Merge branch 'master' into 1002-language-selection-register-store

2025-12-13 07:45:54 +00:00 · 2021-11-22 23:49:52 +01:00 · 2021-11-22 23:49:52 +01:00 · ed3d9ca422
commit ed3d9ca422
parent 9d17e31d8f 9297dc9f5a
168 changed files with 27466 additions and 9366 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -29,6 +29,32 @@ jobs:
          name: docker-frontend-test
          path: /tmp/frontend.tar
  ##############################################################################
  # JOB: DOCKER BUILD TEST ADMIN INTERFACE #####################################
  ##############################################################################
  build_test_admin:
    name: Docker Build Test - Admin Interface
    runs-on: ubuntu-latest
    #needs: [nothing]
    steps:
      ##########################################################################
      # CHECKOUT CODE ##########################################################
      ##########################################################################
      - name: Checkout code
        uses: actions/checkout@v2
      ##########################################################################
      # ADMIN INTERFACE ########################################################
      ##########################################################################
      - name: Admin | Build `test` image
        run: |
          docker build --target test -t "gradido/admin:test" admin/
          docker save "gradido/admin:test" > /tmp/admin.tar
      - name: Upload Artifact
        uses: actions/upload-artifact@v2
        with:
          name: docker-admin-test
          path: /tmp/admin.tar
  ##############################################################################
  # JOB: DOCKER BUILD TEST BACKEND #############################################
  ##############################################################################
@ -147,7 +173,7 @@ jobs:
      ##########################################################################
      - name: mariadb | Build `test` image
        run: |
-          docker build --target mariadb_server_test -t "gradido/mariadb:test" -f ./mariadb/Dockerfile ./
+          docker build --target mariadb_server -t "gradido/mariadb:test" -f ./mariadb/Dockerfile ./
          docker save "gradido/mariadb:test" > /tmp/mariadb.tar
      - name: Upload Artifact
        uses: actions/upload-artifact@v2
@ -240,7 +266,36 @@ jobs:
        run: docker run --rm gradido/frontend:test yarn run lint
  ##############################################################################
-  # JOB: LINT BACKEND #########################################################
+  # JOB: LINT ADMIN INTERFACE ##################################################
  ##############################################################################
  lint_admin:
    name: Lint - Admin Interface
    runs-on: ubuntu-latest
    needs: [build_test_admin]
    steps:
      ##########################################################################
      # CHECKOUT CODE ##########################################################
      ##########################################################################
      - name: Checkout code
        uses: actions/checkout@v2
      ##########################################################################
      # DOWNLOAD DOCKER IMAGE ##################################################
      ##########################################################################
      - name: Download Docker Image (Admin Interface)
        uses: actions/download-artifact@v2
        with:
          name: docker-admin-test
          path: /tmp
      - name: Load Docker Image
        run: docker load < /tmp/admin.tar
      ##########################################################################
      # LINT ADMIN INTERFACE ###################################################
      ##########################################################################
      - name: Admin Interface | Lint
        run: docker run --rm gradido/admin:test yarn run lint
  ##############################################################################
  # JOB: LINT BACKEND ##########################################################
  ##############################################################################
  lint_backend:
    name: Lint - Backend
@ -344,16 +399,16 @@ jobs:
          report_name: Coverage Frontend
          type: lcov
          result_path: ./coverage/lcov.info
-          min_coverage: 82
+          min_coverage: 86
          token: ${{ github.token }}
  ##############################################################################
-  # JOB: UNIT TEST BACKEND  ####################################################
+  # JOB: UNIT TEST ADMIN INTERFACE #############################################
  ##############################################################################
-  unit_test_backend:
+  unit_test_admin:
-    name: Unit tests - Backend
+    name: Unit tests - Admin Interface
    runs-on: ubuntu-latest
-    needs: [build_test_backend]
+    needs: [build_test_admin]
    steps:
      ##########################################################################
      # CHECKOUT CODE ##########################################################
@ -363,6 +418,55 @@ jobs:
      ##########################################################################
      # DOWNLOAD DOCKER IMAGES #################################################
      ##########################################################################
      - name: Download Docker Image (Admin Interface)
        uses: actions/download-artifact@v2
        with:
          name: docker-admin-test
          path: /tmp
      - name: Load Docker Image
        run: docker load < /tmp/admin.tar
      ##########################################################################
      # UNIT TESTS ADMIN INTERFACE #############################################
      ##########################################################################
      - name: Admin Interface | Unit tests
        run: |
          docker run -v ~/coverage:/app/coverage --rm gradido/admin:test yarn run test
          cp -r ~/coverage ./coverage
      ##########################################################################
      # COVERAGE CHECK ADMIN INTERFACE #########################################
      ##########################################################################
      - name: Admin Interface | Coverage check
        uses: webcraftmedia/coverage-check-action@master
        with:
          report_name: Coverage Admin Interface
          type: lcov
          result_path: ./coverage/lcov.info
          min_coverage: 65
          token: ${{ github.token }}
  ##############################################################################
  # JOB: UNIT TEST BACKEND  ####################################################
  ##############################################################################
  unit_test_backend:
    name: Unit tests - Backend
    runs-on: ubuntu-latest
    needs: [build_test_backend,build_test_mariadb]
    steps:
      ##########################################################################
      # CHECKOUT CODE ##########################################################
      ##########################################################################
      - name: Checkout code
        uses: actions/checkout@v2
      ##########################################################################
      # DOWNLOAD DOCKER IMAGES #################################################
      ##########################################################################
      - name: Download Docker Image (Mariadb)
        uses: actions/download-artifact@v2
        with:
          name: docker-mariadb-test
          path: /tmp
      - name: Load Docker Image
        run: docker load < /tmp/mariadb.tar
      - name: Download Docker Image (Backend)
        uses: actions/download-artifact@v2
        with:
@ -373,10 +477,11 @@ jobs:
      ##########################################################################
      # UNIT TESTS BACKEND #####################################################
      ##########################################################################
-      - name: backend | Unit tests
+      - name: backend | docker-compose
-        run: |
+        run: docker-compose -f docker-compose.yml -f docker-compose.test.yml up --detach --no-deps mariadb database
-          docker run -v ~/coverage:/app/coverage --rm gradido/backend:test yarn run test
+      - name: backend Unit tests | test
-          cp -r ~/coverage ./coverage
+        run: cd database && yarn && cd ../backend && yarn && yarn test  
        # run: docker-compose -f docker-compose.yml -f docker-compose.test.yml exec -T backend yarn test
      ##########################################################################
      # COVERAGE CHECK BACKEND #################################################
      ##########################################################################
@ -385,8 +490,8 @@ jobs:
        with:
          report_name: Coverage Backend
          type: lcov
-          result_path: ./coverage/lcov.info
+          result_path: ./backend/coverage/lcov.info
-          min_coverage: 1
+          min_coverage: 38
          token: ${{ github.token }}
  ##############################################################################
@ -409,10 +514,16 @@ jobs:
                 --health-timeout=3s
                 --health-retries=4
    steps: 
-      - name: Debug service
+      # - name: Debug service
-        run: echo "$(docker ps)"
+      #  run: echo "$(docker ps)"
-      - name: Debug container choosing script
+      #- name: Debug container choosing script
-        run: echo "$(docker container ls | grep mariadb | awk '{ print $1 }')"
+      #  run: echo "$(docker container ls | grep mariadb | awk '{ print $1 }')"
      - name: get mariadb container id
        run: echo "::set-output name=id::$(docker container ls | grep mariadb | awk '{ print $1 }')"
        id: mariadb_container
      - name: get automatic created network
        run: echo "::set-output name=id::$(docker network ls | grep github_network | awk '{ print $1 }')"
        id: network
      ##########################################################################
      # CHECKOUT CODE ##########################################################
      ##########################################################################
@ -420,6 +531,11 @@ jobs:
        uses: actions/checkout@v2
        with:
          submodules: true
      # Database migration
      - name: Start database migration
        run: |
          docker build --target production_up -t "gradido/database:production_up" database/
          docker run --network ${{ steps.network.outputs.id }} --name=database --env NODE_ENV=production --env DB_HOST=mariadb --env DB_DATABASE=gradido_community_test -d gradido/database:production_up
      ##########################################################################
      # Build Login-Server Test Docker image ###################################
      ##########################################################################
--- a/.gitignore
+++ b/.gitignore
@ -2,7 +2,6 @@
 /node_modules/*
 .vscode
 messages.pot
 .skeema
 nbproject
 .metadata
 /.env
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@ -0,0 +1,7 @@
 {
    "recommendations": [
        "streetsidesoftware.code-spell-checker",
        "dbaeumer.vscode-eslint",
        "esbenp.prettier-vscode"
    ]
 }
--- a/README.md
+++ b/README.md
@ -8,33 +8,73 @@ The Gradido model can create global prosperity and peace
 The Corona crisis has fundamentally changed our world within a very short time.
 The dominant financial system threatens to fail around the globe, followed by mass insolvencies, record unemployment and abject poverty. Only with a sustainable new monetary system can humanity master these challenges of the 21st century. The Gradido Academy for Bionic Economy has developed such a system.
 Find out more about the Project on its [Website](https://gradido.net/). It is offering vast resources about the idea. The remaining document will discuss the gradido software only.
 ## Software requirements
-Currently we only support `docker` as environment to run all services, since many different programming languages and frameworks are used.
+Currently we only support `docker` install instructions to run all services, since many different programming languages and frameworks are used.
 - [docker](https://www.docker.com/) 
 - [docker-compose]
 ### For Arch Linux
 Install the required packages:
 ```bash
 sudo pacman -S docker
 sudo pacman -S docker-compose
 ```
 Add group `docker` and then your user to it in order to allow you to run docker without sudo 
 ```bash
 sudo groupadd docker # may already exist `groupadd: group 'docker' already exists`
 sudo usermod -aG docker $USER
 groups # verify you have the group (requires relog)
 ```
 Start the docker service:
 ```bash
 sudo systemctrl start docker
 ```
 ## How to run?
-1. Clone the repo and pull all submodules
+### 1. Clone Sources
-
+Clone the repo and pull all submodules
 ```bash
 git clone git@github.com:gradido/gradido.git
 git submodule update --recursive --init
 ```
-2. Run docker compose
+### 2. Run docker-compose
-    1. Run docker compose for the debug build
+Run docker-compose to bring up the development environment 
 ```bash
 docker-compose up
 ```
 ### Additional Build options
 If you want to build for production you can do this aswell:
 ```bash
 docker-compose -f docker-compose.yml up
 ```
-    ```bash
+## Services defined in this package
    docker-compose up
    ```
-   2. Or run docker compose in production build
+- [frontend](./frontend) Wallet frontend
 - [backend](./backend) GraphQL & Business logic backend
 - [mariadb](./mariadb) Database backend
 - [login_server](./login_server) User credential storage & business logic backend
 - [community_server](./community_server/) Business logic backend
-    ```bash
+We are currently restructuring the service to reduce dependencies and unify business logic into one place. Furthermore the databases defined for each service will be unified into one.
-    docker-compose -f docker-compose.yml up
+
-    ```
+### Open the wallet
 Once you have `docker-compose` up and running, you can open [http://localhost/vue](http://localhost/vue) and create yourself a new wallet account.
 ## Troubleshooting
 | Problem | Issue | Solution | Description |
 | ------- | ----- | -------- | ----------- |
 | docker-compose raises database connection errors | [#1062](https://github.com/gradido/gradido/issues/1062) | End `ctrl+c` and restart the `docker-compose up` after a successful build | Several Database connection related errors occur in the docker-compose log. |
 | Wallet page is empty | [#1063](https://github.com/gradido/gradido/issues/1063) | Accept Cookies and Local Storage in your Browser | The page stays empty when navigating to [http://localhost/vue](http://localhost/vue) |
 ## Useful Links
--- a/admin/.dockerignore
+++ b/admin/.dockerignore
@ -0,0 +1,3 @@
 node_modules
 .git
 .gitignore
--- a/admin/.eslintignore
+++ b/admin/.eslintignore
@ -0,0 +1,4 @@
 node_modules
 coverage
 **/*.min.js
 dist
--- a/admin/.eslintrc.js
+++ b/admin/.eslintrc.js
@ -0,0 +1,26 @@
 module.exports = {
  root: true,
  env: {
    browser: true,
    node: true,
    jest: true,
  },
  parserOptions: {
    parser: 'babel-eslint',
  },
  extends: ['standard', 'plugin:vue/essential', 'plugin:prettier/recommended'],
  // required to lint *.vue files
  plugins: ['vue', 'prettier', 'jest'],
  // add your custom rules here
  rules: {
    'no-console': ['error'],
    'no-debugger': process.env.NODE_ENV === 'production' ? 'error' : 'off',
    'vue/component-name-in-template-casing': ['error', 'kebab-case'],
    'prettier/prettier': [
      'error',
      {
        htmlWhitespaceSensitivity: 'ignore',
      },
    ],
  },
 }
--- a/admin/.gitattributes
+++ b/admin/.gitattributes
@ -0,0 +1,15 @@
 # Auto detect text files and perform LF normalization
 *.scss linguist-language=Vue
 *.css linguist-language=Vue
 # Standard to msysgit
 *.doc	 diff=astextplain
 *.DOC	 diff=astextplain
 *.docx diff=astextplain
 *.DOCX diff=astextplain
 *.dot  diff=astextplain
 *.DOT  diff=astextplain
 *.pdf  diff=astextplain
 *.PDF	 diff=astextplain
 *.rtf	 diff=astextplain
 *.RTF	 diff=astextplain
--- a/admin/.gitignore
+++ b/admin/.gitignore
@ -0,0 +1,11 @@
 node_modules/
 dist/
 .cache/
 .env
 # coverage folder
 coverage/
 # emacs
 *~
--- a/admin/.prettierrc.js
+++ b/admin/.prettierrc.js
@ -0,0 +1,8 @@
 module.exports = {
  semi: false,
  printWidth: 100,
  singleQuote: true,
  trailingComma: "all",
  tabWidth: 2,
  bracketSpacing: true
 };
--- a/admin/Dockerfile
+++ b/admin/Dockerfile
@ -0,0 +1,98 @@
 ##################################################################################
 # BASE ###########################################################################
 ##################################################################################
 FROM node:14.17.0-alpine3.10 as base
 # ENVs (available in production aswell, can be overwritten by commandline or env file)
 ## DOCKER_WORKDIR would be a classical ARG, but that is not multi layer persistent - shame
 ENV DOCKER_WORKDIR="/app"
 ## We Cannot do `$(date -u +'%Y-%m-%dT%H:%M:%SZ')` here so we use unix timestamp=0
 ENV BUILD_DATE="1970-01-01T00:00:00.00Z"
 ## We cannot do $(npm run version).${BUILD_NUMBER} here so we default to 0.0.0.0
 ENV BUILD_VERSION="0.0.0.0"
 ## We cannot do `$(git rev-parse --short HEAD)` here so we default to 0000000
 ENV BUILD_COMMIT="0000000"
 ## SET NODE_ENV
 ENV NODE_ENV="production"
 ## App relevant Envs
 ENV PORT="8080"
 # Labels
 LABEL org.label-schema.build-date="${BUILD_DATE}"
 LABEL org.label-schema.name="gradido:admin"
 LABEL org.label-schema.description="Gradido Vue Admin Interface"
 LABEL org.label-schema.usage="https://github.com/gradido/gradido/admin/README.md"
 LABEL org.label-schema.url="https://gradido.net"
 LABEL org.label-schema.vcs-url="https://github.com/gradido/gradido/backend"
 LABEL org.label-schema.vcs-ref="${BUILD_COMMIT}"
 LABEL org.label-schema.vendor="gradido Community"
 LABEL org.label-schema.version="${BUILD_VERSION}"
 LABEL org.label-schema.schema-version="1.0"
 LABEL maintainer="support@ogradido.net"
 # Install Additional Software
 ## install: git
 #RUN apk --no-cache add git
 # Settings
 ## Expose Container Port
 EXPOSE ${PORT}
 ## Workdir
 RUN mkdir -p ${DOCKER_WORKDIR}
 WORKDIR ${DOCKER_WORKDIR}
 ##################################################################################
 # DEVELOPMENT (Connected to the local environment, to reload on demand) ##########
 ##################################################################################
 FROM base as development
 # We don't need to copy or build anything since we gonna bind to the
 # local filesystem which will need a rebuild anyway
 # Run command
 # (for development we need to execute yarn install since the
 #  node_modules are on another volume and need updating)
 CMD /bin/sh -c "yarn install && yarn run dev"
 ##################################################################################
 # BUILD (Does contain all files and is therefore bloated) ########################
 ##################################################################################
 FROM base as build
 # Copy everything
 COPY . .
 # yarn install
 RUN yarn install --production=false --frozen-lockfile --non-interactive
 # yarn build
 RUN yarn run build
 ##################################################################################
 # TEST ###########################################################################
 ##################################################################################
 FROM build as test
 # Install Additional Software
 RUN apk add --no-cache bash jq
 # Run command
 CMD /bin/sh -c "yarn run dev"
 ##################################################################################
 # PRODUCTION (Does contain only "binary"- and static-files to reduce image size) #
 ##################################################################################
 FROM base as production
 # Copy "binary"-files from build image
 COPY --from=build ${DOCKER_WORKDIR}/dist ./dist
 # We also copy the node_modules express and serve-static for the run script
 COPY --from=build ${DOCKER_WORKDIR}/node_modules ./node_modules
 # Copy static files
 COPY --from=build ${DOCKER_WORKDIR}/public ./public
 # Copy package.json for script definitions (lock file should not be needed)
 COPY --from=build ${DOCKER_WORKDIR}/package.json ./package.json
 # Copy run scripts run/
 COPY --from=build ${DOCKER_WORKDIR}/run ./run
 # Run command
 CMD /bin/sh -c "yarn run start"
--- a/admin/README.md
+++ b/admin/README.md
@ -0,0 +1,26 @@
 # admin
 ## Project setup
 ```
 yarn install
 ```
 ### Compiles and hot-reloads for development
 ```
 yarn serve
 ```
 ### Compiles and minifies for production
 ```
 yarn build
 ```
 ### Lints and fixes files
 ```
 yarn lint
 ```
 ### Unit tests
 ```
 yarn test
 ```
--- a/admin/babel.config.js
+++ b/admin/babel.config.js
@ -0,0 +1,4 @@
 module.exports = {
  presets: ['@babel/preset-env'],
  plugins: ['transform-require-context'],
 }
--- a/admin/jest.config.js
+++ b/admin/jest.config.js
@ -0,0 +1,25 @@
 module.exports = {
  verbose: true,
  collectCoverageFrom: ['src/**/*.{js,vue}', '!**/node_modules/**', '!**/?(*.)+(spec|test).js?(x)'],
  moduleFileExtensions: [
    'js',
    // 'jsx',
    'json',
    'vue',
  ],
  // coverageReporters: ['lcov', 'text'],
  moduleNameMapper: {
    '^@/(.*)$': '<rootDir>/src/$1',
    '\\.(css|less)$': 'identity-obj-proxy',
  },
  transform: {
    '^.+\\.vue$': 'vue-jest',
    '^.+\\.(js|jsx)?$': 'babel-jest',
    '<rootDir>/node_modules/vee-validate/dist/rules': 'babel-jest',
  },
  setupFiles: ['<rootDir>/test/testSetup.js'],
  testMatch: ['**/?(*.)+(spec|test).js?(x)'],
  // snapshotSerializers: ['jest-serializer-vue'],
  transformIgnorePatterns: ['<rootDir>/node_modules/(?!vee-validate/dist/rules)'],
  testEnvironment: 'jest-environment-jsdom-sixteen',
 }
--- a/admin/package.json
+++ b/admin/package.json
@ -0,0 +1,70 @@
 {
  "name": "admin",
  "description": "Administraion Interface for Gradido",
  "main": "index.js",
  "author": "Moriz Wahl",
  "version": "0.1.0",
  "license": "MIT",
  "private": false,
  "scripts": {
    "start": "node run/server.js",
    "serve": "vue-cli-service serve --open",
    "dev": "yarn run serve",
    "build": "vue-cli-service build",
    "lint": "eslint --ext .js,.vue .",
    "test": "jest --coverage"
  },
  "dependencies": {
    "@babel/core": "^7.15.8",
    "@babel/node": "^7.15.8",
    "@babel/preset-env": "^7.15.8",
    "@vue/cli-plugin-unit-jest": "^4.5.14",
    "@vue/eslint-config-prettier": "^6.0.0",
    "@vue/test-utils": "^1.2.2",
    "apollo-boost": "^0.4.9",
    "babel-core": "7.0.0-bridge.0",
    "babel-jest": "^27.3.1",
    "babel-plugin-component": "^1.1.1",
    "babel-preset-env": "^1.7.0",
    "babel-preset-vue": "^2.0.2",
    "bootstrap": "^5.1.3",
    "bootstrap-vue": "^2.21.2",
    "core-js": "^3.6.5",
    "dotenv-webpack": "^7.0.3",
    "graphql": "^15.6.1",
    "jest": "26.6.3",
    "regenerator-runtime": "^0.13.9",
    "stats-webpack-plugin": "^0.7.0",
    "vue": "^2.6.11",
    "vue-apollo": "^3.0.8",
    "vue-i18n": "^8.26.5",
    "vue-jest": "^3.0.7",
    "vue-router": "^3.5.3",
    "vuex": "^3.6.2"
  },
  "devDependencies": {
    "@babel/eslint-parser": "^7.15.8",
    "@vue/cli-plugin-babel": "~4.5.0",
    "@vue/cli-plugin-eslint": "~4.5.0",
    "@vue/cli-service": "~4.5.0",
    "babel-eslint": "^10.1.0",
    "babel-plugin-transform-require-context": "^0.1.1",
    "eslint": "7.25.0",
    "eslint-config-prettier": "^8.3.0",
    "eslint-config-standard": "^16.0.3",
    "eslint-loader": "^4.0.2",
    "eslint-plugin-import": "^2.25.2",
    "eslint-plugin-jest": "^25.2.2",
    "eslint-plugin-node": "^11.1.0",
    "eslint-plugin-prettier": "3.3.1",
    "eslint-plugin-promise": "^5.1.1",
    "eslint-plugin-vue": "^7.20.0",
    "jest-environment-jsdom-sixteen": "^2.0.0",
    "vue-template-compiler": "^2.6.11"
  },
  "browserslist": [
    "> 1%",
    "last 2 versions",
    "not ie <= 10"
  ]
 }
--- a/admin/public/favicon.png
+++ b/admin/public/favicon.png
--- a/admin/public/index.html
+++ b/admin/public/index.html
@ -0,0 +1,22 @@
 <!DOCTYPE html>
 <html>
 <head>
  <meta charset="utf-8">
  <link rel="icon" type="image/png" sizes="96x96" href="<%= webpackConfig.output.publicPath %>favicon.png">
  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
  <title>Gradido Admin Interface</title>
  <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0">
  <!-- Fonts -->
  <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700">
  <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.6.3/css/all.css" integrity="sha384-UHRtZLI+pbxtHCWp1t77Bi1L4ZtiqrqD80Kn4Z8NTSRyMA2Fd33n5dQ8lWUE00s/" crossorigin="anonymous">
 </head>
 <body>
 <div class="wrapper" id="app">
 </div>
 <!-- built files will be auto injected -->
 </body>
 </html>
--- a/admin/run/server.js
+++ b/admin/run/server.js
@ -0,0 +1,15 @@
 // Imports
 const express = require('express')
 const serveStatic = require('serve-static')
 // Port
 const port = process.env.PORT || 8080
 // Express Server
 const app = express()
 // eslint-disable-next-line node/no-path-concat
 app.use(serveStatic(__dirname + '/../dist'))
 app.listen(port)
 // eslint-disable-next-line no-console
 console.log(`http://admin:${port} server started.`)
--- a/admin/src/App.spec.js
+++ b/admin/src/App.spec.js
@ -0,0 +1,68 @@
 import { mount } from '@vue/test-utils'
 import App from './App'
 const localVue = global.localVue
 const storeCommitMock = jest.fn()
 const mocks = {
  $store: {
    commit: storeCommitMock,
  },
 }
 const localStorageMock = (() => {
  let store = {}
  return {
    getItem: (key) => {
      return store[key] || null
    },
    setItem: (key, value) => {
      store[key] = value.toString()
    },
    removeItem: (key) => {
      delete store[key]
    },
    clear: () => {
      store = {}
    },
  }
 })()
 describe('App', () => {
  let wrapper
  const Wrapper = () => {
    return mount(App, { localVue, mocks })
  }
  describe('mount', () => {
    beforeEach(() => {
      wrapper = Wrapper()
    })
    it('has a div with id "app"', () => {
      expect(wrapper.find('div#app').exists()).toBeTruthy()
    })
  })
  describe('window localStorage is undefined', () => {
    it('does not commit a token to the store', () => {
      expect(storeCommitMock).not.toBeCalled()
    })
  })
  describe('with token in local storage', () => {
    beforeEach(() => {
      Object.defineProperty(window, 'localStorage', {
        value: localStorageMock,
      })
      window.localStorage.setItem('vuex', JSON.stringify({ token: 1234 }))
    })
    it.skip('commits the token to the store', () => {
      expect(storeCommitMock).toBeCalledWith('token', 1234)
    })
  })
 })
--- a/admin/src/App.vue
+++ b/admin/src/App.vue
@ -0,0 +1,9 @@
 <template>
  <div id="app"></div>
 </template>
 <script>
 export default {
  name: 'App',
 }
 </script>
--- a/admin/src/components/NotFoundPage.spec.js
+++ b/admin/src/components/NotFoundPage.spec.js
@ -0,0 +1,22 @@
 import { mount } from '@vue/test-utils'
 import NotFoundPage from './NotFoundPage'
 const localVue = global.localVue
 describe('NotFoundPage', () => {
  let wrapper
  const Wrapper = () => {
    return mount(NotFoundPage, { localVue })
  }
  describe('mount', () => {
    beforeEach(() => {
      wrapper = Wrapper()
    })
    it('has a svg', () => {
      expect(wrapper.find('svg').exists()).toBeTruthy()
    })
  })
 })
--- a/admin/src/components/NotFoundPage.vue
+++ b/admin/src/components/NotFoundPage.vue
--- a/admin/src/config/index.js
+++ b/admin/src/config/index.js
@ -0,0 +1,33 @@
 // ATTENTION: DO NOT PUT ANY SECRETS IN HERE (or the .env).
 //            The whole contents is exposed to the client
 // Load Package Details for some default values
 const pkg = require('../../package')
 const version = {
  APP_VERSION: pkg.version,
  BUILD_COMMIT: process.env.BUILD_COMMIT || null,
  // self reference of `version.BUILD_COMMIT` is not possible at this point, hence the duplicate code
  BUILD_COMMIT_SHORT: (process.env.BUILD_COMMIT || '0000000').substr(0, 7),
 }
 const environment = {
  NODE_ENV: process.env.NODE_ENV,
  DEBUG: process.env.NODE_ENV !== 'production' || false,
  PRODUCTION: process.env.NODE_ENV === 'production' || false,
 }
 const server = {
  GRAPHQL_URI: process.env.GRAPHQL_URI || 'http://localhost:4000/graphql',
 }
 const options = {}
 const CONFIG = {
  ...version,
  ...environment,
  ...server,
  ...options,
 }
 export default CONFIG
--- a/admin/src/i18n.js
+++ b/admin/src/i18n.js
@ -0,0 +1,89 @@
 import Vue from 'vue'
 import VueI18n from 'vue-i18n'
 Vue.use(VueI18n)
 const loadLocaleMessages = () => {
  const locales = require.context('./locales', true, /[A-Za-z0-9-_,\s]+\.json$/i)
  const messages = {}
  locales.keys().forEach((key) => {
    const matched = key.match(/([A-Za-z0-9-_]+)\./i)
    if (matched && matched.length > 1) {
      const locale = matched[1]
      messages[locale] = locales(key)
    }
  })
  return messages
 }
 const numberFormats = {
  en: {
    decimal: {
      style: 'decimal',
      minimumFractionDigits: 2,
      maximumFractionDigits: 2,
    },
    ungroupedDecimal: {
      style: 'decimal',
      minimumFractionDigits: 2,
      maximumFractionDigits: 2,
      useGrouping: false,
    },
  },
  de: {
    decimal: {
      style: 'decimal',
      minimumFractionDigits: 2,
      maximumFractionDigits: 2,
    },
    ungroupedDecimal: {
      style: 'decimal',
      minimumFractionDigits: 2,
      maximumFractionDigits: 2,
      useGrouping: false,
    },
  },
 }
 const dateTimeFormats = {
  en: {
    short: {
      year: 'numeric',
      month: 'numeric',
      day: 'numeric',
    },
    long: {
      year: 'numeric',
      month: 'short',
      day: 'numeric',
      weekday: 'short',
      hour: 'numeric',
      minute: 'numeric',
    },
  },
  de: {
    short: {
      day: 'numeric',
      month: 'numeric',
      year: 'numeric',
    },
    long: {
      day: 'numeric',
      month: 'short',
      year: 'numeric',
      weekday: 'short',
      hour: 'numeric',
      minute: 'numeric',
    },
  },
 }
 const i18n = new VueI18n({
  locale: 'en',
  fallbackLocale: 'en',
  messages: loadLocaleMessages(),
  numberFormats,
  dateTimeFormats,
 })
 export default i18n
--- a/admin/src/locales/de.json
+++ b/admin/src/locales/de.json
@ -0,0 +1 @@
 {}
--- a/admin/src/locales/en.json
+++ b/admin/src/locales/en.json
@ -0,0 +1 @@
 {}
--- a/admin/src/main.js
+++ b/admin/src/main.js
@ -0,0 +1,63 @@
 import Vue from 'vue'
 import App from './App.vue'
 // without this async calls are not working
 import 'regenerator-runtime'
 import store from './store/store'
 import router from './router/router'
 import addNavigationGuards from './router/guards'
 import i18n from './i18n'
 import { ApolloClient, ApolloLink, InMemoryCache, HttpLink } from 'apollo-boost'
 import VueApollo from 'vue-apollo'
 import CONFIG from './config'
 import { BootstrapVue } from 'bootstrap-vue'
 const httpLink = new HttpLink({ uri: CONFIG.GRAPHQL_URI })
 const authLink = new ApolloLink((operation, forward) => {
  const token = store.state.token
  operation.setContext({
    headers: {
      Authorization: token && token.length > 0 ? `Bearer ${token}` : '',
    },
  })
  return forward(operation)
  /* .map((response) => {
    if (response.errors && response.errors[0].message === '403.13 - Client certificate revoked') {
      response.errors[0].message = i18n.t('error.session-expired')
      store.dispatch('logout', null)
      if (router.currentRoute.path !== '/login') router.push('/login')
      return response
    }
    const newToken = operation.getContext().response.headers.get('token')
    if (newToken) store.commit('token', newToken)
    return response
  }) */
 })
 const apolloClient = new ApolloClient({
  link: authLink.concat(httpLink),
  cache: new InMemoryCache(),
 })
 const apolloProvider = new VueApollo({
  defaultClient: apolloClient,
 })
 Vue.use(BootstrapVue)
 addNavigationGuards(router, store)
 new Vue({
  router,
  store,
  i18n,
  apolloProvider,
  render: (h) => h(App),
 }).$mount('#app')
--- a/admin/src/main.test.js
+++ b/admin/src/main.test.js
@ -0,0 +1,56 @@
 import { ApolloClient, ApolloLink, InMemoryCache, HttpLink } from 'apollo-boost'
 import './main'
 import CONFIG from './config'
 import Vue from 'vue'
 import Vuex from 'vuex'
 import VueI18n from 'vue-i18n'
 jest.mock('vue')
 jest.mock('vuex')
 jest.mock('vue-i18n')
 const storeMock = jest.fn()
 Vuex.Store = storeMock
 jest.mock('apollo-boost', () => {
  return {
    __esModule: true,
    ApolloClient: jest.fn(),
    ApolloLink: jest.fn(() => {
      return { concat: jest.fn() }
    }),
    InMemoryCache: jest.fn(),
    HttpLink: jest.fn(),
  }
 })
 describe('main', () => {
  it('calls the HttpLink', () => {
    expect(HttpLink).toBeCalledWith({ uri: CONFIG.GRAPHQL_URI })
  })
  it('calls the ApolloLink', () => {
    expect(ApolloLink).toBeCalled()
  })
  it('calls the ApolloClient', () => {
    expect(ApolloClient).toBeCalled()
  })
  it('calls the InMemoryCache', () => {
    expect(InMemoryCache).toBeCalled()
  })
  it('calls Vue', () => {
    expect(Vue).toBeCalled()
  })
  it('calls VueI18n', () => {
    expect(VueI18n).toBeCalled()
  })
  it.skip('creates a store', () => {
    expect(storeMock).toBeCalled()
  })
 })
--- a/admin/src/router/guards.js
+++ b/admin/src/router/guards.js
@ -0,0 +1,12 @@
 const addNavigationGuards = (router, store) => {
  router.beforeEach((to, from, next) => {
    // handle authentication
    if (to.meta.requiresAuth && !store.state.token) {
      next({ path: '/not-found' })
    } else {
      next()
    }
  })
 }
 export default addNavigationGuards
--- a/admin/src/router/router.js
+++ b/admin/src/router/router.js
@ -0,0 +1,23 @@
 import Vue from 'vue'
 import VueRouter from 'vue-router'
 import routes from './routes'
 Vue.use(VueRouter)
 const router = new VueRouter({
  base: '/admin',
  routes,
  linkActiveClass: 'active',
  mode: 'history',
  scrollBehavior: (to, from, savedPosition) => {
    if (savedPosition) {
      return savedPosition
    }
    if (to.hash) {
      return { selector: to.hash }
    }
    return { x: 0, y: 0 }
  },
 })
 export default router
--- a/admin/src/router/routes.js
+++ b/admin/src/router/routes.js
@ -0,0 +1,15 @@
 import NotFound from '@/components/NotFoundPage.vue'
 const routes = [
  {
    path: '/',
    /*
    meta: {
      requiresAuth: true,
    },
    */
  },
  { path: '*', component: NotFound },
 ]
 export default routes
--- a/admin/src/store/store.js
+++ b/admin/src/store/store.js
@ -0,0 +1,19 @@
 import Vuex from 'vuex'
 import Vue from 'vue'
 Vue.use(Vuex)
 export const mutations = {
  token: (state, token) => {
    state.token = token
  },
 }
 const store = new Vuex.Store({
  mutations,
  state: {
    token: 'some-token',
  },
 })
 export default store
--- a/admin/src/store/store.test.js
+++ b/admin/src/store/store.test.js
@ -0,0 +1,15 @@
 import { mutations } from './store'
 const { token } = mutations
 describe('Vuex store', () => {
  describe('mutations', () => {
    describe('token', () => {
      it('sets the state of token', () => {
        const state = { token: null }
        token(state, '1234')
        expect(state.token).toEqual('1234')
      })
    })
  })
 })
--- a/admin/test/testSetup.js
+++ b/admin/test/testSetup.js
@ -0,0 +1,15 @@
 import { createLocalVue } from '@vue/test-utils'
 import Vue from 'vue'
 import { BootstrapVue } from 'bootstrap-vue'
 // without this async calls are not working
 import 'regenerator-runtime'
 global.localVue = createLocalVue()
 global.localVue.use(BootstrapVue)
 // throw errors for vue warnings to force the programmers to take care about warnings
 Vue.config.warnHandler = (w) => {
  throw new Error(w)
 }
--- a/admin/vue.config.js
+++ b/admin/vue.config.js
@ -0,0 +1,51 @@
 const path = require('path')
 const webpack = require('webpack')
 const Dotenv = require('dotenv-webpack')
 const StatsPlugin = require('stats-webpack-plugin')
 // vue.config.js
 module.exports = {
  devServer: {
    port: process.env.PORT || 8080,
  },
  pluginOptions: {
    i18n: {
      locale: 'de',
      fallbackLocale: 'de',
      localeDir: 'locales',
      enableInSFC: false,
    },
  },
  lintOnSave: true,
  publicPath: '/admin',
  configureWebpack: {
    // Set up all the aliases we use in our app.
    resolve: {
      alias: {
        assets: path.join(__dirname, 'src/assets'),
      },
    },
    plugins: [
      // .env and Environment Variables
      new Dotenv(),
      new webpack.DefinePlugin({
        // Those are Environment Variables transmitted via Docker and are only available when defined here aswell
        // 'process.env.DOCKER_WORKDIR': JSON.stringify(process.env.DOCKER_WORKDIR),
        // 'process.env.BUILD_DATE': JSON.stringify(process.env.BUILD_DATE),
        // 'process.env.BUILD_VERSION': JSON.stringify(process.env.BUILD_VERSION),
        'process.env.BUILD_COMMIT': JSON.stringify(process.env.BUILD_COMMIT),
        // 'process.env.PORT': JSON.stringify(process.env.PORT),
      }),
      // generate webpack stats to allow analysis of the bundlesize
      new StatsPlugin('webpack.stats.json'),
    ],
    infrastructureLogging: {
      level: 'warn', // 'none' | 'error' | 'warn' | 'info' | 'log' | 'verbose'
    },
  },
  css: {
    // Enable CSS source maps.
    sourceMap: process.env.NODE_ENV !== 'production',
  },
  outputDir: path.resolve(__dirname, './dist'),
 }
--- a/admin/yarn.lock
+++ b/admin/yarn.lock
--- a/backend/.env.dist
+++ b/backend/.env.dist
@ -10,6 +10,16 @@ DB_PORT=3306
 DB_USER=root
 DB_PASSWORD=
 DB_DATABASE=gradido_community
 #EMAIL=true
 #EMAIL_USERNAME=
 #EMAIL_SENDER=
 #EMAIL_PASSWORD=
 #EMAIL_SMTP_URL=
 #EMAIL_SMTP_PORT=587
 #EMAIL_LINK_VERIFICATION=http://localhost/vue/checkEmail/$1
 #KLICKTIPP_USER=
 #KLICKTIPP_PASSWORD=
 #KLICKTIPP_APIKEY_DE=
@ -19,3 +29,5 @@ COMMUNITY_NAME=
 COMMUNITY_URL=
 COMMUNITY_REGISTER_URL=
 COMMUNITY_DESCRIPTION=
 LOGIN_APP_SECRET=21ffbbc616fe
 LOGIN_SERVER_KEY=a51ef8ac7ef1abf162fb7a65261acd7a
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@ -85,7 +85,7 @@ RUN cd ../database && yarn run build
 FROM build as test
 # Run command
-CMD /bin/sh -c "yarn run dev"
+CMD /bin/sh -c "yarn run start"
 ##################################################################################
 # PRODUCTION (Does contain only "binary"- and static-files to reduce image size) #
--- a/backend/package-lock.json
+++ b/backend/package-lock.json
--- a/backend/package.json
+++ b/backend/package.json
@ -13,11 +13,12 @@
    "start": "node build/index.js",
    "dev": "nodemon -w src --ext ts --exec ts-node src/index.ts",
    "lint": "eslint . --ext .js,.ts",
-    "test": "jest --coverage"
+    "test": "jest --runInBand --coverage "
  },
  "dependencies": {
    "@types/jest": "^27.0.2",
    "apollo-server-express": "^2.25.2",
    "apollo-server-testing": "^2.25.2",
    "axios": "^0.21.1",
    "class-validator": "^0.13.1",
    "cors": "^2.8.5",
@ -26,10 +27,12 @@
    "graphql": "^15.5.1",
    "jest": "^27.2.4",
    "jsonwebtoken": "^8.5.1",
    "libsodium-wrappers": "^0.7.9",
    "module-alias": "^2.2.2",
    "mysql2": "^2.3.0",
    "nodemailer": "^6.6.5",
    "random-bigint": "^0.0.1",
    "reflect-metadata": "^0.1.13",
    "sodium-native": "^3.3.0",
    "ts-jest": "^27.0.5",
    "type-graphql": "^1.1.1",
    "typeorm": "^0.2.38"
@ -37,7 +40,8 @@
  "devDependencies": {
    "@types/express": "^4.17.12",
    "@types/jsonwebtoken": "^8.5.2",
-    "@types/libsodium-wrappers": "^0.7.9",
+    "@types/node": "^16.10.3",
    "@types/nodemailer": "^6.4.4",
    "@typescript-eslint/eslint-plugin": "^4.28.0",
    "@typescript-eslint/parser": "^4.28.0",
    "eslint": "^7.29.0",
@ -53,6 +57,6 @@
    "typescript": "^4.3.4"
  },
  "_moduleAliases": {
-    "@entity"      : "../database/build/entity"
+    "@entity": "../database/build/entity"
  }
 }
--- a/backend/src/config/index.ts
+++ b/backend/src/config/index.ts
@ -39,9 +39,25 @@ const community = {
    process.env.COMMUNITY_DESCRIPTION || 'Die lokale Entwicklungsumgebung von Gradido.',
 }
 const loginServer = {
  LOGIN_APP_SECRET: process.env.LOGIN_APP_SECRET || '21ffbbc616fe',
  LOGIN_SERVER_KEY: process.env.LOGIN_SERVER_KEY || 'a51ef8ac7ef1abf162fb7a65261acd7a',
 }
 const email = {
  EMAIL: process.env.EMAIL === 'true' || false,
  EMAIL_USERNAME: process.env.EMAIL_USERNAME || 'gradido_email',
  EMAIL_SENDER: process.env.EMAIL_SENDER || 'info@gradido.net',
  EMAIL_PASSWORD: process.env.EMAIL_PASSWORD || 'xxx',
  EMAIL_SMTP_URL: process.env.EMAIL_SMTP_URL || 'gmail.com',
  EMAIL_SMTP_PORT: process.env.EMAIL_SMTP_PORT || '587',
  EMAIL_LINK_VERIFICATION:
    process.env.EMAIL_LINK_VERIFICATION || 'http://localhost/vue/checkEmail/$1',
 }
 // This is needed by graphql-directive-auth
 process.env.APP_SECRET = server.JWT_SECRET
-const CONFIG = { ...server, ...database, ...klicktipp, ...community }
+const CONFIG = { ...server, ...database, ...klicktipp, ...community, ...email, ...loginServer }
 export default CONFIG
--- a/backend/src/config/mnemonic.english.txt
+++ b/backend/src/config/mnemonic.english.txt
--- a/backend/src/config/mnemonic.words_ulf.encoding.txt
+++ b/backend/src/config/mnemonic.words_ulf.encoding.txt
--- a/backend/src/config/mnemonic.words_ulf.txt
+++ b/backend/src/config/mnemonic.words_ulf.txt
--- a/backend/src/config/mnemonic.words_ulf_org.txt
+++ b/backend/src/config/mnemonic.words_ulf_org.txt
--- a/backend/src/graphql/arg/CheckUsernameArgs.ts
+++ b/backend/src/graphql/arg/CheckUsernameArgs.ts
@ -4,7 +4,4 @@ import { ArgsType, Field } from 'type-graphql'
 export default class CheckUsernameArgs {
  @Field(() => String)
  username: string
  @Field(() => Number, { nullable: true })
  groupId?: number
 }
--- a/backend/src/graphql/directive/isAuthorized.ts
+++ b/backend/src/graphql/directive/isAuthorized.ts
@ -2,9 +2,6 @@
 import { AuthChecker } from 'type-graphql'
 import CONFIG from '../../config'
 import { apiGet } from '../../apis/HttpRequest'
 import decode from '../../jwt/decode'
 import encode from '../../jwt/encode'
@ -13,15 +10,9 @@ const isAuthorized: AuthChecker<any> = async (
 ) => {
  if (context.token) {
    const decoded = decode(context.token)
-    if (decoded.sessionId && decoded.sessionId !== 0) {
+    context.pubKey = Buffer.from(decoded.pubKey).toString('hex')
-      const result = await apiGet(
+    context.setHeaders.push({ key: 'token', value: encode(decoded.pubKey) })
-        `${CONFIG.LOGIN_API_URL}checkSessionState?session_id=${decoded.sessionId}`,
+    return true
      )
      context.sessionId = decoded.sessionId
      context.pubKey = decoded.pubKey
      context.setHeaders.push({ key: 'token', value: encode(decoded.sessionId, decoded.pubKey) })
      return result.success
    }
  }
  throw new Error('401 Unauthorized')
 }
--- a/backend/src/graphql/model/CheckUsernameResponse.ts
+++ b/backend/src/graphql/model/CheckUsernameResponse.ts
@ -1,21 +0,0 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 /* eslint-disable @typescript-eslint/explicit-module-boundary-types */
 import { ObjectType, Field } from 'type-graphql'
@ObjectType()
 export class CheckUsernameResponse {
  constructor(json: any) {
    this.state = json.state
    this.msg = json.msg
    this.groupId = json.group_id
  }
  @Field(() => String)
  state: string
  @Field(() => String)
  msg?: string
  @Field(() => Number)
  groupId?: number
 }
--- a/backend/src/graphql/model/UpdateUserInfosResponse.ts
+++ b/backend/src/graphql/model/UpdateUserInfosResponse.ts
@ -1,13 +0,0 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 /* eslint-disable @typescript-eslint/explicit-module-boundary-types */
 import { ObjectType, Field } from 'type-graphql'
@ObjectType()
 export class UpdateUserInfosResponse {
  constructor(json: any) {
    this.validValues = json.valid_values
  }
  @Field(() => Number)
  validValues: number
 }
--- a/backend/src/graphql/model/User.ts
+++ b/backend/src/graphql/model/User.ts
@ -10,15 +10,17 @@ export class User {
  @PrimaryGeneratedColumn()
  id: number
  */
-  constructor(json: any) {
+  constructor(json?: any) {
-    this.email = json.email
+    if (json) {
-    this.firstName = json.first_name
+      this.email = json.email
-    this.lastName = json.last_name
+      this.firstName = json.first_name
-    this.username = json.username
+      this.lastName = json.last_name
-    this.description = json.description
+      this.username = json.username
-    this.pubkey = json.public_hex
+      this.description = json.description
-    this.language = json.language
+      this.pubkey = json.public_hex
-    this.publisherId = json.publisher_id
+      this.language = json.language
      this.publisherId = json.publisher_id
    }
  }
  @Field(() => String)
--- a/backend/src/graphql/resolver/CommunityResolver.test.ts
+++ b/backend/src/graphql/resolver/CommunityResolver.test.ts
@ -0,0 +1,123 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 /* eslint-disable @typescript-eslint/explicit-module-boundary-types */
 import { createTestClient } from 'apollo-server-testing'
 import createServer from '../../server/createServer'
 import CONFIG from '../../config'
 jest.mock('../../config')
 let query: any
 // to do: We need a setup for the tests that closes the connection
 let con: any
 beforeAll(async () => {
  const server = await createServer({})
  con = server.con
  query = createTestClient(server.apollo).query
 })
 afterAll(async () => {
  await con.close()
 })
 describe('CommunityResolver', () => {
  const getCommunityInfoQuery = `
    query {
      getCommunityInfo {
        name
        description
        url
        registerUrl
      }
    }
  `
  const communities = `
    query {
      communities {
        id
        name
        url
        description
        registerUrl
      }
    }
  `
  describe('getCommunityInfo', () => {
    it('returns the default values', async () => {
      await expect(query({ query: getCommunityInfoQuery })).resolves.toMatchObject({
        data: {
          getCommunityInfo: {
            name: 'Gradido Entwicklung',
            description: 'Die lokale Entwicklungsumgebung von Gradido.',
            url: 'http://localhost/vue/',
            registerUrl: 'http://localhost/vue/register',
          },
        },
      })
    })
  })
  describe('communities', () => {
    describe('PRODUCTION = false', () => {
      beforeEach(() => {
        CONFIG.PRODUCTION = false
      })
      it('returns three communities', async () => {
        await expect(query({ query: communities })).resolves.toMatchObject({
          data: {
            communities: [
              {
                id: 1,
                name: 'Gradido Entwicklung',
                description: 'Die lokale Entwicklungsumgebung von Gradido.',
                url: 'http://localhost/vue/',
                registerUrl: 'http://localhost/vue/register-community',
              },
              {
                id: 2,
                name: 'Gradido Staging',
                description: 'Der Testserver der Gradido-Akademie.',
                url: 'https://stage1.gradido.net/vue/',
                registerUrl: 'https://stage1.gradido.net/vue/register-community',
              },
              {
                id: 3,
                name: 'Gradido-Akademie',
                description: 'Freies Institut für Wirtschaftsbionik.',
                url: 'https://gradido.net',
                registerUrl: 'https://gdd1.gradido.com/vue/register-community',
              },
            ],
          },
        })
      })
    })
    describe('PRODUCTION = true', () => {
      beforeEach(() => {
        CONFIG.PRODUCTION = true
      })
      it('returns one community', async () => {
        await expect(query({ query: communities })).resolves.toMatchObject({
          data: {
            communities: [
              {
                id: 3,
                name: 'Gradido-Akademie',
                description: 'Freies Institut für Wirtschaftsbionik.',
                url: 'https://gradido.net',
                registerUrl: 'https://gdd1.gradido.com/vue/register-community',
              },
            ],
          },
        })
      })
    })
  })
 })
--- a/backend/src/graphql/resolver/TransactionResolver.ts
+++ b/backend/src/graphql/resolver/TransactionResolver.ts
@ -1,10 +1,12 @@
 /* eslint-disable new-cap */
 /* eslint-disable @typescript-eslint/no-explicit-any */
 /* eslint-disable @typescript-eslint/explicit-module-boundary-types */
 import { Resolver, Query, Args, Authorized, Ctx, Mutation } from 'type-graphql'
-import { getCustomRepository } from 'typeorm'
+import { getCustomRepository, getConnection, QueryRunner } from 'typeorm'
 import CONFIG from '../../config'
 import { sendEMail } from '../../util/sendEMail'
 import { Transaction } from '../model/Transaction'
 import { TransactionList } from '../model/TransactionList'
@ -22,12 +24,182 @@ import { TransactionRepository } from '../../typeorm/repository/Transaction'
 import { User as dbUser } from '@entity/User'
 import { UserTransaction as dbUserTransaction } from '@entity/UserTransaction'
 import { Transaction as dbTransaction } from '@entity/Transaction'
 import { TransactionSendCoin as dbTransactionSendCoin } from '@entity/TransactionSendCoin'
 import { Balance as dbBalance } from '@entity/Balance'
 import { apiPost } from '../../apis/HttpRequest'
 import { roundFloorFrom4, roundCeilFrom4 } from '../../util/round'
 import { calculateDecay, calculateDecayWithInterval } from '../../util/decay'
 import { TransactionTypeId } from '../enum/TransactionTypeId'
 import { TransactionType } from '../enum/TransactionType'
 import { hasUserAmount, isHexPublicKey } from '../../util/validate'
 import { LoginUserRepository } from '../../typeorm/repository/LoginUser'
 /*
 # Test
 ## Prepare
 > sudo systemctl start docker
 > docker-compose up mariadb
 > DROP all databases
 > docker-compose down
 > docker compose up mariadb database
 > verify there is exactly one database `gradido_community`
 TODO:
 INSERT INTO `login_groups` (`id`, `alias`, `name`, `url`, `host`, `home`, `description`) VALUES
  (1, 'docker', 'docker gradido group', 'localhost', 'nginx', '/', 'gradido test group for docker and stage2 with blockchain db');
 >> Database is cool
 ### Start login server
 > docker-compose up login-server community-server nginx
 >> Login & community servers and nginx proxy are up and running
 ## Build database
 > cd database
 > yarn
 > yarn build
 > cd ..
 >> Database has been built successful
 ### Start backend (no docker for debugging)
 > cd backend
 > yarn
 > yarn dev
 >> Backend is up and running
 ### Create users
 > chromium http://localhost:4000/graphql
 > mutation{createUser(email: "receiver@user.net", firstName: "Receiver", lastName: "user", password: "123!AAAb", language: "de")}
 > mutation{createUser(email: "sender@user.net", firstName: "Sender", lastName: "user", password: "123!AAAb", language: "de")}
 > mutation{createUser(email: "creator@user.net", firstName: "Creator", lastName: "user", password: "123!AAAb", language: "de")}
 >> Verify you have 3 entries in `login_users`, `login_user_backups` and `state_users` 
 ### make creator an admin
 > INSERT INTO login_user_roles (id, user_id, role_id) VALUES (NULL, '3', '1');
 > UPDATE login_users SET email_checked = 1 WHERE id = 3;
 > uncomment line: 19 in community_server/src/Controller/ServerUsersController.php
 > chromium http://localhost/server-users/add
 > create user `creator` `123` `creator@different.net`
 >> verify you have 1 entry in `server_users`
 > login with user on http://localhost/server-users
 > activate server user by changing the corresponding flag in the interface
 > navigate to http://localhost/transaction-creations/create-multi
 > create 1000GDD for user sender@user.net
 > navigate to http://localhost
 > login with `creator@user.net` `123!AAAb` 
 > confirm transaction (top right corner - click the thingy, click the green button `Transaktion abschließen`)
 ### the test:
 > chromium http://localhost:4000/graphql
 > query{login(email: "sender@user.net", password: "123!AAAb"){pubkey}}
 >> copy token from network tab (inspect)
 > mutation{sendCoins(email: "receiver@user.net", amount: 10.0, memo: "Hier!")}
 > mutation{sendCoins(email: "receiver@user.net", amount: 10.0, memo: "Hier!")}
 > Headers: {"Authorization": "Bearer ${token}"}
 >> Verify via Database that stuff is as it should see `state_balance` & `transaction_send_coins`
 ### create decay block
 > chromium http://localhost/transactions/add
 > login with `creator` `123`
 > select `decay start`
 > press submit
 > wait for at least 0.02 display of decay on user sender@user.net on old frontend, this should be aprox 10min
 > chromium http://localhost:4000/graphql
 > query{login(email: "sender@user.net", password: "123!AAAb"){pubkey}}
 >> copy token from network tab (inspect)
 > mutation{sendCoins(email: "receiver@user.net", amount: 10.0, memo: "Hier!")}
 >> verify in `transaction_send_coins` that a decay was taken into account
 >> same in `state_balances`
 >> now check the old frontend
 >>> sender@user.net should have a decay of 0.02
 >>> while receiver@user.net should have zero decay on anything (old frontend)
 ### Export data
 > docker-compose up phpmyadmin
 > chromium http://localhost:8074/
 > select gradido_community
 > export
 > select custom
 > untick structure
 > ok
 ## Results
 NOTE: We decided not to write the `transaction_signatures` since its unused. This is the main difference.
 NOTE: We fixed a bug in the `state_user_transactions code` with the new implementation of apollo
 Master:
 --
 -- Dumping data for table `state_user_transactions`
 --
 INSERT INTO `state_user_transactions` (`id`, `state_user_id`, `transaction_id`, `transaction_type_id`, `balance`, `balance_date`) VALUES
 (1, 2, 1, 1, 10000000, '2021-11-05 12:45:18'),
 (2, 2, 2, 2, 9900000, '2021-11-05 12:48:35'),
 (3, 1, 2, 2, 100000, '2021-11-05 12:48:35'),
 (4, 2, 3, 2, 9800000, '2021-11-05 12:49:07'),
 (5, 1, 3, 2, 200000, '2021-11-05 12:49:07'),
 (6, 2, 5, 2, 9699845, '2021-11-05 13:03:50'),
 (7, 1, 5, 2, 99996, '2021-11-05 13:03:50');
 --
 -- Dumping data for table `transactions`
 --
 INSERT INTO `transactions` (`id`, `state_group_id`, `transaction_type_id`, `tx_hash`, `memo`, `received`, `blockchain_type_id`) VALUES
 (1, NULL, 1, 0x9ccdcd01ccb6320c09c2d1da2f0bf735a95ece0e7c1df6bbff51918fbaec061700000000000000000000000000000000, '', '2021-11-05 12:45:18', 1),
 (2, NULL, 2, 0x58d7706a67fa4ff4b8038168c6be39a2963d7e28e9d3872759ad09c519fe093700000000000000000000000000000000, 'Hier!', '2021-11-05 12:48:35', 1),
 (3, NULL, 2, 0x427cd214f92ef35af671129d50edc5a478c53d1e464f285b7615d9794a69f69b00000000000000000000000000000000, 'Hier!', '2021-11-05 12:49:07', 1),
 (4, NULL, 9, 0x32807368f0906a21b94c072599795bc9eeab88fb565df82e85cc62a4fdcde48500000000000000000000000000000000, '', '2021-11-05 12:51:51', 1),
 (5, NULL, 2, 0x75eb729e0f60a1c8cead1342955853d2440d7a2ea57dfef6d4a18bff0d94491e00000000000000000000000000000000, 'Hier!', '2021-11-05 13:03:50', 1);
 --
 -- Dumping data for table `transaction_signatures`
 --
 INSERT INTO `transaction_signatures` (`id`, `transaction_id`, `signature`, `pubkey`) VALUES
 (1, 1, 0x5888edcdcf77aaadad6d321882903bc831d7416f17213fd5020a764365b5fcb336e4c7917385a1278ea44ccdb31eac4a09e448053b5e3f8f1fe5da3baf53c008, 0xd5b20f8dee415038bfa2b6b0e1b40ff54850351109444863b04d6d28825b7b7d),
 (2, 2, 0xf6fef428f8f22faf7090f7d740e6088d1d90c58ae92d757117d7d91d799e659f3a3a0c65a3fd97cbde798e761f9d23eff13e8810779a184c97c411f28e7c4608, 0xdc74a589004377ab14836dce68ce2ca34e5b17147cd78ad4b3afe8137524ae8a),
 (3, 3, 0x8ebe9730c6cf61f56ef401d6f2bd229f3c298ca3c2791ee9137e4827b7af6c6d6566fca616eb1fe7adc2e4d56b5c7350ae3990c9905580630fa75ecffca8e001, 0xdc74a589004377ab14836dce68ce2ca34e5b17147cd78ad4b3afe8137524ae8a),
 (4, 5, 0x50cf418f7e217391e89ab9c2879ae68d7c7c597d846b4fe1c082b5b16e5d0c85c328fbf48ad3490bcfe94f446700ae0a4b0190e76d26cc752abced58f480c80f, 0xdc74a589004377ab14836dce68ce2ca34e5b17147cd78ad4b3afe8137524ae8a);
 This Feature Branch:
 --
 -- Dumping data for table `state_user_transactions`
 --
 INSERT INTO `state_user_transactions` (`id`, `state_user_id`, `transaction_id`, `transaction_type_id`, `balance`, `balance_date`) VALUES
 (1, 2, 1, 1, 10000000, '2021-11-05 00:25:46'),
 (12, 2, 7, 2, 9900000, '2021-11-05 00:55:37'),
 (13, 1, 7, 2, 100000, '2021-11-05 00:55:37'),
 (14, 2, 8, 2, 9800000, '2021-11-05 01:00:04'),
 (15, 1, 8, 2, 200000, '2021-11-05 01:00:04'),
 (16, 2, 10, 2, 9699772, '2021-11-05 01:17:41'),
 (17, 1, 10, 2, 299995, '2021-11-05 01:17:41');
 --
 -- Dumping data for table `transactions`
 --
 INSERT INTO `transactions` (`id`, `state_group_id`, `transaction_type_id`, `tx_hash`, `memo`, `received`, `blockchain_type_id`) VALUES
 (1, NULL, 1, 0xdd030d475479877587d927ed9024784ba62266cf1f3d87862fc98ad68f7b26e400000000000000000000000000000000, '', '2021-11-05 00:25:46', 1),
 (7, NULL, 2, NULL, 'Hier!', '2021-11-05 00:55:37', 1),
 (8, NULL, 2, NULL, 'Hier!', '2021-11-05 01:00:04', 1),
 (9, NULL, 9, 0xb1cbedbf126aa35f5edbf06e181c415361d05228ab4da9d19a4595285a673dfa00000000000000000000000000000000, '', '2021-11-05 01:05:34', 1),
 (10, NULL, 2, NULL, 'Hier!', '2021-11-05 01:17:41', 1);
 --
 -- Dumping data for table `transaction_signatures`
 --
 INSERT INTO `transaction_signatures` (`id`, `transaction_id`, `signature`, `pubkey`) VALUES
 (1, 1, 0x60d632479707e5d01cdc32c3326b5a5bae11173a0c06b719ee7b552f9fd644de1a0cd4afc207253329081d39dac1a63421f51571d836995c649fc39afac7480a, 0x48c45cb4fea925e83850f68f2fa8f27a1a4ed1bcba68cdb59fcd86adef3f52ee);
 */
 // Helper function
 async function calculateAndAddDecayTransactions(
@ -210,6 +382,87 @@ async function listTransactions(
  return transactionList
 }
 // helper helper function
 async function updateStateBalance(
  user: dbUser,
  centAmount: number,
  received: Date,
  queryRunner: QueryRunner,
 ): Promise<dbBalance> {
  const balanceRepository = getCustomRepository(BalanceRepository)
  let balance = await balanceRepository.findByUser(user.id)
  if (!balance) {
    balance = new dbBalance()
    balance.userId = user.id
    balance.amount = centAmount
    balance.modified = received
  } else {
    const decaiedBalance = await calculateDecay(balance.amount, balance.recordDate, received).catch(
      () => {
        throw new Error('error by calculating decay')
      },
    )
    balance.amount = Number(decaiedBalance) + centAmount
    balance.modified = new Date()
  }
  if (balance.amount <= 0) {
    throw new Error('error new balance <= 0')
  }
  balance.recordDate = received
  return queryRunner.manager.save(balance).catch((error) => {
    throw new Error('error saving balance:' + error)
  })
 }
 // helper helper function
 async function addUserTransaction(
  user: dbUser,
  transaction: dbTransaction,
  centAmount: number,
  queryRunner: QueryRunner,
 ): Promise<dbUserTransaction> {
  let newBalance = centAmount
  const userTransactionRepository = getCustomRepository(UserTransactionRepository)
  const lastUserTransaction = await userTransactionRepository.findLastForUser(user.id)
  if (lastUserTransaction) {
    newBalance += Number(
      await calculateDecay(
        Number(lastUserTransaction.balance),
        lastUserTransaction.balanceDate,
        transaction.received,
      ).catch(() => {
        throw new Error('error by calculating decay')
      }),
    )
  }
  if (newBalance <= 0) {
    throw new Error('error new balance <= 0')
  }
  const newUserTransaction = new dbUserTransaction()
  newUserTransaction.userId = user.id
  newUserTransaction.transactionId = transaction.id
  newUserTransaction.transactionTypeId = transaction.transactionTypeId
  newUserTransaction.balance = newBalance
  newUserTransaction.balanceDate = transaction.received
  return queryRunner.manager.save(newUserTransaction).catch((error) => {
    throw new Error('Error saving user transaction: ' + error)
  })
 }
 async function getPublicKey(email: string): Promise<string | null> {
  const loginUserRepository = getCustomRepository(LoginUserRepository)
  const loginUser = await loginUserRepository.findOne({ email: email })
  // User not found
  if (!loginUser) {
    return null
  }
  return loginUser.pubKey.toString('hex')
 }
@Resolver()
 export class TransactionResolver {
  @Authorized()
@ -252,19 +505,148 @@ export class TransactionResolver {
    @Args() { email, amount, memo }: TransactionSendArgs,
    @Ctx() context: any,
  ): Promise<string> {
-    const payload = {
+    // TODO this is subject to replay attacks
-      session_id: context.sessionId,
+    // validate sender user (logged in)
-      target_email: email,
+    const userRepository = getCustomRepository(UserRepository)
-      amount: amount * 10000,
+    const senderUser = await userRepository.findByPubkeyHex(context.pubKey)
-      memo,
+    if (senderUser.pubkey.length !== 32) {
-      auto_sign: true,
+      throw new Error('invalid sender public key')
      transaction_type: 'transfer',
      blockchain_type: 'mysql',
    }
-    const result = await apiPost(CONFIG.LOGIN_API_URL + 'createTransaction', payload)
+    if (!hasUserAmount(senderUser, amount)) {
-    if (!result.success) {
+      throw new Error("user hasn't enough GDD")
      throw new Error(result.data)
    }
    // validate recipient user
    // TODO: the detour over the public key is unnecessary
    const recipiantPublicKey = await getPublicKey(email)
    if (!recipiantPublicKey) {
      throw new Error('recipiant not known')
    }
    if (!isHexPublicKey(recipiantPublicKey)) {
      throw new Error('invalid recipiant public key')
    }
    const recipiantUser = await userRepository.findByPubkeyHex(recipiantPublicKey)
    if (!recipiantUser) {
      throw new Error('Cannot find recipiant user by local send coins transaction')
    } else if (recipiantUser.disabled) {
      throw new Error('recipiant user account is disabled')
    }
    // validate amount
    if (amount <= 0) {
      throw new Error('invalid amount')
    }
    const centAmount = Math.trunc(amount * 10000)
    const queryRunner = getConnection().createQueryRunner()
    await queryRunner.connect()
    await queryRunner.startTransaction('READ UNCOMMITTED')
    try {
      // transaction
      let transaction = new dbTransaction()
      transaction.transactionTypeId = TransactionTypeId.SEND
      transaction.memo = memo
      // TODO: NO! this is problematic in its construction
      const insertResult = await queryRunner.manager.insert(dbTransaction, transaction)
      transaction = await queryRunner.manager
        .findOneOrFail(dbTransaction, insertResult.generatedMaps[0].id)
        .catch((error) => {
          throw new Error('error loading saved transaction: ' + error)
        })
      // Insert Transaction: sender - amount
      const senderUserTransactionBalance = await addUserTransaction(
        senderUser,
        transaction,
        -centAmount,
        queryRunner,
      )
      // Insert Transaction: recipient + amount
      const recipiantUserTransactionBalance = await addUserTransaction(
        recipiantUser,
        transaction,
        centAmount,
        queryRunner,
      )
      // Update Balance: sender - amount
      const senderStateBalance = await updateStateBalance(
        senderUser,
        -centAmount,
        transaction.received,
        queryRunner,
      )
      // Update Balance: recipiant + amount
      const recipiantStateBalance = await updateStateBalance(
        recipiantUser,
        centAmount,
        transaction.received,
        queryRunner,
      )
      if (senderStateBalance.amount !== senderUserTransactionBalance.balance) {
        throw new Error('db data corrupted, sender')
      }
      if (recipiantStateBalance.amount !== recipiantUserTransactionBalance.balance) {
        throw new Error('db data corrupted, recipiant')
      }
      // transactionSendCoin
      const transactionSendCoin = new dbTransactionSendCoin()
      transactionSendCoin.transactionId = transaction.id
      transactionSendCoin.userId = senderUser.id
      transactionSendCoin.senderPublic = senderUser.pubkey
      transactionSendCoin.recipiantUserId = recipiantUser.id
      transactionSendCoin.recipiantPublic = Buffer.from(recipiantPublicKey, 'hex')
      transactionSendCoin.amount = centAmount
      transactionSendCoin.senderFinalBalance = senderStateBalance.amount
      await queryRunner.manager.save(transactionSendCoin).catch((error) => {
        throw new Error('error saving transaction send coin: ' + error)
      })
      await queryRunner.manager.save(transaction).catch((error) => {
        throw new Error('error saving transaction with tx hash: ' + error)
      })
      await queryRunner.commitTransaction()
    } catch (e) {
      await queryRunner.rollbackTransaction()
      // TODO: This is broken code - we should never correct an autoincrement index in production
      // according to dario it is required tho to properly work. The index of the table is used as
      // index for the transaction which requires a chain without gaps
      const count = await queryRunner.manager.count(dbTransaction)
      // fix autoincrement value which seems not effected from rollback
      await queryRunner
        .query('ALTER TABLE `transactions` auto_increment = ?', [count])
        .catch((error) => {
          // eslint-disable-next-line no-console
          console.log('problems with reset auto increment: %o', error)
        })
      throw e
    } finally {
      await queryRunner.release()
    }
    // send notification email
    // TODO: translate
    await sendEMail({
      from: `Gradido (nicht antworten) <${CONFIG.EMAIL_SENDER}>`,
      to: `${recipiantUser.firstName} ${recipiantUser.lastName} <${recipiantUser.email}>`,
      subject: 'Gradido Überweisung',
      text: `Hallo ${recipiantUser.firstName} ${recipiantUser.lastName}
      Du hast soeben ${amount} GDD von ${senderUser.firstName} ${senderUser.lastName} erhalten.
      ${senderUser.firstName} ${senderUser.lastName} schreibt:
      ${memo}
      Bitte antworte nicht auf diese E-Mail!
      Mit freundlichen Grüßen,
      dein Gradido-Team`,
    })
    return 'success'
  }
 }
--- a/backend/src/graphql/resolver/UserResolver.ts
+++ b/backend/src/graphql/resolver/UserResolver.ts
@ -1,13 +1,12 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 /* eslint-disable @typescript-eslint/explicit-module-boundary-types */
 import fs from 'fs'
 import { Resolver, Query, Args, Arg, Authorized, Ctx, UseMiddleware, Mutation } from 'type-graphql'
-import { from_hex as fromHex } from 'libsodium-wrappers'
+import { getConnection, getCustomRepository } from 'typeorm'
 import CONFIG from '../../config'
 import { CheckUsernameResponse } from '../model/CheckUsernameResponse'
 import { LoginViaVerificationCode } from '../model/LoginViaVerificationCode'
 import { SendPasswordResetEmailResponse } from '../model/SendPasswordResetEmailResponse'
 import { UpdateUserInfosResponse } from '../model/UpdateUserInfosResponse'
 import { User } from '../model/User'
 import { User as DbUser } from '@entity/User'
 import encode from '../../jwt/encode'
@ -22,10 +21,176 @@ import {
  klicktippNewsletterStateMiddleware,
 } from '../../middleware/klicktippMiddleware'
 import { CheckEmailResponse } from '../model/CheckEmailResponse'
 import { getCustomRepository } from 'typeorm'
 import { UserSettingRepository } from '../../typeorm/repository/UserSettingRepository'
 import { LoginUserRepository } from '../../typeorm/repository/LoginUser'
 import { Setting } from '../enum/Setting'
 import { UserRepository } from '../../typeorm/repository/User'
 import { LoginUser } from '@entity/LoginUser'
 import { LoginUserBackup } from '@entity/LoginUserBackup'
 import { LoginEmailOptIn } from '@entity/LoginEmailOptIn'
 import { sendEMail } from '../../util/sendEMail'
 import { LoginElopageBuysRepository } from '../../typeorm/repository/LoginElopageBuys'
 // eslint-disable-next-line @typescript-eslint/no-var-requires
 const sodium = require('sodium-native')
 // eslint-disable-next-line @typescript-eslint/no-var-requires
 const random = require('random-bigint')
 // We will reuse this for changePassword
 const isPassword = (password: string): boolean => {
  return !!password.match(/^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[^a-zA-Z0-9 \\t\\n\\r]).{8,}$/)
 }
 const LANGUAGES = ['de', 'en']
 const DEFAULT_LANGUAGE = 'de'
 const isLanguage = (language: string): boolean => {
  return LANGUAGES.includes(language)
 }
 const PHRASE_WORD_COUNT = 24
 const WORDS = fs.readFileSync('src/config/mnemonic.english.txt').toString().split('\n')
 const PassphraseGenerate = (): string[] => {
  const result = []
  for (let i = 0; i < PHRASE_WORD_COUNT; i++) {
    result.push(WORDS[sodium.randombytes_random() % 2048])
  }
  return result
  /*
  return [
    'behind',
    'salmon',
    'fluid',
    'orphan',
    'frost',
    'elder',
    'amateur',
    'always',
    'panel',
    'palm',
    'leopard',
    'essay',
    'punch',
    'title',
    'fun',
    'annual',
    'page',
    'hundred',
    'journey',
    'select',
    'figure',
    'tunnel',
    'casual',
    'bar',
  ]
  */
 }
 /*
 Test results:
 INSERT INTO `login_users` (`id`, `email`, `first_name`, `last_name`, `username`, `description`, `password`, `pubkey`, `privkey`, `email_hash`, `created`, `email_checked`, `passphrase_shown`, `language`, `disabled`, `group_id`, `publisher_id`) VALUES
 // old
 (1, 'peter@lustig.de', 'peter', 'lustig', '', '', 4747956395458240931, 0x8c75edd507f470e5378f927489374694d68f3d155523f1c4402c36affd35a7ed, 0xb0e310655726b088631ccfd31ad6470ee50115c161dde8559572fa90657270ff13dc1200b2d3ea90dfbe92f3a4475ee4d9cee4989e39736a0870c33284bc73a8ae690e6da89f241a121eb3b500c22885, 0x9f700e6f6ec351a140b674c0edd4479509697b023bd8bee8826915ef6c2af036, '2021-11-03 20:05:04', 0, 0, 'de', 0, 1, 0);
 // new
 (2, 'peter@lustig.de', 'peter', 'lustig', '', '', 4747956395458240931, 0x8c75edd507f470e5378f927489374694d68f3d155523f1c4402c36affd35a7ed, 0xb0e310655726b088631ccfd31ad6470ee50115c161dde8559572fa90657270ff13dc1200b2d3ea90dfbe92f3a4475ee4d9cee4989e39736a0870c33284bc73a8ae690e6da89f241a121eb3b500c22885, 0x9f700e6f6ec351a140b674c0edd4479509697b023bd8bee8826915ef6c2af036, '2021-11-03 20:22:15', 0, 0, 'de', 0, 1, 0);
 INSERT INTO `login_user_backups` (`id`, `user_id`, `passphrase`, `mnemonic_type`) VALUES
 // old
 (1, 1, 'behind salmon fluid orphan frost elder amateur always panel palm leopard essay punch title fun annual page hundred journey select figure tunnel casual bar ', 2);
 // new
 (2, 2, 'behind salmon fluid orphan frost elder amateur always panel palm leopard essay punch title fun annual page hundred journey select figure tunnel casual bar ', 2);
 */
 const KeyPairEd25519Create = (passphrase: string[]): Buffer[] => {
  if (!passphrase.length || passphrase.length < PHRASE_WORD_COUNT) {
    throw new Error('passphrase empty or to short')
  }
  const state = Buffer.alloc(sodium.crypto_hash_sha512_STATEBYTES)
  sodium.crypto_hash_sha512_init(state)
  // To prevent breaking existing passphrase-hash combinations word indices will be put into 64 Bit Variable to mimic first implementation of algorithms
  for (let i = 0; i < PHRASE_WORD_COUNT; i++) {
    const value = Buffer.alloc(8)
    const wordIndex = WORDS.indexOf(passphrase[i])
    value.writeBigInt64LE(BigInt(wordIndex))
    sodium.crypto_hash_sha512_update(state, value)
  }
  // trailing space is part of the login_server implementation
  const clearPassphrase = passphrase.join(' ') + ' '
  sodium.crypto_hash_sha512_update(state, Buffer.from(clearPassphrase))
  const outputHashBuffer = Buffer.alloc(sodium.crypto_hash_sha512_BYTES)
  sodium.crypto_hash_sha512_final(state, outputHashBuffer)
  const pubKey = Buffer.alloc(sodium.crypto_sign_PUBLICKEYBYTES)
  const privKey = Buffer.alloc(sodium.crypto_sign_SECRETKEYBYTES)
  sodium.crypto_sign_seed_keypair(
    pubKey,
    privKey,
    outputHashBuffer.slice(0, sodium.crypto_sign_SEEDBYTES),
  )
  return [pubKey, privKey]
 }
 const SecretKeyCryptographyCreateKey = (salt: string, password: string): Buffer[] => {
  const configLoginAppSecret = Buffer.from(CONFIG.LOGIN_APP_SECRET, 'hex')
  const configLoginServerKey = Buffer.from(CONFIG.LOGIN_SERVER_KEY, 'hex')
  if (configLoginServerKey.length !== sodium.crypto_shorthash_KEYBYTES) {
    throw new Error(
      `ServerKey has an invalid size. The size must be ${sodium.crypto_shorthash_KEYBYTES} bytes.`,
    )
  }
  const state = Buffer.alloc(sodium.crypto_hash_sha512_STATEBYTES)
  sodium.crypto_hash_sha512_init(state)
  sodium.crypto_hash_sha512_update(state, Buffer.from(salt))
  sodium.crypto_hash_sha512_update(state, configLoginAppSecret)
  const hash = Buffer.alloc(sodium.crypto_hash_sha512_BYTES)
  sodium.crypto_hash_sha512_final(state, hash)
  const encryptionKey = Buffer.alloc(sodium.crypto_box_SEEDBYTES)
  const opsLimit = 10
  const memLimit = 33554432
  const algo = 2
  sodium.crypto_pwhash(
    encryptionKey,
    Buffer.from(password),
    hash.slice(0, sodium.crypto_pwhash_SALTBYTES),
    opsLimit,
    memLimit,
    algo,
  )
  const encryptionKeyHash = Buffer.alloc(sodium.crypto_shorthash_BYTES)
  sodium.crypto_shorthash(encryptionKeyHash, encryptionKey, configLoginServerKey)
  return [encryptionKeyHash, encryptionKey]
 }
 const getEmailHash = (email: string): Buffer => {
  const emailHash = Buffer.alloc(sodium.crypto_generichash_BYTES)
  sodium.crypto_generichash(emailHash, Buffer.from(email))
  return emailHash
 }
 const SecretKeyCryptographyEncrypt = (message: Buffer, encryptionKey: Buffer): Buffer => {
  const encrypted = Buffer.alloc(message.length + sodium.crypto_secretbox_MACBYTES)
  const nonce = Buffer.alloc(sodium.crypto_secretbox_NONCEBYTES)
  nonce.fill(31) // static nonce
  sodium.crypto_secretbox_easy(encrypted, message, nonce, encryptionKey)
  return encrypted
 }
 const SecretKeyCryptographyDecrypt = (encryptedMessage: Buffer, encryptionKey: Buffer): Buffer => {
  const message = Buffer.alloc(encryptedMessage.length - sodium.crypto_secretbox_MACBYTES)
  const nonce = Buffer.alloc(sodium.crypto_secretbox_NONCEBYTES)
  nonce.fill(31) // static nonce
  sodium.crypto_secretbox_open_easy(message, encryptedMessage, nonce, encryptionKey)
  return message
 }
@Resolver()
 export class UserResolver {
@ -36,35 +201,34 @@ export class UserResolver {
    @Ctx() context: any,
  ): Promise<User> {
    email = email.trim().toLowerCase()
-    const result = await apiPost(CONFIG.LOGIN_API_URL + 'unsecureLogin', { email, password })
+    // const result = await apiPost(CONFIG.LOGIN_API_URL + 'unsecureLogin', { email, password })
-
+    // UnsecureLogin
-    // if there is no user, throw an authentication error
+    const loginUserRepository = getCustomRepository(LoginUserRepository)
-    if (!result.success) {
+    const loginUser = await loginUserRepository.findByEmail(email).catch(() => {
-      throw new Error(result.data)
+      throw new Error('No user with this credentials')
    }
    context.setHeaders.push({
      key: 'token',
      value: encode(result.data.session_id, result.data.user.public_hex),
    })
-    const user = new User(result.data.user)
+    const passwordHash = SecretKeyCryptographyCreateKey(email, password) // return short and long hash
-    // Hack: Database Field is not validated properly and not nullable
+    const loginUserPassword = BigInt(loginUser.password.toString())
-    if (user.publisherId === 0) {
+    if (loginUserPassword !== passwordHash[0].readBigUInt64LE()) {
-      user.publisherId = undefined
+      throw new Error('No user with this credentials')
    }
-    user.hasElopage = result.data.hasElopage
+    // TODO: If user has no pubKey Create it again and update user.
-    // read additional settings from settings table
+
    const userRepository = getCustomRepository(UserRepository)
    let userEntity: void | DbUser
-    userEntity = await userRepository.findByPubkeyHex(user.pubkey).catch(() => {
+    const loginUserPubKey = loginUser.pubKey
    const loginUserPubKeyString = loginUserPubKey.toString('hex')
    userEntity = await userRepository.findByPubkeyHex(loginUserPubKeyString).catch(() => {
      // User not stored in state_users
      // TODO: Check with production data - email is unique which can cause problems
      userEntity = new DbUser()
-      userEntity.firstName = user.firstName
+      userEntity.firstName = loginUser.firstName
-      userEntity.lastName = user.lastName
+      userEntity.lastName = loginUser.lastName
-      userEntity.username = user.username
+      userEntity.username = loginUser.username
-      userEntity.email = user.email
+      userEntity.email = loginUser.email
-      userEntity.pubkey = Buffer.from(fromHex(user.pubkey))
+      userEntity.pubkey = loginUser.pubKey
-      userEntity.save().catch(() => {
+      userRepository.save(userEntity).catch(() => {
        throw new Error('error by save userEntity')
      })
    })
@ -72,15 +236,28 @@ export class UserResolver {
      throw new Error('error with cannot happen')
    }
-    // Save publisherId if Elopage is not yet registered
+    const user = new User()
    user.email = email
    user.firstName = loginUser.firstName
    user.lastName = loginUser.lastName
    user.username = loginUser.username
    user.description = loginUser.description
    user.pubkey = loginUserPubKeyString
    user.language = loginUser.language
    // Elopage Status & Stored PublisherId
    user.hasElopage = await this.hasElopage({ pubKey: loginUserPubKeyString })
    if (!user.hasElopage && publisherId) {
      user.publisherId = publisherId
-      await this.updateUserInfos(
+      // TODO: Check if we can use updateUserInfos
-        { publisherId },
+      // await this.updateUserInfos({ publisherId }, { pubKey: loginUser.pubKey })
-        { sessionId: result.data.session_id, pubKey: result.data.user.public_hex },
+      const loginUserRepository = getCustomRepository(LoginUserRepository)
-      )
+      const loginUser = await loginUserRepository.findOneOrFail({ email: userEntity.email })
      loginUser.publisherId = publisherId
      loginUserRepository.save(loginUser)
    }
    // coinAnimation
    const userSettingRepository = getCustomRepository(UserSettingRepository)
    const coinanimation = await userSettingRepository
      .readBoolean(userEntity.id, Setting.COIN_ANIMATION)
@ -88,6 +265,12 @@ export class UserResolver {
        throw new Error(error)
      })
    user.coinanimation = coinanimation
    context.setHeaders.push({
      key: 'token',
      value: encode(loginUser.pubKey),
    })
    return user
  }
@ -108,46 +291,152 @@ export class UserResolver {
  @Authorized()
  @Query(() => String)
-  async logout(@Ctx() context: any): Promise<string> {
+  async logout(): Promise<boolean> {
-    const payload = { session_id: context.sessionId }
+    // TODO: We dont need this anymore, but might need this in the future in oder to invalidate a valid JWT-Token.
-    const result = await apiPost(CONFIG.LOGIN_API_URL + 'logout', payload)
+    // Furthermore this hook can be useful for tracking user behaviour (did he logout or not? Warn him if he didn't on next login)
-    if (!result.success) {
+    // The functionality is fully client side - the client just needs to delete his token with the current implementation.
-      throw new Error(result.data)
+    // we could try to force this by sending `token: null` or `token: ''` with this call. But since it bares no real security
-    }
+    // we should just return true for now.
-    return 'success'
+    return true
  }
  @Mutation(() => String)
  async createUser(
    @Args() { email, firstName, lastName, password, language, publisherId }: CreateUserArgs,
  ): Promise<string> {
-    const payload = {
+    // TODO: wrong default value (should be null), how does graphql work here? Is it an required field?
-      email,
+    // default int publisher_id = 0;
-      first_name: firstName,
+
-      last_name: lastName,
+    // Validate Language (no throw)
-      password,
+    if (!isLanguage(language)) {
-      emailType: 2,
+      language = DEFAULT_LANGUAGE
      login_after_register: true,
      language: language,
      publisher_id: publisherId,
    }
    const result = await apiPost(CONFIG.LOGIN_API_URL + 'createUser', payload)
    if (!result.success) {
      throw new Error(result.data)
    }
-    const user = new User(result.data.user)
+    // Validate Password
-    const dbuser = new DbUser()
+    if (!isPassword(password)) {
-    dbuser.pubkey = Buffer.from(fromHex(user.pubkey))
+      throw new Error(
-    dbuser.email = user.email
+        'Please enter a valid password with at least 8 characters, upper and lower case letters, at least one number and one special character!',
-    dbuser.firstName = user.firstName
+      )
-    dbuser.lastName = user.lastName
+    }
    dbuser.username = user.username
-    dbuser.save().catch(() => {
+    // Validate username
-      throw new Error('error saving user')
+    // TODO: never true
-    })
+    const username = ''
    if (username.length > 3 && !this.checkUsername({ username })) {
      throw new Error('Username already in use')
    }
    // Validate email unique
    // TODO: i can register an email in upper/lower case twice
    const userRepository = getCustomRepository(UserRepository)
    const usersFound = await userRepository.count({ email })
    if (usersFound !== 0) {
      // TODO: this is unsecure, but the current implementation of the login server. This way it can be queried if the user with given EMail is existent.
      throw new Error(`User already exists.`)
    }
    const passphrase = PassphraseGenerate()
    const keyPair = KeyPairEd25519Create(passphrase) // return pub, priv Key
    const passwordHash = SecretKeyCryptographyCreateKey(email, password) // return short and long hash
    const emailHash = getEmailHash(email)
    const encryptedPrivkey = SecretKeyCryptographyEncrypt(keyPair[1], passwordHash[1])
    // Table: login_users
    const loginUser = new LoginUser()
    loginUser.email = email
    loginUser.firstName = firstName
    loginUser.lastName = lastName
    loginUser.username = username
    loginUser.description = ''
    loginUser.password = passwordHash[0].readBigUInt64LE() // using the shorthash
    loginUser.emailHash = emailHash
    loginUser.language = language
    loginUser.groupId = 1
    loginUser.publisherId = publisherId
    loginUser.pubKey = keyPair[0]
    loginUser.privKey = encryptedPrivkey
    const queryRunner = getConnection().createQueryRunner()
    await queryRunner.connect()
    await queryRunner.startTransaction('READ UNCOMMITTED')
    try {
      const { id: loginUserId } = await queryRunner.manager.save(loginUser).catch((error) => {
        // eslint-disable-next-line no-console
        console.log('insert LoginUser failed', error)
        throw new Error('insert user failed')
      })
      // Table: login_user_backups
      const loginUserBackup = new LoginUserBackup()
      loginUserBackup.userId = loginUserId
      loginUserBackup.passphrase = passphrase.join(' ') + ' ' // login server saves trailing space
      loginUserBackup.mnemonicType = 2 // ServerConfig::MNEMONIC_BIP0039_SORTED_ORDER;
      await queryRunner.manager.save(loginUserBackup).catch((error) => {
        // eslint-disable-next-line no-console
        console.log('insert LoginUserBackup failed', error)
        throw new Error('insert user backup failed')
      })
      // Table: state_users
      const dbUser = new DbUser()
      dbUser.pubkey = keyPair[0]
      dbUser.email = email
      dbUser.firstName = firstName
      dbUser.lastName = lastName
      dbUser.username = username
      await queryRunner.manager.save(dbUser).catch((er) => {
        // eslint-disable-next-line no-console
        console.log('Error while saving dbUser', er)
        throw new Error('error saving user')
      })
      // Store EmailOptIn in DB
      const emailOptIn = new LoginEmailOptIn()
      emailOptIn.userId = loginUserId
      emailOptIn.verificationCode = random(64)
      emailOptIn.emailOptInTypeId = 2
      await queryRunner.manager.save(emailOptIn).catch((error) => {
        // eslint-disable-next-line no-console
        console.log('Error while saving emailOptIn', error)
        throw new Error('error saving email opt in')
      })
      // Send EMail to user
      const activationLink = CONFIG.EMAIL_LINK_VERIFICATION.replace(
        /\$1/g,
        emailOptIn.verificationCode.toString(),
      )
      const emailSent = await sendEMail({
        from: `Gradido (nicht antworten) <${CONFIG.EMAIL_SENDER}>`,
        to: `${firstName} ${lastName} <${email}>`,
        subject: 'Gradido: E-Mail Überprüfung',
        text: `Hallo ${firstName} ${lastName},
        Deine EMail wurde soeben bei Gradido registriert.
        Klicke bitte auf diesen Link, um die Registrierung abzuschließen und dein Gradido-Konto zu aktivieren:
        ${activationLink}
        oder kopiere den obigen Link in dein Browserfenster.
        Mit freundlichen Grüßen,
        dein Gradido-Team`,
      })
      // In case EMails are disabled log the activation link for the user
      if (!emailSent) {
        // eslint-disable-next-line no-console
        console.log(`Account confirmation link: ${activationLink}`)
      }
      await queryRunner.commitTransaction()
    } catch (e) {
      await queryRunner.rollbackTransaction()
      throw e
    } finally {
      await queryRunner.release()
    }
    return 'success'
  }
@ -185,7 +474,7 @@ export class UserResolver {
  }
  @Authorized()
-  @Mutation(() => UpdateUserInfosResponse)
+  @Mutation(() => Boolean)
  async updateUserInfos(
    @Args()
    {
@ -200,90 +489,120 @@ export class UserResolver {
      coinanimation,
    }: UpdateUserInfosArgs,
    @Ctx() context: any,
-  ): Promise<UpdateUserInfosResponse> {
+  ): Promise<boolean> {
    const payload = {
      session_id: context.sessionId,
      update: {
        'User.first_name': firstName || undefined,
        'User.last_name': lastName || undefined,
        'User.description': description || undefined,
        'User.username': username || undefined,
        'User.language': language || undefined,
        'User.publisher_id': publisherId || undefined,
        'User.password': passwordNew || undefined,
        'User.password_old': password || undefined,
      },
    }
    let response: UpdateUserInfosResponse | undefined
    const userRepository = getCustomRepository(UserRepository)
    const userEntity = await userRepository.findByPubkeyHex(context.pubKey)
    const loginUserRepository = getCustomRepository(LoginUserRepository)
    const loginUser = await loginUserRepository.findOneOrFail({ email: userEntity.email })
-    if (
+    if (username) {
-      firstName ||
+      throw new Error('change username currently not supported!')
-      lastName ||
+      // TODO: this error was thrown on login_server whenever you tried to change the username
-      description ||
+      // to anything except "" which is an exception to the rules below. Those were defined
-      username ||
+      // aswell, even tho never used.
-      language ||
+      // ^[a-zA-Z][a-zA-Z0-9_-]*$
-      publisherId ||
+      // username must start with [a-z] or [A-Z] and than can contain also [0-9], - and _
-      passwordNew ||
+      // username already used
-      password
+      // userEntity.username = username
    ) {
      const result = await apiPost(CONFIG.LOGIN_API_URL + 'updateUserInfos', payload)
      if (!result.success) throw new Error(result.data)
      response = new UpdateUserInfosResponse(result.data)
      const userEntity = await userRepository.findByPubkeyHex(context.pubKey)
      let userEntityChanged = false
      if (firstName) {
        userEntity.firstName = firstName
        userEntityChanged = true
      }
      if (lastName) {
        userEntity.lastName = lastName
        userEntityChanged = true
      }
      if (username) {
        userEntity.username = username
        userEntityChanged = true
      }
      if (userEntityChanged) {
        userEntity.save().catch((error) => {
          throw new Error(error)
        })
      }
    }
    if (coinanimation !== undefined) {
      // load user and balance
-      const userEntity = await userRepository.findByPubkeyHex(context.pubKey)
+    if (firstName) {
      loginUser.firstName = firstName
      userEntity.firstName = firstName
    }
-      const userSettingRepository = getCustomRepository(UserSettingRepository)
+    if (lastName) {
-      userSettingRepository
+      loginUser.lastName = lastName
-        .setOrUpdate(userEntity.id, Setting.COIN_ANIMATION, coinanimation.toString())
+      userEntity.lastName = lastName
-        .catch((error) => {
+    }
          throw new Error(error)
        })
-      if (!response) {
+    if (description) {
-        response = new UpdateUserInfosResponse({ valid_values: 1 })
+      loginUser.description = description
-      } else {
+    }
-        response.validValues++
+
    if (language) {
      if (!isLanguage(language)) {
        throw new Error(`"${language}" isn't a valid language`)
      }
      loginUser.language = language
    }
-    if (!response) {
+
-      throw new Error('no valid response')
+    if (password && passwordNew) {
      // TODO: This had some error cases defined - like missing private key. This is no longer checked.
      const oldPasswordHash = SecretKeyCryptographyCreateKey(loginUser.email, password)
      if (loginUser.password !== oldPasswordHash[0].readBigUInt64LE()) {
        throw new Error(`Old password is invalid`)
      }
      const privKey = SecretKeyCryptographyDecrypt(loginUser.privKey, oldPasswordHash[1])
      const newPasswordHash = SecretKeyCryptographyCreateKey(loginUser.email, passwordNew) // return short and long hash
      const encryptedPrivkey = SecretKeyCryptographyEncrypt(privKey, newPasswordHash[1])
      // Save new password hash and newly encrypted private key
      loginUser.password = newPasswordHash[0].readBigInt64LE()
      loginUser.privKey = encryptedPrivkey
    }
-    return response
+
    // Save publisherId only if Elopage is not yet registered
    if (publisherId && !(await this.hasElopage(context))) {
      loginUser.publisherId = publisherId
    }
    const queryRunner = getConnection().createQueryRunner()
    await queryRunner.connect()
    await queryRunner.startTransaction('READ UNCOMMITTED')
    try {
      if (coinanimation) {
        queryRunner.manager
          .getCustomRepository(UserSettingRepository)
          .setOrUpdate(userEntity.id, Setting.COIN_ANIMATION, coinanimation.toString())
          .catch((error) => {
            throw new Error('error saving coinanimation: ' + error)
          })
      }
      await queryRunner.manager.save(loginUser).catch((error) => {
        throw new Error('error saving loginUser: ' + error)
      })
      await queryRunner.manager.save(userEntity).catch((error) => {
        throw new Error('error saving user: ' + error)
      })
      await queryRunner.commitTransaction()
    } catch (e) {
      await queryRunner.rollbackTransaction()
      throw e
    } finally {
      await queryRunner.release()
    }
    return true
  }
-  @Query(() => CheckUsernameResponse)
+  @Query(() => Boolean)
-  async checkUsername(
+  async checkUsername(@Args() { username }: CheckUsernameArgs): Promise<boolean> {
-    @Args() { username, groupId = 1 }: CheckUsernameArgs,
+    // Username empty?
-  ): Promise<CheckUsernameResponse> {
+    if (username === '') {
-    const response = await apiGet(
+      throw new Error('Username must be set.')
-      CONFIG.LOGIN_API_URL + `checkUsername?username=${username}&group_id=${groupId}`,
+    }
-    )
+
-    if (!response.success) throw new Error(response.data)
+    // Do we fullfil the minimum character length?
-    return new CheckUsernameResponse(response.data)
+    const MIN_CHARACTERS_USERNAME = 2
    if (username.length < MIN_CHARACTERS_USERNAME) {
      throw new Error(`Username must be at minimum ${MIN_CHARACTERS_USERNAME} characters long.`)
    }
    const usersFound = await LoginUser.count({ username })
    // Username already present?
    if (usersFound !== 0) {
      throw new Error(`Username "${username}" already taken.`)
    }
    return true
  }
  @Query(() => CheckEmailResponse)
@ -298,12 +617,17 @@ export class UserResolver {
    return new CheckEmailResponse(result.data)
  }
  @Authorized()
  @Query(() => Boolean)
  async hasElopage(@Ctx() context: any): Promise<boolean> {
-    const result = await apiGet(CONFIG.LOGIN_API_URL + 'hasElopage?session_id=' + context.sessionId)
+    const userRepository = getCustomRepository(UserRepository)
-    if (!result.success) {
+    const userEntity = await userRepository.findByPubkeyHex(context.pubKey).catch()
-      throw new Error(result.data)
+    if (!userEntity) {
      return false
    }
-    return result.data.hasElopage
+
    const loginElopageBuysRepository = getCustomRepository(LoginElopageBuysRepository)
    const elopageBuyCount = await loginElopageBuysRepository.count({ payerEmail: userEntity.email })
    return elopageBuyCount > 0
  }
 }
--- a/backend/src/graphql/schema.ts
+++ b/backend/src/graphql/schema.ts
@ -6,7 +6,7 @@ import isAuthorized from './directive/isAuthorized'
 const schema = async (): Promise<GraphQLSchema> => {
  return buildSchema({
-    resolvers: [path.join(__dirname, 'resolver', `*.{js,ts}`)],
+    resolvers: [path.join(__dirname, 'resolver', `!(*.test).{js,ts}`)],
    authChecker: isAuthorized,
  })
 }
--- a/backend/src/index.ts
+++ b/backend/src/index.ts
@ -1,64 +1,14 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
-import 'reflect-metadata'
+import createServer from './server/createServer'
 import 'module-alias/register'
 import express from 'express'
 import { ApolloServer } from 'apollo-server-express'
 // config
 import CONFIG from './config'
 // database
 import connection from './typeorm/connection'
 import getDBVersion from './typeorm/getDBVersion'
 // server
 import cors from './server/cors'
 import context from './server/context'
 import plugins from './server/plugins'
 // graphql
 import schema from './graphql/schema'
 // TODO implement
 // import queryComplexity, { simpleEstimator, fieldConfigEstimator } from "graphql-query-complexity";
 const DB_VERSION = '0002-add_settings'
 async function main() {
-  // open mysql connection
+  const { app } = await createServer()
  const con = await connection()
  if (!con || !con.isConnected) {
    throw new Error(`Couldn't open connection to database`)
  }
-  // check for correct database version
+  app.listen(CONFIG.PORT, () => {
  const dbVersion = await getDBVersion()
  if (!dbVersion || dbVersion.indexOf(DB_VERSION) === -1) {
    throw new Error(
      `Wrong database version - the backend requires '${DB_VERSION}' but found '${
        dbVersion || 'None'
      }'`,
    )
  }
  // Express Server
  const server = express()
  // cors
  server.use(cors)
  // Apollo Server
  const apollo = new ApolloServer({
    schema: await schema(),
    playground: CONFIG.GRAPHIQL,
    context,
    plugins,
  })
  apollo.applyMiddleware({ app: server })
  // Start Server
  server.listen(CONFIG.PORT, () => {
    // eslint-disable-next-line no-console
    console.log(`Server is running at http://localhost:${CONFIG.PORT}`)
    if (CONFIG.GRAPHIQL) {
--- a/backend/src/jwt/decode.ts
+++ b/backend/src/jwt/decode.ts
@ -2,27 +2,22 @@ import jwt, { JwtPayload } from 'jsonwebtoken'
 import CONFIG from '../config/'
 interface CustomJwtPayload extends JwtPayload {
  sessionId: number
  pubKey: Buffer
 }
 type DecodedJwt = {
  token: string
  sessionId: number
  pubKey: Buffer
 }
 export default (token: string): DecodedJwt => {
  if (!token) throw new Error('401 Unauthorized')
  let sessionId = null
  let pubKey = null
  try {
    const decoded = <CustomJwtPayload>jwt.verify(token, CONFIG.JWT_SECRET)
    sessionId = decoded.sessionId
    pubKey = decoded.pubKey
    return {
      token,
      sessionId,
      pubKey,
    }
  } catch (err) {
--- a/backend/src/jwt/encode.ts
+++ b/backend/src/jwt/encode.ts
@ -5,10 +5,9 @@ import jwt from 'jsonwebtoken'
 import CONFIG from '../config/'
 // Generate an Access Token
-export default function encode(sessionId: number, pubKey: Buffer): string {
+export default function encode(pubKey: Buffer): string {
-  const token = jwt.sign({ sessionId, pubKey }, CONFIG.JWT_SECRET, {
+  const token = jwt.sign({ pubKey }, CONFIG.JWT_SECRET, {
    expiresIn: CONFIG.JWT_EXPIRES_IN,
    subject: sessionId.toString(),
  })
  return token
 }
--- a/backend/src/server/createServer.ts
+++ b/backend/src/server/createServer.ts
@ -0,0 +1,64 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 /* eslint-disable @typescript-eslint/explicit-module-boundary-types */
 import 'reflect-metadata'
 import 'module-alias/register'
 import { ApolloServer } from 'apollo-server-express'
 import express from 'express'
 // database
 import connection from '../typeorm/connection'
 import getDBVersion from '../typeorm/getDBVersion'
 // server
 import cors from './cors'
 import serverContext from './context'
 import plugins from './plugins'
 // config
 import CONFIG from '../config'
 // graphql
 import schema from '../graphql/schema'
 // TODO implement
 // import queryComplexity, { simpleEstimator, fieldConfigEstimator } from "graphql-query-complexity";
 const DB_VERSION = '0004-login_server_data'
 const createServer = async (context: any = serverContext): Promise<any> => {
  // open mysql connection
  const con = await connection()
  if (!con || !con.isConnected) {
    throw new Error(`Couldn't open connection to database`)
  }
  // check for correct database version
  const dbVersion = await getDBVersion()
  if (!dbVersion || dbVersion.indexOf(DB_VERSION) === -1) {
    throw new Error(
      `Wrong database version - the backend requires '${DB_VERSION}' but found '${
        dbVersion || 'None'
      }'`,
    )
  }
  // Express Server
  const app = express()
  // cors
  app.use(cors)
  // Apollo Server
  const apollo = new ApolloServer({
    schema: await schema(),
    playground: CONFIG.GRAPHIQL,
    context,
    plugins,
  })
  apollo.applyMiddleware({ app })
  return { apollo, app, con }
 }
 export default createServer
--- a/backend/src/typeorm/repository/LoginElopageBuys.ts
+++ b/backend/src/typeorm/repository/LoginElopageBuys.ts
@ -0,0 +1,5 @@
 import { EntityRepository, Repository } from 'typeorm'
 import { LoginElopageBuys } from '@entity/LoginElopageBuys'
@EntityRepository(LoginElopageBuys)
 export class LoginElopageBuysRepository extends Repository<LoginElopageBuys> {}
--- a/backend/src/typeorm/repository/LoginEmailOptIn.ts
+++ b/backend/src/typeorm/repository/LoginEmailOptIn.ts
@ -0,0 +1,5 @@
 import { EntityRepository, Repository } from 'typeorm'
 import { LoginEmailOptIn } from '@entity/LoginEmailOptIn'
@EntityRepository(LoginEmailOptIn)
 export class LoginEmailOptInRepository extends Repository<LoginEmailOptIn> {}
--- a/backend/src/typeorm/repository/LoginUser.ts
+++ b/backend/src/typeorm/repository/LoginUser.ts
@ -0,0 +1,11 @@
 import { EntityRepository, Repository } from 'typeorm'
 import { LoginUser } from '@entity/LoginUser'
@EntityRepository(LoginUser)
 export class LoginUserRepository extends Repository<LoginUser> {
  async findByEmail(email: string): Promise<LoginUser> {
    return this.createQueryBuilder('loginUser')
      .where('loginUser.email = :email', { email })
      .getOneOrFail()
  }
 }
--- a/backend/src/typeorm/repository/LoginUserBackup.ts
+++ b/backend/src/typeorm/repository/LoginUserBackup.ts
@ -0,0 +1,5 @@
 import { EntityRepository, Repository } from 'typeorm'
 import { LoginUserBackup } from '@entity/LoginUserBackup'
@EntityRepository(LoginUserBackup)
 export class LoginUserBackupRepository extends Repository<LoginUserBackup> {}
--- a/backend/src/typeorm/repository/User.ts
+++ b/backend/src/typeorm/repository/User.ts
@ -9,6 +9,15 @@ export class UserRepository extends Repository<User> {
      .getOneOrFail()
  }
  async findByPubkeyHexBuffer(pubkeyHexBuffer: Buffer): Promise<User> {
    const pubKeyString = pubkeyHexBuffer.toString('hex')
    return await this.findByPubkeyHex(pubKeyString)
  }
  async findByEmail(email: string): Promise<User> {
    return this.createQueryBuilder('user').where('user.email = :email', { email }).getOneOrFail()
  }
  async getUsersIndiced(userIds: number[]): Promise<User[]> {
    if (!userIds.length) return []
    const users = await this.createQueryBuilder('user')
--- a/backend/src/typeorm/repository/UserTransaction.ts
+++ b/backend/src/typeorm/repository/UserTransaction.ts
@ -17,4 +17,11 @@ export class UserTransactionRepository extends Repository<UserTransaction> {
      .offset(offset)
      .getManyAndCount()
  }
  findLastForUser(userId: number): Promise<UserTransaction | undefined> {
    return this.createQueryBuilder('userTransaction')
      .where('userTransaction.userId = :userId', { userId })
      .orderBy('userTransaction.transactionId', 'DESC')
      .getOne()
  }
 }
--- a/backend/src/util/decay.test.ts
+++ b/backend/src/util/decay.test.ts
@ -2,24 +2,25 @@ import { decayFormula, calculateDecay } from './decay'
 describe('utils/decay', () => {
  describe('decayFormula', () => {
-    it('has base 0.99999997802044727', async () => {
+    it('has base 0.99999997802044727', () => {
      const amount = 1.0
      const seconds = 1
-      expect(await decayFormula(amount, seconds)).toBe(0.99999997802044727)
+      expect(decayFormula(amount, seconds)).toBe(0.99999997802044727)
    })
    // Not sure if the following skiped tests make sence!?
-    it.skip('has negative decay?', async () => {
+    it('has negative decay?', async () => {
      const amount = -1.0
      const seconds = 1
      expect(await decayFormula(amount, seconds)).toBe(-0.99999997802044727)
    })
-    it.skip('has correct backward calculation', async () => {
+    it('has correct backward calculation', async () => {
      const amount = 1.0
      const seconds = -1
      expect(await decayFormula(amount, seconds)).toBe(1.0000000219795533)
    })
-    it.skip('has correct forward calculation', async () => {
+    // not possible, nodejs hasn't enough accuracy
-      const amount = 1.000000219795533
+    it('has correct forward calculation', async () => {
      const amount = 1.0 / 0.99999997802044727
      const seconds = 1
      expect(await decayFormula(amount, seconds)).toBe(1.0)
    })
@ -32,7 +33,7 @@ describe('utils/decay', () => {
    expect(await calculateDecay(1.0, oneSecondAgo, now)).toBe(0.99999997802044727)
  })
-  it.skip('returns input amount when from and to is the same', async () => {
+  it('returns input amount when from and to is the same', async () => {
    const now = new Date()
    expect(await calculateDecay(100.0, now, now)).toBe(100.0)
  })
--- a/backend/src/util/decay.ts
+++ b/backend/src/util/decay.ts
@ -7,6 +7,15 @@ function decayFormula(amount: number, seconds: number): number {
 }
 async function calculateDecay(amount: number, from: Date, to: Date): Promise<number> {
  if (amount === undefined || !from || !to) {
    throw new Error('at least one parameter is undefined')
  }
  if (from === to) {
    return amount
  }
  if (to < from) {
    throw new Error('to < from, so the target date is in the past?')
  }
  // load decay start block
  const transactionRepository = getCustomRepository(TransactionRepository)
  const decayStartBlock = await transactionRepository.findDecayStartBlock()
--- a/backend/src/util/round.test.ts
+++ b/backend/src/util/round.test.ts
@ -0,0 +1,22 @@
 import { roundCeilFrom4, roundFloorFrom4, roundCeilFrom2, roundFloorFrom2 } from './round'
 describe('utils/round', () => {
  it('roundCeilFrom4', () => {
    const amount = 11617
    expect(roundCeilFrom4(amount)).toBe(1.17)
  })
  // Not sure if the following skiped tests make sence!?
  it('roundFloorFrom4', () => {
    const amount = 11617
    expect(roundFloorFrom4(amount)).toBe(1.16)
  })
  it('roundCeilFrom2', () => {
    const amount = 1216
    expect(roundCeilFrom2(amount)).toBe(13)
  })
  // not possible, nodejs hasn't enough accuracy
  it('roundFloorFrom2', () => {
    const amount = 1216
    expect(roundFloorFrom2(amount)).toBe(12)
  })
 })
--- a/backend/src/util/sendEMail.ts
+++ b/backend/src/util/sendEMail.ts
@ -0,0 +1,31 @@
 import { createTransport } from 'nodemailer'
 import CONFIG from '../config'
 export const sendEMail = async (emailDef: {
  from: string
  to: string
  subject: string
  text: string
 }): Promise<boolean> => {
  if (!CONFIG.EMAIL) {
    // eslint-disable-next-line no-console
    console.log('Emails are disabled via config')
    return false
  }
  const transporter = createTransport({
    host: CONFIG.EMAIL_SMTP_URL,
    port: Number(CONFIG.EMAIL_SMTP_PORT),
    secure: false, // true for 465, false for other ports
    requireTLS: true,
    auth: {
      user: CONFIG.EMAIL_USERNAME,
      pass: CONFIG.EMAIL_PASSWORD,
    },
  })
  const info = await transporter.sendMail(emailDef)
  if (!info.messageId) {
    throw new Error('error sending notification email, but transaction succeed')
  }
  return true
 }
--- a/backend/src/util/validate.ts
+++ b/backend/src/util/validate.ts
@ -1,3 +1,8 @@
 import { User as dbUser } from '@entity/User'
 import { Balance as dbBalance } from '@entity/Balance'
 import { getRepository } from 'typeorm'
 import { calculateDecay } from './decay'
 function isStringBoolean(value: string): boolean {
  const lowerValue = value.toLowerCase()
  if (lowerValue === 'true' || lowerValue === 'false') {
@ -6,4 +11,18 @@ function isStringBoolean(value: string): boolean {
  return false
 }
-export { isStringBoolean }
+function isHexPublicKey(publicKey: string): boolean {
  return /^[0-9A-Fa-f]{64}$/i.test(publicKey)
 }
 async function hasUserAmount(user: dbUser, amount: number): Promise<boolean> {
  if (amount < 0) return false
  const balanceRepository = getRepository(dbBalance)
  const balance = await balanceRepository.findOne({ userId: user.id })
  if (!balance) return false
  const decay = await calculateDecay(balance.amount, balance.recordDate, new Date())
  return decay > amount
 }
 export { isHexPublicKey, hasUserAmount, isStringBoolean }
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
--- a/community_server/src/Controller/ServerUsersController.php
+++ b/community_server/src/Controller/ServerUsersController.php
@ -15,7 +15,8 @@ class ServerUsersController extends AppController
    public function initialize()
    {
        parent::initialize();
-        $this->Auth->allow(['add', 'edit']);
+        // uncomment in devmode to add new community server admin user, but don't!!! commit it
        //$this->Auth->allow(['add', 'edit']);
        $this->Auth->deny('index');
    }
--- a/configs/login_server/grd_login.properties
+++ b/configs/login_server/grd_login.properties
@ -17,7 +17,7 @@ phpServer.host = nginx
 loginServer.path = http://localhost/account
 loginServer.default_locale = de
 loginServer.db.host = mariadb
-loginServer.db.name = gradido_login
+loginServer.db.name = gradido_community
 loginServer.db.user = root
 loginServer.db.password = 
 loginServer.db.port = 3306
--- a/configs/login_server/grd_login_test.properties
+++ b/configs/login_server/grd_login_test.properties
@ -17,7 +17,7 @@ phpServer.host = nginx
 loginServer.path = http://localhost/account
 loginServer.default_locale = de
 loginServer.db.host = mariadb
-loginServer.db.name = gradido_login_test
+loginServer.db.name = gradido_community_test
 loginServer.db.user = root
 loginServer.db.password = 
 loginServer.db.port = 3306
--- a/configs/login_server/setup_db_tables/setup_docker_group.sql
+++ b/configs/login_server/setup_db_tables/setup_docker_group.sql
@ -1,6 +0,0 @@
 INSERT INTO `groups` (`id`, `alias`, `name`, `url`, `host`, `home`, `description`) VALUES
 (1, 'docker', 'docker gradido group', 'localhost', 'nginx', '/', 'gradido test group for docker and stage2 with blockchain db');
--- a/database/entity/0001-init_db/TransactionSendCoin.ts
+++ b/database/entity/0001-init_db/TransactionSendCoin.ts
@ -24,6 +24,9 @@ export class TransactionSendCoin extends BaseEntity {
  @Column()
  amount: number
  @Column({ name: 'sender_final_balance' })
  senderFinalBalance: number
  @OneToOne(() => Transaction)
  @JoinColumn({ name: 'transaction_id' })
  transaction: Transaction
--- a/database/entity/0003-login_server_tables/LoginElopageBuys.ts
+++ b/database/entity/0003-login_server_tables/LoginElopageBuys.ts
@ -0,0 +1,52 @@
 import { BaseEntity, Entity, PrimaryGeneratedColumn, Column } from 'typeorm'
@Entity('login_elopage_buys')
 export class LoginElopageBuys extends BaseEntity {
  @PrimaryGeneratedColumn('increment', { unsigned: true })
  id: number
  @Column({ name: 'elopage_user_id', nullable: false })
  elopageUserId: number
  @Column({ name: 'affiliate_program_id', nullable: false })
  affiliateProgramId: number
  @Column({ name: 'publisher_id', nullable: false })
  publisherId: number
  @Column({ name: 'order_id', nullable: false })
  orderId: number
  @Column({ name: 'product_id', nullable: false })
  productId: number
  @Column({ name: 'product_price', nullable: false })
  productPrice: number
  @Column({
    name: 'payer_email',
    length: 255,
    nullable: false,
    charset: 'utf8',
    collation: 'utf8_bin',
  })
  payerEmail: string
  @Column({
    name: 'publisher_email',
    length: 255,
    nullable: false,
    charset: 'utf8',
    collation: 'utf8_bin',
  })
  publisherEmail: string
  @Column({ nullable: false })
  payed: boolean
  @Column({ name: 'success_date', nullable: false })
  successDate: Date
  @Column({ length: 255, nullable: false })
  event: string
 }
--- a/database/entity/0003-login_server_tables/LoginEmailOptIn.ts
+++ b/database/entity/0003-login_server_tables/LoginEmailOptIn.ts
@ -0,0 +1,26 @@
 import { BaseEntity, Entity, PrimaryGeneratedColumn, Column } from 'typeorm'
 // Moriz: I do not like the idea of having two user tables
@Entity('login_email_opt_in')
 export class LoginEmailOptIn extends BaseEntity {
  @PrimaryGeneratedColumn('increment', { unsigned: true })
  id: number
  @Column({ name: 'user_id' })
  userId: number
  @Column({ name: 'verification_code', type: 'bigint', unsigned: true, unique: true })
  verificationCode: BigInt
  @Column({ name: 'email_opt_in_type_id' })
  emailOptInTypeId: number
  @Column({ name: 'created', default: () => 'CURRENT_TIMESTAMP' })
  createdAt: Date
  @Column({ name: 'resend_count', default: 0 })
  resendCount: number
  @Column({ name: 'updated', default: () => 'CURRENT_TIMESTAMP' })
  updatedAt: Date
 }
--- a/database/entity/0003-login_server_tables/LoginUser.ts
+++ b/database/entity/0003-login_server_tables/LoginUser.ts
@ -0,0 +1,56 @@
 import { BaseEntity, Entity, PrimaryGeneratedColumn, Column } from 'typeorm'
 // Moriz: I do not like the idea of having two user tables
@Entity('login_users')
 export class LoginUser extends BaseEntity {
  @PrimaryGeneratedColumn('increment', { unsigned: true })
  id: number
  @Column({ length: 191, unique: true })
  email: string
  @Column({ name: 'first_name', length: 150 })
  firstName: string
  @Column({ name: 'last_name', length: 255, default: '' })
  lastName: string
  @Column({ length: 255, default: '' })
  username: string
  @Column({ default: '' })
  description: string
  @Column({ type: 'bigint', default: 0, unsigned: true })
  password: BigInt
  @Column({ name: 'pubkey', type: 'binary', length: 32, default: null, nullable: true })
  pubKey: Buffer
  @Column({ name: 'privkey', type: 'binary', length: 80, default: null, nullable: true })
  privKey: Buffer
  @Column({ name: 'email_hash', type: 'binary', length: 32, default: null, nullable: true })
  emailHash: Buffer
  @Column({ name: 'created', default: () => 'CURRENT_TIMESTAMP' })
  createdAt: Date
  @Column({ name: 'email_checked', default: 0 })
  emailChecked: boolean
  @Column({ name: 'passphrase_shown', default: 0 })
  passphraseShown: boolean
  @Column({ length: 4, default: 'de' })
  language: string
  @Column({ default: 0 })
  disabled: boolean
  @Column({ name: 'group_id', default: 0, unsigned: true })
  groupId: number
  @Column({ name: 'publisher_id', default: 0 })
  publisherId: number
 }
--- a/database/entity/0003-login_server_tables/LoginUserBackup.ts
+++ b/database/entity/0003-login_server_tables/LoginUserBackup.ts
@ -0,0 +1,16 @@
 import { BaseEntity, Entity, PrimaryGeneratedColumn, Column } from 'typeorm'
@Entity('login_user_backups')
 export class LoginUserBackup extends BaseEntity {
  @PrimaryGeneratedColumn('increment', { unsigned: true })
  id: number
  @Column({ name: 'user_id', nullable: false })
  userId: number
  @Column({ type: 'text', name: 'passphrase', nullable: false })
  passphrase: string
  @Column({ name: 'mnemonic_type', default: -1 })
  mnemonicType: number
 }
--- a/database/entity/LoginElopageBuys.ts
+++ b/database/entity/LoginElopageBuys.ts
@ -0,0 +1 @@
 export { LoginElopageBuys } from './0003-login_server_tables/LoginElopageBuys'
--- a/database/entity/LoginEmailOptIn.ts
+++ b/database/entity/LoginEmailOptIn.ts
@ -0,0 +1 @@
 export { LoginEmailOptIn } from './0003-login_server_tables/LoginEmailOptIn'
--- a/database/entity/LoginUser.ts
+++ b/database/entity/LoginUser.ts
@ -0,0 +1 @@
 export { LoginUser } from './0003-login_server_tables/LoginUser'
--- a/database/entity/LoginUserBackup.ts
+++ b/database/entity/LoginUserBackup.ts
@ -0,0 +1 @@
 export { LoginUserBackup } from './0003-login_server_tables/LoginUserBackup'
--- a/database/entity/index.ts
+++ b/database/entity/index.ts
@ -1,4 +1,8 @@
 import { Balance } from './Balance'
 import { LoginElopageBuys } from './LoginElopageBuys'
 import { LoginEmailOptIn } from './LoginEmailOptIn'
 import { LoginUser } from './LoginUser'
 import { LoginUserBackup } from './LoginUserBackup'
 import { Migration } from './Migration'
 import { Transaction } from './Transaction'
 import { TransactionCreation } from './TransactionCreation'
@ -9,6 +13,10 @@ import { UserTransaction } from './UserTransaction'
 export const entities = [
  Balance,
  LoginElopageBuys,
  LoginEmailOptIn,
  LoginUser,
  LoginUserBackup,
  Migration,
  Transaction,
  TransactionCreation,
--- a/database/migrations/0002-add_settings.ts
+++ b/database/migrations/0002-add_settings.ts
@ -11,7 +11,7 @@
 export async function upgrade(queryFn: (query: string, values?: any[]) => Promise<Array<any>>) {
  await queryFn(`
-      CREATE TABLE IF NOT EXISTS \`user_setting\` (
+      CREATE TABLE \`user_setting\` (
        \`id\` int(10) unsigned NOT NULL AUTO_INCREMENT,
        \`userId\` int(11) NOT NULL,
        \`key\` varchar(255) NOT NULL,
@ -22,5 +22,5 @@ export async function upgrade(queryFn: (query: string, values?: any[]) => Promis
 export async function downgrade(queryFn: (query: string, values?: any[]) => Promise<Array<any>>) {
  // write downgrade logic as parameter of queryFn
-  await queryFn(`DROP TABLE IF EXISTS \`user_setting\`;`)
+  await queryFn(`DROP TABLE \`user_setting\`;`)
 }
--- a/database/migrations/0003-login_server_tables.ts
+++ b/database/migrations/0003-login_server_tables.ts
@ -0,0 +1,153 @@
 /* FIRST MIGRATION
 *
 * This migration is special since it takes into account that
 * the database can be setup already but also may not be.
 * Therefore you will find all `CREATE TABLE` statements with
 * a `IF NOT EXISTS`, all `INSERT` with an `IGNORE` and in the
 * downgrade function all `DROP TABLE` with a `IF EXISTS`.
 * This ensures compatibility for existing or non-existing
 * databases.
 */
 export async function upgrade(queryFn: (query: string, values?: any[]) => Promise<Array<any>>) {
  await queryFn(`
    CREATE TABLE \`login_app_access_tokens\` (
      \`id\` int unsigned NOT NULL AUTO_INCREMENT,
      \`user_id\` int NOT NULL,
      \`access_code\` bigint unsigned NOT NULL,
      \`created\` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
      \`updated\` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
      PRIMARY KEY (\`id\`),
      UNIQUE KEY \`access_code\` (\`access_code\`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
  `)
  await queryFn(`
    CREATE TABLE \`login_elopage_buys\` (
      \`id\` int unsigned NOT NULL AUTO_INCREMENT,
      \`elopage_user_id\` int DEFAULT NULL,
      \`affiliate_program_id\` int NOT NULL,
      \`publisher_id\` int NOT NULL,
      \`order_id\` int NOT NULL,
      \`product_id\` int NOT NULL,
      \`product_price\` int NOT NULL,
      \`payer_email\` varchar(255) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
      \`publisher_email\` varchar(255) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
      \`payed\` tinyint NOT NULL,
      \`success_date\` datetime NOT NULL,
      \`event\` varchar(255) NOT NULL,
      PRIMARY KEY (\`id\`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
  `)
  await queryFn(`
    CREATE TABLE \`login_email_opt_in_types\` (
      \`id\` int unsigned NOT NULL AUTO_INCREMENT,
      \`name\` varchar(255) NOT NULL,
      \`description\` varchar(255) NOT NULL,
      PRIMARY KEY (\`id\`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
  `)
  await queryFn(`
    CREATE TABLE \`login_email_opt_in\` (
      \`id\` int unsigned NOT NULL AUTO_INCREMENT,
      \`user_id\` int NOT NULL,
      \`verification_code\` bigint unsigned NOT NULL,
      \`email_opt_in_type_id\` int NOT NULL,
      \`created\` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
      \`resend_count\` int DEFAULT '0',
      \`updated\` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
      PRIMARY KEY (\`id\`),
      UNIQUE KEY \`verification_code\` (\`verification_code\`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
  `)
  await queryFn(`
    CREATE TABLE \`login_groups\` (
      \`id\` int unsigned NOT NULL AUTO_INCREMENT,
      \`alias\` varchar(190) NOT NULL,
      \`name\` varchar(255) NOT NULL,
      \`url\` varchar(255) NOT NULL,
      \`host\` varchar(255) DEFAULT "/",
      \`home\` varchar(255) DEFAULT "/",
      \`description\` text,
      PRIMARY KEY (\`id\`),
      UNIQUE KEY \`alias\` (\`alias\`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4; 
  `)
  await queryFn(`
    CREATE TABLE \`login_pending_tasks\` (
      \`id\` int UNSIGNED NOT NULL AUTO_INCREMENT,
      \`user_id\` int UNSIGNED DEFAULT 0,
      \`request\` varbinary(2048) NOT NULL,
      \`created\` datetime NOT NULL,
      \`finished\` datetime DEFAULT '2000-01-01 000000',
      \`result_json\` text DEFAULT NULL,
      \`param_json\` text DEFAULT NULL,
      \`task_type_id\` int UNSIGNED NOT NULL,
      \`child_pending_task_id\` int UNSIGNED DEFAULT 0,
      \`parent_pending_task_id\` int UNSIGNED DEFAULT 0,
      PRIMARY KEY (\`id\`)
    ) ENGINE = InnoDB DEFAULT CHARSET=utf8mb4;
  `)
  await queryFn(`
    CREATE TABLE \`login_roles\` (
      \`id\` int unsigned NOT NULL AUTO_INCREMENT,
      \`name\` varchar(255) NOT NULL,
      \`description\` varchar(255) NOT NULL,
      \`flags\` bigint NOT NULL DEFAULT '0',
      PRIMARY KEY (\`id\`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
  `)
  await queryFn(`
    CREATE TABLE \`login_user_backups\` (
      \`id\` int unsigned NOT NULL AUTO_INCREMENT,
      \`user_id\` int NOT NULL,
      \`passphrase\` text NOT NULL,
      \`mnemonic_type\` int DEFAULT '-1',
      PRIMARY KEY (\`id\`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
  `)
  await queryFn(`
    CREATE TABLE \`login_user_roles\` (
      \`id\` int unsigned NOT NULL AUTO_INCREMENT,
      \`user_id\` int NOT NULL,
      \`role_id\` int NOT NULL,
      PRIMARY KEY (\`id\`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
  `)
  await queryFn(`
    CREATE TABLE \`login_users\` (
      \`id\` int unsigned NOT NULL AUTO_INCREMENT,
      \`email\` varchar(191) NOT NULL,
      \`first_name\` varchar(150) NOT NULL,
      \`last_name\` varchar(255) DEFAULT '',
      \`username\` varchar(255) DEFAULT '',
      \`description\` text DEFAULT '',
      \`password\` bigint unsigned DEFAULT '0',
      \`pubkey\` binary(32) DEFAULT NULL,
      \`privkey\` binary(80) DEFAULT NULL,
      \`email_hash\` binary(32) DEFAULT NULL,
      \`created\` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP,
      \`email_checked\` tinyint NOT NULL DEFAULT '0',
      \`passphrase_shown\` tinyint NOT NULL DEFAULT '0',
      \`language\` varchar(4) NOT NULL DEFAULT 'de',
      \`disabled\` tinyint DEFAULT '0',
      \`group_id\` int unsigned DEFAULT 0,
      \`publisher_id\` int DEFAULT 0,
      PRIMARY KEY (\`id\`),
      UNIQUE KEY \`email\` (\`email\`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
  `)
 }
 export async function downgrade(queryFn: (query: string, values?: any[]) => Promise<Array<any>>) {
  // write downgrade logic as parameter of queryFn
  await queryFn(`DROP TABLE \`login_app_access_tokens\`;`)
  await queryFn(`DROP TABLE \`login_elopage_buys\`;`)
  await queryFn(`DROP TABLE \`login_email_opt_in_types\`;`)
  await queryFn(`DROP TABLE \`login_email_opt_in\`;`)
  await queryFn(`DROP TABLE \`login_groups\`;`)
  await queryFn(`DROP TABLE \`login_pending_tasks\`;`)
  await queryFn(`DROP TABLE \`login_roles\`;`)
  await queryFn(`DROP TABLE \`login_user_backups\`;`)
  await queryFn(`DROP TABLE \`login_user_roles\`;`)
  await queryFn(`DROP TABLE \`login_users\`;`)
 }
--- a/database/migrations/0004-login_server_data.ts
+++ b/database/migrations/0004-login_server_data.ts
@ -0,0 +1,74 @@
 /* FIRST MIGRATION
 *
 * This migration is special since it takes into account that
 * the database can be setup already but also may not be.
 * Therefore you will find all `CREATE TABLE` statements with
 * a `IF NOT EXISTS`, all `INSERT` with an `IGNORE` and in the
 * downgrade function all `DROP TABLE` with a `IF EXISTS`.
 * This ensures compatibility for existing or non-existing
 * databases.
 */
 const LOGIN_SERVER_DB = 'gradido_login'
 export async function upgrade(queryFn: (query: string, values?: any[]) => Promise<Array<any>>) {
  const loginDatabaseExists = await queryFn(`
    SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = '${LOGIN_SERVER_DB}'
    `)
  if (loginDatabaseExists.length === 0) {
    // eslint-disable-next-line no-console
    console.log(`Skipping Login Server Database migration - Database ${LOGIN_SERVER_DB} not found`)
    return
  }
  await queryFn(`
    INSERT INTO \`login_app_access_tokens\` SELECT * FROM ${LOGIN_SERVER_DB}.\`app_access_tokens\`;
  `)
  await queryFn(`
    INSERT INTO \`login_elopage_buys\` SELECT * FROM ${LOGIN_SERVER_DB}.\`elopage_buys\`;
  `)
  await queryFn(`
    INSERT INTO \`login_email_opt_in_types\` SELECT * FROM ${LOGIN_SERVER_DB}.\`email_opt_in_types\`;
  `)
  await queryFn(`
    INSERT INTO \`login_email_opt_in\` SELECT * FROM ${LOGIN_SERVER_DB}.\`email_opt_in\`;
  `)
  await queryFn(`
    INSERT INTO \`login_groups\` SELECT * FROM ${LOGIN_SERVER_DB}.\`groups\`;
  `)
  await queryFn(`
    INSERT INTO \`login_pending_tasks\` SELECT * FROM ${LOGIN_SERVER_DB}.\`pending_tasks\`;
  `)
  await queryFn(`
    INSERT INTO \`login_roles\` SELECT * FROM ${LOGIN_SERVER_DB}.\`roles\`;
  `)
  await queryFn(`
    INSERT INTO \`login_user_backups\` SELECT * FROM ${LOGIN_SERVER_DB}.\`user_backups\`;
  `)
  await queryFn(`
    INSERT INTO \`login_user_roles\` SELECT * FROM ${LOGIN_SERVER_DB}.\`user_roles\`;
  `)
  await queryFn(`
    INSERT INTO \`login_users\` SELECT * FROM ${LOGIN_SERVER_DB}.\`users\`;
  `)
  // TODO clarify if we need this on non docker environment?
  await queryFn(`
    INSERT IGNORE INTO \`login_groups\` (\`id\`, \`alias\`, \`name\`, \`url\`, \`host\`, \`home\`, \`description\`) VALUES
      (1, 'docker', 'docker gradido group', 'localhost', 'nginx', '/', 'gradido test group for docker and stage2 with blockchain db');
  `)
 }
 export async function downgrade(queryFn: (query: string, values?: any[]) => Promise<Array<any>>) {
  // write downgrade logic as parameter of queryFn
  await queryFn(`DELETE FROM \`login_app_access_tokens\`;`)
  await queryFn(`DELETE FROM \`login_elopage_buys\`;`)
  await queryFn(`DELETE FROM \`login_email_opt_in_types\`;`)
  await queryFn(`DELETE FROM \`login_email_opt_in\`;`)
  await queryFn(`DELETE FROM \`login_groups\`;`)
  await queryFn(`DELETE FROM \`login_pending_tasks\`;`)
  await queryFn(`DELETE FROM \`login_roles\`;`)
  await queryFn(`DELETE FROM \`login_user_backups\`;`)
  await queryFn(`DELETE FROM \`login_user_roles\`;`)
  await queryFn(`DELETE FROM \`login_users\`;`)
 }
--- a/deployment/bare_metal/update_all.sh
+++ b/deployment/bare_metal/update_all.sh
@ -36,8 +36,6 @@ cd $PROJECT_PATH
 # git checkout -f master
 git pull
 cd deployment/bare_metal
 echo 'update schemas' >> $UPDATE_HTML
 ./update_db_schemas.sh
 echo 'starting with rebuilding login-server<br>' >> $UPDATE_HTML
 ./build_and_start_login_server.sh
 echo 'starting with rebuilding frontend<br>' >> $UPDATE_HTML
--- a/deployment/bare_metal/update_db_schemas.sh
+++ b/deployment/bare_metal/update_db_schemas.sh
@ -1,7 +0,0 @@
 #!/bin/bash
 # For that to work skeema needed to be installed on system
 # in login_server/skeema skeema configuration files need to be there also in the subfolders 
 # Update DB Schemas (only the schemas, not the data)
 cd ../../login_server/skeema
 skeema push --allow-unsafe
--- a/docker-compose.override.yml
+++ b/docker-compose.override.yml
@ -8,8 +8,6 @@ services:
    image: gradido/frontend:development
    build:
      target: development
    networks:
      - external-net
    environment:
      - NODE_ENV="development"
      # - DEBUG=true
@ -20,6 +18,23 @@ services:
      # bind the local folder to the docker to allow live reload
      - ./frontend:/app
  ########################################################
  # ADMIN INTERFACE ######################################
  ########################################################
  admin:
    image: gradido/admin:development
    build:
      target: development
    environment:
      - NODE_ENV="development"
      # - DEBUG=true
    volumes:
      # This makes sure the docker container has its own node modules.
      # Therefore it is possible to have a different node version on the host machine
      - admin_node_modules:/app/node_modules
      # bind the local folder to the docker to allow live reload
      - ./admin:/app
  ########################################################
  # BACKEND ##############################################
  ########################################################
@ -72,6 +87,9 @@ services:
  login-server:
    build:
      dockerfile: Dockerfiles/ubuntu/Dockerfile.debug
    networks:
      - external-net
      - internal-net
    security_opt:
      - seccomp:unconfined
    cap_add:
@ -137,23 +155,9 @@ services:
    volumes:
     - /sessions
  #########################################################
  ## skeema for updating dbs if changes happend ###########
  #########################################################
  skeema: 
    build:
      context: .
      dockerfile: ./skeema/Dockerfile
      target: skeema_dev_run
    depends_on:
      - mariadb
    networks: 
      - internal-net
    volumes:
      - ./login_server/skeema/gradido_login:/skeema/gradido_login
 volumes:
  frontend_node_modules:
  admin_node_modules:
  backend_node_modules:
  backend_database_node_modules:
  backend_database_build:
--- a/docker-compose.test.yml
+++ b/docker-compose.test.yml
@ -2,6 +2,26 @@ version: "3.4"
 services:
  ########################################################
  # BACKEND ##############################################
  ########################################################
  backend:
    image: gradido/backend:test
    build:
      target: test
    networks:
      - external-net
      - internal-net
    environment:
      - NODE_ENV="test"
      - DB_HOST=mariadb
  ########################################################
  # DATABASE #############################################
  ########################################################
  database:
    restart: always # this is very dangerous, but worth a test for the delayed mariadb startup at first run
  #########################################################
  ## MARIADB ##############################################
  #########################################################
@ -9,12 +29,13 @@ services:
    build:
      context: .
      dockerfile: ./mariadb/Dockerfile
-      target: mariadb_server_test
+      target: mariadb_server
    environment:
      - MARIADB_ALLOW_EMPTY_PASSWORD=1
      - MARIADB_USER=root
    networks: 
      - internal-net
      - external-net
    ports: 
      - 3306:3306
    volumes: 
@ -76,19 +97,6 @@ services:
    volumes:
     - /sessions
  #########################################################
  ## skeema for updating dbs if changes happend ###########
  #########################################################
  skeema: 
    build:
      context: .
      dockerfile: ./skeema/Dockerfile
      target: skeema_run
    depends_on:
      - mariadb
    networks: 
      - internal-net
 networks:
  external-net:
  internal-net:
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -15,6 +15,7 @@ services:
      context: ./frontend
      target: production
    networks:
      - external-net
      - internal-net
    ports:
      - 3000:3000
@ -30,14 +31,38 @@ services:
      # - ./.env
      # - ./frontend/.env
  ########################################################
  # ADMIN INTERFACE ######################################
  ########################################################
  admin:
    image: gradido/admin:latest
    build:
      context: ./admin
      target: production
    networks:
      - external-net
      - internal-net
    ports:
      - 8080:8080
    environment:
      # Envs used in Dockerfile
      # - DOCKER_WORKDIR="/app"
      # - PORT=8090
      # - BUILD_DATE="1970-01-01T00:00:00.00Z"
      # - BUILD_VERSION="0.0.0.0"
      # - BUILD_COMMIT="0000000"
      - NODE_ENV="production"
    # env_file:
      # - ./.env
      # - ./admin/.env
  #########################################################
  ## MARIADB ##############################################
  #########################################################
  mariadb:
    build:
-      context: .
+      context: ./mariadb
-      dockerfile: ./mariadb/Dockerfile
+      target: mariadb_server
      target: mariadb_server_test
    environment:
      - MARIADB_ALLOW_EMPTY_PASSWORD=1
      - MARIADB_USER=root
@ -159,41 +184,6 @@ services:
    volumes:
      - ./community_server/config/php-fpm/php-ini-overrides.ini:/etc/php/7.4/fpm/conf.d/99-overrides.ini
  #########################################################
  ## skeema for updating dbs if changes happend ###########
  #########################################################
  skeema: 
    build:
      context: .
      dockerfile: ./skeema/Dockerfile
      target: skeema_run
    depends_on:
      - mariadb
    networks: 
      - internal-net
  #########################################################  
  ## GRADIDO NODE v1 ######################################
  #########################################################
 # gradido-node:
 #   build:
 #     context: .
 #     dockerfile: ./gn/docker/deprecated-hedera-node/Dockerfile
 #   volumes:
 #     - ${GN_INSTANCE_FOLDER}:/opt/instance
 #   container_name: ${GN_CONTAINER_NAME}
  #########################################################  
  ## GRADIDO NODE test ###################################
  #########################################################
 # gradido-node-test:
 #   build:
 #     context: .
 #     dockerfile: ./gn/docker/deprecated-hedera-node/Dockerfile
 #   container_name: gn-test
 #   working_dir: /opt/gn/build
 #   command: ["./unit_tests"]
 networks:
  external-net:
  internal-net:
--- a/docu/Concepts/TechnicalRequirements/Architecture/TechnicalOverview.md
+++ b/docu/Concepts/TechnicalRequirements/Architecture/TechnicalOverview.md
@ -15,7 +15,7 @@ This document describes the technical overview for the Gradido infrastructur. Be
 ![CommunityServerAPI](../image/CommunityServerAPI.png)
-### Database Skeema
+### Database Skeema (outdated)
 ![CommunityDBSkeema](../image/CommunityDBSkeema.png)
--- a/docu/Gradido-Admin.epgz
+++ b/docu/Gradido-Admin.epgz
--- a/docu/create-coins-as-admin.md
+++ b/docu/create-coins-as-admin.md
@ -0,0 +1,27 @@
 ### User creation
 A user needs to be created on the login_server we do this when we create a User in the client https://$community_domain/vue/register.
 ### Admin user
 To set a User admin we need the following SQL query on the gradido_login database:
 ```
 INSERT INTO user_roles (id, user_id, role_id) VALUES (NULL, '1', '1');
 ```
 user_id has to be found in users
 Now when we login in on https://$community_domain/account/ we can create coins but we will be restricted cause we can't sign the creations.
 ### Signation account
 At first we need to enable the server user account creation with uncommenting line: 19 in 
 community_server/src/Controller/ServerUsersController.php
 ```php
 $this->Auth->allow(['add', 'edit']);
 ```
 This enable us to use this action without being logged in. 
 To add a signation account we need to go on the following url: http://$community_domain/server-users/add
 ### Coin creation process
 The coin creation for work is done in the following url: http://$community_domain/transaction-creations/create-multi
 Where we can create coins for a number of as many users as we want excepted for our self.
 Furthermore we must sign the transactions we created. Normally after clicking on the left button (Transaktion abschließen) we should be automatically forwarded to http://$community_domain/account/checkTransactions where we can do this.
 If not this page can also be reached by clicking on the shield-icon with the hook in it on the Dashboard, which is only shown if at least one transaction is waiting for signing. 
 For debug purposes you can check the `pending_tasks` table, which is used to store the transactions which are not signed yet or had errors.
--- a/docu/graphics/gradido_admin.png
+++ b/docu/graphics/gradido_admin.png
--- a/docu/graphics/userdetails.png
+++ b/docu/graphics/userdetails.png
--- a/docu/presentation/adminarea-old-new.pdf
+++ b/docu/presentation/adminarea-old-new.pdf
--- a/frontend/jest.config.js
+++ b/frontend/jest.config.js
@ -9,8 +9,9 @@ module.exports = {
  ],
  // coverageReporters: ['lcov', 'text'],
  moduleNameMapper: {
    '^@/(.*)$': '<rootDir>/src/$1',
    '\\.(css|less)$': 'identity-obj-proxy',
    '\\.(scss)$': '<rootDir>/src/assets/mocks/styleMock.js',
    '^@/(.*)$': '<rootDir>/src/$1',
  },
  transform: {
    '^.+\\.vue$': 'vue-jest',
--- a/frontend/src/assets/mocks/styleMock.js
+++ b/frontend/src/assets/mocks/styleMock.js
@ -0,0 +1 @@
 module.exports = {}
--- a/Show More
+++ b/Show More
		`@ -1,6 +0,0 @@`
			INSERT INTO `groups` (`id`, `alias`, `name`, `url`, `host`, `home`, `description`) VALUES
			`(1, 'docker', 'docker gradido group', 'localhost', 'nginx', '/', 'gradido test group for docker and stage2 with blockchain db');`
		`@ -0,0 +1 @@`
							`export { LoginElopageBuys } from './0003-login_server_tables/LoginElopageBuys'`
		`@ -0,0 +1 @@`
							`export { LoginEmailOptIn } from './0003-login_server_tables/LoginEmailOptIn'`
		`@ -0,0 +1 @@`
							`export { LoginUser } from './0003-login_server_tables/LoginUser'`
		`@ -0,0 +1 @@`
							`export { LoginUserBackup } from './0003-login_server_tables/LoginUserBackup'`