Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
.catch((e) => {throw new ApolloError(`Error nesting listActions: ${e.code} - ${e.message}`, 'knexnest_error')})
)
export const generateError = (e: any,statusCode: Number = 404) => {
return new ApolloError(e.message);
}
context: (graphqlCall) => __awaiter(this, void 0, void 0, function* () {
let parsed = gql `
${graphqlCall.req.body.query}
`;
let queryName = get(parsed, "definitions[0].selectionSet.selections[0].name.value", "");
let authorization = yield validateAccessToken_1.default(graphqlCall);
let user = get(authorization, "user");
let permissions = yield listUserPermissions_1.default({
[primaryKey_1.default]: get(user, primaryKey_1.default)
});
let isAllowed = queryName == "__schema" ? true : yield isActionAllowed_1.default(permissions, queryName);
if (!isAllowed) {
throw new ApolloError("You are not allowed to do this action", 401, {});
}
return {
authorization: authorization,
permissions: permissions
};
})
});
refreshToken: async (_: any, args: any, g: any) => {
try {
let user = await userModel.findOne({
refreshToken: get(args, "input.refreshToken", "")
});
if (!user) {
throw new ApolloError("Refresh Token is Incorrect, please login again.", statusCodes.BAD_REQUEST.number);
}
let token = await createJwtToken({
email: user.email,
for: "authentication"
});
await user.update({
accessToken: token
});
user.statusCode = statusCodes.OK.type;
user.statusCodeNumber = statusCodes.OK.number;
user.successMessageType = "Success";
user.successMessage = "Access token refreshed";
return user;
} catch (e) {
throw internalServerError(e);
export const refreshTokenHandler = async function(obj) {
const { userModel, data } = obj;
const { refreshToken } = data;
let user = await userModel.findOneByArgs({ refreshToken: refreshToken });
if (!user.instance) {
throw new ApolloError("Unauthorized, Missing refresh token.");
}
user = await user.update({
accessToken: await createJwtToken({
email: user.instance.email,
for: "authentication"
}),
refreshToken: await createJwtToken({
email: user.instance.email,
for: "authentication"
})
});
return user.instance;
};
[`view${moduleName}`]: (_, args, context, info) => __awaiter(this, void 0, void 0, function* () {
let requestedFields = getRequestedFieldsFromResolverInfo_1.default(info);
let v = yield validate_1.default(validations.view, args);
let { success } = v;
if (!success) {
return new ApolloError("Validation error", statusCodes_1.default.BAD_REQUEST.number, { list: v.errors });
}
try {
let view = yield model.view(args, requestedFields);
if (!view) {
return new ApolloError(`${moduleName} not found`, statusCodes_1.default.NOT_FOUND.number);
}
logger_1.default.info(`View ${moduleName}`, {
[primaryKey_1.default]: view[primaryKey_1.default]
});
return view;
}
catch (e) {
throw internalServerError_1.default(e);
}
})
},
login: (_, args, g) => __awaiter(this, void 0, void 0, function* () {
let v = yield validate_1.default(validations_1.default.login, args.input);
let { success } = v;
if (!success) {
throw new ApolloError("Validation error", statusCodes_1.default.BAD_REQUEST.number, { list: v.errors });
}
try {
let { email, password } = args.input;
let user = yield userModel.findOne({ email: email });
let findEmail = get(user, "email", null);
if (!user) {
throw new ApolloError("No User found with such email", statusCodes_1.default.NOT_FOUND.number);
}
let comparePassword = bcrypt.compareSync(password, user.password);
if (!comparePassword) {
throw new ApolloError("Incorrect Password", statusCodes_1.default.BAD_REQUEST.number);
}
let token = yield createJwtToken_1.default({
email: email,
for: "authentication"
});
loginWithAccessToken: (_, args, g) => __awaiter(this, void 0, void 0, function* () {
let v = yield validate_1.default(validations_1.default.loginWithAccessToken, args.input);
if (!v.success) {
throw new ApolloError("Validation error", statusCodes_1.default.BAD_REQUEST.number, { list: v.errors });
}
try {
let user = yield userModel.findOne({
accessToken: args.input.accessToken
});
if (!user) {
throw new ApolloError("Incorrect Access Token", statusCodes_1.default.NOT_FOUND.number);
}
if (isTokenExpired_1.default(user.accessToken)) {
yield user.update({
accessToken: yield createJwtToken_1.default({
email: user.email,
for: "authentication"
})
});
}
return user;
}
catch (e) {
throw internalServerError_1.default(e);
}
}),
twoFactorLogin: (_, args, g) => __awaiter(this, void 0, void 0, function* () {
signup: async (_: any, args: any, g: any) => {
try {
let { email, password, confirmPassword } = args.input;
let user = await userModel.findOne({
email: email
});
if (user) throw new ApolloError("Email is already used", statusCodes.BAD_REQUEST.number);
var hash = bcrypt.hashSync(password);
let newUser = await userModel.create({
email: email,
referer: get(args.input, "referer", ""),
superUser: false,
name: get(args.input, "name", ""),
accessToken: await createJwtToken({
email: email,
for: "authentication"
}),
refreshToken: await createJwtToken({
email: email,
for: "refreshToken"
}),
isActivated: false,
isSuperUser: get(args.input, "isSuperUser", false),
twoFactorLoginValidate: (_, args, g) => __awaiter(this, void 0, void 0, function* () {
let v = yield validate_1.default(validations_1.default.twoFactorLoginValidate, args.input);
let { success } = v;
if (!success) {
throw new ApolloError("Validation error", statusCodes_1.default.BAD_REQUEST.number, { list: v.errors });
}
try {
let user = yield userModel.findOne({
twoFactorCode: args.input.twoFactorCode
});
if (!user) {
throw new ApolloError("User Not found", statusCodes_1.default.NOT_FOUND.number);
}
let token = yield createJwtToken_1.default({
email: user.email,
for: "authentication"
});
yield user.update({
accessToken: token,
twoFactorCode: ""
});
user.accessToken = token;
user.successMessage = "Success";
user.successMessageType = "You are successfully logged in";
user.statusCode = statusCodes_1.default.OK.type;
user.statusCodeNumber = statusCodes_1.default.OK.number;
return user;
}