@ -101,7 +101,7 @@ export default {
})
.catch((error) => {
this.language = this.$store.state.language
this.$toasted.error(error.message)
this.$toasted.global.error(error.message)
})
},
buildTagFromLanguageString() {

4
frontend/src/views/Pages/UserProfile/UserCard_Newsletter.spec.js
View File

@ -25,7 +25,9 @@ describe('UserCard_Newsletter', () => {
},
$toasted: {
success: toastSuccessMock,
error: toastErrorMock,
global: {
error: toastErrorMock,
},
},
$apollo: {
mutate: mockAPIcall,

2
frontend/src/views/Pages/UserProfile/UserCard_Newsletter.vue
View File

@ -56,7 +56,7 @@ export default {
})
.catch((error) => {
this.newsletterState = this.$store.state.newsletterState
this.$toasted.error(error.message)
this.$toasted.global.error(error.message)
})
},
},

894
frontend/yarn.lock
View File

File diff suppressed because it is too large Load Diff

2
login_server/src/cpp/model/gradido/Transaction.cpp
View File

@ -491,7 +491,7 @@ namespace model {
break;
case TRANSACTION_VALID_INVALID_TARGET_DATE:
error_name = t->gettext_str("Creation Error");
error_description = t->gettext_str("Invalid target date! No future and only 3 month in the past.");
error_description = t->gettext_str("Invalid target date! No future and only 2 month in the past.");
break;
case TRANSACTION_VALID_CREATION_OUT_OF_BORDER:
error_name = t->gettext_str("Creation Error");

8
login_server/src/cpp/model/gradido/TransactionCreation.cpp
View File

@ -74,8 +74,8 @@ namespace model {
auto now = Poco::DateTime();
if (target_date.year() == now.year())
{
if (target_date.month() + 3 < now.month()) {
addError(new Error(function_name, "year is the same, target date month is more than 3 month in past"));
if (target_date.month() + 2 < now.month()) {
addError(new Error(function_name, "year is the same, target date month is more than 2 month in past"));
return TRANSACTION_VALID_INVALID_TARGET_DATE;
}
if (target_date.month() > now.month()) {
@ -96,8 +96,8 @@ namespace model {
else
{
// target_date.year +1 == now.year
if (target_date.month() + 3 < now.month() + 12) {
addError(new Error(function_name, "target date is more than 3 month in past"));
if (target_date.month() + 2 < now.month() + 12) {
addError(new Error(function_name, "target date is more than 2 month in past"));
return TRANSACTION_VALID_INVALID_TARGET_DATE;
}
}