Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
async enroll(_, args, context) {
let ip, eligibility, countryCode
if (process.env.NODE_ENV !== 'production') {
ip = '192.168.1.1'
eligibility = 'Eligible'
countryCode = 'NA'
} else {
ip = context.req.headers['x-real-ip']
const locationInfo = await getLocationEligibilityInfo(ip)
eligibility = locationInfo.eligibility
countryCode = locationInfo.countryCode
}
if (eligibility === 'Forbidden') {
logger.warn('Enrollment declined for user in country ', countryCode)
throw new ForbiddenError('Forbidden country')
}
try {
const authToken = await authenticateEnrollment(
context.walletAddress,
args.agreementMessage,
args.fingerprintData,
ip,
countryCode
)
/* Make referral connection after we are sure user provided the correct accountId
*
* Important to keep in mind: We realise making a referral connection inside enroll mutation
* has a downside where a referrer gets the reward only when the referee also enrolls into
* the growth campaign.
async function isUserAuth(userId, ctx) {
const authUser = await getAuthenticatedUser(ctx);
if (authUser.id !== userId) {
throw new ForbiddenError('Unauthorized');
}
return authUser;
}
(parent, args, { me: { role } }) =>
role === 'ADMIN'
? skip
: new ForbiddenError('Not authorized as admin.'),
);
return getAuthenticatedUser(ctx).then((currentUser) => {
if (currentUser.id !== user.id) {
throw new ForbiddenError('Unauthorized');
}
return user.getGroups();
});
},
async (parent, { id }, { models }) => {
const users = await models.User.find({
where: { roleId: id }
});
return !users
? skip :
new ForbiddenError('Unable to delete role. Associations found in User table.')
};
(parent, args, { me: { role } }) => {
return role.name === 'ADMIN'
? skip :
new ForbiddenError('Not authorized as admin.')
}
);
export const isMessageOwnerOrAdmin = async (
parent,
{ id },
{ models, me },
) => {
const message = await models.Message.findById(id, { raw: true });
if (me.role.name === 'ADMIN') {
return skip;
} else if (message.userId !== me.id) {
throw new ForbiddenError('Not authenticated as owner.');
}
return skip;
};
export const isAuthenticated = (parent, args, { me }) =>
me ? skip : new ForbiddenError('Not authenticated as user.');
export async function getAuthUser(connection: any, token: any) {
let userId
try {
userId = jwt.verify(token, getAppKey()).userId
} catch (err) {
throw new ForbiddenError('You are not authorized.')
}
const user = await connection('users').where('id', userId).first()
if (!user) throw new AuthenticationError('Encrypted user does not exist.')
return user
}