git server — caroster.git (4c43232e489612f59db859d64e29a62e9d922e0b): backend/src/graphql/user/index.ts

backend/src/graphql/user/index.ts (view raw)
  1export default [
  2  ({ nexus, strapi }) => ({
  3    types: [
  4      nexus.extendType({
  5        type: "UsersPermissionsMe",
  6        definition(t) {
  7          t.field("profile", {
  8            type: "UsersPermissionsUser",
  9          });
 10        },
 11      }),
 12      nexus.extendInputType({
 13        type: "UsersPermissionsUserInput",
 14        definition(t) {
 15          t.string("oldPassword");
 16        },
 17      }),
 18      nexus.extendType({
 19        type: "Mutation",
 20        definition(t) {
 21          t.field("updateMe", {
 22            type: nexus.nonNull("UsersPermissionsUserEntityResponse"),
 23            args: {
 24              data: nexus.nonNull("UsersPermissionsUserInput"),
 25            },
 26          });
 27        },
 28      }),
 29      nexus.mutationField("sendMagicLink", {
 30        type: "Boolean",
 31        args: {
 32          email: nexus.nonNull("String"),
 33          lang: "String",
 34        },
 35      }),
 36    ],
 37    resolvers: {
 38      Query: {
 39        me: {
 40          async resolve(_root, _args, context) {
 41            const user = context.state?.user;
 42            if (!user) throw new Error("Authentication requested");
 43            return { id: user.id, username: user.username, profile: user };
 44          },
 45        },
 46      },
 47      Mutation: {
 48        updateMe: {
 49          async resolve(_root, args, context) {
 50            const { data: userUpdate } = args;
 51            const userId = context.state?.user?.id;
 52
 53            if (!userId) throw new Error("Authentication requested");
 54
 55            const user = await strapi
 56              .plugin("users-permissions")
 57              .services.user.fetch(userId, { populate: { events: true } });
 58
 59            if (userUpdate.password) {
 60              const validPassword = await strapi
 61                .plugin("users-permissions")
 62                .services.user.validatePassword(
 63                  userUpdate.oldPassword || "",
 64                  user.password
 65                );
 66              if (!validPassword) throw new Error("Wrong password");
 67              delete userUpdate.oldPassword;
 68            }
 69
 70            const isStrapiUser = user.provider === "local";
 71            if (userUpdate.email && isStrapiUser)
 72              userUpdate.username = userUpdate.email;
 73
 74            const currentEvents = user.events || [];
 75            const currentEventIds = currentEvents.map((event) => `${event.id}`);
 76            const userUpdateEvents = userUpdate.events?.filter(
 77              (eventId) => !currentEventIds.includes(eventId)
 78            );
 79            const updatedEvents = userUpdate.events
 80              ? [...currentEvents, ...userUpdateEvents]
 81              : user.events;
 82
 83            const updatedUser = await strapi.entityService.update(
 84              "plugin::users-permissions.user",
 85              user.id,
 86              {
 87                data: {
 88                  ...userUpdate,
 89                  events: updatedEvents,
 90                },
 91              }
 92            );
 93            const { toEntityResponse } = strapi
 94              .plugin("graphql")
 95              .service("format").returnTypes;
 96
 97            return toEntityResponse(updatedUser, {
 98              args,
 99              resourceUID: "plugin::users-permissions.user",
100            });
101          },
102        },
103        sendMagicLink: {
104          async resolve(_root, args) {
105            const { email, lang } = args;
106            const magicToken = await strapi.services[
107              "plugin::users-permissions.user"
108            ].magicLink.generateMagicToken(email, lang);
109            const magicLink = `${strapi.config.get(
110              "server.url"
111            )}/auth/magic-link?token=${magicToken}`;
112
113            try {
114              await strapi
115                .service("api::email.email")
116                .sendEmailNotif(email, "MagicLinkLogin", lang || "en", {
117                  magicLink,
118                });
119              return true;
120            } catch (error) {
121              strapi.log.error(error);
122              return false;
123            }
124          },
125        },
126      },
127    },
128    resolversConfig: {
129      "Query.me": {
130        auth: {
131          scope: ["plugin::users-permissions.user.me"],
132        },
133      },
134      "Mutation.sendMagicLink": {
135        auth: false,
136      },
137      "UsersPermissionsUser.events": {
138        auth: true,
139        policies: [checkAuthUser],
140      },
141      "UsersPermissionsUser.notifications": {
142        auth: true,
143        policies: [checkAuthUser],
144      },
145      "UsersPermissionsUser.confirmed": {
146        auth: true,
147        policies: [checkAuthUser],
148      },
149      "UsersPermissionsUser.provider": {
150        auth: true,
151        policies: [checkAuthUser],
152      },
153      "UsersPermissionsUser.newsletterConsent": {
154        auth: true,
155        policies: [checkAuthUser],
156      },
157      "UsersPermissionsUser.createdAt": {
158        auth: true,
159        policies: [checkAuthUser],
160      },
161      "UsersPermissionsUser.onboardingCreator": {
162        auth: true,
163        policies: [checkAuthUser],
164      },
165      "UsersPermissionsUser.onboardingUser": {
166        auth: true,
167        policies: [checkAuthUser],
168      },
169    },
170  }),
171];
172
173const checkAuthUser = (context) => {
174  const authUser = context.state.user;
175  return context.parent.id === authUser.id;
176};
all repos — caroster @ 4c43232e489612f59db859d64e29a62e9d922e0b

[Octree] Group carpool to your event https://caroster.io
