fix resetPassword and changeUserPassword

Author: shema-surge

src/helpers/generateRandomPassword.ts

@@ -4,5 +4,6 @@ export default function generateRandomPassword(length = 8) {
   return generator.generate({
     length,
     numbers: true,
+    symbols: true,
   });
 }

src/helpers/isAssignedToProgramOrCohort.ts

@@ -4,7 +4,7 @@ import { IOrganization, Organization } from '../models/organization.model'
 import Program from '../models/program.model'
 import { RoleOfUser, User, UserInterface } from '../models/user'
 
-export default async function isAssigned(user: UserInterface, org: IOrganization) {
+export default async function isAssignedToAnEntity(user: UserInterface, org: IOrganization) {
   const orgUserData = user.organizations.find(data=>data.orgId.toString()===org._id.toString())
   if(!orgUserData){
     throw new GraphQLError(`User ${user.email} is not part of ${org.name}`,{

src/resolvers/userResolver.ts

@@ -5,7 +5,7 @@ import { GraphQLError } from 'graphql'
 // import * as jwt from 'jsonwebtoken'
 import { JwtPayload, verify } from 'jsonwebtoken'
 import generateRandomPassword from '../helpers/generateRandomPassword'
-import isAssigned from '../helpers/isAssignedToProgramOrCohort'
+import isAssignedToAnEntity from '../helpers/isAssignedToProgramOrCohort'
 import { checkloginAttepmts } from '../helpers/logintracker'
 import { checkLoggedInOrganization, isPartOfOrganization } from '../helpers/organization.helper'
 import {
@@ -42,6 +42,11 @@ const SECRET: string = process.env.SECRET as string
 export type OrganizationType = InstanceType<typeof Organization>
 export type UserType = InstanceType<typeof User>
 
+enum ACTION_ENUM{
+  APPROVE='approve',
+  REJECT='reject'
+}
+
 async function logGeoActivity(user: UserInterface,org: IOrganization,clientIpAdress?: string) {
   const response = await fetch(`https://ipapi.co/${clientIpAdress}/json/`)
   const geoData = await response.json()
@@ -362,17 +367,15 @@ const resolvers: any = {
 
     async loginUser(
       _: any,
-      { loginInput: { email, password, orgToken } }: any,
+      { email, password, orgToken }: {email: string, password: string, orgToken: string},
       context: Context
     ) {
+      validateEmail(email, "Please enter a valid email address")
       const { clientIpAdress } = context
-
       // get the organization if someone  logs in
       const org: InstanceType<typeof Organization> =
         await checkLoggedInOrganization(orgToken)
-
       const user: any = await User.findOne({ email })
-
       if (!user) {
         throw new GraphQLError(`User ${email} does not exist`, {
           extensions: {
@@ -411,18 +414,21 @@ const resolvers: any = {
           })
       }
 
-      await isAssigned(user,org)
+      await isAssignedToAnEntity(user,org)
 
       const token = generateToken(user._id, orgUserData.role)
       const data = {
         token: token,
-        user: user,
+        user: user.toJSON(),
         geoData,
       }
       return data
     },
 
     async deleteUser(_: any, { userId, reason , orgToken}: {userId: string, reason?: string, orgToken: string}, context: Context) {
+      if(reason){
+        validateStringField(reason, "Please provide a valid reason")
+      }
       const org = await checkLoggedInOrganization(orgToken)
       const {user} = (await checkUserLoggedIn(org,context))([RoleOfUser.ADMIN, RoleOfUser.SUPER_ADMIN])
       if (!user) {
@@ -569,42 +575,41 @@ const resolvers: any = {
     },
 
     //This section is to make org name login to be case insensitive
-        async loginOrg(_: any, { name }: { name: String }) {
-            const organization: any = await Organization.findOne({
-                name: { $regex: new RegExp('^' + name + '$', 'i') },
-            })
-
-            if (!organization) {
-                throw new GraphQLError(
-                    `We do not recognize this organization ${name}`,
-                    {
-                        extensions: {
-                            code: 'UserInputError',
-                        },
-                    }
-                )
-            }
-            if (organization.status == ORG_STATUS.PENDING) {
-                throw new GraphQLError('Your organization is not approved yet', {
-                    extensions: {
-                        code: 'UserInputError',
-                    },
-                })
-            }
-            if (organization.status == ORG_STATUS.REJECTED) {
-                throw new GraphQLError('Your organization was not approved', {
-                    extensions: {
-                        code: 'UserInputError',
-                    },
-                })
-            }
-            const token = generateTokenOrganization(organization.name)
-            const data = {
-                token: token,
-                organization: organization.toJSON(),
-            }
-            return data
-        },
+    async loginOrg(_: any, { name }: { name: String }) {
+      const organization: any = await Organization.findOne({
+        name: { $regex: new RegExp('^' + name + '$', 'i') },
+      })
+      if (!organization) {
+        throw new GraphQLError(
+          `We do not recognize this organization ${name}`,
+          {
+            extensions: {
+              code: 'FORBIDDEN',
+            },
+          }
+        )
+      }
+      if (organization.status == ORG_STATUS.PENDING) {
+        throw new GraphQLError('Your organization is not approved yet', {
+          extensions: {
+            code: 'FORBIDDEN',
+          },
+        })
+      }
+      if (organization.status == ORG_STATUS.REJECTED) {
+        throw new GraphQLError('Your organization was not approved', {
+          extensions: {
+            code: 'FORBIDDEN',
+          },
+        })
+      }
+      const token = generateTokenOrganization(organization.name)
+      const data = {
+        token: token,
+        organization: organization.toJSON(),
+      }
+      return data
+    },
 
     // end of making org name to be case insensitive
 
@@ -716,13 +721,13 @@ const resolvers: any = {
 
       return {
         message: 'Organization registration request sent successfully',
-        org: newOrg
+        org: newOrg.toJSON()
       }
     },
 
     async RegisterNewOrganization(
       _: any,
-      { organizationInput: { name }, action , orgToken}: { organizationInput: {name: string, email: string}, action: 'approve' | 'reject', orgToken: string},
+      { name, action , orgToken}: { name: string, action: ACTION_ENUM, orgToken: string},
       context: Context
     ) {
       validateStringField(name, "Please enter a valid organization name")
@@ -737,7 +742,7 @@ const resolvers: any = {
           }
         })
       }
-      if(action === "approve"){
+      if(action === ACTION_ENUM.APPROVE){
         if(orgExists.status === ORG_STATUS.ACTIVE){
           throw new GraphQLError("Organization is already  active",{
             extensions: {
@@ -747,7 +752,7 @@ const resolvers: any = {
         }
         const admin = (orgExists as any).admin[0]
         const password = generateRandomPassword()
-        admin.password = bcrypt.hash(password, 10)
+        admin.password = hashSync(password, 10)
         await admin.save()
         orgExists.status = ORG_STATUS.ACTIVE
         await orgExists.save()
@@ -763,9 +768,7 @@ const resolvers: any = {
           process.env.ADMIN_EMAIL,
           process.env.ADMIN_PASS
         )
-      }
-
-      if(action === "reject"){
+      }else if(action === ACTION_ENUM.REJECT){
         if(orgExists.status === ORG_STATUS.REJECTED){
           throw new GraphQLError("Organization was already rejected",{
             extensions: {
@@ -779,13 +782,19 @@ const resolvers: any = {
         await sendEmail(
           admin.email,
           'Organization Request rejected notice',
-          organizationRejectedTemplate(admin.name),
+          organizationRejectedTemplate(orgExists.name),
           process.env.FRONTEND_LINK || 'link',
           process.env.ADMIN_EMAIL,
           process.env.ADMIN_PASS
         )
+      }else{
+        throw new GraphQLError("Invalid action, Please approve or reject an organization",{
+          extensions: {
+            code: "USER_INPUT_ERROR"
+          }
+        })
       }
-      return orgExists
+      return orgExists.toJSON()
     },
 
     async addOrganization(
@@ -807,6 +816,15 @@ const resolvers: any = {
           },
         })
       }
+
+      const userExists = await User.findOne({email})
+      if (userExists) {
+        throw new GraphQLError(`Account ${userExists.email} is already taken`, {
+          extensions: {
+            code: 'FORBIDDEN',
+          },
+        })
+      }
       const password: string = generateRandomPassword()
       const newOrg = await Organization.create({
         name,
@@ -832,6 +850,7 @@ const resolvers: any = {
       await admin.save()
       newOrg.admin = [admin._id]
       await newOrg.save()
+      await newOrg.populate('admin')
 
       // send the requester an email with his password
       const content = organizationCreatedTemplate(org.name, email, password)
@@ -846,7 +865,7 @@ const resolvers: any = {
         process.env.ADMIN_PASS
       )
 
-      return org
+      return org.toJSON()
     },
 
     async updateGithubOrganisation(
@@ -855,17 +874,15 @@ const resolvers: any = {
       context: Context
     ) {
       validateStringField(gitHubOrganisation, "Please enter a valid organization githubOrganization")
-
       const org = await checkLoggedInOrganization(orgToken)
       ;(await checkUserLoggedIn(org, context))([
         RoleOfUser.ADMIN,
         RoleOfUser.SUPER_ADMIN,
       ])
-
       org.gitHubOrganisation = gitHubOrganisation
       await org.save()
       await org.populate('admin')
-      return org
+      return org.toJSON()
     },
 
     async addActiveRepostoOrganization(_: any, { repoUrl, orgToken}: {repoUrl: string, orgToken: string}, context: Context) {
@@ -885,7 +902,7 @@ const resolvers: any = {
       org.activeRepos.push(repoUrl)
       await org.save()
 
-      return org
+      return org.toJSON()
     },
 
     async deleteActiveRepostoOrganization(_: any, { repoUrl, orgToken}: {repoUrl: string, orgToken: string}, context: Context) {
@@ -907,7 +924,7 @@ const resolvers: any = {
 
       await org.save()
 
-      return org
+      return org.toJSON()
     },
 
     async deleteOrganization(_: any, { orgId, orgToken }: {orgId: string, orgToken: string}, context: Context) {
@@ -934,20 +951,20 @@ const resolvers: any = {
       //   role: { $ne: RoleOfUser.SUPER_ADMIN },
       // })
       organizationExists.isDeleted = true
-      return organizationExists
+      await organizationExists.save()
+      return organizationExists.toJSON()
     },
 
-    async forgotPassword(_: any, { email }: any) {
+    async forgotPassword(_: any, { email }: { email: string }) {
+      validateEmail(email, "Please provide a valid email")
       const userExists: any = await User.findOne({ email })
-
       if (!userExists) {
         throw new GraphQLError("No such user found",{
           extensions: {
             code: "USER_NOT_FOUND"
           }
         })
       }
-
         const token: any = generateTokenUserExists(email)
         const newToken: any = token.replaceAll('.', '*')
         const webLink = `${process.env.FRONTEND_LINK}/forgot-password/${newToken}`
@@ -970,27 +987,22 @@ const resolvers: any = {
 
     async updateEmailNotifications(_: any, { orgToken }: { orgToken: string}, context: Context) {
       const org =  await checkLoggedInOrganization(orgToken)
-      const { user } = (await checkUserLoggedIn(org, context))(Object.values(RoleOfUser))
-      
-      const orgUserData = isPartOfOrganization(user, org)
+      const { user, orgUserData } = (await checkUserLoggedIn(org, context))(Object.values(RoleOfUser))
       orgUserData.emailNotifications = !orgUserData.emailNotifications
       await user.save()
 
       return {
-        message: 'updated successful'
+        message: 'updated successfully'
       }
     },
 
     async updatePushNotifications(_: any, { orgToken}: {orgToken: string}, context: Context) {
       const org =  await checkLoggedInOrganization(orgToken)
-      const { user } = (await checkUserLoggedIn(org, context))(Object.values(RoleOfUser))
-      
-      const orgUserData = isPartOfOrganization(user, org)
+      const { user, orgUserData } = (await checkUserLoggedIn(org, context))(Object.values(RoleOfUser))
       orgUserData.pushNotifications = !orgUserData.pushNotifications
       await user.save()
-      
       return {
-        message: 'updated successful'
+        message: 'updated successfully'
       }
     },
 
@@ -1016,7 +1028,7 @@ const resolvers: any = {
             }
           })
         }
-        user.password = hashSync(password, 10)
+        user.password = password
         await user.save()
 
         return {
@@ -1041,17 +1053,19 @@ const resolvers: any = {
         })
       }
 
-        if (!compareSync(currentPassword, user.password)) {
-          throw new GraphQLError("Incorrect credentials",{
-            extensions: {
-              code: "FORBIDDEN"
-            }
-          })
-        }
-          user.password = hashSync(newPassword, 10)
-          await user.save()
-          return 'Your password was reset successfully! '
+      if (!compareSync(currentPassword, user.password)) {
+        throw new GraphQLError("Incorrect credentials", {
+          extensions: {
+            code: "FORBIDDEN"
+          }
+        })
+      }
+      user.password = newPassword
+      await user.save()
+      return {
+        message: 'Your password was reset successfully! '
       }
+    }
     },
   }