From 847997542512a4e311ad4d6cdeb64c088ca11cde Mon Sep 17 00:00:00 2001
From: elweyn <heine.hannes@gmail.com>
Date: Tue, 23 Nov 2021 08:05:52 +0100
Subject: [PATCH] Since we don't make a request to the login_server we need to
 catch if user email has been activated.

---
 backend/src/graphql/resolver/UserResolver.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/backend/src/graphql/resolver/UserResolver.ts b/backend/src/graphql/resolver/UserResolver.ts
index 25f83bb09..fffd1f7e6 100644
--- a/backend/src/graphql/resolver/UserResolver.ts
+++ b/backend/src/graphql/resolver/UserResolver.ts
@@ -207,6 +207,7 @@ export class UserResolver {
     const loginUser = await loginUserRepository.findByEmail(email).catch(() => {
       throw new Error('No user with this credentials')
     })
+    if (!loginUser.emailChecked) throw new Error('user email not validated')
     const passwordHash = SecretKeyCryptographyCreateKey(email, password) // return short and long hash
     const loginUserPassword = BigInt(loginUser.password.toString())
     if (loginUserPassword !== passwordHash[0].readBigUInt64LE()) {