IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

UserResolver

Browse Source 
- on login have a specific message for deleted users
- when trying to register also check for deleted users and prevent registration
This commit is contained in:
Ulf Gebhardt 2022-02-18 12:49:05 +01:00
parent 8eaed23af4
commit 90bdca04a6
Signed by: ulfgebhardt
GPG Key ID: DA6B843E748679C9
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
backend/src/graphql/resolver/UserResolver.ts
View File

@ -250,9 +250,12 @@ export class UserResolver {
@Ctx() context: any,
): Promise<User> {
email = email.trim().toLowerCase()
const dbUser = await DbUser.findOneOrFail({ email }).catch(() => {
const dbUser = await DbUser.findOneOrFail({ email }, { withDeleted: true }).catch(() => {
throw new Error('No user with this credentials')
})
if (dbUser.deletedAt) {
throw new Error('This user was permanently disabled. Contact support for questions.')
}
if (!dbUser.emailChecked) {
throw new Error('User email not validated')
}
@ -335,9 +338,9 @@ export class UserResolver {
// Validate email unique
// TODO: i can register an email in upper/lower case twice
const userRepository = getCustomRepository(UserRepository)
const usersFound = await userRepository.count({ email })
if (usersFound !== 0) {
// TODO we cannot use repository.count(), since it does not allow to specify if you want to include the soft deletes
const userFound = await DbUser.findOne({ email }, { withDeleted: true })
if (userFound) {
// TODO: this is unsecure, but the current implementation of the login server. This way it can be queried if the user with given EMail is existent.
throw new Error(`User already exists.`)
}