dm1sh/questionForm_backend
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added email authorization, registration and mail sending token

Browse Source
This commit is contained in:
Dmitriy Shishkov 2020-10-09 23:12:37 +05:00
parent db8b3eea51
commit ec2c5feb69
16 changed files with 302 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -7,3 +7,4 @@ Backend used with QuestionForm application.
- Prisma - Prisma
- Graphql - Graphql
- Apollo Server - Apollo Server
- SendGrid

6
package.json
View File

@ -5,6 +5,7 @@
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"@prisma/client": "^2.7.1", "@prisma/client": "^2.7.1",
"@sendgrid/mail": "^7.2.6",
"@types/jsonwebtoken": "^8.5.0", "@types/jsonwebtoken": "^8.5.0",
"apollo-server-express": "^2.18.2", "apollo-server-express": "^2.18.2",
"express-jwt": "^6.0.0", "express-jwt": "^6.0.0",
@ -16,13 +17,16 @@
"scripts": { "scripts": {
"dev": "nodemon", "dev": "nodemon",
"start": "ts-node src/index.ts", "start": "ts-node src/index.ts",
"codegen": "graphql-codegen --config codegen.yml" "codegen": "graphql-codegen --config codegen.yml",
"lint": "eslint"
}, },
"devDependencies": { "devDependencies": {
"@graphql-codegen/cli": "1.17.10", "@graphql-codegen/cli": "1.17.10",
"@graphql-codegen/introspection": "1.18.0", "@graphql-codegen/introspection": "1.18.0",
"@graphql-codegen/typescript": "1.17.10", "@graphql-codegen/typescript": "1.17.10",
"@graphql-codegen/typescript-resolvers": "1.17.10", "@graphql-codegen/typescript-resolvers": "1.17.10",
"@types/dotenv": "^8.2.0",
"dotenv": "^8.2.0",
"ts-node": "^9.0.0", "ts-node": "^9.0.0",
"typescript": "^4.0.3" "typescript": "^4.0.3"
} }

40
prisma/migrations/20201009145620-add-user-email/README.md Normal file
View File

@ -0,0 +1,40 @@
# Migration `20201009145620-add-user-email`
This migration has been generated by Dm1tr1y147 at 10/9/2020, 7:56:20 PM.
You can check out the [state of the schema](./schema.prisma) after the migration.
## Database Steps
```sql
ALTER TABLE "public"."User" ADD COLUMN "email" text NOT NULL DEFAULT E'test@mail.com'
CREATE UNIQUE INDEX "User.email_unique" ON "public"."User"("email")
```
## Changes
```diff
diff --git schema.prisma schema.prisma
migration 20201007134933-fix-optional-values..20201009145620-add-user-email
--- datamodel.dml
+++ datamodel.dml
@@ -2,9 +2,9 @@
// learn more about it in the docs: https://pris.ly/d/prisma-schema
datasource db {
provider = "postgres"
- url = "***"
+ url = "***"
}
generator client {
provider = "prisma-client-js"
@@ -57,8 +57,9 @@
}
model User {
name String
+ email String @unique @default("test@mail.com")
forms Form[]
id Int @id @default(autoincrement())
formsSubmissions FormSubmission[]
```

92
prisma/migrations/20201009145620-add-user-email/schema.prisma Normal file
View File

@ -0,0 +1,92 @@
// This is your Prisma schema file,
// learn more about it in the docs: https://pris.ly/d/prisma-schema
datasource db {
provider = "postgres"
url = "***"
}
generator client {
provider = "prisma-client-js"
}
model Form {
title String
choisesQuestions ChoisesQuestion[]
inputQuestions InputQuestion[]
submissions FormSubmission[]
dateCreated DateTime @default(now())
author User @relation(fields: [userId], references: [id])
id Int @id @default(autoincrement())
userId Int
}
model ChoisesQuestion {
title String
variants Variant[]
type ChoiseType
number Int
id Int @id @default(autoincrement())
Form Form? @relation(fields: [formId], references: [id])
formId Int?
}
model Variant {
text String
id Int @id @default(autoincrement())
ChoisesQuestion ChoisesQuestion? @relation(fields: [choisesQuestionId], references: [id])
choisesQuestionId Int?
}
model InputQuestion {
title String
number Int
id Int @id @default(autoincrement())
Form Form? @relation(fields: [formId], references: [id])
formId Int?
}
enum ChoiseType {
SELECT
CHECK
CHOOSE
}
model User {
name String
email String @unique @default("test@mail.com")
forms Form[]
id Int @id @default(autoincrement())
formsSubmissions FormSubmission[]
}
model FormSubmission {
answers Answer[]
date DateTime @default(now())
user User @relation(fields: [userId], references: [id])
id Int @id @default(autoincrement())
userId Int
Form Form? @relation(fields: [formId], references: [id])
formId Int?
}
model Answer {
userInput String?
userChoise Int?
type AnswerType
id Int @id @default(autoincrement())
FormSubmission FormSubmission? @relation(fields: [formSubmissionId], references: [id])
formSubmissionId Int?
}
enum AnswerType {
INPUT
CHOISE
}

48
prisma/migrations/20201009145620-add-user-email/steps.json Normal file
View File

@ -0,0 +1,48 @@
{
"version": "0.3.14-fixed",
"steps": [
{
"tag": "CreateField",
"model": "User",
"field": "email",
"type": "String",
"arity": "Required"
},
{
"tag": "CreateDirective",
"location": {
"path": {
"tag": "Field",
"model": "User",
"field": "email"
},
"directive": "unique"
}
},
{
"tag": "CreateDirective",
"location": {
"path": {
"tag": "Field",
"model": "User",
"field": "email"
},
"directive": "default"
}
},
{
"tag": "CreateArgument",
"location": {
"tag": "Directive",
"path": {
"tag": "Field",
"model": "User",
"field": "email"
},
"directive": "default"
},
"argument": "",
"value": "\"test@mail.com\""
}
]
}

3
prisma/migrations/migrate.lock
View File

@ -2,4 +2,5 @@
20201006125838-initial-migration 20201006125838-initial-migration
20201006185953-improved-schema-structure 20201006185953-improved-schema-structure
20201007134933-fix-optional-values 20201007134933-fix-optional-values
20201009145620-add-user-email

1
prisma/schema.prisma
View File

@ -58,6 +58,7 @@ enum ChoiseType {
model User { model User {
name String name String
email String @unique @default("test@mail.com")
forms Form[] forms Form[]
id Int @id @default(autoincrement()) id Int @id @default(autoincrement())

38
src/controllers/auth.ts
View File

@ -1,30 +1,42 @@
import { PrismaClient } from "@prisma/client" import { PrismaClient } from '@prisma/client'
import {
ApolloError,
AuthenticationError,
ForbiddenError
} from 'apollo-server-express'
import jwt from 'jsonwebtoken'
import { getDBFormAuthor } from "../db" require('dotenv').config()
import { CheckRightsAndResolve } from "./types"
import { getDBFormAuthor } from '../db'
import { CheckRightsAndResolve } from './types'
const checkRightsAndResolve: CheckRightsAndResolve = async (params) => { const checkRightsAndResolve: CheckRightsAndResolve = async (params) => {
const { user, expected, controller } = params const { user, expected, controller } = params
if (!user) throw new Error("Authentication required") if (!user) throw new AuthenticationError('Authentication required')
if (expected.id.self && (!expected.admin || user.admin)) return controller(user.id) if (expected.id.self) return controller(user.id)
else if ( if (!expected.id.n || user.id == expected.id.n) return controller()
(!expected.id.n || user.id == expected.id.n) &&
(!expected.admin || user.admin) throw new ForbiddenError('Access denied')
)
return controller()
throw new Error("Authentication error")
} }
const getFormAuthor = async (db: PrismaClient, id: number) => { const getFormAuthor = async (db: PrismaClient, id: number) => {
const author = await getDBFormAuthor(db, id) const author = await getDBFormAuthor(db, id)
if (!author) throw Error("Not found") if (!author) throw new ApolloError('Not found')
const authorId = author.author.id const authorId = author.author.id
return authorId return authorId
} }
export { checkRightsAndResolve, getFormAuthor } const tokenGenerate = (email: string, id: number) => {
return jwt.sign({ email, id }, '' + process.env.JWT_SECRET, {
expiresIn: '7 days',
algorithm: 'HS256'
})
}
export { checkRightsAndResolve, getFormAuthor, tokenGenerate }

5
src/controllers/form.ts
View File

@ -1,7 +1,8 @@
import { PrismaClient } from "@prisma/client" import { PrismaClient } from "@prisma/client"
import { ApolloError } from "apollo-server-express"
import { getDBForm, getDBFormByUser } from "../db" import { getDBForm, getDBFormByUser } from "../db"
import { FullForm } from "../db/types" import { FullForm } from "../db/types"
import { Form as GraphqlForm, FormSubmission } from "../typeDefs/typeDefs.gen" import { Form as GraphqlForm, FormSubmission } from "../typeDefs/typeDefs.gen"
const getForm = async ( const getForm = async (
@ -10,7 +11,7 @@ const getForm = async (
): Promise<GraphqlForm | null> => { ): Promise<GraphqlForm | null> => {
const dbForm: FullForm = await getDBForm(db, id) const dbForm: FullForm = await getDBForm(db, id)
if (dbForm == null) throw new Error("Not found") if (dbForm == null) throw new ApolloError("Not found")
const form: GraphqlForm = { const form: GraphqlForm = {
id: dbForm.id, id: dbForm.id,

1
src/db/index.ts
View File

@ -10,6 +10,7 @@ const getDBForm = async (db: PrismaClient, id: number) => {
select: { select: {
id: true, id: true,
name: true, name: true,
email: true
}, },
}, },
choisesQuestions: { choisesQuestions: {

5
src/index.ts
View File

@ -3,6 +3,8 @@ import express from "express"
import expressJwt from "express-jwt" import expressJwt from "express-jwt"
import { PrismaClient } from "@prisma/client" import { PrismaClient } from "@prisma/client"
require("dotenv").config()
import typeDefs from "./typeDefs" import typeDefs from "./typeDefs"
import resolvers from "./resolvers" import resolvers from "./resolvers"
import { ApolloContextType, JwtPayloadType } from "./types" import { ApolloContextType, JwtPayloadType } from "./types"
@ -11,7 +13,7 @@ const app = express()
app.use( app.use(
expressJwt({ expressJwt({
secret: "SuperSecret", secret: "" + process.env.JWT_SECRET,
credentialsRequired: false, credentialsRequired: false,
algorithms: ["HS256"], algorithms: ["HS256"],
}) })
@ -32,6 +34,7 @@ const server = new ApolloServer({
return { db, user } return { db, user }
}, },
debug: false,
}) })
server.applyMiddleware({ app }) server.applyMiddleware({ app })

21
src/mailer/index.ts Normal file
View File

@ -0,0 +1,21 @@
import sgMail from "@sendgrid/mail"
require("dotenv").config()
sgMail.setApiKey(process.env.SENDGRID_API_KEY!)
const sendToken = (username: string, email: string, token: string) => {
return sgMail.send({
from: "me@dmitriy.icu",
to: email,
subject: "Login link",
templateId: "d-a9275a4437bf4dd2b9e858f3a57f85d5",
dynamicTemplateData: {
username: username,
siteUrl: process.env.SITE_URL,
token: token,
},
})
}
export { sendToken }

62
src/resolvers/User.ts
View File

@ -1,36 +1,64 @@
import jwt from "jsonwebtoken" import { ApolloError, UserInputError } from 'apollo-server-express'
import { tokenGenerate } from '../controllers/auth'
import { sendToken } from '../mailer'
import { import {
MutationLoginArgs, MutationLoginArgs,
MutationRegisterArgs,
Resolver, Resolver,
User, User,
} from "../typeDefs/typeDefs.gen" LoginResult
import { ApolloContextType, JwtPayloadType } from "../types" } from '../typeDefs/typeDefs.gen'
import { ApolloContextType } from '../types'
const loginResolver: Resolver< const loginResolver: Resolver<
User, LoginResult,
{}, {},
ApolloContextType, ApolloContextType,
MutationLoginArgs MutationLoginArgs
> = async (_, { id, admin }, { db }) => { > = async (_, { email }, { db }) => {
try { try {
const payload: JwtPayloadType = {
id,
admin,
}
const token = jwt.sign(payload, "SuperSecret")
const user = await db.user.findOne({ const user = await db.user.findOne({
where: { where: {
id, email
}, }
}) })
return { if (!user) throw new UserInputError('No such user')
...user,
token: token, const token = tokenGenerate(email, user.id)
}
const res = await sendToken(user.name, email, token)
if (res[0].statusCode != 202) return new ApolloError("Couldn't send email")
return { success: true }
} catch (err) { } catch (err) {
return err return err
} }
} }
export { loginResolver } const registerResolver: Resolver<
LoginResult,
{},
ApolloContextType,
MutationRegisterArgs
> = async (_, { email, name }, { db }) => {
try {
const user = await db.user.create({
data: { email, name }
})
const token = tokenGenerate(email, user.id)
const res = await sendToken(user.name, email, token)
if (res[0].statusCode != 202) return new ApolloError("Couldn't send email")
return { success: true }
} catch (err) {
return err
}
}
export { loginResolver, registerResolver }

3
src/resolvers/index.ts
View File

@ -6,7 +6,7 @@ import {
AnswerResolver as Answer, AnswerResolver as Answer,
formsQuery as forms, formsQuery as forms,
} from "./Form" } from "./Form"
import { loginResolver as login } from "./User" import { loginResolver as login, registerResolver as register } from "./User"
const resolvers: Resolvers<ApolloContextType> = { const resolvers: Resolvers<ApolloContextType> = {
Query: { Query: {
@ -15,6 +15,7 @@ const resolvers: Resolvers<ApolloContextType> = {
}, },
Mutation: { Mutation: {
login, login,
register
}, },
Question, Question,
Answer, Answer,

8
src/typeDefs/typeDefs.gql
View File

@ -4,7 +4,8 @@ type Query {
} }
type Mutation { type Mutation {
login(id: Int!, admin: Boolean!): User login(email: String!): LoginResult
register(name: String!, email: String!): LoginResult
} }
type Form { type Form {
@ -73,7 +74,12 @@ enum AnswerType {
type User { type User {
name: String! name: String!
email: String!
id: Int! id: Int!
forms: [Form!] forms: [Form!]
token: String token: String
} }
type LoginResult {
success: Boolean!
}

10
src/types.ts
View File

@ -1,12 +1,12 @@
import { PrismaClient } from "@prisma/client" import { PrismaClient } from "@prisma/client"
import {} from 'express-jwt' import {} from "express-jwt"
export type ApolloContextType = { export type ApolloContextType = {
db: PrismaClient, db: PrismaClient
user: JwtPayloadType | null user: JwtPayloadType | null
} }
export type JwtPayloadType = { export type JwtPayloadType = {
id: number, id: number
admin: boolean email: string
} }