diff --git a/backend/src/graphql/arg/UnsecureLoginArgs.ts b/backend/src/graphql/arg/UnsecureLoginArgs.ts index 9e9cde0d9..925cde8a4 100644 --- a/backend/src/graphql/arg/UnsecureLoginArgs.ts +++ b/backend/src/graphql/arg/UnsecureLoginArgs.ts @@ -7,4 +7,7 @@ export default class UnsecureLoginArgs { @Field(() => String) password: string + + @Field(() => Boolean) + hasElopage?: boolean } diff --git a/backend/src/graphql/model/User.ts b/backend/src/graphql/model/User.ts index 21bf1b464..ebdf0aad2 100644 --- a/backend/src/graphql/model/User.ts +++ b/backend/src/graphql/model/User.ts @@ -19,6 +19,7 @@ export class User { this.pubkey = json.public_hex this.language = json.language this.publisherId = json.publisher_id + if (json.hasElopage) this.hasElopage = json.hasElopage } @Field(() => String) @@ -74,4 +75,7 @@ export class User { @Field(() => KlickTipp) klickTipp: KlickTipp + + @Field(() => Boolean) + hasElopage?: boolean } diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts index bbb609d40..a6b7ae724 100644 --- a/backend/src/graphql/resolver/UserResolver.ts +++ b/backend/src/graphql/resolver/UserResolver.ts @@ -31,9 +31,16 @@ import { UserRepository } from '../../typeorm/repository/User' export class UserResolver { @Query(() => User) @UseMiddleware(klicktippNewsletterStateMiddleware) - async login(@Args() { email, password }: UnsecureLoginArgs, @Ctx() context: any): Promise { + async login( + @Args() { email, password, hasElopage }: UnsecureLoginArgs, + @Ctx() context: any, + ): Promise { email = email.trim().toLowerCase() - const result = await apiPost(CONFIG.LOGIN_API_URL + 'unsecureLogin', { email, password }) + const result = await apiPost(CONFIG.LOGIN_API_URL + 'unsecureLogin', { + email, + password, + hasElopage, + }) // if there is no user, throw an authentication error if (!result.success) { diff --git a/docu/login_server.api.md b/docu/login_server.api.md index 60ed74f02..90bdedf3d 100644 --- a/docu/login_server.api.md +++ b/docu/login_server.api.md @@ -40,10 +40,12 @@ with: "email": "max.musterman@gmail.de", "username": "Maxilein", "password": "123abcDE&" + "hasElopage": true } ``` `username` or `email` must be present! If booth present, `email` will be used. +`hasElopage`: optional, if set to true login will also check if user has an elopage account ### Response In case of success returns: @@ -67,6 +69,7 @@ In case of success returns: "username": "" }, "session_id": -127182, + "hasElopage": tr "clientIP":"123.123.123.123" } ``` @@ -86,6 +89,7 @@ In case of success returns: - `role`: role of user currently only "none" or "admin" - `username`: not used yet - `clientIP`: should be the same as where the js-client is running, else maybe a man-in-the-middle attacks is happening or +- `hasElopage`: only present if hasElopage was set to true in request, true if user has an elopage account nginx was wrong configured. - `session_id`: can be also negative diff --git a/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp b/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp index 5d337df41..9cd6e2d1a 100644 --- a/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp +++ b/login_server/src/cpp/JSONInterface/JsonUnsecureLogin.cpp @@ -8,6 +8,8 @@ #include "../lib/DataTypeConverter.h" +#include "../model/table/ElopageBuy.h" + Poco::JSON::Object* JsonUnsecureLogin::handle(Poco::Dynamic::Var params) { @@ -23,6 +25,7 @@ Poco::JSON::Object* JsonUnsecureLogin::handle(Poco::Dynamic::Var params) std::string email; std::string username; std::string password; + bool hasElopage = false; // if is json object if (params.type() == typeid(Poco::JSON::Object::Ptr)) { @@ -38,6 +41,11 @@ Poco::JSON::Object* JsonUnsecureLogin::handle(Poco::Dynamic::Var params) auto email_obj = paramJsonObject->get("email"); auto username_obj = paramJsonObject->get("username"); + auto hasElopage_obj = paramJsonObject->get("hasElopage"); + if (!hasElopage_obj.isEmpty()) { + hasElopage_obj.convert(hasElopage); + } + if (!email_obj.isEmpty()) { email_obj.convert(email); } @@ -141,6 +149,10 @@ Poco::JSON::Object* JsonUnsecureLogin::handle(Poco::Dynamic::Var params) if(infos.size() > 0) { result->set("info", infos); } + if (hasElopage) { + auto elopage_buy = Poco::AutoPtr(new model::table::ElopageBuy); + result->set("hasElopage", elopage_buy->isExistInDB("email", mSession->getNewUser()->getModel()->getEmail())); + } return result; default: result->set("state", "error");