npm - @axiumine/koa-utils - Versions diffs - 3.7.3 - Mend

@axiumine/koa-utils 3.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (524) hide show

package/dist/graphQL/schema/mutations/emailChangeHashVerify.mjs ADDED Viewed

@@ -0,0 +1,94 @@
+import { SocketLabsLib } from "../../../email/SocketLabsLib.mjs";
+import { StringLib } from "../../../lib/StringLib.mjs";
+import { UserBase } from "../../models/MongoDB/UserBase.mjs";
+import confirmNewEmail from "../../../private/lib/access/db/confirmNewEmail.mjs";
+import { incReqTimes } from "../../../private/lib/access/db/incReqTimes.mjs";
+import { throwInternalError } from "../../throw/throwInternalError.mjs";
+import { GraphQLBoolean, GraphQLNonNull, GraphQLString } from 'graphql';
+/**
+ * Change email - Verify match between email and hash
+ */
+export const emailChangeHashVerify = {
+    description: 'Change email - Verify match between email and hash',
+    type: new GraphQLNonNull(GraphQLBoolean),
+    args: {
+        email: { type: new GraphQLNonNull(GraphQLString) },
+        hash: { type: new GraphQLNonNull(GraphQLString) }
+    },
+    async resolve(_, args) {
+        const { email, hash } = args;
+        const uEmail = email.toLowerCase();
+        // search if the email exists
+        const user = await UserBase.findOne({ 'account.email.newEmailTmp': uEmail })
+            .select('_id account.email.hash account.email.dateLastReq account.deleted account.disabled')
+            .lean();
+        // if email not found, return
+        if (user === null) {
+            // <- not found or wrong, do not say to the user the real problem !
+            console.debug('email NON trovata ', uEmail);
+            return false; // @fixme throw
+        }
+        console.debug('email trovata');
+        const SocketLabsObj = new SocketLabsLib();
+        const StrLibObj = new StringLib();
+        console.debug('comparo hash ');
+        const accountEmail = user.account.email;
+        if (hash === accountEmail.hash) {
+            if (typeof accountEmail.dateLastReq === 'undefined') {
+                // @fixme sentry 'dateLastReq è undefined'
+                throw throwInternalError();
+            }
+            console.debug('hash link di attivazione è valido');
+            /****************************************************
+             * if dateLastReq too old then 3 days send email
+             */
+            const now = new Date();
+            const day3ago = new Date(now.setDate(now.getDate() - 3));
+            const tsReq = StrLibObj.isoToTimestamp(accountEmail.dateLastReq);
+            const ts3DayAgo = StrLibObj.isoToTimestamp(day3ago);
+            if (ts3DayAgo > tsReq) {
+                // dateLastReq too old then 3 days
+                console.debug('but link is too old');
+                // noinspection ES6MissingAwait
+                SocketLabsObj.hashReqTooOld(uEmail);
+                return false;
+            }
+            // account is deleted -> maybe by admin for any reason
+            else if (user.account.deleted) {
+                return false;
+            }
+            // if account is disabled, for any reason
+            else if (user.account.disabled) {
+                // noinspection ES6MissingAwait
+                SocketLabsObj.accountDisabled(uEmail);
+                return false;
+            }
+            else {
+                // valid request. is this email free ?
+                // nel frattempo si è registrato qualche utente con questo indirizzo email ??
+                const qty = await UserBase.countDocuments({ 'login.email': uEmail });
+                if (qty === 0) {
+                    // accept new email
+                    await confirmNewEmail(user._id, uEmail);
+                    return true;
+                }
+                else {
+                    return false;
+                }
+            }
+        }
+        else {
+            // hash failed
+            console.debug('HASH FAILED');
+            const requestTimes = accountEmail.requestTimes;
+            if (typeof requestTimes === 'undefined') {
+                throw throwInternalError();
+            }
+            await incReqTimes(user._id);
+            // noinspection ES6MissingAwait
+            SocketLabsObj.wrongHash(uEmail, requestTimes);
+            return false;
+        }
+    }
+};
+//# sourceMappingURL=emailChangeHashVerify.mjs.map

package/dist/graphQL/schema/mutations/emailChangeHashVerify.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"emailChangeHashVerify.mjs","sourceRoot":"","sources":["../../../../../src/graphQL/schema/mutations/emailChangeHashVerify.mts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,yCAAgC;AACxD,OAAO,EAAE,SAAS,EAAE,mCAA0B;AAC9C,OAAO,EAAE,QAAQ,EAAE,0CAAoC;AACvD,OAAO,eAAe,2DAAkD;AACxE,OAAO,EAAE,WAAW,EAAE,uDAA8C;AACpE,OAAO,EAAE,kBAAkB,EAAE,2CAAqC;AAClE,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAOvE;;GAEG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACpC,WAAW,EAAE,oDAAoD;IACjE,IAAI,EAAE,IAAI,cAAc,CAAC,cAAc,CAAC;IACxC,IAAI,EAAE;QACL,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,cAAc,CAAC,aAAa,CAAC,EAAE;QAClD,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,cAAc,CAAC,aAAa,CAAC,EAAE;KACjD;IACD,KAAK,CAAC,OAAO,CAAC,CAAU,EAAE,IAAW;QACpC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,IAAI,CAAA;QAC5B,MAAM,MAAM,GAAG,KAAK,CAAC,WAAW,EAAE,CAAA;QAElC,6BAA6B;QAC7B,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,EAAE,2BAA2B,EAAE,MAAM,EAAE,CAAC;aAC1E,MAAM,CACN,mFAAmF,CACnF;aACA,IAAI,EAAE,CAAA;QAER,6BAA6B;QAC7B,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;YACnB,mEAAmE;YACnE,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAA;YAE3C,OAAO,KAAK,CAAA,CAAC,eAAe;QAC7B,CAAC;QACD,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;QAE9B,MAAM,aAAa,GAAG,IAAI,aAAa,EAAE,CAAA;QACzC,MAAM,SAAS,GAAG,IAAI,SAAS,EAAE,CAAA;QAEjC,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;QAC9B,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAA;QACvC,IAAI,IAAI,KAAK,YAAY,CAAC,IAAI,EAAE,CAAC;YAChC,IAAI,OAAO,YAAY,CAAC,WAAW,KAAK,WAAW,EAAE,CAAC;gBACrD,0CAA0C;gBAC1C,MAAM,kBAAkB,EAAE,CAAA;YAC3B,CAAC;YAED,OAAO,CAAC,KAAK,CAAC,mCAAmC,CAAC,CAAA;YAClD;;eAEG;YAEH,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAA;YACtB,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAA;YACxD,MAAM,KAAK,GAAG,SAAS,CAAC,cAAc,CAAC,YAAY,CAAC,WAAW,CAAC,CAAA;YAChE,MAAM,SAAS,GAAG,SAAS,CAAC,cAAc,CAAC,OAAO,CAAC,CAAA;YAEnD,IAAI,SAAS,GAAG,KAAK,EAAE,CAAC;gBACvB,kCAAkC;gBAClC,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAA;gBAEpC,+BAA+B;gBAC/B,aAAa,CAAC,aAAa,CAAC,MAAM,CAAC,CAAA;gBACnC,OAAO,KAAK,CAAA;YACb,CAAC;YAED,sDAAsD;iBACjD,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;gBAC/B,OAAO,KAAK,CAAA;YACb,CAAC;YACD,yCAAyC;iBACpC,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;gBAChC,+BAA+B;gBAC/B,aAAa,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;gBACrC,OAAO,KAAK,CAAA;YACb,CAAC;iBAAM,CAAC;gBACP,sCAAsC;gBAEtC,6EAA6E;gBAC7E,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,cAAc,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAA;gBAEpE,IAAI,GAAG,KAAK,CAAC,EAAE,CAAC;oBACf,mBAAmB;oBACnB,MAAM,eAAe,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;oBACvC,OAAO,IAAI,CAAA;gBACZ,CAAC;qBAAM,CAAC;oBACP,OAAO,KAAK,CAAA;gBACb,CAAC;YACF,CAAC;QACF,CAAC;aAAM,CAAC;YACP,cAAc;YACd,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;YAE5B,MAAM,YAAY,GAAG,YAAY,CAAC,YAAY,CAAA;YAC9C,IAAI,OAAO,YAAY,KAAK,WAAW,EAAE,CAAC;gBACzC,MAAM,kBAAkB,EAAE,CAAA;YAC3B,CAAC;YAED,MAAM,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAC3B,+BAA+B;YAC/B,aAAa,CAAC,SAAS,CAAC,MAAM,EAAE,YAAY,CAAC,CAAA;YAC7C,OAAO,KAAK,CAAA;QACb,CAAC;IACF,CAAC;CACD,CAAA"}

package/dist/graphQL/schema/mutations/login4Ever.d.mts ADDED Viewed

@@ -0,0 +1,22 @@
+import { IContextLogin } from "../context/IContextLogin.mjs";
+import { GraphQLNonNull } from 'graphql';
+interface IArgs {
+    email: string;
+    password: string;
+}
+export declare const login4Ever: {
+    description: string;
+    type: GraphQLNonNull<import("graphql").GraphQLObjectType<any, any>>;
+    args: {
+        email: {
+            type: GraphQLNonNull<import("graphql").GraphQLScalarType<string, string>>;
+        };
+        password: {
+            type: GraphQLNonNull<import("graphql").GraphQLScalarType<string, string>>;
+        };
+    };
+    resolve(_: unknown, args: IArgs, ctx: IContextLogin): Promise<{
+        accessToken: string;
+    }>;
+};
+export {};

package/dist/graphQL/schema/mutations/login4Ever.mjs ADDED Viewed

@@ -0,0 +1,60 @@
+import { checkEmailLen } from "../../../lib/checkEmailLen.mjs";
+import { checkPwdLen } from "../../../lib/checkPwdLen.mjs";
+import { setLoginCookies } from "../../../lib/setLoginCookies.mjs";
+import { accessTokenExpiry, generateAccessToken, generateRefreshToken } from "../../../lib/tokens.mjs";
+import { tryCatchRethrow } from "../../../lib/tryCatchRethrow.mjs";
+import { checkUserLoginAuthorization } from "../../../private/graphQL/schema/mutations/checkUserLoginAuthorization.mjs";
+import { setRedisLoginSession } from "../../../private/graphQL/schema/mutations/setRedisLoginSession.mjs";
+import { updateLoginStats4ever } from "../../../private/graphQL/schema/mutations/updateLoginStats4ever.mjs";
+import * as Sentry from '@sentry/node';
+import { LoginType } from "../types/LoginType.mjs";
+import { GraphQLNonNull, GraphQLString } from 'graphql';
+import mongoose from 'mongoose';
+export const login4Ever = {
+    description: 'login in platform WITHOUT remember me flag',
+    type: new GraphQLNonNull(LoginType),
+    args: {
+        email: { type: new GraphQLNonNull(GraphQLString) },
+        password: { type: new GraphQLNonNull(GraphQLString) }
+    },
+    async resolve(_, args, ctx) {
+        const { email, password } = args;
+        //console.debug('[login4Ever]')
+        const uEmail = email.toLowerCase().trim();
+        checkEmailLen(uEmail);
+        checkPwdLen(password);
+        //console.debug('[login4Ever] data ok')
+        let accessToken = '';
+        const session = await mongoose.startSession();
+        try {
+            await session.withTransaction(async () => {
+                // search if the email exists
+                const user = await checkUserLoginAuthorization(uEmail, password, session);
+                //console.debug('[login4Ever] auth ok')
+                // pwd valid
+                const uId = user.userId;
+                await updateLoginStats4ever(uId, user.lastLogin, session);
+                //console.debug('[login4Ever] update ok')
+                // console.debug('[login] lastlogin ok')
+                accessToken = generateAccessToken();
+                const refreshToken = generateRefreshToken();
+                const accTokenExp = accessTokenExpiry();
+                await setRedisLoginSession(uId, accessToken, accTokenExp, refreshToken);
+                //console.debug('[login4Ever] redis ok')
+                setLoginCookies(ctx, refreshToken);
+                //console.debug('[login4Ever] login cookie ok')
+            });
+        }
+        catch (e) {
+            accessToken = '';
+            Sentry.captureException(e);
+            tryCatchRethrow(e);
+        }
+        finally {
+            await session.endSession();
+        }
+        //console.debug('[login4Ever] return accessToken', accessToken)
+        return { accessToken };
+    }
+};
+//# sourceMappingURL=login4Ever.mjs.map

package/dist/graphQL/schema/mutations/login4Ever.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"login4Ever.mjs","sourceRoot":"","sources":["../../../../../src/graphQL/schema/mutations/login4Ever.mts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,uCAA8B;AACtD,OAAO,EAAE,WAAW,EAAE,qCAA4B;AAClD,OAAO,EAAE,eAAe,EAAE,yCAAgC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,gCAAuB;AAC9F,OAAO,EAAE,eAAe,EAAE,yCAAgC;AAC1D,OAAO,EAAE,2BAA2B,EAAE,kFAAyE;AAC/G,OAAO,EAAE,oBAAoB,EAAE,2EAAkE;AACjG,OAAO,EAAE,qBAAqB,EAAE,4EAAmE;AACnG,OAAO,KAAK,MAAM,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,SAAS,EAAE,+BAA6B;AACjD,OAAO,EAAgB,cAAc,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AACrE,OAAO,QAAQ,MAAM,UAAU,CAAA;AAO/B,MAAM,CAAC,MAAM,UAAU,GAAG;IACzB,WAAW,EAAE,4CAA4C;IACzD,IAAI,EAAE,IAAI,cAAc,CAAC,SAAS,CAAC;IACnC,IAAI,EAAE;QACL,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,cAAc,CAAC,aAAa,CAAC,EAAE;QAClD,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,cAAc,CAAC,aAAa,CAAC,EAAE;KACrD;IACD,KAAK,CAAC,OAAO,CAAC,CAAU,EAAE,IAAW,EAAE,GAAkB;QACxD,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAA;QAEhC,+BAA+B;QAE/B,MAAM,MAAM,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAA;QACzC,aAAa,CAAC,MAAM,CAAC,CAAA;QACrB,WAAW,CAAC,QAAQ,CAAC,CAAA;QACrB,uCAAuC;QAEvC,IAAI,WAAW,GAAG,EAAE,CAAA;QAEpB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,CAAA;QAC7C,IAAI,CAAC;YACJ,MAAM,OAAO,CAAC,eAAe,CAAC,KAAK,IAAI,EAAE;gBACxC,6BAA6B;gBAC7B,MAAM,IAAI,GAAG,MAAM,2BAA2B,CAC7C,MAAM,EACN,QAAQ,EACR,OAAO,CACP,CAAA;gBACD,uCAAuC;gBAEvC,YAAY;gBACZ,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAA;gBACvB,MAAM,qBAAqB,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;gBACzD,yCAAyC;gBACzC,wCAAwC;gBAExC,WAAW,GAAG,mBAAmB,EAAE,CAAA;gBACnC,MAAM,YAAY,GAAG,oBAAoB,EAAE,CAAA;gBAC3C,MAAM,WAAW,GAAG,iBAAiB,EAAE,CAAA;gBAEvC,MAAM,oBAAoB,CAAC,GAAG,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,CAAC,CAAA;gBACvE,wCAAwC;gBACxC,eAAe,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;gBAClC,+CAA+C;YAChD,CAAC,CAAC,CAAA;QACH,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACrB,WAAW,GAAG,EAAE,CAAA;YAChB,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAA;YAC1B,eAAe,CAAC,CAAyB,CAAC,CAAA;QAC3C,CAAC;gBAAS,CAAC;YACV,MAAM,OAAO,CAAC,UAAU,EAAE,CAAA;QAC3B,CAAC;QACD,+DAA+D;QAC/D,OAAO,EAAE,WAAW,EAAE,CAAA;IACvB,CAAC;CACD,CAAA"}

package/dist/graphQL/schema/mutations/loginAdmin.d.mts ADDED Viewed

@@ -0,0 +1,29 @@
+import { IContextLogin } from "../context/IContextLogin.mjs";
+import { GraphQLNonNull } from 'graphql';
+interface IArgs {
+    email: string;
+    password: string;
+    rememberMe: boolean;
+}
+/**
+ *
+ */
+export declare const loginAdmin: {
+    description: string;
+    type: GraphQLNonNull<import("graphql").GraphQLObjectType<any, any>>;
+    args: {
+        email: {
+            type: GraphQLNonNull<import("graphql").GraphQLScalarType<string, string>>;
+        };
+        password: {
+            type: GraphQLNonNull<import("graphql").GraphQLScalarType<string, string>>;
+        };
+        rememberMe: {
+            type: GraphQLNonNull<import("graphql").GraphQLScalarType<boolean, boolean>>;
+        };
+    };
+    resolve(_: unknown, args: IArgs, ctx: IContextLogin): Promise<{
+        accessToken: string;
+    }>;
+};
+export {};

package/dist/graphQL/schema/mutations/loginAdmin.mjs ADDED Viewed

@@ -0,0 +1,59 @@
+import { checkEmailLen } from "../../../lib/checkEmailLen.mjs";
+import { checkPwdLen } from "../../../lib/checkPwdLen.mjs";
+import { setLoginCookies } from "../../../lib/setLoginCookies.mjs";
+import { accessTokenExpiry, generateAccessToken, generateRefreshToken } from "../../../lib/tokens.mjs";
+import { tryCatchRethrow } from "../../../lib/tryCatchRethrow.mjs";
+import { checkUserAdminLoginAuthorization } from "../../../private/graphQL/schema/mutations/checkUserAdminLoginAuthorization.mjs";
+import { setRedisLoginSession } from "../../../private/graphQL/schema/mutations/setRedisLoginSession.mjs";
+import { updateAdminLoginStats } from "../../../private/graphQL/schema/mutations/updateAdminLoginStats.mjs";
+import * as Sentry from '@sentry/node';
+import { LoginType } from "../types/LoginType.mjs";
+import { GraphQLBoolean, GraphQLNonNull, GraphQLString } from 'graphql';
+import mongoose from 'mongoose';
+/**
+ *
+ */
+export const loginAdmin = {
+    description: 'login admin in platform',
+    type: new GraphQLNonNull(LoginType),
+    args: {
+        email: { type: new GraphQLNonNull(GraphQLString) },
+        password: { type: new GraphQLNonNull(GraphQLString) },
+        rememberMe: { type: new GraphQLNonNull(GraphQLBoolean) }
+    },
+    async resolve(_, args, ctx) {
+        const { email, password, rememberMe } = args;
+        const uEmail = email.toLowerCase().trim();
+        checkEmailLen(uEmail);
+        checkPwdLen(password);
+        let accessToken = '';
+        const session = await mongoose.startSession();
+        try {
+            await session.withTransaction(async () => {
+                // search if the email exists
+                const user = await checkUserAdminLoginAuthorization(uEmail, password, session);
+                // pwd valid
+                const uId = user.userId;
+                await updateAdminLoginStats(uId, user.lastLogin, rememberMe, session);
+                // console.debug('[login] lastlogin ok')
+                accessToken = generateAccessToken();
+                const refreshToken = generateRefreshToken();
+                const accTokenExp = accessTokenExpiry();
+                await setRedisLoginSession(uId, accessToken, accTokenExp, refreshToken);
+                setLoginCookies(ctx, refreshToken);
+            });
+        }
+        catch (e) {
+            accessToken = '';
+            Sentry.captureException(e);
+            tryCatchRethrow(e);
+        }
+        finally {
+            await session.endSession();
+        }
+        return {
+            accessToken
+        };
+    }
+};
+//# sourceMappingURL=loginAdmin.mjs.map

package/dist/graphQL/schema/mutations/loginAdmin.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"loginAdmin.mjs","sourceRoot":"","sources":["../../../../../src/graphQL/schema/mutations/loginAdmin.mts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,uCAA8B;AACtD,OAAO,EAAE,WAAW,EAAE,qCAA4B;AAClD,OAAO,EAAE,eAAe,EAAE,yCAAgC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,gCAAuB;AAC9F,OAAO,EAAE,eAAe,EAAE,yCAAgC;AAC1D,OAAO,EACN,gCAAgC,EAChC,uFAA8E;AAC/E,OAAO,EAAE,oBAAoB,EAAE,2EAAkE;AACjG,OAAO,EAAE,qBAAqB,EAAE,4EAAmE;AACnG,OAAO,KAAK,MAAM,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,SAAS,EAAE,+BAA6B;AACjD,OAAO,EAAE,cAAc,EAAgB,cAAc,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AACrF,OAAO,QAAQ,MAAM,UAAU,CAAA;AAQ/B;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG;IACzB,WAAW,EAAE,yBAAyB;IACtC,IAAI,EAAE,IAAI,cAAc,CAAC,SAAS,CAAC;IACnC,IAAI,EAAE;QACL,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,cAAc,CAAC,aAAa,CAAC,EAAE;QAClD,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,cAAc,CAAC,aAAa,CAAC,EAAE;QACrD,UAAU,EAAE,EAAE,IAAI,EAAE,IAAI,cAAc,CAAC,cAAc,CAAC,EAAE;KACxD;IACD,KAAK,CAAC,OAAO,CAAC,CAAU,EAAE,IAAW,EAAE,GAAkB;QACxD,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;QAE5C,MAAM,MAAM,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAA;QACzC,aAAa,CAAC,MAAM,CAAC,CAAA;QACrB,WAAW,CAAC,QAAQ,CAAC,CAAA;QAErB,IAAI,WAAW,GAAG,EAAE,CAAA;QAEpB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,CAAA;QAC7C,IAAI,CAAC;YACJ,MAAM,OAAO,CAAC,eAAe,CAAC,KAAK,IAAI,EAAE;gBACxC,6BAA6B;gBAC7B,MAAM,IAAI,GAAG,MAAM,gCAAgC,CAClD,MAAM,EACN,QAAQ,EACR,OAAO,CACP,CAAA;gBACD,YAAY;gBACZ,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAA;gBACvB,MAAM,qBAAqB,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;gBACrE,wCAAwC;gBAExC,WAAW,GAAG,mBAAmB,EAAE,CAAA;gBACnC,MAAM,YAAY,GAAG,oBAAoB,EAAE,CAAA;gBAC3C,MAAM,WAAW,GAAG,iBAAiB,EAAE,CAAA;gBAEvC,MAAM,oBAAoB,CAAC,GAAG,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,CAAC,CAAA;gBACvE,eAAe,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;YACnC,CAAC,CAAC,CAAA;QACH,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACrB,WAAW,GAAG,EAAE,CAAA;YAChB,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAA;YAC1B,eAAe,CAAC,CAAyB,CAAC,CAAA;QAC3C,CAAC;gBAAS,CAAC;YACV,MAAM,OAAO,CAAC,UAAU,EAAE,CAAA;QAC3B,CAAC;QAED,OAAO;YACN,WAAW;SACX,CAAA;IACF,CAAC;CACD,CAAA"}

package/dist/graphQL/schema/mutations/loginRememberme.d.mts ADDED Viewed

@@ -0,0 +1,26 @@
+import { IContextLogin } from "../context/IContextLogin.mjs";
+import { GraphQLNonNull } from 'graphql';
+interface IArgs {
+    email: string;
+    password: string;
+    rememberMe: boolean;
+}
+export declare const loginRememberme: {
+    description: string;
+    type: GraphQLNonNull<import("graphql").GraphQLObjectType<any, any>>;
+    args: {
+        email: {
+            type: GraphQLNonNull<import("graphql").GraphQLScalarType<string, string>>;
+        };
+        password: {
+            type: GraphQLNonNull<import("graphql").GraphQLScalarType<string, string>>;
+        };
+        rememberMe: {
+            type: GraphQLNonNull<import("graphql").GraphQLScalarType<boolean, boolean>>;
+        };
+    };
+    resolve(_: unknown, args: IArgs, ctx: IContextLogin): Promise<{
+        accessToken: string;
+    }>;
+};
+export {};

package/dist/graphQL/schema/mutations/loginRememberme.mjs ADDED Viewed

@@ -0,0 +1,54 @@
+import { checkEmailLen } from "../../../lib/checkEmailLen.mjs";
+import { checkPwdLen } from "../../../lib/checkPwdLen.mjs";
+import { setLoginCookies } from "../../../lib/setLoginCookies.mjs";
+import { accessTokenExpiry, generateAccessToken, generateRefreshToken } from "../../../lib/tokens.mjs";
+import { tryCatchRethrow } from "../../../lib/tryCatchRethrow.mjs";
+import { checkUserLoginAuthorization } from "../../../private/graphQL/schema/mutations/checkUserLoginAuthorization.mjs";
+import { setRedisLoginSession } from "../../../private/graphQL/schema/mutations/setRedisLoginSession.mjs";
+import { updateLoginStatsRememberme } from "../../../private/graphQL/schema/mutations/updateLoginStatsRememberme.mjs";
+import * as Sentry from '@sentry/node';
+import { LoginType } from "../types/LoginType.mjs";
+import { GraphQLBoolean, GraphQLNonNull, GraphQLString } from 'graphql';
+import mongoose from 'mongoose';
+export const loginRememberme = {
+    description: 'login in platform with remember me flag',
+    type: new GraphQLNonNull(LoginType),
+    args: {
+        email: { type: new GraphQLNonNull(GraphQLString) },
+        password: { type: new GraphQLNonNull(GraphQLString) },
+        rememberMe: { type: new GraphQLNonNull(GraphQLBoolean) }
+    },
+    async resolve(_, args, ctx) {
+        const { email, password, rememberMe } = args;
+        const uEmail = email.toLowerCase().trim();
+        checkEmailLen(uEmail);
+        checkPwdLen(password);
+        let accessToken = '';
+        const session = await mongoose.startSession();
+        try {
+            await session.withTransaction(async () => {
+                // search if the email exists
+                const user = await checkUserLoginAuthorization(uEmail, password, session);
+                // pwd valid
+                const uId = user.userId;
+                await updateLoginStatsRememberme(uId, user.lastLogin, rememberMe, session);
+                // console.debug('[login] lastlogin ok')
+                accessToken = generateAccessToken();
+                const refreshToken = generateRefreshToken();
+                const accTokenExp = accessTokenExpiry();
+                await setRedisLoginSession(uId, accessToken, accTokenExp, refreshToken);
+                setLoginCookies(ctx, refreshToken);
+            });
+        }
+        catch (e) {
+            accessToken = '';
+            Sentry.captureException(e);
+            tryCatchRethrow(e);
+        }
+        finally {
+            await session.endSession();
+        }
+        return { accessToken };
+    }
+};
+//# sourceMappingURL=loginRememberme.mjs.map

package/dist/graphQL/schema/mutations/loginRememberme.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"loginRememberme.mjs","sourceRoot":"","sources":["../../../../../src/graphQL/schema/mutations/loginRememberme.mts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,uCAA8B;AACtD,OAAO,EAAE,WAAW,EAAE,qCAA4B;AAClD,OAAO,EAAE,eAAe,EAAE,yCAAgC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,gCAAuB;AAC9F,OAAO,EAAE,eAAe,EAAE,yCAAgC;AAC1D,OAAO,EAAE,2BAA2B,EAAE,kFAAyE;AAC/G,OAAO,EAAE,oBAAoB,EAAE,2EAAkE;AACjG,OAAO,EAAE,0BAA0B,EAAE,iFAAwE;AAC7G,OAAO,KAAK,MAAM,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,SAAS,EAAE,+BAA6B;AACjD,OAAO,EAAE,cAAc,EAAgB,cAAc,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AACrF,OAAO,QAAQ,MAAM,UAAU,CAAA;AAQ/B,MAAM,CAAC,MAAM,eAAe,GAAG;IAC9B,WAAW,EAAE,yCAAyC;IACtD,IAAI,EAAE,IAAI,cAAc,CAAC,SAAS,CAAC;IACnC,IAAI,EAAE;QACL,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,cAAc,CAAC,aAAa,CAAC,EAAE;QAClD,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,cAAc,CAAC,aAAa,CAAC,EAAE;QACrD,UAAU,EAAE,EAAE,IAAI,EAAE,IAAI,cAAc,CAAC,cAAc,CAAC,EAAE;KACxD;IACD,KAAK,CAAC,OAAO,CAAC,CAAU,EAAE,IAAW,EAAE,GAAkB;QACxD,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;QAE5C,MAAM,MAAM,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAA;QACzC,aAAa,CAAC,MAAM,CAAC,CAAA;QACrB,WAAW,CAAC,QAAQ,CAAC,CAAA;QAErB,IAAI,WAAW,GAAG,EAAE,CAAA;QAEpB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,CAAA;QAC7C,IAAI,CAAC;YACJ,MAAM,OAAO,CAAC,eAAe,CAAC,KAAK,IAAI,EAAE;gBACxC,6BAA6B;gBAC7B,MAAM,IAAI,GAAG,MAAM,2BAA2B,CAC7C,MAAM,EACN,QAAQ,EACR,OAAO,CACP,CAAA;gBACD,YAAY;gBACZ,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAA;gBACvB,MAAM,0BAA0B,CAAC,GAAG,EAAE,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;gBAC1E,wCAAwC;gBAExC,WAAW,GAAG,mBAAmB,EAAE,CAAA;gBACnC,MAAM,YAAY,GAAG,oBAAoB,EAAE,CAAA;gBAC3C,MAAM,WAAW,GAAG,iBAAiB,EAAE,CAAA;gBAEvC,MAAM,oBAAoB,CAAC,GAAG,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,CAAC,CAAA;gBACvE,eAAe,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;YACnC,CAAC,CAAC,CAAA;QACH,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACrB,WAAW,GAAG,EAAE,CAAA;YAChB,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAA;YAC1B,eAAe,CAAC,CAAyB,CAAC,CAAA;QAC3C,CAAC;gBAAS,CAAC;YACV,MAAM,OAAO,CAAC,UAAU,EAAE,CAAA;QAC3B,CAAC;QAED,OAAO,EAAE,WAAW,EAAE,CAAA;IACvB,CAAC;CACD,CAAA"}

package/dist/graphQL/schema/mutations/logout.d.mts ADDED Viewed

@@ -0,0 +1,7 @@
+import { IContextLogout } from "../context/IContextLogout.mjs";
+import { GraphQLNonNull } from 'graphql';
+export declare const logout: {
+    description: string;
+    type: GraphQLNonNull<import("graphql").GraphQLScalarType<boolean, boolean>>;
+    resolve(_: unknown, {}: {}, ctx: IContextLogout): Promise<boolean>;
+};

package/dist/graphQL/schema/mutations/logout.mjs ADDED Viewed

@@ -0,0 +1,28 @@
+import { redisClient } from "../../../dataSources/Redis.mjs";
+import { refreshTokenOptions } from "../../../lib/tokenOptions.mjs";
+import * as Sentry from '@sentry/node';
+import * as dotenv from 'dotenv';
+import { GraphQLBoolean, GraphQLNonNull } from 'graphql';
+dotenv.config();
+export const logout = {
+    description: 'logout',
+    type: new GraphQLNonNull(GraphQLBoolean),
+    async resolve(_, {}, ctx) {
+        try {
+            // elimina access token usato per fare questa chiamata
+            // e se esiste ancora, anche il refresh token
+            await redisClient.del(`${process.env.REDIS_KEY}refresh:${ctx.state.user.refreshToken}`);
+            if ((ctx.state.user?.accessToken || '') !== '') {
+                await redisClient.del(`${process.env.REDIS_KEY}access:${ctx.state.user.accessToken}`);
+            }
+            // delete cookies
+            ctx.cookies.set('refresh_token', '', refreshTokenOptions);
+        }
+        catch (e) {
+            // ignore errors
+            Sentry.captureException(e);
+        }
+        return true;
+    }
+};
+//# sourceMappingURL=logout.mjs.map

package/dist/graphQL/schema/mutations/logout.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"logout.mjs","sourceRoot":"","sources":["../../../../../src/graphQL/schema/mutations/logout.mts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,uCAA8B;AACpD,OAAO,EAAE,mBAAmB,EAAE,sCAA6B;AAC3D,OAAO,KAAK,MAAM,MAAM,cAAc,CAAA;AACtC,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAA;AAChC,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,SAAS,CAAA;AAExD,MAAM,CAAC,MAAM,EAAE,CAAA;AAEf,MAAM,CAAC,MAAM,MAAM,GAAG;IACrB,WAAW,EAAE,QAAQ;IACrB,IAAI,EAAE,IAAI,cAAc,CAAC,cAAc,CAAC;IACxC,KAAK,CAAC,OAAO,CAAC,CAAU,EAAE,EAAE,EAAE,GAAmB;QAChD,IAAI,CAAC;YACJ,sDAAsD;YACtD,6CAA6C;YAE7C,MAAM,WAAW,CAAC,GAAG,CACpB,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,WAAW,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,CAChE,CAAA;YAED,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,WAAW,IAAI,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC;gBAChD,MAAM,WAAW,CAAC,GAAG,CACpB,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,UAAU,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,EAAE,CAC9D,CAAA;YACF,CAAC;YAED,iBAAiB;YACjB,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,EAAE,EAAE,mBAAmB,CAAC,CAAA;QAC1D,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACZ,gBAAgB;YAChB,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAA;QAC3B,CAAC;QAED,OAAO,IAAI,CAAA;IACZ,CAAC;CACD,CAAA"}

package/dist/graphQL/schema/mutations/refresh.d.mts ADDED Viewed

@@ -0,0 +1,10 @@
+import { IContextRefresh } from "../context/IContextRefresh.mjs";
+import { GraphQLNonNull } from 'graphql';
+export declare const refresh: {
+    description: string;
+    type: GraphQLNonNull<import("graphql").GraphQLObjectType<any, any>>;
+    resolve(_: unknown, {}: {}, ctx: IContextRefresh): Promise<{
+        status: boolean;
+        accessToken: string;
+    }>;
+};

package/dist/graphQL/schema/mutations/refresh.mjs ADDED Viewed

@@ -0,0 +1,59 @@
+import { redisClient } from "../../../dataSources/Redis.mjs";
+import { setLoginCookies } from "../../../lib/setLoginCookies.mjs";
+import { accessTokenExpiry, generateAccessToken, generateRefreshToken, REFRESH_TOKEN_EXPIRY } from "../../../lib/tokens.mjs";
+import { tryCatchRethrow } from "../../../lib/tryCatchRethrow.mjs";
+import * as Sentry from '@sentry/node';
+import { RefreshType } from "../types/RefreshType.mjs";
+import * as dotenv from 'dotenv';
+import { GraphQLNonNull } from 'graphql';
+dotenv.config();
+export const refresh = {
+    description: 'refresh token',
+    type: new GraphQLNonNull(RefreshType),
+    async resolve(_, {}, ctx) {
+        // console.debug('refresh')
+        let status = false; // default
+        // ha il refresh token, access token già scaduto
+        // prende id dell'utente già copiato in ctx
+        const userId = ctx.state.user.id.toString();
+        // genera i 2 nuovi token
+        let accessToken = generateAccessToken();
+        let refreshToken = generateRefreshToken();
+        const keyAccess = `${process.env.REDIS_KEY}access:${accessToken}`;
+        const keyRefresh = `${process.env.REDIS_KEY}refresh:${refreshToken}`;
+        let accessTokenData = ctx.state.user;
+        const oldRefresh = ctx.state.user.refreshToken;
+        // @ts-expect-error delete refresh
+        delete accessTokenData.refreshToken;
+        const refreshTokenData = { id: userId };
+        try {
+            // Store session in Redis
+            await Promise.all([
+                redisClient.hSet(keyAccess, accessTokenData),
+                redisClient.hSet(keyRefresh, refreshTokenData)
+            ]);
+            // set expiry
+            const accTokenExp = accessTokenExpiry();
+            await Promise.all([
+                redisClient.expire(keyAccess, accTokenExp),
+                redisClient.expire(keyRefresh, REFRESH_TOKEN_EXPIRY)
+            ]);
+            setLoginCookies(ctx, refreshToken);
+            // elimina refresh token usato per fare questa chiamata
+            await redisClient.del(`${process.env.REDIS_KEY}${oldRefresh}`);
+            status = true;
+        }
+        catch (e) {
+            Sentry.captureException(e);
+            // delete keys
+            await Promise.all([redisClient.del(keyAccess), redisClient.del(keyRefresh)]);
+            accessToken = '';
+            tryCatchRethrow(e);
+        }
+        return {
+            status,
+            accessToken
+        };
+    }
+};
+//# sourceMappingURL=refresh.mjs.map

package/dist/graphQL/schema/mutations/refresh.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"refresh.mjs","sourceRoot":"","sources":["../../../../../src/graphQL/schema/mutations/refresh.mts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,uCAA8B;AACpD,OAAO,EAAE,eAAe,EAAE,yCAAgC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,gCAAuB;AACpH,OAAO,EAAE,eAAe,EAAE,yCAAgC;AAC1D,OAAO,KAAK,MAAM,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,WAAW,EAAE,iCAA+B;AACrD,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAA;AAChC,OAAO,EAAgB,cAAc,EAAE,MAAM,SAAS,CAAA;AAEtD,MAAM,CAAC,MAAM,EAAE,CAAA;AAEf,MAAM,CAAC,MAAM,OAAO,GAAG;IACtB,WAAW,EAAE,eAAe;IAC5B,IAAI,EAAE,IAAI,cAAc,CAAC,WAAW,CAAC;IACrC,KAAK,CAAC,OAAO,CAAC,CAAU,EAAE,EAAE,EAAE,GAAoB;QACjD,2BAA2B;QAC3B,IAAI,MAAM,GAAG,KAAK,CAAA,CAAC,UAAU;QAE7B,gDAAgD;QAEhD,2CAA2C;QAC3C,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,CAAA;QAG3C,yBAAyB;QACzB,IAAI,WAAW,GAAG,mBAAmB,EAAE,CAAA;QACvC,IAAI,YAAY,GAAG,oBAAoB,EAAE,CAAA;QACzC,MAAM,SAAS,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,UAAU,WAAW,EAAE,CAAA;QACjE,MAAM,UAAU,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,WAAW,YAAY,EAAE,CAAA;QAEpE,IAAI,eAAe,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAA;QACpC,MAAM,UAAU,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAA;QAC9C,kCAAkC;QAClC,OAAO,eAAe,CAAC,YAAY,CAAA;QAEnC,MAAM,gBAAgB,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE,CAAA;QAGvC,IAAI,CAAC;YACJ,yBAAyB;YACzB,MAAM,OAAO,CAAC,GAAG,CAAC;gBACjB,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE,eAAoD,CAAC;gBACjF,WAAW,CAAC,IAAI,CAAC,UAAU,EAAE,gBAAqD,CAAC;aACnF,CAAC,CAAA;YAEF,aAAa;YACb,MAAM,WAAW,GAAG,iBAAiB,EAAE,CAAA;YACvC,MAAM,OAAO,CAAC,GAAG,CAAC;gBACjB,WAAW,CAAC,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC;gBAC1C,WAAW,CAAC,MAAM,CAAC,UAAU,EAAE,oBAAoB,CAAC;aACpD,CAAC,CAAA;YAEF,eAAe,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;YAElC,uDAAuD;YACvD,MAAM,WAAW,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,GAAG,UAAU,EAAE,CAAC,CAAA;YAE9D,MAAM,GAAG,IAAI,CAAA;QACd,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACrB,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAA;YAC1B,cAAc;YACd,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;YAC5E,WAAW,GAAG,EAAE,CAAA;YAChB,eAAe,CAAC,CAAyB,CAAC,CAAA;QAC3C,CAAC;QAED,OAAO;YACN,MAAM;YACN,WAAW;SACX,CAAA;IACF,CAAC;CACD,CAAA"}

package/dist/graphQL/schema/mutations/resetPwd.d.mts ADDED Viewed

@@ -0,0 +1,19 @@
+import { GraphQLNonNull } from 'graphql';
+interface IArgs {
+    email: string;
+}
+/**
+ * Take the user email and send an email with a link for change the password.
+ * for privacy, true is returned if given email do not exist
+ */
+export declare const resetPwd: {
+    description: string;
+    type: GraphQLNonNull<import("graphql").GraphQLScalarType<boolean, boolean>>;
+    args: {
+        email: {
+            type: GraphQLNonNull<import("graphql").GraphQLScalarType<string, string>>;
+        };
+    };
+    resolve(_: unknown, args: IArgs): Promise<boolean>;
+};
+export {};

package/dist/graphQL/schema/mutations/resetPwd.mjs ADDED Viewed

@@ -0,0 +1,91 @@
+import { SocketLabsLib } from "../../../email/SocketLabsLib.mjs";
+import { checkEmailLen } from "../../../lib/checkEmailLen.mjs";
+import { EMAIL_HASH_LEN } from "../../../lib/Constants.mjs";
+import { DateLib } from "../../../lib/DateLib.mjs";
+import { StringLib } from "../../../lib/StringLib.mjs";
+import { tryCatchRethrow } from "../../../lib/tryCatchRethrow.mjs";
+import { getResetPwd } from "../../../private/lib/access/db/getResetPwd.mjs";
+import { saveResetReq } from "../../../private/lib/access/db/saveResetReq.mjs";
+import { throwTooManyRequestsError } from "../../throw/throwTooManyRequestsError.mjs";
+import { GraphQLBoolean, GraphQLNonNull, GraphQLString } from 'graphql';
+import mongoose from 'mongoose';
+/**
+ * Take the user email and send an email with a link for change the password.
+ * for privacy, true is returned if given email do not exist
+ */
+export const resetPwd = {
+    description: 'send reset password link',
+    type: new GraphQLNonNull(GraphQLBoolean),
+    args: {
+        email: { type: new GraphQLNonNull(GraphQLString) }
+    },
+    async resolve(_, args) {
+        const { email } = args;
+        const uEmail = email.toLowerCase().trim();
+        checkEmailLen(uEmail);
+        const session = await mongoose.startSession();
+        try {
+            await session.withTransaction(async () => {
+                // console.debug('email esiste ?')
+                // email esiste ? -> recupera se ci sono gia state richieste di reset -> return 4xx ??
+                const resetPwdVal = await getResetPwd(session, uEmail);
+                // non facciamo sapere che l'email non è presente, per privacy
+                if (resetPwdVal !== null) {
+                    // console.debug("l'email esiste")
+                    // ok email esiste
+                    // -> attendi 10 minuti dall'ultima richiesta di reset della password
+                    // se c'è già una richiesta di password, legge la data in secondi.
+                    const lastReq = typeof resetPwdVal.resetDateReq !== 'undefined'
+                        ? new Date('' + resetPwdVal.resetDateReq)
+                        : null;
+                    // richiesta già fatta in precedenza ?
+                    //  invia nuova email con link di recupero se inviata meno di 10 minuti fa'
+                    let elapsedMin = 0;
+                    const nowDt = new Date();
+                    let calculateHash = false;
+                    if (lastReq !== null) {
+                        // console.debug('richiesta di reset gia eseguita')
+                        elapsedMin = DateLib.minElapsed(lastReq);
+                        // console.debug('precedente richiesta di reset della pwd: ' + lastReq + ' ora sono le ' + now + ' e sono passati ' + elapsedMin + ' minuti')
+                        // se c'è gia stata una richiesta di reset pwd, devono essere passati almeno 10 minuti
+                        if (elapsedMin < 10) {
+                            // console.debug('last req < 10 min')
+                            // Non facciamo sapere che l'email è stata trovata e
+                            elapsedMin = 10 - elapsedMin;
+                            if (elapsedMin < 0)
+                                elapsedMin = 1; // per arrotondare i secondi dell'ultimo minuto, imposta minuto = 1
+                            // console.debug('wait ' + message + ' min ' + uEmail)
+                            throw throwTooManyRequestsError(elapsedMin.toString());
+                        }
+                        else {
+                            // ok, maggiore di 10 minuti, allora genera hash per nuova email
+                            calculateHash = true;
+                        }
+                    }
+                    else {
+                        //console.debug('prima richiesta di reset')
+                        calculateHash = true;
+                    }
+                    if (calculateHash) {
+                        // genera hash x reset pwd
+                        const StrObj = new StringLib();
+                        const hash = StrObj.randomString(EMAIL_HASH_LEN);
+                        // imposta hash e data attuale di reset
+                        await saveResetReq(session, resetPwdVal._id, nowDt, hash);
+                        // invia email con nuovo hash, ultima req > 10 minuti
+                        const SocketLabsObj = new SocketLabsLib();
+                        await SocketLabsObj.sendEmailReset(uEmail, hash, resetPwdVal.name);
+                    } // calculateHash & sendEmail
+                }
+            });
+        }
+        catch (e) {
+            tryCatchRethrow(e);
+        }
+        finally {
+            await session.endSession();
+        }
+        return true;
+    }
+};
+//# sourceMappingURL=resetPwd.mjs.map

package/dist/graphQL/schema/mutations/resetPwd.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"resetPwd.mjs","sourceRoot":"","sources":["../../../../../src/graphQL/schema/mutations/resetPwd.mts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,yCAAgC;AACxD,OAAO,EAAE,aAAa,EAAE,uCAA8B;AACtD,OAAO,EAAE,cAAc,EAAE,mCAA0B;AACnD,OAAO,EAAE,OAAO,EAAE,iCAAwB;AAC1C,OAAO,EAAE,SAAS,EAAE,mCAA0B;AAC9C,OAAO,EAAE,eAAe,EAAE,yCAAgC;AAC1D,OAAO,EAAE,WAAW,EAAE,uDAA8C;AACpE,OAAO,EAAE,YAAY,EAAE,wDAA+C;AACtE,OAAO,EAAE,yBAAyB,EAAE,kDAA4C;AAChF,OAAO,EAAE,cAAc,EAAgB,cAAc,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AACrF,OAAO,QAAQ,MAAM,UAAU,CAAA;AAM/B;;;GAGG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG;IACvB,WAAW,EAAE,0BAA0B;IACvC,IAAI,EAAE,IAAI,cAAc,CAAC,cAAc,CAAC;IACxC,IAAI,EAAE;QACL,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,cAAc,CAAC,aAAa,CAAC,EAAE;KAClD;IACD,KAAK,CAAC,OAAO,CAAC,CAAU,EAAE,IAAW;QACpC,MAAM,EAAE,KAAK,EAAE,GAAG,IAAI,CAAA;QAEtB,MAAM,MAAM,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAA;QACzC,aAAa,CAAC,MAAM,CAAC,CAAA;QAErB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,CAAA;QAC7C,IAAI,CAAC;YACJ,MAAM,OAAO,CAAC,eAAe,CAAC,KAAK,IAAI,EAAE;gBACxC,kCAAkC;gBAClC,sFAAsF;gBACtF,MAAM,WAAW,GAAG,MAAM,WAAW,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;gBAEtD,8DAA8D;gBAC9D,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;oBAC1B,kCAAkC;oBAElC,kBAAkB;oBAElB,qEAAqE;oBAErE,kEAAkE;oBAClE,MAAM,OAAO,GACZ,OAAO,WAAW,CAAC,YAAY,KAAK,WAAW;wBAC9C,CAAC,CAAC,IAAI,IAAI,CAAC,EAAE,GAAG,WAAW,CAAC,YAAY,CAAC;wBACzC,CAAC,CAAC,IAAI,CAAA;oBAER,sCAAsC;oBACtC,2EAA2E;oBAC3E,IAAI,UAAU,GAAG,CAAC,CAAA;oBAClB,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAA;oBAExB,IAAI,aAAa,GAAG,KAAK,CAAA;oBACzB,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;wBACtB,mDAAmD;wBACnD,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAA;wBAExC,6IAA6I;wBAC7I,sFAAsF;wBACtF,IAAI,UAAU,GAAG,EAAE,EAAE,CAAC;4BACrB,qCAAqC;4BACrC,oDAAoD;4BACpD,UAAU,GAAG,EAAE,GAAG,UAAU,CAAA;4BAC5B,IAAI,UAAU,GAAG,CAAC;gCAAE,UAAU,GAAG,CAAC,CAAA,CAAC,mEAAmE;4BACtG,sDAAsD;4BACtD,MAAM,yBAAyB,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAA;wBACvD,CAAC;6BAAM,CAAC;4BACP,gEAAgE;4BAChE,aAAa,GAAG,IAAI,CAAA;wBACrB,CAAC;oBACF,CAAC;yBAAM,CAAC;wBACP,2CAA2C;wBAC3C,aAAa,GAAG,IAAI,CAAA;oBACrB,CAAC;oBAED,IAAI,aAAa,EAAE,CAAC;wBACnB,0BAA0B;wBAC1B,MAAM,MAAM,GAAG,IAAI,SAAS,EAAE,CAAA;wBAC9B,MAAM,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,cAAc,CAAC,CAAA;wBAEhD,uCAAuC;wBACvC,MAAM,YAAY,CAAC,OAAO,EAAE,WAAW,CAAC,GAAG,EAAE,KAAK,EAAE,IAAI,CAAC,CAAA;wBAEzD,qDAAqD;wBACrD,MAAM,aAAa,GAAG,IAAI,aAAa,EAAE,CAAA;wBACzC,MAAM,aAAa,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,WAAW,CAAC,IAAI,CAAC,CAAA;oBACnE,CAAC,CAAC,4BAA4B;gBAC/B,CAAC;YACF,CAAC,CAAC,CAAA;QACH,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACrB,eAAe,CAAC,CAAyB,CAAC,CAAA;QAC3C,CAAC;gBAAS,CAAC;YACV,MAAM,OAAO,CAAC,UAAU,EAAE,CAAA;QAC3B,CAAC;QAGD,OAAO,IAAI,CAAA;IACZ,CAAC;CACD,CAAA"}

package/dist/graphQL/schema/mutations/signUp.d.mts ADDED Viewed

@@ -0,0 +1,19 @@
+import { GraphQLNonNull } from 'graphql';
+interface IArgs {
+    email: string;
+    password: string;
+}
+export declare const signUp: {
+    description: string;
+    type: GraphQLNonNull<import("graphql").GraphQLScalarType<boolean, boolean>>;
+    args: {
+        email: {
+            type: GraphQLNonNull<import("graphql").GraphQLScalarType<string, string>>;
+        };
+        password: {
+            type: GraphQLNonNull<import("graphql").GraphQLScalarType<string, string>>;
+        };
+    };
+    resolve(_: unknown, args: IArgs): Promise<boolean>;
+};
+export {};