From 5fd5795f39125daf422d055631a5c04af24c3fbd Mon Sep 17 00:00:00 2001
From: Daksh Miglani <hello@dak.sh>
Date: Mon, 7 Jan 2019 12:48:47 +0530
Subject: [PATCH] fix jwt strategy

---
 src/jwt/strategy.js | 31 +++++++++++++++++++++----------
 src/server.js       |  2 +-
 2 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/src/jwt/strategy.js b/src/jwt/strategy.js
index 0807c3fd1..e2dccc91f 100644
--- a/src/jwt/strategy.js
+++ b/src/jwt/strategy.js
@@ -1,4 +1,5 @@
 import { Strategy } from 'passport-jwt'
+import { fixUrl } from '../middleware/fixImageUrlsMiddleware'
 
 const cookieExtractor = (req) => {
   var token = null
@@ -8,7 +9,7 @@ const cookieExtractor = (req) => {
   return token
 }
 
-export default () => {
+export default (driver) => {
   const options = {
     jwtFromRequest: cookieExtractor,
     secretOrKey: process.env.JWT_SECRET,
@@ -17,16 +18,26 @@ export default () => {
   }
 
   return new Strategy(options,
-    (JWTPayload, next) => {
-      // usually this would be a database call:
-      // var user = users[_.findIndex(users, {id: JWTPayload.id})]
-      // TODO: fix https://github.com/Human-Connection/Nitro-Backend/issues/41
-      /* eslint-disable */
-      if (true) {
-      /* eslint-enable */
-        next(null, {})
+    async (JWTPayload, next) => {
+      const session = driver.session();
+      const result = await session.run(
+        'MATCH (user:User {id: $userId}) ' +
+        'RETURN user {.id, .slug, .name, .avatar, .email, .password, .role} as user LIMIT 1',
+        {
+          id: JWTPayload.id
+        }
+      );
+      session.close();
+      const [currentUser] = await result.records.map((record) => {
+        return record.get("user");
+      });
+
+      if (currentUser) {
+        delete currentUser.password;
+        currentUser.avatar = fixUrl(currentUser.avatar)
+        return next(null, currentUser);
       } else {
-        next(null, false)
+        return next(null, false);
       }
     })
 }
diff --git a/src/server.js b/src/server.js
index 3b0e0a561..860a4f8c4 100644
--- a/src/server.js
+++ b/src/server.js
@@ -56,7 +56,7 @@ const createServer = (options) => {
   }
   const server = new GraphQLServer(Object.assign({}, defaults, options))
 
-  passport.use('jwt', jwtStrategy())
+  passport.use('jwt', jwtStrategy(driver))
   server.express.use(passport.initialize())
 
   server.express.post('/graphql', passport.authenticate(['jwt'], { session: false }))