Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
async execute(command: RegisterUserCommand): Promise {
Logger.log('Async RegisterUserHandler...', 'RegisterUserCommand');
const { cmd } = command;
try {
const userExist: boolean = await this.userRepository.exist({
'emails.address': cmd.email,
});
if (userExist) {
throw new AuthenticationError('User with this authentication method already exist');
}
// @ts-ignore
const user: UserEntity = {
firstname: cmd.firstname,
lastname: cmd.lastname,
emails: [{
address: cmd.email,
primary: true,
verified: false,
verificationCode: generateVerificationCode(6, { type: 'number' }),
}],
roles: ['member'],
services: {
password: {
hashed: cmd.password,
token,
);
} catch (e) {
// It might be a legacy token, so continue on.
logger.debug(`Keycloak token auth failed: ${e.message}`);
}
try {
if (!credentials) {
credentials = await getCredentialsForLegacyToken(
getSqlClient(),
token,
);
}
} catch (e) {
throw new AuthenticationError(e.message);
}
// Add credentials to context.
return { credentials };
},
},
export const ensureLoggedIn = req => {
if (!loggedIn(req)) {
throw new AuthenticationError('You must be logged in.');
}
};
addBook: (root, args, { auth }) => {
if (auth) {
return addBook(args);
}
throw new AuthenticationError("Please signing again.");
},
dev_addBook: (root, args) => addBook(args)
export const validatePassword = password => {
if (typeof password !== 'string')
throw new AuthenticationError('Invalid password');
const hasLength = password.length >= 8;
if (!hasLength)
throw new AuthenticationError('Password must be at least 8 charactors');
const hasUpperCase = password.match(/[A-Z]/g);
if (!hasUpperCase)
throw new AuthenticationError('Password must contain an uppercase letter');
const hasLowerCase = password.match(/[a-z]/g);
if (!hasLowerCase)
throw new AuthenticationError('Password must contain a lowercase letter');
const hasNumber = password.match(/[0-9]/g);
if (!hasNumber)
throw new AuthenticationError('Password must contain a number');
};
export const validateEmail = email => {
if (typeof email !== 'string')
throw new AuthenticationError('Invalid email address');
const isvalid = isEmail.validate(email);
if (!isvalid)
throw new AuthenticationError('Please provide a valid email address');
};
> = async (workspace, args, context) => {
const { id: channelGlobalId } = args;
const channelId = Number.parseInt(channelGlobalId, 10);
if (!isViewerAuthenticated(context)) {
throw new AuthenticationError('unauthenticated');
}
const channel = await channels.getChannelById(channelId);
if (!channel) {
throw new NotFoundError('channel not found');
}
if (!channels.canSeeChannel(context.viewer, channel)) {
throw new ForbiddenError('forbidden');
}
return channel;
};
export const resolveViewer: Resolver = (root, args, { viewer }) => {
if (!viewer) {
throw new AuthenticationError('viewer not authenticated');
}
return viewer;
};
const getMe = async req => {
const token = req.headers['x-token'];
if (token) {
try {
return await jwt.verify(token, process.env.SECRET);
} catch (e) {
throw new AuthenticationError(
'Your session expired. Sign in again.',
);
}
}
};
export const validateResetTokenExpiry = resetTokenExpiry => {
const isTokenExpired = Date.now() > resetTokenExpiry;
if (isTokenExpired)
throw new AuthenticationError(
'Your reset request has expired. Please submit a new one.'
);
};